Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segfault getting debug info from a Closure containing a static variable #8083

Closed
therealgaxbo opened this issue Feb 11, 2022 · 1 comment
Closed

Comments

@therealgaxbo
Copy link

Description

Calling var_dump/print_r on a Closure that holds a static variable segfaults:

<?php

function func(){
    static $i;
}

$x = func(...);

var_dump($x);

The backtrace:

Core was generated by `php81 test.php'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x000055c24b2666c5 in zend_closure_get_debug_info (object=0x7f6d42c7e000, is_temp=<optimized out>)
    at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_closures.c:564
564                     ZEND_HASH_FOREACH_STR_KEY_VAL(static_variables, key, var) {
Missing separate debuginfos, use: dnf debuginfo-install postgresql14-libs-14.2-1PGDG.f35.x86_64
(gdb) bt
#0  0x000055c24b2666c5 in zend_closure_get_debug_info (object=0x7f6d42c7e000, is_temp=<optimized out>)
    at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_closures.c:564
#1  0x000055c24b276fb1 in zend_std_get_properties_for (obj=<optimized out>, purpose=<optimized out>)
    at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_object_handlers.c:1880
#2  0x000055c24b15e502 in php_var_dump (struc=0x7f6d42c140e0, level=1) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/ext/standard/var.c:163
#3  0x000055c24b15ea11 in zif_var_dump (execute_data=<optimized out>, return_value=<optimized out>)
    at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/ext/standard/var.c:228
#4  0x000055c24b250317 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER () at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_vm_execute.h:1235
#5  execute_ex (ex=0x55c24b454068) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_vm_execute.h:55310
#6  0x000055c24b257319 in zend_execute (op_array=0x7f6d42c85000, return_value=0x0) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend_vm_execute.h:59673
#7  0x000055c24b1e7e10 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/Zend/zend.c:1761
#8  0x000055c24b18344a in php_execute_script (primary_file=<optimized out>) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/main/main.c:2535
#9  0x000055c24b2cfb0e in do_cli (argc=2, argv=0x55c24d1f85c0) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/sapi/cli/php_cli.c:965
#10 0x000055c24b03ac1b in main (argc=2, argv=0x55c24d1f85c0) at /usr/src/debug/php81-php-8.1.2-1.fc35.remi.x86_64/sapi/cli/php_cli.c:1367

This appears to be an 8.1 regression as I can't replicate on 8.0.15.

PHP Version

PHP 8.1.2

Operating System

Fedora 35

@cmb69
Copy link
Member

cmb69 commented Feb 15, 2022

The regression has been triggered by 6b0f14f, but I'm not sure whether the actual issue is somewhere else; for some reason, the static_variables_ptr map pointer is not initialized here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants
@cmb69 @bwoebi @therealgaxbo and others