|
|
This looks the same/similar than report 0002178, but neither of them includes enough information for me to debug this. I can't manage this on Linux, with a Symfony app, but it is possible that I don't run it in the same way as you do. Is there a way for you to make a code repository that I could checkout and run myself? Please provide as much instructions as possible, as I don't really know much about setting up and running Symfony :-) |
|
|
|
Some observations:
- As soon as I attach the debugger to the code, I can't reproduce the crash anymore
- This makes it difficult to create a reproducible setup for you
- Some observations and wild guesses:
- Could be an integer overflow. It seems that PHP crashes after the following line has been called for the 255th time: https://github.com/contao/contao/blob/05412e8efa7f7b9169279e9cfb0c711f41c7b760/core-bundle/src/Resources/contao/library/Contao/Template.php#L154C7-L154C7 - could be a coincidence though
- Could be related to deserialization: If I replace
$varValue = deserialize($varValue); with $varValue = deserialize(""); or $varValue = ""; it crashes later in the code
- Could be related to the output buffer: If I add a random
ob_flush(); it does not crash anymore
- Could be related to another string overflow: If I replace
trigger_deprecation("", "", "01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678"); by trigger_deprecation("", "", "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567"); (removed the last digit)
- As the method
trigger_deprecation only invokes trigger_error(($package || $version ? "Since $package $version: " : '').($args ? vsprintf($message, $args) : $message), \E_USER_DEPRECATED);, it could be related to too many(?) trigger_error method calls...
This is finally the last step in my debugging process. After disabling https://github.com/symfony/contracts/blob/0b4c49b5938cd0ba7ee0df59854e191a2f44e597/Deprecation/function.php#L25 it does not crash anymore. |
|
|
|
To make it easier to track down the bug, export export USE_ZEND_ALLOC=0 on the shell. And if you can't reproduce it then, can you try running the CLI script under valgrind? From what I know, you can run the Symfony webserver by hand in some way.
It is very likely due to trigger_error() being called in a case where something has already been destroyed. Another avenue to try is to have Xdebug also make a trace file (xdebug.mode=tracing) — this will show where in the code the crash occurs, with lots of context (like, LOTS of context). |
|
|
|
% USE_ZEND_ALLOC=0 SSL=1 lldb -o run -- php -d variables_order=EGPCS -S 0.0.0.0:8196 -t web web/router.php
(lldb) target create "php"
Current executable set to 'php' (arm64).
(lldb) settings set -- target.run-args "-d" "variables_order=EGPCS" "-S" "0.0.0.0:8196" "-t" "web" "web/router.php"
(lldb) run
[Mon Jul 10 19:11:38 2023] PHP 8.2.8 Development Server (http://0.0.0.0:8196) started
[Mon Jul 10 19:11:46 2023] 127.0.0.1:53493 Accepted
...
Process 21477 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x206b726f77207265)
frame #0: 0x000000010291ffbc xdebug.so`xdebug_lib_register_compiled_variables + 76
xdebug.so`xdebug_lib_register_compiled_variables:
-> 0x10291ffbc <+76>: ldr x8, [x8]
0x10291ffc0 <+80>: add x0, x8, #0x18
0x10291ffc4 <+84>: ldr x1, [x8, #0x10]
0x10291ffc8 <+88>: bl 0x102942340 ; symbol stub for: xdebug_str_create
Target 0: (php) stopped.
Process 21477 launched: '/opt/homebrew/bin/php' (arm64)
|
|
|
|
When enabling the debugger (also see comment above), the crash is not reproducible: USE_ZEND_ALLOC=0 SSL=1 lldb -o run -- php -d variables_order=EGPCS -dxdebug.mode=trace -dxdebug.start_with_request=yes -S 0.0.0.0:8196 -t web web/router.php (this does not crash) |
|
|
|
I think this is now the same bug as 0002186, for which I have just made a pull request. It would be great if you could test this branch with your set-up, just to have an extra verification that this is indeed the case: https://github.com/derickr/xdebug/tree/issue2186-trampoline-get-compiled-variables |
|
|
|
I'm afraid not. However, I've now a self-compiled xdebug version here that potentially provides more information:
warning: xdebug.so was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 82941 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x206b726f77207265)
frame #0: 0x000000010390a194 xdebug.so`xdebug_lib_register_compiled_variables(fse=0x00000001030ad6d0, op_array=0x0000600003e23500) at lib.c:763:105 [opt]
760
761 /* gather used variables from compiled vars information */
762 while (i < (unsigned int) op_array->last_var) {
-> 763 xdebug_llist_insert_next(fse->declared_vars, XDEBUG_LLIST_TAIL(fse->declared_vars), xdebug_str_create(STR_NAME_VAL(op_array->vars[i]), STR_NAME_LEN(op_array->vars[i])));
764 i++;
765 }
766 }
|
|
|
|
@alexander.willner — Thanks for trying! Can you confirm what the version of Xdebug is when you run php -v?
This information does not really help much, because I don't know what the values of any of these variables are, and neither does it come with a stack trace. I don't know how lldb works (not a OSX user), but seeing all the values would be useful. In gdb, I would run bt full and p i, p op_array->last_var, p fse, p fse->declared_vars, p op_array->vars, p op_array->vars[i], and p (char*) op_array->vars[i].val. Could you do that? Alternatively, if you have the time for a screenshare debug session, that'd be awesome too. |
|
|
|
PHP 8.2.8 (cli) (built: Jul 6 2023 10:57:44) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.8, Copyright (c) Zend Technologies
with Zend OPcache v8.2.8, Copyright (c), by Zend Technologies
with Xdebug v3.3.0-dev, Copyright (c) 2002-2022, by Derick Rethans
(lldb) thread backtrace all
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x206b726f77207265)
* frame #0: 0x0000000103a0a194 xdebug.so`xdebug_lib_register_compiled_variables(fse=0x00000001070160d0, op_array=0x0000600003e2ef00) at lib.c:763:105 [opt]
frame #1: 0x0000000103a1a080 xdebug.so`xdebug_debugger_error_cb [inlined] register_compiled_variables at debugger.c:121:3 [opt]
frame #2: 0x0000000103a1a024 xdebug.so`xdebug_debugger_error_cb(error_filename=0x0000000118bd3cc0, error_lineno=28, type=1024, error_type_str="Notice", buffer="Since contao/core-bundle 4.0: Using \"deserialize()\" has been deprecated and will no longer work in Contao 5.0. Use \"Contao\\StringUtil::deserialize()\" instead.") at debugger.c:452:2 [opt]
frame #3: 0x0000000103a04540 xdebug.so`xdebug_error_cb(orig_type=1024, error_filename=0x0000000118bd3cc0, error_lineno=28, message=0x0000600003e2ef00) at base.c:1387:3 [opt]
frame #4: 0x0000000100362958 php`zend_error_zstr_at + 412
frame #5: 0x0000000100362e1c php`zend_error_va_list + 68
frame #6: 0x0000000100362eb0 php`zend_error + 68
frame #7: 0x000000010037b910 php`zif_trigger_error + 140
frame #8: 0x0000000103a04c00 xdebug.so`xdebug_execute_internal(current_execute_data=0x00000001200245c0, return_value=0x000000016fdf7ad0) at base.c:952:3 [opt]
frame #9: 0x00000001003a53f8 php`ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER + 304
frame #10: 0x0000000100382f58 php`execute_ex + 52
frame #11: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120024470) at base.c:830:2 [opt]
frame #12: 0x00000001003a54b4 php`ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER + 492
frame #13: 0x0000000100382f58 php`execute_ex + 52
frame #14: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120024290) at base.c:830:2 [opt]
frame #15: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #16: 0x0000000100382f58 php`execute_ex + 52
frame #17: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200236a0) at base.c:830:2 [opt]
frame #18: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #19: 0x0000000100382f58 php`execute_ex + 52
frame #20: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200234b0) at base.c:830:2 [opt]
frame #21: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #22: 0x0000000100382f58 php`execute_ex + 52
frame #23: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120023420) at base.c:830:2 [opt]
frame #24: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #25: 0x0000000100382f58 php`execute_ex + 52
frame #26: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120023110) at base.c:830:2 [opt]
frame #27: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #28: 0x0000000100382f58 php`execute_ex + 52
frame #29: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120022f90) at base.c:830:2 [opt]
frame #30: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #31: 0x0000000100382f58 php`execute_ex + 52
frame #32: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120022e00) at base.c:830:2 [opt]
frame #33: 0x00000001003c76b4 php`ZEND_CALL_TRAMPOLINE_SPEC_OBSERVER_HANDLER + 780
frame #34: 0x0000000100382f58 php`execute_ex + 52
frame #35: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120022e00) at base.c:830:2 [opt]
frame #36: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #37: 0x0000000100382f58 php`execute_ex + 52
frame #38: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120022790) at base.c:830:2 [opt]
frame #39: 0x00000001003ab234 php`ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER + 740
frame #40: 0x0000000100382f58 php`execute_ex + 52
frame #41: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200221e0) at base.c:830:2 [opt]
frame #42: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #43: 0x0000000100382f58 php`execute_ex + 52
frame #44: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120022060) at base.c:830:2 [opt]
frame #45: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #46: 0x0000000100382f58 php`execute_ex + 52
frame #47: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120021ec0) at base.c:830:2 [opt]
frame #48: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #49: 0x0000000100382f58 php`execute_ex + 52
frame #50: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120021120) at base.c:830:2 [opt]
frame #51: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #52: 0x0000000100382f58 php`execute_ex + 52
frame #53: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200201f0) at base.c:830:2 [opt]
frame #54: 0x00000001003a54b4 php`ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER + 492
frame #55: 0x0000000100382f58 php`execute_ex + 52
frame #56: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001fbe0) at base.c:830:2 [opt]
frame #57: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #58: 0x0000000100382f58 php`execute_ex + 52
frame #59: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001fb40) at base.c:830:2 [opt]
frame #60: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #61: 0x0000000100382f58 php`execute_ex + 52
frame #62: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001fa60) at base.c:830:2 [opt]
frame #63: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #64: 0x0000000100382f58 php`execute_ex + 52
frame #65: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001f8f0) at base.c:830:2 [opt]
frame #66: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #67: 0x0000000100382f58 php`execute_ex + 52
frame #68: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001f270) at base.c:830:2 [opt]
frame #69: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #70: 0x0000000100382f58 php`execute_ex + 52
frame #71: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001ed40) at base.c:830:2 [opt]
frame #72: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #73: 0x0000000100382f58 php`execute_ex + 52
frame #74: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001dbc0) at base.c:830:2 [opt]
frame #75: 0x00000001003a54b4 php`ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER + 492
frame #76: 0x0000000100382f58 php`execute_ex + 52
frame #77: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001d5b0) at base.c:830:2 [opt]
frame #78: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #79: 0x0000000100382f58 php`execute_ex + 52
frame #80: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001d4b0) at base.c:830:2 [opt]
frame #81: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #82: 0x0000000100382f58 php`execute_ex + 52
frame #83: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001cef0) at base.c:830:2 [opt]
frame #84: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #85: 0x0000000100382f58 php`execute_ex + 52
frame #86: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001c5a0) at base.c:830:2 [opt]
frame #87: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #88: 0x0000000100382f58 php`execute_ex + 52
frame #89: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001b540) at base.c:830:2 [opt]
frame #90: 0x00000001003a54b4 php`ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER + 492
frame #91: 0x0000000100382f58 php`execute_ex + 52
frame #92: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001b450) at base.c:830:2 [opt]
frame #93: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #94: 0x0000000100382f58 php`execute_ex + 52
frame #95: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x000000012001a090) at base.c:830:2 [opt]
frame #96: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #97: 0x0000000100382f58 php`execute_ex + 52
frame #98: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120019be0) at base.c:830:2 [opt]
frame #99: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #100: 0x0000000100382f58 php`execute_ex + 52
frame #101: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120019a30) at base.c:830:2 [opt]
frame #102: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #103: 0x0000000100382f58 php`execute_ex + 52
frame #104: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200198a0) at base.c:830:2 [opt]
frame #105: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #106: 0x0000000100382f58 php`execute_ex + 52
frame #107: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120019200) at base.c:830:2 [opt]
frame #108: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #109: 0x0000000100382f58 php`execute_ex + 52
frame #110: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018e30) at base.c:830:2 [opt]
frame #111: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #112: 0x0000000100382f58 php`execute_ex + 52
frame #113: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018d40) at base.c:830:2 [opt]
frame #114: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #115: 0x0000000100382f58 php`execute_ex + 52
frame #116: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018be0) at base.c:830:2 [opt]
frame #117: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #118: 0x0000000100382f58 php`execute_ex + 52
frame #119: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018b60) at base.c:830:2 [opt]
frame #120: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #121: 0x0000000100382f58 php`execute_ex + 52
frame #122: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018980) at base.c:830:2 [opt]
frame #123: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #124: 0x0000000100382f58 php`execute_ex + 52
frame #125: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018610) at base.c:830:2 [opt]
frame #126: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #127: 0x0000000100382f58 php`execute_ex + 52
frame #128: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200184e0) at base.c:830:2 [opt]
frame #129: 0x00000001003a577c php`ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER + 432
frame #130: 0x0000000100382f58 php`execute_ex + 52
frame #131: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x00000001200182a0) at base.c:830:2 [opt]
frame #132: 0x00000001003ab234 php`ZEND_INCLUDE_OR_EVAL_SPEC_CV_HANDLER + 740
frame #133: 0x0000000100382f58 php`execute_ex + 52
frame #134: 0x0000000103a04890 xdebug.so`xdebug_execute_ex(execute_data=0x0000000120018020) at base.c:830:2 [opt]
frame #135: 0x0000000100383154 php`zend_execute + 288
frame #136: 0x00000001003634d4 php`zend_execute_scripts + 156
frame #137: 0x000000010044ffcc php`php_cli_server_dispatch_router + 160
frame #138: 0x000000010044de2c php`php_cli_server_recv_event_read_request + 504
frame #139: 0x000000010044e7dc php`php_cli_server_do_event_for_each_fd_callback + 164
frame #140: 0x000000010044c8a4 php`do_cli_server + 2132
frame #141: 0x0000000100447a28 php`main + 756
frame #142: 0x00000001a9f8ff28 dyld`start + 2236
|
|
|
|
(lldb) p i
(unsigned int) $0 = 0
(lldb) p op_array->last_var
(int) $1 = 544432488
(lldb) p fse
(function_stack_entry *) $2 = 0x00000001070160d0
(lldb) p fse->declared_vars
(xdebug_llist *) $3 = 0x0000600000341e80
(lldb) p op_array->vars
(zend_string **) $4 = 0x206b726f77207265
(lldb) p op_array->vars[i]
error: Couldn't apply expression side effects : Couldn't dematerialize a result variable: couldn't read its memory
(lldb) p (char*) op_array->vars[i].val
Fix-it applied, fixed expression was:
(char*) op_array->vars[i]->val
error: supposed to interpret, but failed: Interpreter couldn't read from memory
(lldb)
|
|
|
|
Hi,
with Xdebug v3.3.0-dev, Copyright (c) 2002-2022, by Derick Rethans
That means you compiled GitHub's master branch, not the issue2186-trampoline-get-compiled-variables branch with the fix. Could you try again with this specific branch, as I haven't merged this yet?
cheers,
Derick |
|
|
|
:facepalm:
I was on the wrong branch. I can confirm, that the crash does not occur anymore! |
|
|
|
I'm glad to hear it. I'll merge it then, and make a release.
cheers,
Derick |
|
|
|
https://github.com/xdebug/xdebug/pull/895 |
|
