Uploaded image for project: 'PHP Driver: Library'
  1. PHP Driver: Library
  2. PHPLIB-117

Segfault during FindOne test

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 1.0.0-alpha1
    • Affects Version/s: 0.2.0
    • Component/s: None
    • None

      Noticed while testing PR #23, which contains typemap fixes for PHPC 1.0.0. This comes up with my system PHP installation, which has more extensions than my 5.6 development build (where there is no crash).

      $ phpunit --filter testFindOne
PHPUnit 4.5.0 by Sebastian Bergmann and contributors.

Configuration read from /home/jmikola/workspace/mongodb/phplib/phpunit.xml.dist

Segmentation fault (core dumped)
[honeydew: phplib] derickr-typemap-fixes $ gdb `which php` core 
GNU gdb (Ubuntu 7.9-1ubuntu1) 7.9
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/php...Reading symbols from /usr/lib/debug/.build-id/0f/3f1498e14eb8d856e03d271f7b4e6af21a7547.debug...done.
done.

warning: core file may not match specified executable file.
[New LWP 9955]
b[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
t Core was generated by `php /home/jmikola/.composer/vendor/bin/phpunit --filter testFindOne'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000000000728df1 in gc_zval_possible_root (zv=0x7f594a6d0020) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_gc.c:143
143	/build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_gc.c: No such file or directory.
(gdb) bt full
#0  0x0000000000728df1 in gc_zval_possible_root (zv=0x7f594a6d0020) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_gc.c:143
No locals.
#1  0x0000000000716278 in zend_hash_destroy (ht=0x7f594a4366e8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_hash.c:548
        p = 0x0
        q = 0x7f594a3c59b8
#2  0x0000000000706c2b in _zval_dtor_func (zvalue=0x7f594a6d0020, zvalue@entry=0x7f594a6e71e8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_variables.c:45
No locals.
#3  0x00000000007b1418 in _zval_dtor (zvalue=0x7f594a6e71e8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_variables.h:35
No locals.
#4  i_zval_ptr_dtor (zval_ptr=0x7f594a6e71e8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_execute.h:79
No locals.
#5  i_free_compiled_variables (execute_data=0x7f595aee9e70) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_execute.c:1555
        cv = 0x7f595aee9f00
        end = 0x7f595aee9f10
#6  zend_leave_helper_SPEC (execute_data=0x7f595aee9e70) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:399
        nested = 0 '\000'
        op_array = 0x7f594a654490
#7  0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee9e70) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#8  0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee9e70) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#9  0x00000000006f8b4a in zend_call_function (fci=0x7ffd12f025b0, fci_cache=0x7f594a436690) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_execute_API.c:832
        i = 1244152296
        calling_symbol_table = 0x0
        original_opline_ptr = 0x7f595aee9b18
        current_scope = 0x0
        current_called_scope = 0x2337bf0
        execute_data = {opline = 0x0, function_state = {function = 0x7f594a654490, arguments = 0x7f595aee9c68}, op_array = 0x0, object = 0x7f594a848940, symbol_table = 0x0, 
          prev_execute_data = 0x7f595aee9b18, old_error_reporting = 0x0, nested = 0 '\000', original_return_value = 0x7f595aee9b80, current_scope = 0x7f594a7ed9c0, 
          current_called_scope = 0x7f594a6bf770, current_this = 0x7f594a848940, fast_ret = 0x7f594a6d0358, delayed_exception = 0x0, call_slots = 0x7f595aee9c10, call = 0x7f595aee9c10}
        fci_cache_local = {initialized = 192 '\300', function_handler = 0x2, calling_scope = 0x3000000020, called_scope = 0x7ffd12f02560, object_ptr = 0x7ffd12f02490}
#10 0x000000000058b33b in zim_reflection_method_invokeArgs (ht=0, return_value=0x7f594a6d1d38, return_value_ptr=0x7f595aeff068, this_ptr=0x7f594a6bf770, return_value_used=1244152296)
    at /build/php5-oxmf3S/php5-5.6.4+dfsg/ext/reflection/php_reflection.c:3045
        retval_ptr = 0x7f594a6666d8
        params = 0x7f594a306e68
        object = 0x7f594a848940
        intern = 0x7f594a395e70
        argc = 0
        result = 1248589680
        fci = {size = 72, function_table = 0x0, function_name = 0x0, symbol_table = 0x0, retval_ptr_ptr = 0x7ffd12f02560, param_count = 0, params = 0x7f594a306e68, object_ptr = 0x7f594a848940, 
          no_separation = 1 '\001'}
---Type <return> to continue, or q <return> to quit---
        fcc = {initialized = 1 '\001', function_handler = 0x7f594a654490, calling_scope = 0x7f594a6bf770, called_scope = 0x7f594a6bf770, object_ptr = 0x7f594a848940}
        obj_ce = 0x7f594a6bf770
        param_array = 0x7f594a6d0c50
#11 0x00000000006f6e1a in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:97
        lineno = <optimized out>
        filename = <optimized out>
#12 0x00000000007b4eb0 in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee9b18) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:560
        ret = 0x7f595aee9818
        opline = 0x7f594a806e20
        fbc = 0x2339180
        num_args = 0
#13 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee9b18) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#14 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee9b18) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#15 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee8ed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a802968
        fbc = 0x7f594a658ae0
        num_args = 0
#16 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee8ed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#17 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee8ed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#18 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee7b48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a2fd6b0
        fbc = 0x7f594a6589d8
        num_args = 0
#19 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee7b48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#20 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee7b48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
---Type <return> to continue, or q <return> to quit---
        classname = 0x0
#21 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee60c0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a7fe900
        fbc = 0x7f594a3754e0
        num_args = 0
#22 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee60c0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#23 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee60c0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#24 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee4c48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a841a30
        fbc = 0x7f594a6588d0
        num_args = 0
#25 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee4c48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#26 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee4c48) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#27 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee3cb0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a841a30
        fbc = 0x7f594a833bb8
        num_args = 0
#28 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee3cb0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#29 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee3cb0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#30 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aee2cc8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a3aab78
        fbc = 0x7f594a833bb8
        num_args = 0
#31 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aee2cc8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
---Type <return> to continue, or q <return> to quit---
        original_in_execution = 1 '\001'
#32 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aee2cc8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#33 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aedfed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a894070
        fbc = 0x7f594a39e340
        num_args = 0
#34 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aedfed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#35 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aedfed8) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#36 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aedf598) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f594a88ab20
        fbc = 0x7f594a88db10
        num_args = 0
#37 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aedf598) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 1 '\001'
#38 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aedf598) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 0
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
#39 0x00000000007b53de in zend_do_fcall_common_helper_SPEC (execute_data=0x7f595aedf3e0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:592
        opline = 0x7f595af15910
        fbc = 0x7f595af17580
        num_args = 0
#40 0x0000000000744ef0 in execute_ex (execute_data=0x7f595aedf3e0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_vm_execute.h:363
        ret = -1723060224
        original_in_execution = 0 '\000'
#41 0x00000000006f6cb8 in dtrace_execute_ex (execute_data=0x7f595aedf3e0) at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend_dtrace.c:73
        lineno = 32601
        scope = 0x0
        filename = 0x0
        funcname = 0x0
        classname = 0x0
---Type <return> to continue, or q <return> to quit---
#42 0x00000000007096b0 in zend_execute_scripts (type=1248657440, type@entry=8, retval=0x7f594a436690, retval@entry=0x0, file_count=1525674088, file_count@entry=3)
    at /build/php5-oxmf3S/php5-5.6.4+dfsg/Zend/zend.c:1344
        files = {{gp_offset = 40, fp_offset = 89341111, overflow_arg_area = 0x7ffd12f035d0, reg_save_area = 0x7ffd12f03560}}
        i = 1
        file_handle = 0x7ffd12f05980
#43 0x00000000006a53bb in php_execute_script (primary_file=0x7ffd12f05980) at /build/php5-oxmf3S/php5-5.6.4+dfsg/main/main.c:2584
        realfile = "/home/jmikola/.composer/vendor/phpunit/phpunit/phpunit\000\000\b\000\000\000 \000\000\000\250\276'\002\000\000\000\000\300H\360\022\375\177\000\000\270H\360\022\375\177\000\000p\301'\002\000\000\000\000\003\000\000\000\n\000\000\000\210\365\355ZY\177\000\000\002", '\000' <repeats 15 times>, "\b", '\000' <repeats 15 times>, "\004\000\000\000\000\000\000\000\360H\360\022\375\177\000\000.", '\000' <repeats 15 times>, "\005\000\000\000\000\000\000\000\020I\360\022\375\177\000\000\021\267\017\355\002\200\377\377"...
        __orig_bailout = 0x7ffd12f05b40
        __bailout = {{__jmpbuf = {140724921195328, -3990492326491703705, 140724921194632, 12340792, 1, 2, -3990492322823784857, 3991536632032409191}, __mask_was_saved = 0, __saved_mask = {
              __val = {248, 36159144, 36160448, 14748344700621421935, 140021720368398, 0, 16419161835647551488, 7, 140724921195536, 35030720, 140724921194632, 12340792, 140724921195536, 
                35030720, 7528876, 140021754359928}}}}
        prepend_file_p = 0x0
        append_file_p = 0x0
        prepend_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, 
                buf = 0x0, old_handle = 0x0, old_closer = 0x0}, reader = 0x0, fsizer = 0x0, closer = 0x0}}, free_filename = 0 '\000'}
        append_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, 
                buf = 0x0, old_handle = 0x0, old_closer = 0x0}, reader = 0x0, fsizer = 0x0, closer = 0x0}}, free_filename = 0 '\000'}
        old_cwd = 0x7ffd12f035d0 ""
        retval = 0
#44 0x00000000007b6e50 in do_cli (argc=1248657440, argv=0x7f594a436690) at /build/php5-oxmf3S/php5-5.6.4+dfsg/sapi/cli/php_cli.c:994
        __bailout = {{__jmpbuf = {35031264, 3991536994358015591, 12343408, 140724921199832, 140724921199828, 15701120, -3990492326489606553, 3991536485884638823}, __mask_was_saved = 0, 
            __saved_mask = {__val = {12235969, 12235993, 12130085, 12130106, 12236006, 12236026, 12236043, 12236597, 12236064, 12236078, 12236100, 12236119, 12236146, 12236175, 0, 
                7955998172649846063}}}}
        file_handle = {type = ZEND_HANDLE_MAPPED, filename = 0x21686c0 "/home/jmikola/.composer/vendor/bin/phpunit", opened_path = 0x0, handle = {fd = 1525763712, fp = 0x7f595af14e80, 
            stream = {handle = 0x7f595af14e80, isatty = 0, mmap = {len = 911, pos = 0, map = 0x7f595af55000, buf = 0x7f595af55013 <error: Cannot access memory at address 0x7f595af55013>, 
                old_handle = 0x252f6f0, old_closer = 0x71f2a0 <zend_stream_stdio_closer>}, reader = 0x71f2d0 <zend_stream_stdio_reader>, fsizer = 0x71f220 <zend_stream_stdio_fsizer>, 
              closer = 0x71f1a0 <zend_stream_mmap_closer>}}, free_filename = 0 '\000'}
        request_started = 1
        exit_status = 0
        php_optarg = 0x0
        php_optind = 2
        arg_excp = 0x2168678
        lineno = 2
#45 0x0000000000463a2d in main (argc=1248657440, argv=0x7f594a436690) at /build/php5-oxmf3S/php5-5.6.4+dfsg/sapi/cli/php_cli.c:1378
        __bailout = {{__jmpbuf = {35031264, 3991536994358015591, 12343408, 140724921199832, 140724921199828, 15701120, -3990492325824809369, 3991536394930501223}, __mask_was_saved = 0, 
            __saved_mask = {__val = {4131212846, 4294967295, 140021752682909, 140021719892472, 140021754653144, 0, 140021719873248, 3, 4, 140724921200328, 140021752712992, 140021688205576, 4, 
                140724921200328, 140021752712992, 1}}}}
        c = -1723060224
        php_optarg = 0x0
        php_optind = 1
        ini_ignore = 0
(gdb)

            Assignee:
            jmikola@mongodb.com Jeremy Mikola
            Reporter:
            jmikola@mongodb.com Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: