php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #69649 segfault with --enable-dtrace
Submitted: 2015-05-16 17:49 UTC Modified: 2015-05-17 05:30 UTC
From: remi@php.net Assigned: dmitry (profile)
Status: Closed Package: *General Issues
PHP Version: master-Git-2015-05-16 (Git) OS: GNU/LInux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2015-05-16 17:49 UTC] remi@php.net 
Description:
------------
Git snapshot 2015-05-15 - c9f27ee4227268bc74fc54e0e06102317e614804

During test suite, tests/func/010.phpt raise a segfault
(no issue without dtrace)



Test script:
---------------
./configure --disable-all --enable-dtrace

gdb sapi/cli/php
(gdb) run  tests/func/010.phpt
...
--TEST--
function with many parameters
--SKIPIF--
--FILE--
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)

Program received signal SIGSEGV, Segmentation fault.
zend_vm_stack_free_call_frame_ex (call=0x7fffefe67020, call_info=130) at /work/build/phpmaster/Zend/zend_execute.h:245
245			EG(vm_stack_top) = prev->top;
(gdb) bt
#0  zend_vm_stack_free_call_frame_ex (call=0x7fffefe67020, call_info=130) at /work/build/phpmaster/Zend/zend_execute.h:245
#1  zend_vm_stack_free_call_frame (call=0x7fffefe67020) at /work/build/phpmaster/Zend/zend_execute.h:256
#2  ZEND_DO_FCALL_SPEC_HANDLER () at /work/build/phpmaster/Zend/zend_vm_execute.h:908
#3  0x00000000005caaab in execute_ex (ex=ex@entry=0x7ffff6613540) at /work/build/phpmaster/Zend/zend_vm_execute.h:394
#4  0x000000000057dd5a in dtrace_execute_ex (execute_data=0x7ffff6613540) at /work/build/phpmaster/Zend/zend_dtrace.c:78
#5  0x000000000061bc4c in ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER () at /work/build/phpmaster/Zend/zend_vm_execute.h:29367
#6  0x00000000005caaab in execute_ex (ex=ex@entry=0x7ffff6613030) at /work/build/phpmaster/Zend/zend_vm_execute.h:394
#7  0x000000000057dd5a in dtrace_execute_ex (execute_data=0x7ffff6613030) at /work/build/phpmaster/Zend/zend_dtrace.c:78
#8  0x000000000058dc78 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /work/build/phpmaster/Zend/zend.c:1389
#9  0x00000000005336b8 in php_execute_script (primary_file=primary_file@entry=0x7fffffffc9e0) at /work/build/phpmaster/main/main.c:2479
#10 0x0000000000623848 in do_cli (argc=2, argv=0xa336a0) at /work/build/phpmaster/sapi/cli/php_cli.c:967
#11 0x000000000041a33b in main (argc=2, argv=0xa336a0) at /work/build/phpmaster/sapi/cli/php_cli.c:1334

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-05-17 05:14 UTC] laruence@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: dmitry
 [2015-05-17 05:14 UTC] laruence@php.net 
if dtrace enable, ZEND_DO_FCALL will make the call as TOP, thus the call will be released in zend_leave_helper..

but later when the flow returns back to DO_FCALL -> invalid read/segfault since the call has be freed..
 [2015-05-18 09:45 UTC] dmitry@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cee88571d9dbb2d56b78b312919aea190580d9e5
Log: Fixed bug #69649 (segfault with --enable-dtrace)
 [2015-05-18 09:45 UTC] dmitry@php.net
-Status: Verified +Status: Closed
 [2016-07-20 11:38 UTC] davey@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cee88571d9dbb2d56b78b312919aea190580d9e5
Log: Fixed bug #69649 (segfault with --enable-dtrace)
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Dec 29 19:00:01 2025 UTC