View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0001075XdebugUncategorizedpublic2014-09-03 19:272020-03-12 17:16
Reporterphalcon Assigned Toderick  
PrioritynormalSeverityfeatureReproducibilityalways
Status closedResolutionfixed 
Product Version2.2.5 
Fixed in Version2.2.6 
Summary0001075: Segmentation fault when "call_user_func" is invoked inside an internal function
Description

When "call_user_func" from the PHP userland is invoked inside an internal function/method it causes a segfault in Xdebug because the previous execution data does not always belongs to user PHP code but this time to an internal method/function.

Steps To Reproduce

This is only reproducible by calling:

ALLOC_INIT_ZVAL(function);
ZVAL_STRING(function, "call_user_func", 1);

if (call_user_function_ex(EG(function_table), NULL, function, &retval_ptr, 1, args, 0, NULL TSRMLS_CC) == SUCCESS && retval_ptr) {
}

Additional Information

(gdb) run index.php
Starting program: /usr/bin/php index.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe9ded700 (LWP 4321)]
[Thread 0x7fffe9ded700 (LWP 4321) exited]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5088b77 in xdebug_build_fname (edata=0x7fffffffa630, tmp=0x13cbe30)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:918
918 /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c: No such file or
directory.
(gdb) bt full
#0 0x00007ffff5088b77 in xdebug_build_fname (edata=0x7fffffffa630,
tmp=0x13cbe30)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:918
fname = 0x7fffffffccdf ""
#1 xdebug_add_stack_frame (zdata=zdata@entry=0x7fffffffa630, op_array=0x0,
type=type@entry=1)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug_stack.c:1039
edata = 0x7fffffffa630
opline_ptr = 0x7ffff7fa9320
tmp = 0x13cbe30
cur_opcode = <optimized out>
param = <optimized out>
i = 0
aggr_key = 0x0
aggr_key_len = 0
0000002 0x00007ffff5079534 in xdebug_execute_internal (
current_execute_data=0x7fffffffa630, fci=0x7fffffffa7b0,
return_value_used=1)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1520
edata = 0x7fffffffa630
fse = <optimized out>
cur_opcode = <optimized out>
do_return = 0
function_nr = 0
restore_error_handler_situation = 0
tmp_error_cb = 0x0
0000003 0x00000000006c348b in zend_call_function ()
No symbol table info available.
0000004 0x00007fffeaae8b19 in zephir_call_user_function ()
from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000005 0x00007fffeaaf06af in zephir_call_func_aparams ()
from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000006 0x00007fffeaae2295 in zim_Phalcon_Mvc_Micro_handle ()
from /usr/lib/php5/20121212/phalcon.so
No symbol table info available.
0000007 0x00000000006c10fb in dtrace_execute_internal ()
No symbol table info available.
0000008 0x00007ffff50795e6 in xdebug_execute_internal (
current_execute_data=0x7ffff7fa9320, fci=0x0, return_value_used=0)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1551
edata = <optimized out>
fse = 0x13cb9b0
cur_opcode = <optimized out>
do_return = 0
function_nr = 71
restore_error_handler_situation = 0
---Type <return> to continue, or q <return> to quit---
tmp_error_cb = <optimized out>
0000009 0x00000000007816d5 in ?? ()
No symbol table info available.
0000010 0x00000000006fb3a8 in execute_ex ()
No symbol table info available.
0000011 0x00000000006c0ff9 in dtrace_execute_ex ()
No symbol table info available.
0000012 0x00007ffff5078b6c in xdebug_execute_ex (execute_data=0x7ffff7fa9320)
at /build/buildd/xdebug-2.2.5/xdebug-2.2.5/xdebug.c:1437
op_array = 0x7ffff7fdc588
edata = <optimized out>
dummy = 0xe5e828 <compiler_globals+392>
fse = 0x13c67b0
xfse = <optimized out>
magic_cookie = <optimized out>
do_return = 0
function_nr = 0
le = <optimized out>
clear = 1
return_val = 0x0
0000013 0x00000000006d2c60 in zend_execute_scripts ()
No symbol table info available.
0000014 0x0000000000672875 in php_execute_script ()
No symbol table info available.
0000015 0x00000000007836ae in ?? ()
No symbol table info available.
0000016 0x00000000004605d0 in main ()
No symbol table info available.

TagsNo tags attached.
Operating System
PHP Version5.5.5-5.5.9

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2014-09-03 19:27 phalcon New Issue
2014-10-05 21:34 derick Status new => closed
2014-10-05 21:34 derick Assigned To => derick
2014-10-05 21:34 derick Resolution open => fixed
2014-10-05 21:34 derick Fixed in Version => 2.2.6
2020-03-12 16:55 derick Severity crash => feature
2020-03-12 17:16 derick Category Feature/Change request => Uncategorized