Edit report at http://bugs.php.net/bug.php?id=52678&edit=1
ID: 52678
Comment by: andrzej dot pruszynski at autodesk dot com
Reported by: andrzej dot pruszynski at autodesk dot com
Summary: Segmentation fault on scripts execution
Status: Open
Type: Bug
Package: Reproducible crash
Operating System: Solaris 5.10, Spark
PHP Version: 5.3.3
Block user comment: N
New Comment:
Culprit is in zend_vm_stack_clear_multiple() fuction from
Zend/zend_execute.h.
Here is the corrected one ['*p = NULL' is moved down one line, after
'zval *q = *(zval **)(--p)' assignment].
static inline void zend_vm_stack_clear_multiple(TSRMLS_D)
{
void **p = EG(argument_stack)->top - 1;
int delete_count = (int)(zend_uintptr_t) *p;
while (--delete_count>=0) {
zval *q = *(zval **)(--p);
zval_ptr_dtor(&q);
*p = NULL;
}
zend_vm_stack_free_int(p TSRMLS_CC);
}
So it seems not be memory alignment problem but GCC optimization
problem. I suggest it is globally fixed in the code this way, as all
Solaris Spark 64 bit can be affected by gcc optimization 'problem'.
Previous Comments:
------------------------------------------------------------------------
[2010-08-23 16:08:12] andrzej dot pruszynski at autodesk dot com
Description:
------------
Reading bug reports I've seen #47230, similar, near one year ago.
Apparently there is a problem with memory alignment. I used gcc 4.2.3
and make 3.81 from gcc installation.
Non of system script in CL mode can be executed. In my example script,
when commentting out 'sleep()', there is no crash.
- version
---------------------------------------------------------------
bash-3.2$ sapi/cli/php --version
PHP 5.3.3 (cli) (built: Aug 20 2010 07:45:05)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
- phpinfo()
-------------------------------------------------------------
System => SunOS csdev10 5.10 Generic_142900-02 sun4u
Build Date => Aug 20 2010 07:40:16
Configure Command => './configure' '--without-iconv' '--disable-phar'
Server API => Command Line Interface
Virtual Directory Support => disabled
Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => (none)
Scan this dir for additional .ini files => (none)
Additional .ini files parsed => (none)
PHP API => 20090626
PHP Extension => 20090626
Zend Extension => 220090626
Zend Extension Build => API220090626,NTS
PHP Extension Build => API20090626,NTS
Debug Build => no
Thread Safety => disabled
Zend Memory Manager => enabled
Zend Multibyte Support => disabled
Test script:
---------------
<?php
echo "One\n";
sleep(1);
echo "Two\n";
?>
Expected result:
----------------
Text output: 'One, Two'.
Actual result:
--------------
bash-3.2$ gdb ./sapi/cli/php
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.10"...
(gdb) set args "test01.php"
(gdb) run
Starting program: /local/users/andrzejp/php-5.3.3/sapi/cli/php
"test01.php"
warning: Temporarily disabling breakpoints for unloaded shared library
"/usr/lib/ld.so.1"
warning: Lowest section in /lib/libpthread.so.1 is .dynamic at 00000074
One
Program received signal SIGSEGV, Segmentation fault.
_zval_ptr_dtor (zval_ptr=0xffbfef3c)
at /local/users/andrzejp/php-5.3.3/Zend/zend.h:385
warning: Source file is more recent than executable.
385 return --pz->refcount__gc;
(gdb) bt
#0 _zval_ptr_dtor (zval_ptr=0xffbfef3c)
at /local/users/andrzejp/php-5.3.3/Zend/zend.h:385
#1 0x002a6830 in zend_do_fcall_common_helper_SPEC
(execute_data=0x6dcc70)
at /local/users/andrzejp/php-5.3.3/Zend/zend_execute.h:318
#2 0x0027a1d0 in execute (op_array=0x5a5d38)
at /local/users/andrzejp/php-5.3.3/Zend/zend_vm_execute.h:107
#3 0x002565bc in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /local/users/andrzejp/php-5.3.3/Zend/zend.c:1194
#4 0x002034ac in php_execute_script (primary_file=0xffbff718)
at /local/users/andrzejp/php-5.3.3/main/main.c:2260
#5 0x002e779c in main (argc=2, argv=0xffbff83c)
at /local/users/andrzejp/php-5.3.3/sapi/cli/php_cli.c:1192
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52678&edit=1
