php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70138 Segfault on shutdown when running PHPUnit
Submitted: 2015-07-26 09:39 UTC Modified: 2015-07-26 15:51 UTC
From: sebastian@php.net Assigned: bwoebi
Status: Closed Package: phpdbg
PHP Version: 7.0Git-2015-07-26 (Git) OS: Linux
Private report: No CVE-ID:
 [2015-07-26 09:39 UTC] sebastian@php.net
Description:
------------
$ git clone https://github.com/sebastianbergmann/phpunit.git
$ cd phpunit
$ wget https://getcomposer.org/composer.phar
$ php composer.phar install
$ phpdbg phpunit --version


Expected result:
----------------
No segfault

Actual result:
--------------
$ gdb /usr/local/php-7.0/bin/phpdbg
GNU gdb (GDB) Fedora 7.9.1-17.fc22
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/php-7.0/bin/phpdbg...done.
(gdb) r -rr phpunit --version
Starting program: /usr/local/php-7.0/bin/phpdbg -rr phpunit --version
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[Welcome to phpdbg, the interactive PHP debugger, v0.5.0]
To get help using phpdbg type "help" and press enter
[Please report bugs to <http://bugs.php.net/report.php>]
#!/usr/bin/env php
Detaching after fork from child process 5922.
PHPUnit 5.0-g4e1512f by Sebastian Bergmann and contributors.

[Caught exit/error from VM]
[Sun Jul 26 11:34:02 2015]  Script:  '-'

Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:106
106		movdqu	(%rax), %xmm12
(gdb) bt
#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x00000000008edb79 in format_converter (odp=0x7fffffffb560, fmt=0xfc61c1 "s(%d) :  Freeing 0x%.8lX (%zu bytes), script=%s\n", ap=0x7fffffffb5b0) at /usr/local/src/php/src/main/snprintf.c:993
#2  0x00000000008ee470 in strx_printv (ccp=0x7fffffffb5cc, buf=0x7fffffffb8f0 "[Sun Jul 26 11:34:02 2015]  Script:  '-'\n", len=512, format=0xfc61c0 "%s(%d) :  Freeing 0x%.8lX (%zu bytes), script=%s\n", 
    ap=0x7fffffffb5b0) at /usr/local/src/php/src/main/snprintf.c:1248
#3  0x00000000008ee6b9 in ap_php_snprintf (buf=0x7fffffffb8f0 "[Sun Jul 26 11:34:02 2015]  Script:  '-'\n", len=512, format=0xfc61c0 "%s(%d) :  Freeing 0x%.8lX (%zu bytes), script=%s\n")
    at /usr/local/src/php/src/main/snprintf.c:1293
#4  0x00000000008e9527 in php_message_handler_for_zend (message=4, data=0x7fffffffc980) at /usr/local/src/php/src/main/main.c:1435
#5  0x00000000009798f9 in zend_message_dispatcher (message=4, data=0x7fffffffc980) at /usr/local/src/php/src/Zend/zend.c:996
#6  0x0000000000946b6e in zend_mm_check_leaks (heap=0x7fffee800040) at /usr/local/src/php/src/Zend/zend_alloc.c:1905
#7  0x0000000000946e6c in zend_mm_shutdown (heap=0x7fffee800040, full=0, silent=0) at /usr/local/src/php/src/Zend/zend_alloc.c:1973
#8  0x0000000000947c3a in shutdown_memory_manager (silent=0, full_shutdown=0) at /usr/local/src/php/src/Zend/zend_alloc.c:2392
#9  0x00000000008ea301 in php_request_shutdown (dummy=0x0) at /usr/local/src/php/src/main/main.c:1837
#10 0x0000000000a3abe0 in main (argc=4, argv=0x7fffffffdd48) at /usr/local/src/php/src/sapi/phpdbg/phpdbg.c:1959


$ USE_ZEND_ALLOC=0 valgrind --leak-check=full /usr/local/php-7.0/bin/phpdbg -rr phpunit --version
==6536== Memcheck, a memory error detector
==6536== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==6536== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==6536== Command: /usr/local/php-7.0/bin/phpdbg -rr phpunit --version
==6536== 
[Welcome to phpdbg, the interactive PHP debugger, v0.5.0]
To get help using phpdbg type "help" and press enter
[Please report bugs to <http://bugs.php.net/report.php>]
#!/usr/bin/env php
PHPUnit 5.0-g4e1512f by Sebastian Bergmann and contributors.

[Caught exit/error from VM]
==6536== 
==6536== HEAP SUMMARY:
==6536==     in use at exit: 165,175 bytes in 2,802 blocks
==6536==   total heap usage: 35,836 allocs, 33,034 frees, 8,168,329 bytes allocated
==6536== 
==6536== 104 bytes in 1 blocks are definitely lost in loss record 78 of 166
==6536==    at 0x4C28C50: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6536==    by 0x947462: _emalloc (zend_alloc.c:2207)
==6536==    by 0x9BDF5D: zend_objects_new (zend_objects.c:161)
==6536==    by 0x980F56: _object_and_properties_init (zend_API.c:1299)
==6536==    by 0x981013: _object_init_ex (zend_API.c:1314)
==6536==    by 0x9F26A8: ZEND_NEW_SPEC_VAR_HANDLER (zend_vm_execute.h:15353)
==6536==    by 0xA359C1: zend_vm_call_opcode_handler (zend_vm_execute.h:49562)
==6536==    by 0xA45929: phpdbg_execute_ex (phpdbg_prompt.c:1572)
==6536==    by 0x9D405B: zend_execute (zend_vm_execute.h:450)
==6536==    by 0xA423BB: phpdbg_do_run (phpdbg_prompt.c:688)
==6536==    by 0xA3A699: main (phpdbg.c:1827)
==6536== 
==6536== 416 (56 direct, 360 indirect) bytes in 1 blocks are definitely lost in loss record 120 of 166
==6536==    at 0x4C28C50: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6536==    by 0x947462: _emalloc (zend_alloc.c:2207)
==6536==    by 0x98021B: _array_init (zend_API.c:1087)
==6536==    by 0x8FE850: php_build_argv (php_variables.c:537)
==6536==    by 0x8FF12A: php_hash_environment (php_variables.c:667)
==6536==    by 0x8E9B54: php_request_startup (main.c:1616)
==6536==    by 0xA3A1CA: main (phpdbg.c:1686)
==6536== 
==6536== 680 (56 direct, 624 indirect) bytes in 1 blocks are definitely lost in loss record 129 of 166
==6536==    at 0x4C28C50: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6536==    by 0x947462: _emalloc (zend_alloc.c:2207)
==6536==    by 0x990A9E: zend_array_dup (zend_hash.c:1693)
==6536==    by 0x97748B: _zval_copy_ctor_func (zend_variables.c:221)
==6536==    by 0x9CC30E: zend_assign_to_variable (zend_execute.h:119)
==6536==    by 0xA15DE0: ZEND_ASSIGN_SPEC_CV_CONST_HANDLER (zend_vm_execute.h:31573)
==6536==    by 0xA359C1: zend_vm_call_opcode_handler (zend_vm_execute.h:49562)
==6536==    by 0xA45929: phpdbg_execute_ex (phpdbg_prompt.c:1572)
==6536==    by 0x9D405B: zend_execute (zend_vm_execute.h:450)
==6536==    by 0xA423BB: phpdbg_do_run (phpdbg_prompt.c:688)
==6536==    by 0xA3A699: main (phpdbg.c:1827)
==6536== 
==6536== LEAK SUMMARY:
==6536==    definitely lost: 216 bytes in 3 blocks
==6536==    indirectly lost: 984 bytes in 7 blocks
==6536==      possibly lost: 0 bytes in 0 blocks
==6536==    still reachable: 163,975 bytes in 2,792 blocks
==6536==         suppressed: 0 bytes in 0 blocks
==6536== Reachable blocks (those to which a pointer was found) are not shown.
==6536== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==6536== 
==6536== For counts of detected and suppressed errors, rerun with: -v
==6536== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-07-26 14:41 UTC] bwoebi@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: bwoebi
 [2015-07-26 14:41 UTC] bwoebi@php.net
I'll take care of the leaks…

But to fix the segfault; could you please tell me your gcc version?
 [2015-07-26 15:51 UTC] sebastian@php.net
$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/5.1.1/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,objc,obj-c++,fortran,ada,go,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --disable-libgcj --with-default-libstdcxx-abi=c++98 --with-isl --enable-libmpx --enable-gnu-indirect-function --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
Thread model: posix
gcc version 5.1.1 20150618 (Red Hat 5.1.1-4) (GCC)
 [2015-07-26 19:49 UTC] bwoebi@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f5bef4058cb0ec8ae817a9b249a2b355fb3286fc
Log: Fix bug #70138 (difference between gcc and clang)
 [2015-07-26 19:49 UTC] bwoebi@php.net
-Status: Assigned +Status: Closed
 [2015-08-04 20:54 UTC] ab@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f5bef4058cb0ec8ae817a9b249a2b355fb3286fc
Log: Fix bug #70138 (difference between gcc and clang)
 [2016-07-20 11:37 UTC] davey@php.net
Automatic comment on behalf of bobwei9@hotmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f5bef4058cb0ec8ae817a9b249a2b355fb3286fc
Log: Fix bug #70138 (difference between gcc and clang)
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC