search

ARudik / phc

Automatically exported from code.google.com/p/phc
0 stars 0 forks source link

PHP crashes when extension was compiled using -O option #136

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 

What steps will reproduce the problem?
1. use helloworld example, compile with
phc --extension=helloworld -O2 --generate-c helloworld.php  >ext/helloworld.c

2. create the .m4 file as in phc documention and start
phpize5 --with-php-config=/usr/bin/php-config5

(note: phpize5 and php-config5 are the ones from the distribution, not the ones 
from the php installation used to compile phc)

3. ./configure --enable-helloworld

4. make then copy the helloworld.so to the correct extension directory

5. enable in php.ini with extension="helloworld.so"

6. start with __MAIN__ (); in a php script

==> segmentation fault, php crashes, webserver offering php script for download

if the -O switch is not used in step 1 everything works fine. I tested -O0 -O1 
-O2 -O3, allways crashing php.

environment used:
Debian Lenny latest patch level (2011-08-04): Apache2, php 5.2.3
phc was installed as in your documention using the latest php download, 5.2.17. 
phc is from svn download

the reason why i am trying the -O option is the hope for improved speed.

many thanks to the PHC team for this great tool, please keep maintaining and 
improving it!!

Original issue reported on code.google.com by ulrich.j...@gmail.com on 6 Aug 2011 at 1:07

GoogleCodeExporter commented 9 years ago 
Ooooh, tricky bug. What we need here is a backtrace.

Can you compile ext/helloworld.c with -g, and run apache and mod_php under gdb? 
(I confess I don't know exactly how to do the latter, but Google probably 
will.) Then type "backtrace" and it should give you a stack trace.

It's possible, though unlikely, that phc's optimizer is what is breaking this. 
If so, I recommend that you compile without using phc's optimizer, but still 
using gcc's optimizer in step 4.

Original comment by paul.biggar on 6 Aug 2011 at 5:03

GoogleCodeExporter commented 9 years ago 
sorry to answer this late...

I created the backtrace using the howto in 
/usr/share/doc/apache2.2-common/README.backtrace

<snip>

Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal 11, Segmentation fault.
[New process 31134]
#0  zif___MAIN__ (ht=0, return_value=0x8df28b4, return_value_ptr=0x0, 
this_ptr=0x0, return_value_used=0)
    at /srv/www/htdocs/phctest/ext/helloworld.c:961
961   if (Z_ISREF_P(arg))
(gdb) bt full
#0  zif___MAIN__ (ht=0, return_value=0x8df28b4, return_value_ptr=0x0, 
this_ptr=0x0, return_value_used=0)
    at /srv/www/htdocs/phctest/ext/helloworld.c:961
    arg = (zval *) 0xb621c088
    rhs = <value optimized out>
    signature = (zend_function *) 0x8b98318
    args = {0xb771587b}
    args_ind = {0xbf8b3630}
    params_save = <value optimized out>
    retval_save = <value optimized out>
    p_lhs = (zval **) 0xb621c088
    local_TLE16 = (zval *) 0x0
    local_TLE14 = (zval *) 0x0
    local_TLE12 = (zval *) 0x0
    local_TLE11 = (zval *) 0x0
    local_TLE10 = (zval *) 0x0
#1  0xb6574a91 in execute_internal (execute_data_ptr=0xbf8b37fc, 
return_value_used=0)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/Zend/zend_execute.c:1373
    execute_data_ptr = (zend_execute_data *) 0xb621c088
    return_value_used = -1239302008
#2  0xb61f35f8 in xdebug_execute_internal (current_execute_data=0xbf8b37fc, 
return_value_used=0)
    at /build/buildd/xdebug-2.0.3/build-php5/xdebug.c:1605
    edata = (zend_execute_data *) 0xbf8b37fc
    fse = (function_stack_entry *) 0x8ee2ab0
    cur_opcode = (zend_op *) 0x9cf17326
    do_return = 0
    function_nr = 1
#3  0xb40b8373 in ?? () from /usr/lib/php5/20060613+lfs/suhosin.so
No symbol table info available.
#4  0xbf8b37fc in ?? ()
No symbol table info available.
#5  0x00000000 in ?? ()
No symbol table info available.

</snip>

Original comment by ulrich.j...@gmail.com on 8 Aug 2011 at 8:37

GoogleCodeExporter commented 9 years ago 
Hey, can you also:

- attach helloworld.c
- try the last thing I suggested in comment 1 and tell me if it works.

Thanks!

Original comment by paul.biggar on 8 Aug 2011 at 4:07

GoogleCodeExporter commented 9 years ago 
attached the source of helloworld.php and the c-code generated without any 
option (helloworld.c) and with option -O2 (helloworld_o2.c)

sorry not having included the result of your recommendation:
the make file starting gcc allways compiles with -O2, no matter what -O option 
is given to phc.(discoverd yesterday...) => all my tests were with gcc -O2 
option set. 

Thank you very much for your time and work!

PS: I will experiment today with PHP 5.3.3 (Debian Squeeze) and will then again 
reinstall PHC on my Debian Lenny machine. I fear that the PHP configure options 
(of the system used to compile phc) where not 100% identical to the ones of the 
target webserver

Original comment by ulrich.j...@gmail.com on 9 Aug 2011 at 6:59

Attachments:

GoogleCodeExporter commented 9 years ago 
tried to install with Debian Squeeze (PHP 5.3.3) installed as apt-get source 
and from the tar.gz... PHP install ok, meaning make, make install with no 
errors, prefix used=/usr/local
BUT: ./configure of PHC failed (message: embed seems not to be installed, 
--with-php=/usr/local does not help)
?? Is PHP 5.3.5 working, must the php version used to compile phc exaclty match 
the php version of the target webserver? Can extensions compile with 5.3.3 be 
used in webservers using PHP 5.3.3?

---------
tried the same on Debian Lenny with PHP 5.2.6, same result, same message
=> now I not even have one PHC installation anymore :-((

ANY HELP is greatly appreciated!

-------------------
PHP 5.2.6 try
config.log attached
php-config:
root@nuts:/usr/src/phc_svn/phc-read-only# /usr/local/bin/php-config
Usage: /usr/local/bin/php-config [OPTION]
Options:
  --prefix            [/usr/local]
  --includes          [-I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib]
  --ldflags           []
  --libs              [-lcrypt   -lz -lcrypt -lrt -lssl -lcrypto -ldb-4.6 -lbz2 -lz -lpcre -lssl -lcrypto -lresolv -lm -ldl -lnsl  -lxml2 -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lxml2 -lxml2 -lxml2 -lcrypt -lxml2 -lxml2 -lxml2 -lxml2 -lcrypt ]
  --extension-dir     [/usr/local/lib/php/20060613]
  --include-dir       [/usr/local/include/php]
  --php-binary        [/usr/local/bin/php]
  --php-sapis         [cli embed]
  --configure-options [--prefix=/usr/local --enable-embed --with-apxs2=/usr/bin/apxs2 --with-config-file-path=/etc/php5/apache2 --with-config-file-scan-dir=/etc/php5/apache2/conf.d --build=i486-linux-gnu --host=i486-linux-gnu --mandir=/usr/share/man --enable-memory-limit --disable-debug --with-regex=php --disable-rpath --disable-static --with-pic --with-layout=GNU --with-pear=/usr/share/php --enable-calendar --enable-sysvsem --enable-sysvshm --enable-sysvmsg --enable-track-vars --enable-trans-sid --enable-bcmath --with-bz2 --enable-ctype --with-db4 --without-gdbm --with-iconv --enable-exif --enable-filepro --enable-ftp --with-gettext --enable-mbstring --with-pcre-regex=/usr --enable-shmop --enable-sockets --enable-wddx --with-libxml-dir=/usr --with-zlib --with-kerberos=/usr --with-openssl=/usr --enable-dbx --enable-soap --enable-zip --with-mime-magic=/usr/share/file/magic.mime --with-exec-dir=/usr/lib/php5/libexec --with-system-tzdata --without-mm --with-curl=shared,/usr --with-zlib-dir=/usr --with-gd=shared,/usr --enable-gd-native-ttf --with-gmp=shared,/usr --with-jpeg-dir=shared,/usr --with-xpm-dir=shared,/usr/X11R6 --with-png-dir=shared,/usr --with-freetype-dir=shared,/usr --with-imap=shared,/usr --with-imap-ssl --with-interbase=shared,/usr --with-pdo-firebird=shared,/usr --with-ttf=shared,/usr --with-t1lib=shared,/usr --with-ldap=shared,/usr --with-ldap-sasl=/usr --with-mcrypt=shared,/usr --with-mhash=shared,/usr --with-mysql=shared,/usr --with-mysqli=shared,/usr/bin/mysql_config --with-pspell=shared,/usr --with-unixODBC=shared,/usr --with-xsl=shared,/usr --with-snmp=shared,/usr --with-sqlite=shared,/usr --with-tidy=shared,/usr --with-xmlrpc=shared --with-pgsql=shared,/usr]
  --version           [5.2.6]
  --vernum            [50206]

-------------

Original comment by ulrich.j...@gmail.com on 9 Aug 2011 at 11:24

Attachments:

GoogleCodeExporter commented 9 years ago 
It looks like either the refcount is being lowered too low, or that there is a 
problem due to using multiple different APIs. I can't really tell if it's the 
first, and would need a stack trace from an unoptimized debug build (ie, turn 
off -O2). For the latter, I would suggest trying it without Suhosin, and see if 
that works.

Original comment by paul.biggar on 10 Aug 2011 at 6:16

GoogleCodeExporter commented 9 years ago 
I managed to install on Lenny with the PHP 5.2.6 from PHP.NET. The configure 
parameters were as described in the phc manual; however they do not match the 
running webserver. Building phc ok, without any errors.

Compiled helloworld.php, tested with and without the -O option. The error is 
reproduced.

As you recomended in Comment 6, i disabled the Suhosin extension - to remove 
the Suhosin patch included in the Debian PHP5 packet was not done.

The resulting stack trace is now different to the last, maybe that helps:

Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal 11, Segmentation fault.
[New process 9461]
#0  0xb6184cf3 in zif___MAIN__ () from /usr/lib/php5/20060613+lfs/helloworld.so
(gdb) bf full
Undefined command: "bf".  Try "help".
(gdb) bt full
#0  0xb6184cf3 in zif___MAIN__ () from /usr/lib/php5/20060613+lfs/helloworld.so
No locals.
#1  0xb6566a91 in execute_internal (execute_data_ptr=0xbfb1025c, 
return_value_used=0)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/Zend/zend_execute.c:1373
    execute_data_ptr = (zend_execute_data *) 0x9a672b0
    return_value_used = 161903280
#2  0xb61e55f8 in xdebug_execute_internal (current_execute_data=0xbfb1025c, 
return_value_used=0)
    at /build/buildd/xdebug-2.0.3/build-php5/xdebug.c:1605
    edata = (zend_execute_data *) 0xbfb1025c
    fse = (function_stack_entry *) 0x9dad518
    cur_opcode = (zend_op *) 0x9cbfb70
    do_return = 0
    function_nr = 1
#3  0xb657f8d0 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfb1025c)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/Zend/zend_vm_execute.h:202
    return_reference = 0 '\0'
    opline = (zend_op *) 0x9cbfcdc
    original_return_value = (zval **) 0x9ca81b0
    current_scope = (zend_class_entry *) 0x0
    current_this = (zval *) 0x0
    return_value_used = 0
    should_change_scope = 0 '\0'
#4  0xb656b0e0 in execute (op_array=0x9cbf858)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/Zend/zend_vm_execute.h:92
    execute_data = {opline = 0x9cbfcdc, function_state = {function_symbol_table = 0x31, function = 0x9b03c58, 
    reserved = {0xb755e795, 0x0, 0x9dad250, 0xb7644160}}, fbc = 0x0, op_array = 0x9cbf858, object = 0x0, 
  Ts = 0xbfb10230, CVs = 0xbfb10220, original_in_execution = 0 '\0', symbol_table = 0xb67c6970, 
  prev_execute_data = 0x0, old_error_reporting = 0x0}
#5  0xb61e529d in xdebug_execute (op_array=0x9cbf858) at 
/build/buildd/xdebug-2.0.3/build-php5/xdebug.c:1541
    dummy = (zval **) 0x9cbfb28
    edata = (zend_execute_data *) 0x0
    fse = (function_stack_entry *) 0x9dad250
    xfse = (function_stack_entry *) 0xb679b78c
    magic_cookie = 0x0
    do_return = 0
    function_nr = 0
    le = (xdebug_llist_element *) 0xb6525c5b
    eval_id = 0
#6  0xb6545820 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/Zend/zend.c:1215
    files = 0xbfb103a4 ""
    i = 1
    file_handle = (zend_file_handle *) 0xbfb1025c
    orig_op_array = (zend_op_array *) 0x0
    orig_retval_ptr_ptr = (zval **) 0x0
    local_retval = (zval *) 0x0
#7  0xb64fb743 in php_execute_script (primary_file=0xbfb12598)
    at /build/buildd-php5_5.2.6.dfsg.1-1+lenny13-i386-rXrYSv/php5-5.2.6.dfsg.1/main/main.c:2028
    __orig_bailout = (jmp_buf *) 0xbfb124fc
    __bailout = {{__jmpbuf = {-1233537140, -1233360736, -1078909804, -1078909752, 1980178561, -1955840878}, 
    __mask_was_saved = 0, __saved_mask = {__val = 0x1c}}}
    prepend_file_p = (zend_file_handle *) 0x0
    append_file_p = (zend_file_handle *) 0x0
    prepend_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {
      handle = 0x0, reader = 0, closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'}
    append_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {
      handle = 0x0, reader = 0, closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'}
    retval = 0
#8  0xb65bd910 in php_handler (r=0x9cf6ce0)
48
    __bailout = {{__jmpbuf = {-1233537140, 161048648, 164588768, -1078909464, 1984536705, -1549188974}, 
    __mask_was_saved = 0, __saved_mask = {__val = 0x1c}}}
    ctx = (php_struct *) 0x9cf8c10
    conf = (void *) 0x988f520
    brigade = (apr_bucket_brigade *) 0x9cff470
    bucket = (apr_bucket *) 0x9a672b0
    rv = 161903280
    parent_req = (request_rec *) 0x0
#9  0x0807a239 in ap_run_handler (r=0x9cf6ce0) at 
/tmp/buildd/apache2-2.2.9/server/config.c:158
    n = 6
    rv = -1239910296
#10 0x0807d651 in ap_invoke_handler (r=0x9cf6ce0) at 
/tmp/buildd/apache2-2.2.9/server/config.c:373
    handler = 0x9996830 "application/x-httpd-php"
    result = 161048624
    old_handler = 0x0
    ignore = <value optimized out>
#11 0x0808b0d6 in ap_process_request (r=0x9cf6ce0) at 
/tmp/buildd/apache2-2.2.9/modules/http/http_request.c:258
    access_status = 161903280
#12 0x08088208 in ap_process_http_connection (c=0x9cf0c78)
    at /tmp/buildd/apache2-2.2.9/modules/http/http_core.c:190
    r = (request_rec *) 0x9cf6ce0
    csd = (apr_socket_t *) 0x0
#13 0x08081669 in ap_run_process_connection (c=0x9cf0c78) at 
/tmp/buildd/apache2-2.2.9/server/connection.c:43
    n = 1
    rv = -1239910296
#14 0x0808fd04 in child_main (child_num_arg=<value optimized out>)
    at /tmp/buildd/apache2-2.2.9/server/mpm/prefork/prefork.c:680
    current_conn = <value optimized out>
    csd = (void *) 0x9cf0ae0
    ptrans = (apr_pool_t *) 0x9cf0aa8
    allocator = (apr_allocator_t *) 0x9ceea18
    status = <value optimized out>
    i = <value optimized out>
    lr = <value optimized out>
    pollset = (apr_pollset_t *) 0x9ceeb40
    sbh = (ap_sb_handle_t *) 0x9ceeb38
    bucket_alloc = (apr_bucket_alloc_t *) 0x9cf4ca0
    last_poll_idx = 1
#15 0x080900e3 in make_child (s=0x97d9908, slot=0) at 
/tmp/buildd/apache2-2.2.9/server/mpm/prefork/prefork.c:777
No locals.
#16 0x0809076a in ap_mpm_run (_pconf=0x97d50c8, plog=0x9807190, s=0x97d9908)
    at /tmp/buildd/apache2-2.2.9/server/mpm/prefork/prefork.c:795
    index = <value optimized out>
    remaining_children_to_start = 5
    rv = <value optimized out>
#17 0x08066f10 in main (argc=Cannot access memory at address 0x0
) at /tmp/buildd/apache2-2.2.9/server/main.c:732
    c = 0 '\0'
    configtestonly = 0
    confname = 0x80929e6 "/etc/apache2/apache2.conf"
    def_server_root = 0x809ab10 ""
    temp_error_log = 0x0
    error = <value optimized out>
    process = (process_rec *) 0x97d3140
    server_conf = (server_rec *) 0x97d9908
    pglobal = (apr_pool_t *) 0x97d30c0
    pconf = (apr_pool_t *) 0x97d50c8
    plog = (apr_pool_t *) 0x9807190
    ptemp = (apr_pool_t *) 0x980e1a8
    pcommands = (apr_pool_t *) 0x97d70d0
    opt = (apr_getopt_t *) 0x97d7168
    rv = <value optimized out>
    mod = <value optimized out>
    optarg = 0xb6d8bd10 "\001"
Current language:  auto; currently asm
(gdb)

Original comment by ulrich.j...@gmail.com on 11 Aug 2011 at 7:28

GoogleCodeExporter commented 9 years ago 
The latest stack trace is missing debug info from helloworld.so. That's the 
important bit (in particular, line numbers).

Original comment by paul.biggar on 12 Aug 2011 at 5:56

GoogleCodeExporter commented 9 years ago 
sorry, missed a compile option...
I will add a stack dump as soon as I am back in the office end of next week (I 
am on a project abroad)

Original comment by ulrich.j...@gmail.com on 13 Aug 2011 at 9:37

GoogleCodeExporter commented 9 years ago 
read again your comment 6, not sure what is required:

which part should not be optimized?
a) PHP 5.2
b) PHC
c) Helloworld.c (manually removing gcc compile option -Ox in the make file)

Original comment by ulrich.j...@gmail.com on 19 Aug 2011 at 10:08

GoogleCodeExporter commented 9 years ago 
c).

As well as not being optimized, it should be compiled with debugging (-g).

Original comment by paul.biggar on 22 Aug 2011 at 8:37