View Issue Details

IDProjectCategoryView StatusLast Update
0001775XdebugStep Debuggingpublic2020-04-17 19:06
Reporterpluczkiewicz Assigned Toderick  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version2.9.4 
Fixed in Version2.9.5 
Summary0001775: Segfault when another extension compiles a PHP file during RINIT
Description

Xdebug 2.9.1 and newer segfaults with ddtrace.
My understanding of what happens is that:

  1. ddtrace's RINIT is executed first
  2. during RINIT it compiles the request hook file: https://github.com/DataDog/dd-trace-php/blob/master/src/ext/ddtrace.c#L204-L207
  3. In turn this leads to execution of xdebug_debugger_compile, which calls get_file_function_line_list, which tries to access XG_DBG(breakable_lines_map)
  4. Since XG_DBG(breakable_lines_map) is initialized in RINIT (which was not executed yet)(https://github.com/xdebug/xdebug/blob/3baf17ad3e2d4c8a8d04be47ee1dee226c5d521a/src/debugger/debugger.c#L612), xdebug segfaults
Steps To Reproduce
  1. git clone https://github.com/Agares/xdebug-ddtrace-issue.git
  2. docker-compose up --build
  3. hit http://localhost:8123/ with a browser/curl a few times (the segfault happens around 0000026:0000050% of the time)
TagsNo tags attached.
Operating System
PHP Version7.4.0-7.4.4

Activities

derick

2020-04-06 14:34

administrator   ~0005377

How can I do this without Docker? Your docker container/setup likely has no debugging set-up whatsover...

pluczkiewicz

2020-04-06 14:41

reporter   ~0005378

You can do this by installing php-fpm (I tested on 7.4.3 and 7.4.4), the ddtrace extension (I used 0.42.0, install instructions: https://docs.datadoghq.com/tracing/setup/php/, github repo: https://github.com/DataDog/dd-trace-php) and xdebug.
Please make sure that the extension=ddtrace line is before zend_extension=xdebug in php.ini.

ddtrace setings
ddtrace.request_init_hook= - a valid path to a PHP script (the contents don't seem to matter).
ddtrace.disable=Off

xdebug settings:
xdebug.remote_enable=1

derick

2020-04-12 15:34

administrator   ~0005382

Did you actually check this with Xdebug 2.9.4? Because this is the same issue as 0001736, which was fixed by the authors of the ddtrace extension with the exact log message:

Fixed issue 0001736: Segmentation fault when other extensions run PHP in RINIT

Other extensions that run PHP in RINIT before Xdebug's RINIT (when XG_DBG(breakable_lines_map) is allocated) will cause a segmentation fault.

The fix for that is part of Xdebug 2.9.2.

pluczkiewicz

2020-04-14 08:07

reporter   ~0005385

Yes. It's still failing on 2.9.2, 2.9.3 and 2.9.4. The interesting detail is that it's segfaulting on all of the requests on 2.9.1, but only on around half of them on 2.9.2 and later.

pluczkiewicz

2020-04-14 15:10

reporter   ~0005388

I think the issue is that breakable_lines_map isn't initialized here: https://github.com/xdebug/xdebug/blob/2afa19428cada525b5cc2f01752f1036c358adef/src/debugger/debugger.c#L51 so there's no guarantee that the pointer will be NULL before the hashmap is allocated

derick

2020-04-14 16:37

administrator   ~0005389

Last edited: 2020-04-14 16:37

I think it's just missing a

<pre>
XG_DBG(breakable_lines_map) = NULL;
</pre>

below:

https://github.com/xdebug/xdebug/blob/2afa19428cada525b5cc2f01752f1036c358adef/src/debugger/debugger.c#L644

But I want to reproduce it first :-)

derick

2020-04-16 10:46

administrator   ~0005390

This is now fixed in GIT. I could reproduce this with "php -S" and two requests.

pluczkiewicz

2020-04-16 10:49

reporter   ~0005391

That's wonderful news. Thank you!

SammyK

2020-04-17 19:06

reporter   ~0005397

Thanks Derick! I can confirm that this commit fixes the issue on my end as well. <3

https://github.com/xdebug/xdebug/commit/6c6c08233593ffc1d64d70c51c56f567e6528010

Issue History

Date Modified Username Field Change
2020-04-06 14:32 pluczkiewicz New Issue
2020-04-06 14:34 derick Assigned To => derick
2020-04-06 14:34 derick Status new => feedback
2020-04-06 14:34 derick Note Added: 0005377
2020-04-06 14:41 pluczkiewicz Note Added: 0005378
2020-04-06 14:41 pluczkiewicz Status feedback => assigned
2020-04-12 15:34 derick Status assigned => feedback
2020-04-12 15:34 derick Note Added: 0005382
2020-04-14 08:07 pluczkiewicz Note Added: 0005385
2020-04-14 08:07 pluczkiewicz Status feedback => assigned
2020-04-14 15:10 pluczkiewicz Note Added: 0005388
2020-04-14 16:37 derick Note Added: 0005389
2020-04-14 16:37 derick Note Edited: 0005389
2020-04-16 10:46 derick Status assigned => closed
2020-04-16 10:46 derick Resolution open => fixed
2020-04-16 10:46 derick Fixed in Version => 2.9.5
2020-04-16 10:46 derick Note Added: 0005390
2020-04-16 10:49 pluczkiewicz Note Added: 0005391
2020-04-17 19:06 SammyK Note Added: 0005397