PHP :: Bug #47880 :: Garbage Collector crashes

Bug #47880

Garbage Collector crashes

Submitted:

2009-04-02 17:50 UTC

Modified:

2009-04-06 14:56 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

patric at zap dot lu

Assigned:

dmitry (profile)

Status:

Closed

Package:

Scripting Engine problem

PHP Version:

5.3.0RC1

OS:

Debian Lenny

Private report:

CVE-ID:

None

View Developer Edit

[2009-04-02 17:50 UTC] patric at zap dot lu

Description:
------------
We got a huge framework which runs as CLI.
With lots of circular references, we use 5.3 as it
solves the out of memory problem.

Unfortunately it crashes randomly after a while.
We can't reproduce it as it crashes, as it likes.




Reproduce code:
---------------
Not possible, as we can't locate a specific line of code.
Happens randomly

Actual result:
--------------
The GDP output for this problem:

Core was generated by `/blade/exec/10.1.0.10/php/bin/php -c/blade/run/configs/10.1.0.10-php-daemon.ini'.
Program terminated with signal 11, Segmentation fault.
[New process 25897]
#0  0x08347bc9 in children_scan (pz=0xba2c09f5) at /blade/install/daemon/php/Zend/zend_gc.c:431
431             zval_scan(*pz TSRMLS_CC);
(gdb) bz
Undefined command: "bz".  Try "help".
(gdb) bt
#0  0x08347bc9 in children_scan (pz=0xba2c09f5) at /blade/install/daemon/php/Zend/zend_gc.c:431
#1  0x08337af3 in zend_hash_apply (ht=0xa1d442c, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#2  0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#3  0x08347bd0 in children_scan (pz=0x9c7f47c) at /blade/install/daemon/php/Zend/zend_gc.c:431
#4  0x08337af3 in zend_hash_apply (ht=0xa4b3758, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#5  0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#6  0x08347bd0 in children_scan (pz=0x9fa05b8) at /blade/install/daemon/php/Zend/zend_gc.c:431
#7  0x08337af3 in zend_hash_apply (ht=0x9fb2308, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#8  0x08347a61 in zobj_scan (pz=0x9fb2338) at /blade/install/daemon/php/Zend/zend_gc.c:401
#9  0x08347ba7 in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:416
#10 0x08347bd0 in children_scan (pz=0xa08cbf0) at /blade/install/daemon/php/Zend/zend_gc.c:431
#11 0x08337af3 in zend_hash_apply (ht=0xa166234, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#12 0x08347a61 in zobj_scan (pz=0x9dc7b48) at /blade/install/daemon/php/Zend/zend_gc.c:401
#13 0x08347ba7 in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:416
#14 0x08347bd0 in children_scan (pz=0xa48d5d4) at /blade/install/daemon/php/Zend/zend_gc.c:431
#15 0x08337af3 in zend_hash_apply (ht=0xa34b5a8, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#16 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#17 0x08347bd0 in children_scan (pz=0xa0b1140) at /blade/install/daemon/php/Zend/zend_gc.c:431
#18 0x08337af3 in zend_hash_apply (ht=0xa0b1104, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#19 0x08347a61 in zobj_scan (pz=0xa0b10e8) at /blade/install/daemon/php/Zend/zend_gc.c:401
#20 0x08347ba7 in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:416
#21 0x08347bd0 in children_scan (pz=0xa1316a8) at /blade/install/daemon/php/Zend/zend_gc.c:431
#22 0x08337af3 in zend_hash_apply (ht=0x9ecb34c, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#23 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#24 0x08347bd0 in children_scan (pz=0xa131700) at /blade/install/daemon/php/Zend/zend_gc.c:431
#25 0x08337af3 in zend_hash_apply (ht=0xa230760, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#26 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#27 0x08347bd0 in children_scan (pz=0x9ecb31c) at /blade/install/daemon/php/Zend/zend_gc.c:431
#28 0x08337af3 in zend_hash_apply (ht=0xa20d110, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#29 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#30 0x08347bd0 in children_scan (pz=0xa15a368) at /blade/install/daemon/php/Zend/zend_gc.c:431
#31 0x08337af3 in zend_hash_apply (ht=0xa06989c, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#32 0x08347a61 in zobj_scan (pz=0xa04dc24) at /blade/install/daemon/php/Zend/zend_gc.c:401
#33 0x08347ba7 in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:416
#34 0x08347bd0 in children_scan (pz=0xa079624) at /blade/install/daemon/php/Zend/zend_gc.c:431
#35 0x08337af3 in zend_hash_apply (ht=0xa29e8d0, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#36 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#37 0x08347bd0 in children_scan (pz=0xa0ba6c0) at /blade/install/daemon/php/Zend/zend_gc.c:431
#38 0x08337af3 in zend_hash_apply (ht=0x9f32824, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#39 0x08347a61 in zobj_scan (pz=0xa0f1a9c) at /blade/install/daemon/php/Zend/zend_gc.c:401
#40 0x08347ba7 in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:416
#41 0x08347bd0 in children_scan (pz=0x9f57d30) at /blade/install/daemon/php/Zend/zend_gc.c:431
#42 0x08337af3 in zend_hash_apply (ht=0x9f57ccc, apply_func=0x8347bc0 <children_scan>)
    at /blade/install/daemon/php/Zend/zend_hash.c:673
#43 0x08347b8a in zval_scan (pz=0x8f3f409) at /blade/install/daemon/php/Zend/zend_gc.c:421
#44 0x08347ff8 in gc_collect_cycles () at /blade/install/daemon/php/Zend/zend_gc.c:448
#45 0x083482ae in gc_zval_possible_root (zv=0xa5ca4b4) at /blade/install/daemon/php/Zend/zend_gc.c:172
#46 0x083a845d in ZEND_ASSIGN_DIM_SPEC_VAR_UNUSED_HANDLER (execute_data=0x0) at /blade/install/daemon/php/Zend/zend_gc.h:183
#47 0x08354b7e in execute (op_array=0x8c390bc) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#48 0x08321ab7 in zend_call_function (fci=0xbf9da0f0, fci_cache=0xbf9da114)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#49 0x082696cf in zif_call_user_func (ht=1, return_value=0x91694e0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4720
#50 0x08376a49 in zend_do_fcall_common_helper_SPEC (execute_data=0x8b6056c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#51 0x08354b7e in execute (op_array=0x91ce764) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#52 0x0832c046 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /blade/install/daemon/php/Zend/zend.c:1188
#53 0x082da047 in php_execute_script (primary_file=0xbf9dc588) at /blade/install/daemon/php/main/main.c:2157
#54 0x083ad0c4 in main (argc=4, argv=0xbf9dc6e4) at /blade/install/daemon/php/sapi/cli/php_cli.c:1159
(gdb) ulimit -c unlimitedprint (char *)(executor_globals.function_state_ptr->function)->common.function_name
Undefined command: "ulimit".  Try "help".

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-04-03 08:43 UTC] patric at zap dot lu

Well have some other stackstrace here, maybe it helps locating the problem:

Program terminated with signal 11, Segmentation fault.
[New process 23343]
#0  _zval_ptr_dtor (zval_ptr=0x110eec70) at /blade/install/daemon/php/Zend/zend.h:392
392             return --pz->refcount__gc;
(gdb) bt
#0  _zval_ptr_dtor (zval_ptr=0x110eec70) at /blade/install/daemon/php/Zend/zend.h:392
392             return --pz->refcount__gc;
(gdb) bt
#0  _zval_ptr_dtor (zval_ptr=0x110eec70) at /blade/install/daemon/php/Zend/zend.h:392
#1  0x0832ffa4 in zend_fcall_info_args_clear (fci=0xbfea649c, free_mem=1) at /blade/install/daemon/php/Zend/zend_API.c:2860
#2  0x0826a82f in zif_call_user_func_array (ht=2, return_value=0x110ee45c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4749
#3  0x08377cd9 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c71cf8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#4  0x0835552e in execute (op_array=0x927f07c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#5  0x083226b7 in zend_call_function (fci=0xbfea66b8, fci_cache=0xbfea66dc)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#6  0x08342300 in zend_call_method (object_pp=0xbfea677c, obj_ce=0x9cfb3a4, fn_proxy=0x9cfb4ac, function_name=0x8664063 "__call", 
    function_name_len=6, retval_ptr_ptr=0xbfea6750, param_count=2, arg1=0x110d0374, arg2=0x110e42cc)
    at /blade/install/daemon/php/Zend/zend_interfaces.c:97
#7  0x0834ba7a in zend_std_call_user_call (ht=1, return_value=0x110e5874, return_value_ptr=0x0, this_ptr=0x110af270, 
    return_value_used=0) at /blade/install/daemon/php/Zend/zend_object_handlers.c:681
#8  0x08377cd9 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c71bf8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#9  0x0835552e in execute (op_array=0x8c5dbe4) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#10 0x083226b7 in zend_call_function (fci=0xbfea692c, fci_cache=0xbfea6950)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#11 0x0826a7d7 in zif_call_user_func_array (ht=2, return_value=0x110c9080, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#12 0x08377cd9 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c70f24) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#13 0x0835552e in execute (op_array=0x927f07c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#14 0x083226b7 in zend_call_function (fci=0xbfea6b48, fci_cache=0xbfea6b6c)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#15 0x08342300 in zend_call_method (object_pp=0xbfea6c0c, obj_ce=0x9c211f8, fn_proxy=0x9c21300, function_name=0x8664063 "__call", 
    function_name_len=6, retval_ptr_ptr=0xbfea6be0, param_count=2, arg1=0x110d1adc, arg2=0x110e5f44)
    at /blade/install/daemon/php/Zend/zend_interfaces.c:97
#16 0x0834ba7a in zend_std_call_user_call (ht=1, return_value=0x11066780, return_value_ptr=0x0, this_ptr=0x1106f8f4, 
    return_value_used=0) at /blade/install/daemon/php/Zend/zend_object_handlers.c:681
#17 0x08377cd9 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c70b7c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#18 0x0835552e in execute (op_array=0x8c5dbe4) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#19 0x083226b7 in zend_call_function (fci=0xbfea6dc0, fci_cache=0xbfea6de4)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#20 0x0826a55f in zif_call_user_func (ht=1, return_value=0x9287cf4, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4720
#21 0x08377cd9 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c6f56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#22 0x0835552e in execute (op_array=0x92ce48c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#23 0x0832cbf6 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /blade/install/daemon/php/Zend/zend.c:1188
#24 0x082dae57 in php_execute_script (primary_file=0xbfea9258) at /blade/install/daemon/php/main/main.c:2157
#25 0x083ad5b4 in main (argc=4, argv=0xbfea93b4) at /blade/install/daemon/php/sapi/cli/php_cli.c:1159

[2009-04-03 09:50 UTC] dmitry@php.net

Sorry but I can't understand what's going on, while I can't reproduce it myself. The best case if you can provide a script which crashes PHP running from command line (it may be a big code base but without dependencies on external resources like databases and etc)

[2009-04-03 13:17 UTC] patric at zap dot lu

Made a little script with 15 lines, which leads to seg fault.

Please refer to the following page for further information:
http://www.zap.lu/php/

Don't know if it is related to the bugs above, but considering
the gdb output, the bug is still in the Garbage Collector.

The little script, spawns thousands of objects which are partially
linked together. During the execution of the script, it seg faults.

Tested it on Debian Lenny and on Debian Testing, 2 different servers.
Each time the same ending.

Regards,
 Patric de Waha

[2009-04-03 17:22 UTC] dmitry@php.net

Your script just makes stack overflow in GC because of huge nesting, however according to the first backtrace you have another problem. I'll probably try to reduce stack stack usage, but it won't solve the real problem.

Could you also try the following patch: http://pastebin.com/m4d65d738

[2009-04-04 10:12 UTC] patric at zap dot lu

Yes the last testcase created infinite recursion, nevertheless it should not core dump but reach memory exhausted at the end?

I got a new testcase, I isolated the parts in the framework which
lead to the segfault.

Stripped it down to some weird chain of operations, which lead to segfault.

This time no deep recursion, at a depth of 18 it begins to segfault.


The piece of code:

class bomb {
static function go($pDepth)	{
if ($pDepth>0)
 call_user_func_array(array('bomb', 'go'),array($pDepth-1));
		
 $backtrace	= debug_backtrace(false);
 foreach ($backtrace as $k=>$e)	
  foreach ($e['args'] as $kk=>$arg)
   if (is_array($arg))
    $backtrace[$k]['args'][$kk]= 'Foobar';						
 }
}

	bomb::go(18);	

### GDB ###########################################

Program terminated with signal 11, Segmentation fault.
[New process 25022]
#0  _zend_mm_free_int (heap=0x9eb81b8, p=0x9fe2da0) at /blade/install/daemon/php/Zend/zend_alloc.c:1979
1979            if (ZEND_MM_IS_FREE_BLOCK(next_block)) {
(gdb) bt
#0  _zend_mm_free_int (heap=0x9eb81b8, p=0x9fe2da0) at /blade/install/daemon/php/Zend/zend_alloc.c:1979
#1  0x0832114d in _zval_ptr_dtor (zval_ptr=0x9feb5bc) at /blade/install/daemon/php/Zend/zend_variables.h:35
#2  0x08337c1e in zend_hash_destroy (ht=0x9fdfc44) at /blade/install/daemon/php/Zend/zend_hash.c:526
#3  0x0832be75 in _zval_dtor_func (zvalue=0x9fe27c4) at /blade/install/daemon/php/Zend/zend_variables.c:43
#4  0x0832114d in _zval_ptr_dtor (zval_ptr=0x9fdae88) at /blade/install/daemon/php/Zend/zend_variables.h:35
#5  0x08337c1e in zend_hash_destroy (ht=0x9febac4) at /blade/install/daemon/php/Zend/zend_hash.c:526
#6  0x0832be75 in _zval_dtor_func (zvalue=0x9fe0eb8) at /blade/install/daemon/php/Zend/zend_variables.c:43
#7  0x0832114d in _zval_ptr_dtor (zval_ptr=0x9feb590) at /blade/install/daemon/php/Zend/zend_variables.h:35
#8  0x08337c1e in zend_hash_destroy (ht=0x9fdf82c) at /blade/install/daemon/php/Zend/zend_hash.c:526
#9  0x0832be75 in _zval_dtor_func (zvalue=0x9fdf1c0) at /blade/install/daemon/php/Zend/zend_variables.c:43
#10 0x0832114d in _zval_ptr_dtor (zval_ptr=0xa0111c0) at /blade/install/daemon/php/Zend/zend_variables.h:35
#11 0x0834e816 in zend_leave_helper_SPEC (execute_data=0x1) at /blade/install/daemon/php/Zend/zend_vm_execute.h:157
#12 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#13 0x08321ab7 in zend_call_function (fci=0xbfe4521c, fci_cache=0xbfe45240)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#14 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdefd0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#15 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010ee8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#16 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#17 0x08321ab7 in zend_call_function (fci=0xbfe4542c, fci_cache=0xbfe45450)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#18 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdedc4, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#19 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010c78) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#20 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#21 0x08321ab7 in zend_call_function (fci=0xbfe4563c, fci_cache=0xbfe45660)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#22 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdebb8, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#23 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010a08) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#24 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#25 0x08321ab7 in zend_call_function (fci=0xbfe4584c, fci_cache=0xbfe45870)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#26 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fde9ac, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#27 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010798) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#28 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#29 0x08321ab7 in zend_call_function (fci=0xbfe45a5c, fci_cache=0xbfe45a80)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#30 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fde7a0, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#31 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010528) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#32 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#33 0x08321ab7 in zend_call_function (fci=0xbfe45c6c, fci_cache=0xbfe45c90)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#34 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fde594, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#35 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa0102b8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#36 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#37 0x08321ab7 in zend_call_function (fci=0xbfe45e7c, fci_cache=0xbfe45ea0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#38 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fde388, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#39 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa010048) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#40 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#41 0x08321ab7 in zend_call_function (fci=0xbfe4608c, fci_cache=0xbfe460b0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#42 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fde17c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#43 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00fdd8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#44 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#45 0x08321ab7 in zend_call_function (fci=0xbfe4629c, fci_cache=0xbfe462c0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#46 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fddf70, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#47 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00fb68) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#48 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#49 0x08321ab7 in zend_call_function (fci=0xbfe464ac, fci_cache=0xbfe464d0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#50 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fddd64, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#51 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00f8f8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#52 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#53 0x08321ab7 in zend_call_function (fci=0xbfe466bc, fci_cache=0xbfe466e0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#54 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fddb58, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#55 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00f688) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#56 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#57 0x08321ab7 in zend_call_function (fci=0xbfe468cc, fci_cache=0xbfe468f0)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#58 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdbd8c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#59 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00f418) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#60 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#61 0x08321ab7 in zend_call_function (fci=0xbfe46adc, fci_cache=0xbfe46b00)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#62 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdbb80, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#63 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00f1a8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#64 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#65 0x08321ab7 in zend_call_function (fci=0xbfe46cec, fci_cache=0xbfe46d10)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#66 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdb974, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#67 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00ef38) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#68 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#69 0x08321ab7 in zend_call_function (fci=0xbfe46efc, fci_cache=0xbfe46f20)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#70 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdb768, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#71 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00ecc8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#72 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#73 0x08321ab7 in zend_call_function (fci=0xbfe4710c, fci_cache=0xbfe47130)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#74 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdb55c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#75 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00ea58) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#76 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#77 0x08321ab7 in zend_call_function (fci=0xbfe4731c, fci_cache=0xbfe47340)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#78 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdb350, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
---Type <return> to continue, or q <return> to quit---
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#79 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00e7e8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#80 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#81 0x08321ab7 in zend_call_function (fci=0xbfe4752c, fci_cache=0xbfe47550)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#82 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdb144, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#83 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00e578) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#84 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#85 0x08321ab7 in zend_call_function (fci=0xbfe4773c, fci_cache=0xbfe47760)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#86 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdaf38, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#87 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00e308) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#88 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#89 0x08321ab7 in zend_call_function (fci=0xbfe4794c, fci_cache=0xbfe47970)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#90 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdd418, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#91 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00e098) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#92 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#93 0x08321ab7 in zend_call_function (fci=0xbfe47b5c, fci_cache=0xbfe47b80)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#94 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdd20c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#95 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00de28) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#96 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#97 0x08321ab7 in zend_call_function (fci=0xbfe47d6c, fci_cache=0xbfe47d90)
    at /blade/install/daemon/php/Zend/zend_execute_API.c:936
#98 0x08269947 in zif_call_user_func_array (ht=2, return_value=0x9fdd000, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /blade/install/daemon/php/ext/standard/basic_functions.c:4745
#99 0x08376a59 in zend_do_fcall_common_helper_SPEC (execute_data=0xa00dbb8) at /blade/install/daemon/php/Zend/zend_vm_execute.h:313
#100 0x08354b8e in execute (op_array=0x9fdd56c) at /blade/install/daemon/php/Zend/zend_vm_execute.h:104
#101 0x0832c046 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /blade/install/daemon/php/Zend/zend.c:1188
#102 0x082da047 in php_execute_script (primary_file=0xbfe4a208) at /blade/install/daemon/php/main/main.c:2157
#103 0x083ad0d4 in main (argc=3, argv=0xbfe4a364) at /blade/install/daemon/php/sapi/cli/php_cli.c:1159

[2009-04-06 09:34 UTC] dmitry@php.net

Thanks for test.
This is the smallest script which demonstrates the crash.

<?php
class bomb {
  static function go($n)	{
   $backtrace = debug_backtrace(false);
   $backtrace[1]['args'][1] = 'bomb';
  }
}
call_user_func_array(array('bomb', 'go'), array(0));
?>

The bug is not related to GC, so may be the crash in GC shown by the first backtrace is a side effect of this one, but it also may be some different unrelated bug.

[2009-04-06 11:14 UTC] dmitry@php.net

The crash described in last two posts is fixed in CVS. However it can be unrelated to GC crash mentioned in the first backtrace.

[2009-04-06 14:56 UTC] patric at zap dot lu

Thanks, had no segfault with the latest CVS.
Seems to work for me.
patric

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 10:01:29 2024 UTC