php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80371 Sigfault on function call
Submitted: 2020-11-15 16:35 UTC Modified: 2020-11-16 15:51 UTC
From: paternostersergio6 at gmail dot com Assigned:
Status: Closed Package: Scripting Engine problem
PHP Version: 8.0.0RC4 OS: Ubuntu 16.04 Server
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: paternostersergio6 at gmail dot com
New email:
PHP Version: OS:

 

 [2020-11-15 16:35 UTC] paternostersergio6 at gmail dot com
Description:
------------
I do apologize but this bug is too hard to reproduce outside of a complex framework I'm using. I hope the *backtrace* below could help.

The segmentation fault happens when I call a static method in a class that just returns true.

My (minimal) configuration. No particular changes in php.ini.

sudo ./configure --prefix=/usr/local/php/8.0.0RC4 \
--with-pdo-mysql=mysqlnd \
--enable-debug 

Test script:
---------------
/* Note this script works well! It is just to give you an idea of what happens in my framework */
class Process{
    public static function isSpecial(string $customernumber) :bool{
        // does some checks
        return true;
    }

    public static function addChannel( array $a) :array{
        // THIS GENERATES THE SIGFAULT
        if( self::isSpecial($a['Customer Number']) )   $a['Channel'] = 'AB2';
        else                                           $a['Channel'] = 'AB1';
        return $a;
    }
}

$a = [];
$a['Customer Number'] = 'A100200';
$a = Process::addChannel($a);


Actual result:
--------------
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
This GDB was configured as "x86_64-linux-gnu".
Reading symbols from /usr/local/php/8.0.0RC4/bin/php...done.
[New LWP 34435]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/local/php/8.0.0RC4/bin/php -q /home/edsradmin/apps.tmo/scripts/apps.tmo.ph'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000000048a8bbbd in ?? ()
(gdb) bt
#0  0x0000000048a8bbbd in ?? ()
#1  0x00007ffe5551c4c0 in ?? ()
#2  0x0000000048a4a4b7 in ?? ()
#3  0x00007f989bc001e0 in ?? ()
#4  0x00007f989bc14020 in ?? ()
#5  0x00000000027d9870 in ?? ()
#6  0x0000000000000006 in ?? ()
#7  0x00007ffe5551c390 in ?? ()
#8  0x000000000084d8b9 in zend_mm_alloc_small_slow (heap=0x7f989bc146f0, bin_num=0, __zend_filename=0xe1e00000000 <error: Cannot access memory at address 0xe1e00000000>, __zend_lineno=19025464, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at /home/edsradmin/software/php-8.0.0RC4/Zend/zend_alloc.c:1194
#9  0x00000000009348a7 in zend_execute (op_array=0x7f989bc5e500, return_value=0x0) at /home/edsradmin/software/php-8.0.0RC4/Zend/zend_vm_execute.h:58789
#10 0x000000000088adbf in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/edsradmin/software/php-8.0.0RC4/Zend/zend.c:1680
#11 0x00000000007f00dc in php_execute_script (primary_file=0x7ffe5551ea80) at /home/edsradmin/software/php-8.0.0RC4/main/main.c:2490
#12 0x0000000000972b4e in do_cli (argc=6, argv=0x27c6780) at /home/edsradmin/software/php-8.0.0RC4/sapi/cli/php_cli.c:949
#13 0x0000000000973b2b in main (argc=6, argv=0x27c6780) at /home/edsradmin/software/php-8.0.0RC4/sapi/cli/php_cli.c:1336

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-11-15 16:46 UTC] nikic@php.net
Would it be possible to run your code under "USE_ZEND_ALLOC=0 valgrind php" and post the resulting log (on gist.github.com for example, it will likely be large)?
 [2020-11-15 17:21 UTC] paternostersergio6 at gmail dot com
I run:

export export USE_ZEND_ALLOC=0
valgrind --log-file=php.log /usr/local/php/8.0.0RC4/bin/php myscript.php

Here the log file:
https://gist.github.com/capsandiego/66315b9fc60312c0a5cd7e7b96d22257

Hope this could help! Thank you
 [2020-11-16 14:49 UTC] paternostersergio6 at gmail dot com
I realized that the issue happens only when I have opcache enabled in the php.ini file. I will investigate further but it's not an opcache issue and not a PHP engine one, it seems.
 [2020-11-16 15:51 UTC] paternostersergio6 at gmail dot com
-Status: Open +Status: Closed
 [2020-11-16 15:51 UTC] paternostersergio6 at gmail dot com
Closed this bug as it seems related to Bug #80275 (opcache.jit crashes with some values)
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Mar 02 11:01:23 2021 UTC