MantisBT

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001075XdebugFeature/Change requestpublic2014-09-03 20:272014-10-05 22:34
Reporterphalcon 
Assigned Toderick 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.2.5 
Target VersionFixed in Version2.2.6 
Summary0001075: Segmentation fault when "call_user_func" is invoked inside an internal function
DescriptionWhen "call_user_func" from the PHP userland is invoked inside an internal function/method it causes a segfault in Xdebug because the previous execution data does not always belongs to user PHP code but this time to an internal method/function.
Steps To ReproduceThis is only reproducible by calling:

ALLOC_INIT_ZVAL(function);
ZVAL_STRING(function, "call_user_func", 1);

if (call_user_function_ex(EG(function_table), NULL, function, &retval_ptr, 1, args, 0, NULL TSRMLS_CC) == SUCCESS && retval_ptr) {
}
Additional Information(gdb) run index.php
Starting program: /usr/bin/php index.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe9ded700 (LWP 4321)]
[Thread 0x7fffe9ded700 (LWP 4321) exited]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5088b77 in xdebug_build_fname (edata=0x7fffffffa630, tmp=0x13cbe30)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:918
918 /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c: No such file or
directory.
(gdb) bt full
#0 0x00007ffff5088b77 in xdebug_build_fname (edata=0x7fffffffa630,
    tmp=0x13cbe30)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:918
        fname = 0x7fffffffccdf ""
#1 xdebug_add_stack_frame (zdata=zdata@entry=0x7fffffffa630, op_array=0x0,
    type=type@entry=1)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:1039
        edata = 0x7fffffffa630
        opline_ptr = 0x7ffff7fa9320
        tmp = 0x13cbe30
        cur_opcode = <optimized out>
        param = <optimized out>
        i = 0
        aggr_key = 0x0
        aggr_key_len = 0
0000002 0x00007ffff5079534 in xdebug_execute_internal (
    current_execute_data=0x7fffffffa630, fci=0x7fffffffa7b0,
    return_value_used=1)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1520
        edata = 0x7fffffffa630
        fse = <optimized out>
        cur_opcode = <optimized out>
        do_return = 0
        function_nr = 0
        restore_error_handler_situation = 0
        tmp_error_cb = 0x0
0000003 0x00000000006c348b in zend_call_function ()
No symbol table info available.
0000004 0x00007fffeaae8b19 in zephir_call_user_function ()
   from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000005 0x00007fffeaaf06af in zephir_call_func_aparams ()
   from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000006 0x00007fffeaae2295 in zim_Phalcon_Mvc_Micro_handle ()
   from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000007 0x00000000006c10fb in dtrace_execute_internal ()
No symbol table info available.
0000008 0x00007ffff50795e6 in xdebug_execute_internal (
    current_execute_data=0x7ffff7fa9320, fci=0x0, return_value_used=0)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1551
        edata = <optimized out>
        fse = 0x13cb9b0
        cur_opcode = <optimized out>
        do_return = 0
        function_nr = 71
        restore_error_handler_situation = 0
---Type <return> to continue, or q <return> to quit---
        tmp_error_cb = <optimized out>
0000009 0x00000000007816d5 in ?? ()
No symbol table info available.
0000010 0x00000000006fb3a8 in execute_ex ()
No symbol table info available.
0000011 0x00000000006c0ff9 in dtrace_execute_ex ()
No symbol table info available.
0000012 0x00007ffff5078b6c in xdebug_execute_ex (execute_data=0x7ffff7fa9320)
    at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1437
        op_array = 0x7ffff7fdc588
        edata = <optimized out>
        dummy = 0xe5e828 <compiler_globals+392>
        fse = 0x13c67b0
        xfse = <optimized out>
        magic_cookie = <optimized out>
        do_return = 0
        function_nr = 0
        le = <optimized out>
        clear = 1
        return_val = 0x0
0000013 0x00000000006d2c60 in zend_execute_scripts ()
No symbol table info available.
0000014 0x0000000000672875 in php_execute_script ()
No symbol table info available.
0000015 0x00000000007836ae in ?? ()
No symbol table info available.
0000016 0x00000000004605d0 in main ()
No symbol table info available.
TagsNo tags attached.
Operating System
PHP Version5.5.5-5.5.9
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2014-09-03 20:27 phalcon New Issue
2014-10-05 22:34 derick Status new => closed
2014-10-05 22:34 derick Assigned To => derick
2014-10-05 22:34 derick Resolution open => fixed
2014-10-05 22:34 derick Fixed in Version => 2.2.6


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker