MantisBT

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001072XdebugUsage problems (Wrong Results)public2014-08-22 15:302015-01-07 00:05
Reportersizeof 
Assigned Toderick 
PrioritylowSeveritycrashReproducibilityalways
StatusresolvedResolutionfixed 
Platformamd64OSDebianOS Version7.5
Product Version2.2.5 
Target VersionFixed in Version2.2.6 
Summary0001072: Dereferencing NULL pointer opline to get a lineno
Descriptionxdebug-2.2.5 tested with php 5.5.9 and 5.5.16 segfaults here:

Program terminated with signal 11, Segmentation fault.
#0 0x00007fccf0d22dca in xdebug_build_fname (edata=0x7fff7c6eac80, tmp=0x3452930)
    at /usr/src/xdebug-2.2.5/xdebug_stack.c:918
918 tmp->function = xdebug_sprintf(
(gdb) list
913 }
914
915 if (!fname) {
916 fname = "whoops";
917 }
918 tmp->function = xdebug_sprintf(
919 "%s:{%s:%d}",
920 edata->function_state.function->common.function_name,
921 fname,
922 edata->opline->lineno

(gdb) p edata
$10 = (zend_execute_data *) 0x7fff7c6eac80
(gdb) p edata->opline
$11 = (struct _zend_op *) 0x0
(gdb) p *edata
$12 = {opline = 0x0, function_state = {function = 0x27f7bd0, arguments = 0x7fccf12fb6c0}, op_array = 0x0,
  object = 0x0, symbol_table = 0x0, prev_execute_data = 0x7fccf12fb5e0, old_error_reporting = 0x0,
  nested = 0 '\000', original_return_value = 0x2bae650, current_scope = 0x29477c0,
  current_called_scope = 0x7fccf12f9d68, current_this = 0x0, fast_ret = 0x7fccf12f9da8,
  call_slots = 0x7fccf12fb670, call = 0x7fccf12fb670}
TagsNo tags attached.
Operating System
PHP Version5.5.5-5.5.9
Attached Files

- Relationships

-  Notes
(0002877)
derick (administrator)
2014-08-22 15:35

Would you be able to produce a script that demonstrates this crash? That makes it a lot easier to fix the problem as this is most likely caused by a case that I haven't considered.
(0002881)
sizeof (reporter)
2014-09-05 22:44

Nop, it seems hard for us to produce a reproductible script, as we don't have a stacktrace, and it happens in a very huge pile of PHP...

But you may at lest test for it instead of crashing, logging some debug information, as a temporary fix ? (I typically quick-fixed my version with a little ternary).
(0002897)
derick (administrator)
2014-11-11 19:49

I am going to guess and I think this could be the same as 0001073 and 0001075, which
will be fixed in Xdebug 2.2.6 once I release it. In any case, as you have a
GDB stacktrace, you can reproduce this somehow. In case it happens again, can
you issue "backtrace full" to get the full stack?
(0002933)
derick (administrator)
2014-12-13 20:35

2.2.6 is now released, can you please check whether that addressed the issue?
(0002960)
derick (administrator)
2015-01-07 00:05

Suspected fixed in 2.2.6 - please reopen if it's still an issue.

- Issue History
Date Modified Username Field Change
2014-08-22 15:30 sizeof New Issue
2014-08-22 15:35 derick Note Added: 0002877
2014-08-22 15:35 derick Assigned To => derick
2014-08-22 15:35 derick Status new => feedback
2014-09-05 22:44 sizeof Note Added: 0002881
2014-09-05 22:44 sizeof Status feedback => assigned
2014-11-11 19:49 derick Note Added: 0002897
2014-11-11 19:49 derick Status assigned => feedback
2014-12-13 20:35 derick Note Added: 0002933
2015-01-07 00:05 derick Note Added: 0002960
2015-01-07 00:05 derick Status feedback => resolved
2015-01-07 00:05 derick Fixed in Version => 2.2.6
2015-01-07 00:05 derick Resolution open => fixed
2016-07-31 13:36 derick Category Usage problems => Usage problems (Crashes)
2016-07-31 13:38 derick Category Usage problems (Crashes) => Usage problems (Wrong Results)


Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker