|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2009-02-08 22:39 UTC] geoffers+phpbugs at gmail dot com
Description:
------------
When running PHP a segfault occurs when trying to call
gc_collect_cycles() within the destructor in the included code. Removing
any line from that code (with the exception of the DONE echo) causes the
segfault to not occur.
This is on Debian Etch, with everything apart from PHP 5.3 from the
Debian stable repositories. PHP 5.3 was compiled with:
'./configure' '--enable-bcmath' '--enable-calendar' '--with-zlib-
dir=/usr' '--with-gd' '--with-apxs2=/usr/bin/apxs2' '--with-curl=/usr'
'--without-pear' '--enable-mbstring' '--enable-debug'
I have only tested through the CLI.
Reproduce code:
---------------
<?php
class A
{
public function __destruct()
{
gc_collect_cycles();
}
public function getB()
{
$this->data['foo'] = new B($this);
$this->data['bar'] = new B($this);
// Return either of the above
return $this->data['foo'];
}
}
class B
{
public function B($A)
{
$this->A = $A;
}
public function __destruct()
{
}
}
for ($i = 0; $i < 2; $i++)
{
$Aobj = new A;
$Bobj = $Aobj->getB();
unset($Bobj);
unset($Aobj);
}
echo "DONE\n";
Expected result:
----------------
Output:
DONE
Actual result:
--------------
Output:
DONE
Segmentation fault (core dumped)
Backtrace:
#0 0x0844a0b0 in gc_collect_cycles () at
/root/php5/Zend/zend_gc.c:551
#1 0x08439ab6 in zif_gc_collect_cycles (ht=0,
return_value=0xb79767d8, return_value_ptr=0x0, this_ptr=0x0,
return_value_used=0)
at /root/php5/Zend/zend_builtin_functions.c:336
#2 0x084536bd in zend_do_fcall_common_helper_SPEC
(execute_data=0xb77d604c) at /root/php5/Zend/zend_vm_execute.h:313
#3 0x08458202 in ZEND_DO_FCALL_SPEC_CONST_HANDLER
(execute_data=0xb77d604c) at /root/php5/Zend/zend_vm_execute.h:1564
#4 0x08452afa in execute (op_array=0xb7979664) at
/root/php5/Zend/zend_vm_execute.h:104
#5 0x0841a08a in zend_call_function (fci=0xbfe69304,
fci_cache=0xbfe692d4) at /root/php5/Zend/zend_execute_API.c:928
#6 0x08441628 in zend_call_method (object_pp=0xbfe69394,
obj_ce=0xb7977e94, fn_proxy=0xbfe69398, function_name=0x8902ee6
"__destruct",
function_name_len=10, retval_ptr_ptr=0x0, param_count=0, arg1=0x0,
arg2=0x0) at /root/php5/Zend/zend_interfaces.c:89
#7 0x0844bb8d in zend_objects_destroy_object (object=0xb7979054,
handle=1) at /root/php5/Zend/zend_objects.c:106
#8 0x084502d3 in zend_objects_store_call_destructors
(objects=0x8939d80) at /root/php5/Zend/zend_objects_API.c:57
#9 0x08417947 in shutdown_destructors () at
/root/php5/Zend/zend_execute_API.c:221
#10 0x08427ce5 in zend_call_destructors () at
/root/php5/Zend/zend.c:867
#11 0x083bbcf4 in php_request_shutdown (dummy=0x0) at
/root/php5/main/main.c:1506
#12 0x084b9825 in main (argc=2, argv=0xbfe69924) at
/root/php5/sapi/cli/php_cli.c:1340
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Nov 01 10:00:02 2025 UTC |
#0 0x081efd6c in gc_collect_cycles () at /home/scott/dev/php53/Zend/zend_gc.c:551 551 if (Z_TYPE(p->z) == IS_OBJECT) { (gdb) print p $1 = (zval_gc_info *) 0xfffffffc (gdb) print count $2 = 4