Edit report at https://bugs.php.net/bug.php?id=62358&edit=1
ID: 62358
Comment by: maciej dot sz at gmail dot com
Reported by: maciej dot sz at gmail dot com
Summary: Segfault when using traits a lot
Status: Assigned
Type: Bug
Package: Reproducible crash
Operating System: Linux 3.2.0-25-generic Ubuntu
PHP Version: 5.4.4
Assigned To: laruence
Block user comment: N
Private report: N
New Comment:
I'm having trouble putting together a reproduce script because, as I've
mentioned before, there is a lot of randomness in this crash. I'll keep trying,
meanwhile the requested fptr (don't know if I'm doing it right...):
(gdb) f
#0 0x000000000094e37d in zend_get_function_declaration (fptr=0x1b6a6e8)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3052
3052 memcpy(offset, fptr->common.scope->name,
fptr->common.scope->name_length);
(gdb) p *fptr
$2 = {type = 90 'Z', common = {type = 90 'Z',
function_name = 0x5a5a5a5a5a5a5a5a <Address 0x5a5a5a5a5a5a5a5a out of
bounds>,
scope = 0x5a5a5a5a5a5a5a5a, fn_flags = 1515870810, prototype =
0x5a5a5a5a5a5a5a5a,
num_args = 1515870810, required_num_args = 1515870810, arg_info =
0x5a5a5a5a5a5a5a5a}, op_array = {
type = 90 'Z', function_name = 0x5a5a5a5a5a5a5a5a <Address
0x5a5a5a5a5a5a5a5a out of bounds>,
scope = 0x5a5a5a5a5a5a5a5a, fn_flags = 1515870810, prototype =
0x5a5a5a5a5a5a5a5a,
num_args = 1515870810, required_num_args = 1515870810, arg_info =
0x5a5a5a5a5a5a5a5a,
refcount = 0x5a5a5a5a5a5a5a5a, opcodes = 0x5a5a5a5a5a5a5a5a, last =
1515870810,
vars = 0x5a5a5a5a5a5a5a5a, last_var = 1515870810, T = 1515870810,
brk_cont_array = 0x5a5a5a5a5a5a5a5a, last_brk_cont = 1515870810,
try_catch_array = 0x5a5a5a5a5a5a5a5a, last_try_catch = 1515870810,
static_variables = 0x5a5a5a5a5a5a5a5a, this_var = 1515870810,
filename = 0x5a5a5a5a5a5a5a5a <Address 0x5a5a5a5a5a5a5a5a out of bounds>,
line_start = 1515870810,
line_end = 1515870810, doc_comment = 0x5a5a5a5a5a5a5a5a <Address
0x5a5a5a5a5a5a5a5a out of bounds>,
doc_comment_len = 1515870810, early_binding = 1515870810, literals =
0x5a5a5a5a5a5a5a5a,
last_literal = 1515870810, run_time_cache = 0x5a5a5a5a5a5a5a5a,
last_cache_slot = 1515870810,
reserved = {0x5a5a5a5a5a5a5a5a, 0x5a5a5a5a5a5a5a5a, 0x5a5a5a5a5a5a5a5a,
0x5a5a5a5a5a5a5a5a}},
internal_function = {type = 90 'Z',
function_name = 0x5a5a5a5a5a5a5a5a <Address 0x5a5a5a5a5a5a5a5a out of
bounds>,
scope = 0x5a5a5a5a5a5a5a5a, fn_flags = 1515870810, prototype =
0x5a5a5a5a5a5a5a5a,
num_args = 1515870810, required_num_args = 1515870810, arg_info =
0x5a5a5a5a5a5a5a5a,
handler = 0x5a5a5a5a5a5a5a5a, module = 0x5a5a5a5a5a5a5a5a}}
(gdb) p $f0
$3 = void
Previous Comments:
------------------------------------------------------------------------
[2012-08-13 06:36:01] [email protected]
and btw: could you please print the fptr in your bt out? maybe it will be help,
like:
gdb > f0
gdb > p *fptr
------------------------------------------------------------------------
[2012-08-13 06:34:06] [email protected]
could you give us a reproduce script?
seems you are using reflection in your scripts. (assign to myself, then I can
get
your feedback as soon as possible)
------------------------------------------------------------------------
[2012-08-13 01:17:51] [email protected]
It should have been set back to Open when you responded.
------------------------------------------------------------------------
[2012-08-12 12:25:52] maciej dot sz at gmail dot com
This a very serious bug that stops deploying software to production. Can anyone
tell me why the status has been changed to Feedback?
------------------------------------------------------------------------
[2012-08-12 12:21:54] maciej dot sz at gmail dot com
Another crash, this time in newest 5.4.6RC1 :
Program received signal SIGSEGV, Segmentation fault.
0x000000000094e409 in zend_get_function_declaration (fptr=0x1b5e240)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3059
3059 size_t name_len = strlen(fptr->common.function_name);
(gdb) bt
#0 0x000000000094e409 in zend_get_function_declaration (fptr=0x1b5e240)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3059
#1 0x000000000094f37b in do_inheritance_check_on_method (child=0x1ba67c0,
parent=0x1b6d2b8)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3263
#2 0x000000000094f531 in do_inherit_method_check
(child_function_table=0x1ba8970, parent=0x1b6d2b8,
hash_key=0x7fffffff9dd0, child_ce=0x1ba8948)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3288
#3 0x0000000000988bf0 in zend_hash_replace_checker_wrapper (target=0x1ba8970,
source_data=0x1b6d2b8,
p=0x1b79630, pParam=0x1ba8948, merge_checker_func=0x94f4aa
<do_inherit_method_check>)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_hash.c:878
#4 0x0000000000988c71 in zend_hash_merge_ex (target=0x1ba8970,
source=0x1b64378,
pCopyConstructor=0x94ddb3 <do_inherit_method>, size=240,
pMergeSource=0x94f4aa <do_inherit_method_check>, pParam=0x1ba8948)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_hash.c:892
#5 0x00000000009507df in zend_do_inheritance (ce=0x1ba8948,
parent_ce=0x1b64350)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:3519
#6 0x00000000009540a7 in do_bind_inherited_class (op_array=0x1ba5b10,
opline=0x1bb74b0,
class_table=0x126ee70, parent_ce=0x1b64350, compile_time=0 '\000')
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_compile.c:4570
#7 0x00000000009b742a in ZEND_DECLARE_INHERITED_CLASS_SPEC_HANDLER
(execute_data=0x7ffff7f95e70)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:936
#8 0x00000000009b4122 in execute (op_array=0x1ba5b10)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:410
#9 0x000000000096381c in zend_call_function (fci=0x7fffffffa410,
fci_cache=0x7fffffffa460)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_execute_API.c:958
#10 0x0000000000717021 in zim_reflection_method_invokeArgs (ht=2,
return_value=0x1ba72f8,
return_value_ptr=0x0, this_ptr=0x1b26ed0, return_value_used=1)
at /home/maciek/Downloads/php-5.4.6RC1/ext/reflection/php_reflection.c:3024
#11 0x00000000009b5838 in zend_do_fcall_common_helper_SPEC
(execute_data=0x7ffff7f94728)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:642
#12 0x00000000009b66dc in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(execute_data=0x7ffff7f94728)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:752
#13 0x00000000009b4122 in execute (op_array=0x7ffff095e050)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend_vm_execute.h:410
#14 0x0000000000976ca1 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/maciek/Downloads/php-5.4.6RC1/Zend/zend.c:1289
#15 0x00000000008e90aa in php_execute_script (primary_file=0x7fffffffcdd0)
at /home/maciek/Downloads/php-5.4.6RC1/main/main.c:2473
#16 0x0000000000abf8c1 in do_cli (argc=6, argv=0x7fffffffe1b8)
at /home/maciek/Downloads/php-5.4.6RC1/sapi/cli/php_cli.c:988
#17 0x0000000000ac09fa in main (argc=6, argv=0x7fffffffe1b8)
at /home/maciek/Downloads/php-5.4.6RC1/sapi/cli/php_cli.c:1364
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=62358
--
Edit this bug report at https://bugs.php.net/bug.php?id=62358&edit=1
