php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #63564 Segfault in garbage collector
Submitted: 2012-11-19 22:33 UTC Modified: 2012-11-21 19:54 UTC
From: evert at rooftopsolutions dot nl Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 5.3.18 OS: OS/X 10.8
Private report: No CVE-ID: None
 [2012-11-19 22:33 UTC] evert at rooftopsolutions dot nl
Description:
------------
I'm getting a segfault when running a rather large PHPUnit testsuite. It's unreproducable with smaller scripts, so I sincerely hope that this is enough info.

I must also confess that this segfault occurs with the default PHP package on OS X 10.8, which is currently on PHP 5.3.15.

If this is indeed too old to report bugs for, I would like to say sorry for wasting your time, and thanks for looking into this anyway.

Note that this is the second mac I've had this particular issue with, but the first time the issue went away after arbitrary source changes.

Test script:
---------------
The test script is unfortunately huge, and impossible to really share. The conditions that trigger this is unfortunately also pretty random.

Expected result:
----------------
No segfault

Actual result:
--------------
Full GDB output:

$ gdb --wait php
GNU gdb 6.3.50-20050815 (Apple version gdb-1820) (Sat Jun 16 02:40:11 UTC 2012)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-apple-darwin".
Waiting for process 'php' to launch.
Attaching to process 74467.
Reading symbols for shared libraries . done
Reading symbols for shared libraries ........................................................................................................................................................... done
Reading symbols for shared libraries + done
0x00007fff8ffba686 in mach_msg_trap ()

(gdb) continue
Continuing.
Reading symbols for shared libraries warning: Could not find object file "/private/tmp/pear/install/pear-build-rootxgWREH/libevent-0.0.5/.libs/libevent.o" - no debug information available for "/private/tmp/pear/install/libevent/libevent.c".

.. done
Reading symbols for shared libraries warning: Could not find object file "/private/tmp/pear/install/pear-build-rootk3Ie9q/memcached-2.1.0/.libs/php_memcached.o" - no debug information available for "/private/tmp/pear/install/memcached/php_memcached.c".

warning: Could not find object file "/private/tmp/pear/install/pear-build-rootk3Ie9q/memcached-2.1.0/fastlz/.libs/fastlz.o" - no debug information available for "/private/tmp/pear/install/memcached/fastlz/fastlz.c".

warning: Could not find object file "/private/tmp/pear/install/pear-build-rootk3Ie9q/memcached-2.1.0/.libs/g_fmt.o" - no debug information available for "/private/tmp/pear/install/memcached/g_fmt.c".

warning: Could not find object file "/private/tmp/pear/install/pear-build-rootk3Ie9q/memcached-2.1.0/.libs/php_memcached_session.o" - no debug information available for "/private/tmp/pear/install/memcached/php_memcached_session.c".

.. done

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x0000000103c60713 in gc_remove_zval_from_buffer ()
(gdb) backtrace
#0  0x0000000103c60713 in gc_remove_zval_from_buffer ()
#1  0x0000000103c6073e in gc_remove_zval_from_buffer ()
#2  0x0000000103c5fdf1 in gc_collect_cycles ()
#3  0x0000000103c5fad6 in gc_zval_possible_root ()
#4  0x0000000103c51b0b in zend_hash_destroy ()
#5  0x0000000103c45645 in _zval_dtor_func ()
#6  0x0000000103946df8 in php_pcre_match_impl ()
#7  0x0000000103949fc1 in php_pcre_grep_impl ()
#8  0x0000000103ca6680 in zend_do_fcall ()
#9  0x0000000103c66e3a in execute ()
#10 0x0000000103c4789e in zend_execute_scripts ()
#11 0x0000000103bfc1b8 in php_execute_script ()
#12 0x0000000103cbdb88 in php_register_internal_extensions ()
#13 0x00007fff910c17e1 in start ()
(gdb) 

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-11-20 02:29 UTC] laruence@php.net
-Status: Open +Status: Feedback
 [2012-11-20 02:29 UTC] laruence@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

Hey, from the bt, it's very similar to #63055

could you please test with the snapshot?

thanks
 [2012-11-21 19:54 UTC] evert at rooftopsolutions dot nl
-Status: Feedback +Status: Closed
 [2012-11-21 19:54 UTC] evert at rooftopsolutions dot nl
On first appearance, no crashes with the latest snapshot.

I hope that the conditions were identical enough to test this :).
If you can think of something that will make it more likely for the segfault to appear, definitely let me know so I can test.

Otherwise, feel free to keep this one closed. Hopefully Apple decided to update their package as well.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Jan 27 06:01:24 2020 UTC