Uploaded image for project: 'PHP Driver: Extension'
  1. PHP Driver: Extension
  2. PHPC-167

PHP crashes with phongo just being loaded during shutdown

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 0.1.5
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:
      PHP 5.6.

      When running PHP with just phongo enabled, I get a segmentation fault:

      derick@whisky:~ $ php -n -dextension=phongo.so -r ''
Segmentation fault

      valgrind reports the following, when I set USE_ZEND_ALLOC=0:

      [PHP: 5.6.7-dev  USE_ZEND_ALLOC=0]
derick@whisky:~ $ valgrind php -n -dextension=phongo.so -r ''
==19692== Memcheck, a memory error detector
==19692== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==19692== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==19692== Command: php -n -dextension=phongo.so -r 
==19692== 
==19692== Jump to the invalid address stated on the next line
==19692==    at 0xEEB4515: ???
==19692==    by 0xA647C6: module_destructor (zend_API.c:2376)
==19692==    by 0xA6B028: i_zend_hash_bucket_delete (zend_hash.c:182)
==19692==    by 0xA6B0FF: zend_hash_bucket_delete (zend_hash.c:192)
==19692==    by 0xA6CE30: zend_hash_graceful_reverse_destroy (zend_hash.c:613)
==19692==    by 0xA626D1: zend_destroy_modules (zend_API.c:1894)
==19692==    by 0xA59379: zend_shutdown (zend.c:836)
==19692==    by 0x9C5E80: php_module_shutdown (main.c:2456)
==19692==    by 0xB0D3BB: main (php_cli.c:1393)
==19692==  Address 0xeeb4515 is not stack'd, malloc'd or (recently) free'd
==19692== 
==19692== 
==19692== Process terminating with default action of signal 11 (SIGSEGV)
==19692==  Access not within mapped region at address 0xEEB4515
==19692==    at 0xEEB4515: ???
==19692==    by 0xA647C6: module_destructor (zend_API.c:2376)
==19692==    by 0xA6B028: i_zend_hash_bucket_delete (zend_hash.c:182)
==19692==    by 0xA6B0FF: zend_hash_bucket_delete (zend_hash.c:192)
==19692==    by 0xA6CE30: zend_hash_graceful_reverse_destroy (zend_hash.c:613)
==19692==    by 0xA626D1: zend_destroy_modules (zend_API.c:1894)
==19692==    by 0xA59379: zend_shutdown (zend.c:836)
==19692==    by 0x9C5E80: php_module_shutdown (main.c:2456)
==19692==    by 0xB0D3BB: main (php_cli.c:1393)
==19692==  If you believe this happened as a result of a stack
==19692==  overflow in your program's main thread (unlikely but
==19692==  possible), you can try to increase the size of the
==19692==  main thread stack using the --main-stacksize= flag.
==19692==  The main thread stack size used in this run was 8388608.
==19692== 
==19692== HEAP SUMMARY:
==19692==     in use at exit: 3,162,580 bytes in 15,702 blocks
==19692==   total heap usage: 30,376 allocs, 14,674 frees, 4,317,556 bytes allocated
==19692== 
==19692== LEAK SUMMARY:
==19692==    definitely lost: 0 bytes in 0 blocks
==19692==    indirectly lost: 0 bytes in 0 blocks
==19692==      possibly lost: 0 bytes in 0 blocks
==19692==    still reachable: 3,162,580 bytes in 15,702 blocks
==19692==         suppressed: 0 bytes in 0 blocks
==19692== Rerun with --leak-check=full to see details of leaked memory
==19692== 
==19692== For counts of detected and suppressed errors, rerun with: -v
==19692== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault

      GDB, with bt full points at curl however:

      Program received signal SIGSEGV, Segmentation fault.
0x00007fffedfae515 in ?? ()
(gdb) bt
#0  0x00007fffedfae515 in ?? ()
#1  0x00007ffff498a4e2 in CRYPTO_THREADID_current ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#2  0x00007ffff4a16c98 in ERR_remove_thread_state ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#3  0x00007ffff46fda59 in ?? () from /usr/lib/x86_64-linux-gnu/libcurl.so.4
#4  0x00007ffff46d2ec5 in curl_global_cleanup ()
   from /usr/lib/x86_64-linux-gnu/libcurl.so.4
#5  0x00000000005ce011 in zm_shutdown_curl (type=1, module_number=12)
    at /home/derick/dev/php/php-src.git/ext/curl/interface.c:1249
#6  0x0000000000a647c7 in module_destructor (module=0x13eef40)
    at /home/derick/dev/php/php-src.git/Zend/zend_API.c:2376
#7  0x0000000000a6b029 in i_zend_hash_bucket_delete (
    ht=0x13acc80 <module_registry>, p=0x13eeee0)
    at /home/derick/dev/php/php-src.git/Zend/zend_hash.c:182
#8  0x0000000000a6b100 in zend_hash_bucket_delete (
    ht=0x13acc80 <module_registry>, p=0x13eeee0)
    at /home/derick/dev/php/php-src.git/Zend/zend_hash.c:192
#9  0x0000000000a6ce31 in zend_hash_graceful_reverse_destroy (
    ht=0x13acc80 <module_registry>)
    at /home/derick/dev/php/php-src.git/Zend/zend_hash.c:613
#10 0x0000000000a626d2 in zend_destroy_modules ()
    at /home/derick/dev/php/php-src.git/Zend/zend_API.c:1894
#11 0x0000000000a5937a in zend_shutdown ()
    at /home/derick/dev/php/php-src.git/Zend/zend.c:836
#12 0x00000000009c5e81 in php_module_shutdown ()
    at /home/derick/dev/php/php-src.git/main/main.c:2456
#13 0x0000000000b0d3bc in main (argc=5, argv=0x13cd150)
    at /home/derick/dev/php/php-src.git/sapi/cli/php_cli.c:1393

      But without phongo, it all works, and valgrind reports no errors.

            Assignee:
            bjori Hannes Magnusson
            Reporter:
            derick Derick Rethans
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: