php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #69649 segfault with --enable-dtrace
Submitted: 2015-05-16 17:49 UTC Modified: 2015-05-17 05:30 UTC
From: remi@php.net Assigned: dmitry (profile)
Status: Closed Package: *General Issues
PHP Version: master-Git-2015-05-16 (Git) OS: GNU/LInux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2015-05-16 17:49 UTC] remi@php.net 
Description:
------------
Git snapshot 2015-05-15 - c9f27ee4227268bc74fc54e0e06102317e614804

During test suite, tests/func/010.phpt raise a segfault
(no issue without dtrace)



Test script:
---------------
./configure --disable-all --enable-dtrace

gdb sapi/cli/php
(gdb) run  tests/func/010.phpt
...
--TEST--
function with many parameters
--SKIPIF--
--FILE--
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)
bool(true)

Program received signal SIGSEGV, Segmentation fault.
zend_vm_stack_free_call_frame_ex (call=0x7fffefe67020, call_info=130) at /work/build/phpmaster/Zend/zend_execute.h:245
245			EG(vm_stack_top) = prev->top;
(gdb) bt
#0  zend_vm_stack_free_call_frame_ex (call=0x7fffefe67020, call_info=130) at /work/build/phpmaster/Zend/zend_execute.h:245
#1  zend_vm_stack_free_call_frame (call=0x7fffefe67020) at /work/build/phpmaster/Zend/zend_execute.h:256
#2  ZEND_DO_FCALL_SPEC_HANDLER () at /work/build/phpmaster/Zend/zend_vm_execute.h:908
#3  0x00000000005caaab in execute_ex (ex=ex@entry=0x7ffff6613540) at /work/build/phpmaster/Zend/zend_vm_execute.h:394
#4  0x000000000057dd5a in dtrace_execute_ex (execute_data=0x7ffff6613540) at /work/build/phpmaster/Zend/zend_dtrace.c:78
#5  0x000000000061bc4c in ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER () at /work/build/phpmaster/Zend/zend_vm_execute.h:29367
#6  0x00000000005caaab in execute_ex (ex=ex@entry=0x7ffff6613030) at /work/build/phpmaster/Zend/zend_vm_execute.h:394
#7  0x000000000057dd5a in dtrace_execute_ex (execute_data=0x7ffff6613030) at /work/build/phpmaster/Zend/zend_dtrace.c:78
#8  0x000000000058dc78 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /work/build/phpmaster/Zend/zend.c:1389
#9  0x00000000005336b8 in php_execute_script (primary_file=primary_file@entry=0x7fffffffc9e0) at /work/build/phpmaster/main/main.c:2479
#10 0x0000000000623848 in do_cli (argc=2, argv=0xa336a0) at /work/build/phpmaster/sapi/cli/php_cli.c:967
#11 0x000000000041a33b in main (argc=2, argv=0xa336a0) at /work/build/phpmaster/sapi/cli/php_cli.c:1334

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-05-17 05:14 UTC] laruence@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: dmitry
 [2015-05-17 05:14 UTC] laruence@php.net 
if dtrace enable, ZEND_DO_FCALL will make the call as TOP, thus the call will be released in zend_leave_helper..

but later when the flow returns back to DO_FCALL -> invalid read/segfault since the call has be freed..
 [2015-05-18 09:45 UTC] dmitry@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cee88571d9dbb2d56b78b312919aea190580d9e5
Log: Fixed bug #69649 (segfault with --enable-dtrace)
 [2015-05-18 09:45 UTC] dmitry@php.net
-Status: Verified +Status: Closed
 [2016-07-20 11:38 UTC] davey@php.net 
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=cee88571d9dbb2d56b78b312919aea190580d9e5
Log: Fixed bug #69649 (segfault with --enable-dtrace)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat May 04 17:01:33 2024 UTC