SEGV with xhprof 2.3.9 enabled, php8.2.10

[mougrim]

Bug Report

Please answer these questions before submitting your issue. Thanks!

1. What did you do? If possible, provide a simple script for reproducing the error. I don't have simple script, if you can suggest, how to find it, please, say. But I have stacktrace, see below.

2. What did you expect to see? Script should works as when xhprof is disabled.

3. What did you see instead Sigsev, backtrace:

   Starting program: /tmp/php/usr/bin/php8.2 -f bin/run.php 'MyCommand'
   [Thread debugging using libthread_db enabled]
   Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
   Program received signal SIGSEGV, Segmentation fault.
   0x00007ffff2c2b1dc in hp_mode_hier_endfn_cb (entries=0x7ffff2c333c0 <xhprof_globals+32>) at /tmp/php-8.2.10/xhprof-2.3.9/extension/xhprof.c:928
   928         XHPROF_G(func_hash_counters[top->hash_code])--;
   #0  0x00007ffff2c2b1dc in hp_mode_hier_endfn_cb (entries=0x7ffff2c333c0 <xhprof_globals+32>) at /tmp/php-8.2.10/xhprof-2.3.9/extension/xhprof.c:928
       top = 0x55555630aa50
       counts = 0x16f4a13c50
       symbol = "@\364\275\364\377\177\000\000`=\241\364\377\177\000\000\300\211e\362\377\177\000\000@\364\275\364\377\177\000\0007˯\233\254\213\t\2647˯\233\254\213\t\264@\364\275\364\377\177\000\000\000\252\246\364\377\177\000\000\000\252\246\364\377\177\000\0007˯\233\254\213\t\2647\000\000\000\000\000\000\000\300\222\247\364\377\177\000\000@\364\275\364\377\177\000\000\300\222\247\364\377\177\000\000@\364\275\364\377\177\000\000\300\222\247\364\377\177\000\000\340c\377\377\377\177\000\000P\000\000\000UU\000\000\250\346\366VUU\000\000\360<\241\364\377\177\000\000h5f\362\377\177\000\000\000\000\000\000\000\000\000\000\3204f\362\000\000\000\000h5f\362\377\177\000\000\330\362jVUU\000\0000=\241"...
       mu_end = 93825019604248
       pmu_end = 140737299477568
       wt = 0
       cpu = 6.9533463830853841e-310
   #1  0x00007ffff2c2be28 in end_profiling () at /tmp/php-8.2.10/xhprof-2.3.9/extension/trace.h:184
       cur_entry = 0x90000089c0
       entries = 0x7ffff2c333c0 <xhprof_globals+32>
   #2  tracer_observer_end (execute_data=0x7ffff4a13f70, return_value=0x7ffff4a13f50) at /tmp/php-8.2.10/xhprof-2.3.9/extension/xhprof.c:1016
   No locals.
   #3  0x0000555555cb7cb0 in call_end_observers (execute_data=0x7ffff4a13f70, return_value=0x7ffff4a13f50) at /tmp/php-8.2.10/Zend/zend_observer.c:274
       func = 0x555556f6ed18
       handler = 0x7ffff4af37f0
       possible_handlers_end = 0x7ffff4af37f8
   #4  0x0000555555cb7d04 in zend_observer_fcall_end (execute_data=0x7ffff4a13f70, return_value=0x7ffff4a13f50) at /tmp/php-8.2.10/Zend/zend_observer.c:283
   No locals.
   #5  0x0000555555c2a3f9 in execute_ex (ex=0x7ffff4a13020) at /tmp/php-8.2.10/Zend/zend_vm_execute.h:56406
       retval_ptr = 0x7ffff4a13fc0
       return_value = 0x7ffff4a13f50
       observer_retval = {value = {lval = 140733193388112, dval = 6.9531436082598603e-310, counted = 0x7fff00000050, str = 0x7fff00000050, arr = 0x7fff00000050, obj = 0x7fff00000050, res = 0x7fff00000050, ref = 0x7fff00000050, ast = 0x7fff00000050, zv = 0x7fff00000050, ptr = 0x7fff00000050, ce = 0x7fff00000050, func = 0x7fff00000050, ww = {w1 = 80, w2 = 32767}}, u1 = {type_info = 1, v = {type = 1 '\001', type_flags = 0 '\000', u = {extra = 0}}}, u2 = {next = 32767, cache_slot = 32767, opline_num = 32767, lineno = 32767, num_args = 32767, fe_pos = 32767, fe_iter_idx = 32767, property_guard = 32767, constant_flags = 32767, extra = 32767}}
       vm_stack_data = {orig_opline = 0x7ffff7ffd000 <_rtld_global>, orig_execute_data = 0x555555ea5c18, hybrid_jit_red_zone = "p\236\377\377\377\177\000\000\342{\313UUU\000"}
   #6  0x0000555555c421a2 in zend_execute (op_array=0x7ffff4a90000, return_value=0x0) at /tmp/php-8.2.10/Zend/zend_vm_execute.h:60408
       execute_data = 0x7ffff4a13020
       object_or_called_scope = 0x0
       call_info = 1245184
   #7  0x0000555555abcfab in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /tmp/php-8.2.10/Zend/zend.c:1833
       files = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fffffffa0a0, reg_save_area = 0x7fffffff9fe0}}
       i = 1
       file_handle = 0x7fffffffc650
       op_array = 0x7ffff4a90000
       ret = SUCCESS
   #8  0x00005555559de5c8 in php_execute_script (primary_file=0x7fffffffc650) at /tmp/php-8.2.10/main/main.c:2542
       realfile = "bin/run.php\000\000\000\000\000\004\000\000\000\000\000\000\000,\000\000\000\000\000\000\000\004\000\000\000\000\000\000\000-\000\000\000\000\000\000\000\004\000\000\000\000\000\000\000.\000\000\000\000\000\000\000\004\000\000\000\000\000\000\000/\000\000\000\000\000\000\000\004\000\000\000\000\000\000\0000\000\000\000\000\000\000\000\004\000\000\000\000\000\000\0001\000\000\000\000\000\000\000\004\000\000\000\000\000\000\0002\000\000\000\000\000\000\000\004\000\000\000\000\000\000\0003\000\000\000\000\000\000\000\004\000\000\000\000\000\000\0004\000\000\000\000\000\000\000"...
       __orig_bailout = 0x7fffffffc6f0
       __bailout = {{__jmpbuf = {140737488345640, 8464185893399748701, 0, 140737488345680, 93825002003480, 140737354125312, 8464185892426670173, 2315836461070606429}, __mask_was_saved = 0, __saved_mask = {__val = {0 <repeats 16 times>}}}}
       prepend_file_p = 0x0
       append_file_p = 0x0
       prepend_file = {handle = {fp = 0x0, stream = {handle = 0x0, isatty = 0, reader = 0x0, fsizer = 0x0, closer = 0x0}}, filename = 0x0, opened_path = 0x0, type = 0 '\000', primary_script = false, in_list = false, buf = 0x0, len = 0}
       append_file = {handle = {fp = 0x0, stream = {handle = 0x0, isatty = 0, reader = 0x0, fsizer = 0x0, closer = 0x0}}, filename = 0x0, opened_path = 0x0, type = 0 '\000', primary_script = false, in_list = false, buf = 0x0, len = 0}
       old_cwd = 0x7fffffffa0a0 ""
       use_heap = false
       retval = false
   #9  0x0000555555d6af40 in do_cli (argc=4, argv=0x555555fb9d00) at /tmp/php-8.2.10/sapi/cli/php_cli.c:964
       __orig_bailout = 0x7fffffffd840
       __bailout = {{__jmpbuf = {140737488345640, 8464185894056157277, 0, 140737488345680, 93825002003480, 140737354125312, 8464185893397651549, 2315835831804944477}, __mask_was_saved = 0, __saved_mask = {__val = {91, 91, 140737340146378, 91, 140737340146378, 91, 140737488340896, 91, 93824997522283, 91, 48, 30064762469, 93825005292032, 140737488341968, 93824997847036, 2314885530818453536}}}}
       c = -1
       file_handle = {handle = {fp = 0x5555561e06e0, stream = {handle = 0x5555561e06e0, isatty = 0, reader = 0x0, fsizer = 0x0, closer = 0x0}}, filename = 0x7ffff4a01028, opened_path = 0x7ffff4a7a0a0, type = 1 '\001', primary_script = true, in_list = false, buf = 0x0, len = 0}
       behavior = 1
       reflection_what = 0x0
       request_started = 1
       php_optarg = 0x555555fb9d80 "bin/run.php"
       orig_optarg = 0x0
       php_optind = 3
       orig_optind = 1
       exec_direct = 0x0
       exec_run = 0x0
       exec_begin = 0x0
       exec_end = 0x0
       arg_free = 0x555555fb9d80 "bin/run.php"
       arg_excp = 0x555555fb9d10
       script_file = 0x555555fb9d80 "bin/run.php"
       translated_path = 0x55555629e9d0 "bin/run.php"
       interactive = false
       param_error = 0x0
       hide_argv = false
       num_repeats = 1
       pid = 319980
   #10 0x0000555555d6c197 in main (argc=4, argv=0x555555fb9d00) at /tmp/php-8.2.10/sapi/cli/php_cli.c:1333
       __orig_bailout = 0x0
       __bailout = {{__jmpbuf = {140737488345640, 8464185893745778781, 0, 140737488345680, 93825002003480, 140737354125312, 8464185894062448733, 2315835832954970205}, __mask_was_saved = 0, __saved_mask = {__val = {6260146527505910272, 140737302138464, 140737341549728, 4607, 6260146527505910272, 7813586406938797358, 140737341549728, 4607, 18446744073709550984, 7813586406938797358, 140737302078904, 0, 140737340146378, 140737302078816, 3348558691198135399, 73728}}}}
       c = -1
       exit_status = 0
       module_started = 1
       sapi_started = 1
       php_optarg = 0x555555fb9d80 "bin/run.php"
       php_optind = 3
       use_extended_info = 0
       ini_path_override = 0x0
       ini_builder = {value = 0x555555fba030 "html_errors=0\nregister_argc_argv=1\nimplicit_flush=1\noutput_buffering=0\nmax_execution_time=0\nmax_input_time=-1\n", length = 110}
       ini_ignore = 0
       sapi_module = 0x555555f87080 <cli_sapi_module>

4. What is your Xhprof version? xhprof 2.3.9 php8.2.10