SEGV with xhprof 2.3.8 enabled, php8.1 and php8.2

[rfay]

Bug Report

Please answer these questions before submitting your issue. Thanks!

1. What did you do? If possible, provide a simple script for reproducing the error.

Automated tests in DDEV seem to show that enabling xhprof 2.3.8 (PHP 8.1 and 8.2 only, using deb.sury.org package 2.3.8+0.9.4-1+0~20221209.18+debian11~1.gbp8f76ce) is causing

url: (92) HTTP/2 stream 0 was not closed cleanly: INTERNAL_ERROR (err 2)

Logs show that this is a SEGV.

To recreate, a junk.php in the docroot with

<?php
phpinfo();

And hit http:///junk.php

On PHP8.0 there is no SEGV, but on PHP8.1 and 8.2 there is not. (And this did not fail with xhprof 2.3.5). Linux/arm64, but happening in other contexts as well.

core.1670789386.php-fpm.3373: ELF 64-bit LSB core file, ARM aarch64, version 1 (SYSV), SVR4-style, from 'php-fpm: pool www', real uid: 1000, effective uid: 1000, real gid: 1000, effective gid: 1000, execfn: '/usr/sbin/php-fpm', platform: 'aarch64'

gdb /usr/sbin/php-fpm8.2 core.1670789386.php-fpm.3373 
GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "aarch64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/php-fpm8.2...
(No debugging symbols found in /usr/sbin/php-fpm8.2)

warning: Can't open file /dev/zero (deleted) during file-backed mapping note processing
[New LWP 3373]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".
Core was generated by `php-fpm: pool www                                                    '.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000aaaab4471e00 in php_stream_notification_free ()
(gdb) bt
#0  0x0000aaaab4471e00 in php_stream_notification_free ()
#1  0x0000aaaab4471e44 in php_stream_context_free ()
#2  0x0000aaaab44d9d78 in ?? ()
#3  0x0000aaaab44da3cc in ?? ()
#4  0x0000aaaab44afea0 in zend_shutdown_executor_values ()
#5  0x0000aaaab44aff5c in ?? ()
#6  0x0000aaaab44c1250 in zend_deactivate ()
#7  0x0000aaaab445a0e4 in php_request_shutdown ()
#8  0x0000aaaab42f120c in ?? ()
#9  0x0000ffff881f1e18 in __libc_start_main () from /lib/aarch64-linux-gnu/libc.so.6
#10 0x0000aaaab42f1d28 in _start ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) 

It does look like this might be related to the conversation in

• https://github.com/longxinH/xhprof/pull/73

I have verified that this happens on both amd64 and arm64 Debian Linux containers.

2. What did you expect to see?

Normal success

4. What did you see instead

SEGV from php-fpm.

5. What is your Xhprof version?

2.3.8 (2.3.5 did not cause this on PHP8.1)

6. I created a demonstration repo so this might be easier to chase. I'm happy to help and improve it if you have any trouble.

https://github.com/rfay/xhprof-bug-demo

[longxinH]

PR has been merged, try master?

[rfay]

I'll probably wait for a release to test. My debian package-building skills are pretty limited.

[rfay]

Does that mean you were able to recreate this and found it fixed in the PR?

[longxinH]

That's it!

[rfay]

Well, I confirm that that the SEGV doesn't happen with manually build 2.3.9, unfortunately it also doesn't happen with manually built 2.3.8. It does happen with deb.sury.org's 2.3.8.

I'm happy to see that 2.3.9 is in PECL, https://pecl.php.net/package/xhprof

How does it get from there to salsa.debian.org? https://salsa.debian.org/php-team/pecl/php-xhprof/-/tree/debian/main/

I'm a little worried that there's some kind of build difference, since I can't demonstrate the SEGV with a manual build of 2.3.8.

[rfay]

Opened

• https://github.com/oerdnj/deb.sury.org/issues/1890

[rfay]

deb.sury.org php8.2-xhprof 2.3.9 has arrived, and the problem is no longer reproducible. Thanks!