From: Operating system: ubuntu 10.10 PHP version: 5.3.5 Package: Reproducible crash Bug Type: Bug Bug description:running phpunit causes seg fault in php garbage collection
Description: ------------ FIRST TEST ------------------- root@matthewbox:/pool/www/www.example.com/tests# USE_ZEND_ALLOC=0 gdb php GNU gdb (GDB) 7.2-ubuntu Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/local/bin/php...done. (gdb) run -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ Starting program: /usr/local/bin/php -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ [Thread debugging using libthread_db enabled] PHPUnit 3.5.10 by Sebastian Bergmann. [New Thread 0x7ffff24a6700 (LWP 17827)] [Thread 0x7ffff24a6700 (LWP 17827) exited] .................... Time: 26 seconds, Memory: 0.25Mb OK (20 tests, 20 assertions) Generating code coverage report, this may take a moment. Program received signal SIGSEGV, Segmentation fault. gc_remove_zval_from_buffer (zv=<value optimized out>) at /home/matthew/src/php-5.3.5/Zend/zend_gc.c:265 265 GC_REMOVE_FROM_BUFFER(root_buffer); (gdb) run -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/local/bin/php -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ [Thread debugging using libthread_db enabled] PHPUnit 3.5.10 by Sebastian Bergmann. [New Thread 0x7ffff24a6700 (LWP 17839)] [Thread 0x7ffff24a6700 (LWP 17839) exited] .................... Time: 25 seconds, Memory: 0.25Mb OK (20 tests, 20 assertions) Generating code coverage report, this may take a moment. Program received signal SIGSEGV, Segmentation fault. 0x000000000075a571 in gc_zval_possible_root (zv=0x37dadf0) at /home/matthew/src/php-5.3.5/Zend/zend_gc.c:143 143 GC_ZOBJ_CHECK_POSSIBLE_ROOT(zv); (gdb) bt #0 0x000000000075a571 in gc_zval_possible_root (zv=0x37dadf0) at /home/matthew/src/php-5.3.5/Zend/zend_gc.c:143 #1 0x000000000074912b in zend_hash_destroy (ht=0x37daf50) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #2 0x000000000075bb89 in zend_object_std_dtor (object=0x37edb00) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:45 #3 0x000000000075bba9 in zend_objects_free_object_storage (object=0x37dadf0) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:126 #4 0x000000000075f888 in zend_objects_store_del_ref_by_handle_ex (handle=<value optimized out>, handlers=<value optimized out>) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:220 #5 0x000000000075f8a3 in zend_objects_store_del_ref (zobject=0x37dee20) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:172 #6 0x000000000073072d in _zval_dtor (zval_ptr=0x3814058) at /home/matthew/src/php-5.3.5/Zend/zend_variables.h:35 #7 _zval_ptr_dtor (zval_ptr=0x3814058) at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:443 #8 0x000000000074912b in zend_hash_destroy (ht=0x3814160) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #9 0x000000000073c2cf in _zval_dtor_func (zvalue=0x37decb0) at /home/matthew/src/php-5.3.5/Zend/zend_variables.c:43 #10 0x000000000073072d in _zval_dtor (zval_ptr=0x3779148) at /home/matthew/src/php-5.3.5/Zend/zend_variables.h:35 #11 _zval_ptr_dtor (zval_ptr=0x3779148) at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:443 #12 0x000000000074912b in zend_hash_destroy (ht=0x36ff340) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #13 0x000000000075bb89 in zend_object_std_dtor (object=0x367e300) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:45 #14 0x000000000075bba9 in zend_objects_free_object_storage (object=0x37dadf0) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:126 #15 0x000000000075f3a8 in zend_objects_store_free_object_storage (objects=0xef86b8) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:92 #16 0x0000000000730b25 in shutdown_executor () at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:302 #17 0x000000000073d042 in zend_deactivate () at /home/matthew/src/php-5.3.5/Zend/zend.c:890 #18 0x00000000006ea665 in php_request_shutdown (dummy=<value optimized out>) at /home/matthew/src/php-5.3.5/main/main.c:1633 #19 0x00000000007c60cc in main (argc=<value optimized out>, argv=<value optimized out>) at /home/matthew/src/php-5.3.5/sapi/cli/php_cli.c:1374 (gdb) THIRD TEST --------------------- (gdb) run -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/local/bin/php -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ [Thread debugging using libthread_db enabled] PHPUnit 3.5.10 by Sebastian Bergmann. [New Thread 0x7ffff24a6700 (LWP 17857)] [Thread 0x7ffff24a6700 (LWP 17857) exited] .................... Time: 25 seconds, Memory: 0.25Mb OK (20 tests, 20 assertions) Generating code coverage report, this may take a moment. Program exited normally. (gdb) bt No stack. (gdb) FOURTH TEST -------------------------- (gdb) run -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ Starting program: /usr/local/bin/php -dzend.enable_gc=0 /usr/local/bin/phpunit --coverage-html ../public/tests/ [Thread debugging using libthread_db enabled] PHPUnit 3.5.10 by Sebastian Bergmann. [New Thread 0x7ffff24a6700 (LWP 17864)] [Thread 0x7ffff24a6700 (LWP 17864) exited] .................... Time: 25 seconds, Memory: 0.25Mb OK (20 tests, 20 assertions) Generating code coverage report, this may take a moment. Program received signal SIGSEGV, Segmentation fault. gc_remove_zval_from_buffer (zv=<value optimized out>) at /home/matthew/src/php-5.3.5/Zend/zend_gc.c:265 265 GC_REMOVE_FROM_BUFFER(root_buffer); (gdb) bt #0 gc_remove_zval_from_buffer (zv=<value optimized out>) at /home/matthew/src/php-5.3.5/Zend/zend_gc.c:265 #1 0x0000000000730775 in _zval_ptr_dtor (zval_ptr=0x38da7e8) at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:442 #2 0x000000000074912b in zend_hash_destroy (ht=0x38dd850) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #3 0x000000000075bb89 in zend_object_std_dtor (object=0x388ee90) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:45 #4 0x000000000075bba9 in zend_objects_free_object_storage (object=0x38d4a00) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:126 #5 0x000000000075f888 in zend_objects_store_del_ref_by_handle_ex (handle=<value optimized out>, handlers=<value optimized out>) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:220 #6 0x000000000075f8a3 in zend_objects_store_del_ref (zobject=0x38dc630) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:172 #7 0x000000000073072d in _zval_dtor (zval_ptr=0x38dbcf8) at /home/matthew/src/php-5.3.5/Zend/zend_variables.h:35 #8 _zval_ptr_dtor (zval_ptr=0x38dbcf8) at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:443 #9 0x000000000074912b in zend_hash_destroy (ht=0x38dbb00) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #10 0x000000000073c2cf in _zval_dtor_func (zvalue=0x388f1f0) at /home/matthew/src/php-5.3.5/Zend/zend_variables.c:43 #11 0x000000000073072d in _zval_dtor (zval_ptr=0x3867fb8) at /home/matthew/src/php-5.3.5/Zend/zend_variables.h:35 #12 _zval_ptr_dtor (zval_ptr=0x3867fb8) at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:443 #13 0x000000000074912b in zend_hash_destroy (ht=0x37ca770) at /home/matthew/src/php-5.3.5/Zend/zend_hash.c:529 #14 0x000000000075bb89 in zend_object_std_dtor (object=0x37ca7e0) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:45 #15 0x000000000075bba9 in zend_objects_free_object_storage (object=0x38d4a00) at /home/matthew/src/php-5.3.5/Zend/zend_objects.c:126 #16 0x000000000075f3a8 in zend_objects_store_free_object_storage (objects=0xef86b8) at /home/matthew/src/php-5.3.5/Zend/zend_objects_API.c:92 #17 0x0000000000730b25 in shutdown_executor () at /home/matthew/src/php-5.3.5/Zend/zend_execute_API.c:302 #18 0x000000000073d042 in zend_deactivate () at /home/matthew/src/php-5.3.5/Zend/zend.c:890 #19 0x00000000006ea665 in php_request_shutdown (dummy=<value optimized out>) at /home/matthew/src/php-5.3.5/main/main.c:1633 #20 0x00000000007c60cc in main (argc=<value optimized out>, argv=<value optimized out>) at /home/matthew/src/php-5.3.5/sapi/cli/php_cli.c:1374 (gdb) Test script: --------------- So far I have not been able to reproduce this with a small amount of code. This crash involves phpunit, xdebug, and zend framework but it is crashing (read the GDB BT above) due to zend garbage collection Expected result: ---------------- run phpunit with code coverage (which uses xdebug) Actual result: -------------- segmentation fault, see gdb backtrace in description -- Edit bug report at http://bugs.php.net/bug.php?id=53976&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=53976&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=53976&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=53976&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=53976&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=53976&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=53976&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=53976&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=53976&r=needscript Try newer version: http://bugs.php.net/fix.php?id=53976&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=53976&r=support Expected behavior: http://bugs.php.net/fix.php?id=53976&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=53976&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=53976&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=53976&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=53976&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=53976&r=dst IIS Stability: http://bugs.php.net/fix.php?id=53976&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=53976&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=53976&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=53976&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=53976&r=mysqlcfg
