View Issue Details

IDProjectCategoryView StatusLast Update
0002242XdebugUncategorizedpublic2024-04-17 08:29
Reporterjozef.kovac Assigned Toderick  
PriorityhighSeveritycrashReproducibilityalways
Status feedbackResolutionopen 
Product Version3.3.1 
Summary0002242: process always segfault for some requests
Description

PHP8.2 with xdebug extension 3.3.0/3.3.1 always crashing for some requests/years, downgrading back to 3.2.2 is fixing the problem. Same for PHP 8.3 with xdebug 3.3.1.

There is no acitve debuging ongoing just extension is loaded. We use xdebug only on development instances.

php-fpm

php_admin_value[xdebug.mode] = develop,profile
php_admin_value[xdebug.output_dir] = /data/profiler
php_admin_value[xdebug.start_with_request] = trigger
php_admin_value[xdebug.trigger_value] = <removed but limited to IP & cookie anyway>
php_admin_value[xdebug.profiler_output_name] = "callgrind.out.%H.%R.%p.grind"
php_admin_value[xdebug.var_display_max_depth] = -1
php_admin_value[xdebug.var_display_max_children] = -1
php_admin_value[xdebug.var_display_max_data] = -1

php.ini

zend_extension=xdebug.so
xdebug.mode=develop,profile,debug

#core dump
Core was generated by `php-fpm: pool dev '.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 zend_mm_alloc_small (bin_num=3, heap=0x7f8fd8c00040)
at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_alloc.c:1312
1312 heap->free_slot[bin_num] = p->next_free_slot;

dmesg

php-fpm[3595236]: segfault at 9bae0243 ip 000055d8b642a19a sp 00007ffd8d7c0010 error 4 in php-fpm[55d8b6200000+318000]
Code: 69 c0 41 04 00 00 48 01 d0 48 89 fa 48 c1 e2 05 4c 01 c0 48 01 fa 48 01 d0 49 89 c6 4c 8b 69 10 0b 41 0c 48 98 49 0f ba ee 3f <45> 8b 64 85 00 41 83 fc ff 75 16 eb 79 66 0f 1f 84 00 00 00 00 00
traps: php-fpm[3831811] general protection fault ip:55b9d7be60c7 sp:7ffc34dd0388 error:0 in php-fpm[55b9d7a00000+318000]

Xdebug is reporiting loading before Opcache, but opcache is disabled for development instances.

Steps To Reproduce

I choose "always reproducible" but only tested on our setup.

TagsNo tags attached.
Operating SystemRHEL 9.3 x86_64
PHP Version8.2.0-8.2.9

Relationships

has duplicate 0002235 resolvedderick Process finished with exit code 139 (interrupted by signal 11: SIGSEGV) 

Activities

derick

2024-01-30 11:58

administrator   ~0006822

Could you add the output of bt full from the GDB prompt after you've opened the core dump please?

jozef.kovac

2024-01-30 19:13

reporter   ~0006828

Here it is

bt_full.txt (23,783 bytes)   
#0  zend_mm_alloc_small (bin_num=3, heap=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_alloc.c:1312
        p = 0x8e00007f0f14e54c
#1  zend_mm_alloc_heap (size=<optimized out>, heap=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_alloc.c:1383
        ptr = <optimized out>
        ptr = <optimized out>
#2  _emalloc (size=<optimized out>) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_alloc.c:2615
No locals.
#3  0x0000562c63a23c81 in zend_string_alloc (persistent=<optimized out>, len=1) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_string.h:174
        ret = <optimized out>
        ret = <optimized out>
#4  zend_string_init (persistent=<optimized out>, len=1, str=0x562c65878448 "q") at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_string.h:196
        ret = <optimized out>
        ret = <optimized out>
#5  _zend_hash_str_add_or_update_i (flag=1, pData=0x7ffe87288e30, h=9223372036854953494, len=1, str=0x562c65878448 "q", ht=0x7f0f146fac40)
    at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_hash.c:953
        key = <optimized out>
        nIndex = <optimized out>
        idx = <optimized out>
        p = 0x7f0f13eeeda0
        key = <optimized out>
        nIndex = <optimized out>
        idx = <optimized out>
        p = <optimized out>
        add_to_hash = <optimized out>
        data = <optimized out>
        _z1 = <optimized out>
        _z2 = <optimized out>
        _gc = <optimized out>
        _t = <optimized out>
        _z1 = <optimized out>
        _z2 = <optimized out>
        _gc = <optimized out>
        _t = <optimized out>
#6  zend_hash_str_update (ht=ht@entry=0x7f0f146fac40, str=str@entry=0x562c65878448 "q", len=len@entry=1, pData=0x7ffe87288e30)
    at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_hash.c:1030
        h = 9223372036854953494
#7  0x0000562c63a1740b in zend_symtable_str_update (pData=0x7ffe87288e30, len=1, str=0x562c65878448 "q", ht=0x7f0f146fac40)
    at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_hash.h:576
        idx = 77
        idx = <optimized out>
#8  add_assoc_zval_ex (arg=arg@entry=0x7ffe87288e20, key=0x562c65878448 "q", key_len=1, value=value@entry=0x7ffe87288e30)
    at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_API.c:1905
No locals.
#9  0x00007f0f1e08782f in zval_from_stack_add_frame_variables (opa=0x7f0f15a87200, symbols=<optimized out>, edata=0x7f0f2b618520, frame=0x7f0f147ef360)
    at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/develop/stack.c:438
        symbol_name = 0x562c660532d0
        symbol = {value = {lval = 139702758331648, dval = 6.9022333520929256e-310, counted = 0x7f0f1548d500, str = 0x7f0f1548d500, arr = 0x7f0f1548d500, 
--Type <RET> for more, q to quit, c to continue without paging--
            obj = 0x7f0f1548d500, res = 0x7f0f1548d500, ref = 0x7f0f1548d500, ast = 0x7f0f1548d500, zv = 0x7f0f1548d500, ptr = 0x7f0f1548d500, ce = 0x7f0f1548d500, 
            func = 0x7f0f1548d500, ww = {w1 = 357094656, w2 = 32527}}, u1 = {type_info = 262, v = {type = 6 '\006', type_flags = 1 '\001', u = {extra = 0}}}, u2 = {
            next = 0, cache_slot = 0, opline_num = 0, lineno = 0, num_args = 0, fe_pos = 0, fe_iter_idx = 0, guard = 0, constant_flags = 0, extra = 0}}
        j = 77
        variables = {value = {lval = 139702744099904, dval = 6.9022326489513465e-310, counted = 0x7f0f146fac40, str = 0x7f0f146fac40, arr = 0x7f0f146fac40, 
            obj = 0x7f0f146fac40, res = 0x7f0f146fac40, ref = 0x7f0f146fac40, ast = 0x7f0f146fac40, zv = 0x7f0f146fac40, ptr = 0x7f0f146fac40, ce = 0x7f0f146fac40, 
            func = 0x7f0f146fac40, ww = {w1 = 342862912, w2 = 32527}}, u1 = {type_info = 775, v = {type = 7 '\a', type_flags = 3 '\003', u = {extra = 0}}}, u2 = {
            next = 22060, cache_slot = 22060, opline_num = 22060, lineno = 22060, num_args = 22060, fe_pos = 22060, fe_iter_idx = 22060, guard = 22060, 
            constant_flags = 22060, extra = 22060}}
        j = <optimized out>
        variables = {value = {lval = <optimized out>, dval = <optimized out>, counted = <optimized out>, str = <optimized out>, arr = <optimized out>, 
            obj = <optimized out>, res = <optimized out>, ref = <optimized out>, ast = <optimized out>, zv = <optimized out>, ptr = <optimized out>, 
            ce = <optimized out>, func = <optimized out>, ww = {w1 = <optimized out>, w2 = <optimized out>}}, u1 = {type_info = <optimized out>, v = {
              type = <optimized out>, type_flags = <optimized out>, u = {extra = <optimized out>}}}, u2 = {next = <optimized out>, cache_slot = <optimized out>, 
            opline_num = <optimized out>, lineno = <optimized out>, num_args = <optimized out>, fe_pos = <optimized out>, fe_iter_idx = <optimized out>, 
            guard = <optimized out>, constant_flags = <optimized out>, extra = <optimized out>}}
        __arr = <optimized out>
        __z = <optimized out>
        symbol_name = <optimized out>
        symbol = {value = {lval = <optimized out>, dval = <optimized out>, counted = <optimized out>, str = <optimized out>, arr = <optimized out>, 
            obj = <optimized out>, res = <optimized out>, ref = <optimized out>, ast = <optimized out>, zv = <optimized out>, ptr = <optimized out>, 
            ce = <optimized out>, func = <optimized out>, ww = {w1 = <optimized out>, w2 = <optimized out>}}, u1 = {type_info = <optimized out>, v = {
              type = <optimized out>, type_flags = <optimized out>, u = {extra = <optimized out>}}}, u2 = {next = <optimized out>, cache_slot = <optimized out>, 
            opline_num = <optimized out>, lineno = <optimized out>, num_args = <optimized out>, fe_pos = <optimized out>, fe_iter_idx = <optimized out>, 
            guard = <optimized out>, constant_flags = <optimized out>, extra = <optimized out>}}
#10 zval_from_stack_add_frame (output=0x7f0f1e0ad458 <xdebug_globals+1048>, fse=0x562c65e0fd30, edata=0x7f0f2b618520, add_local_vars=<optimized out>, 
    params_as_values=<optimized out>) at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/develop/stack.c:467
        frame = <optimized out>
#11 0x00007f0f1e087c4f in zval_from_stack (output=output@entry=0x7f0f1e0ad458 <xdebug_globals+1048>, add_local_vars=add_local_vars@entry=true, 
    params_as_values=params_as_values@entry=true) at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/develop/stack.c:495
        fse = 0x562c65e0fd30
        next_fse = 0x562c65e0fe20
        i = 1
#12 0x00007f0f1e08a1d7 in xdebug_develop_throw_exception_hook (exception=0x7f0f1466e2c0, file=0x7f0f1466e318, line=0x7f0f1466e328, code=<optimized out>, 
    code_str=<optimized out>, message=0x7f0f1466e2e8) at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/develop/stack.c:1252
        exception_ce = 0x7f0f164482c0
        exception_trace = <optimized out>
        tmp_str = {l = 16324, a = 18588, 
          d = 0x562c66087790 "<tr><th align='left' bgcolor='#f57900' colspan=\"5\"><span style='background-color: #cc0000; color: #fce94f; font-size: x-large;'>( ! )</span> FacebookAds\\Http\\Exception\\AuthorizationException: Invalid "...}
        z_previous_exception = <optimized out>
        z_last_exception_slot = <optimized out>
        z_previous_trace = <optimized out>
        previous_exception_obj = <optimized out>
        dummy = {value = {lval = 139702774825664, dval = 6.9022341670055923e-310, counted = 0x7f0f164482c0, str = 0x7f0f164482c0, arr = 0x7f0f164482c0, 
            obj = 0x7f0f164482c0, res = 0x7f0f164482c0, ref = 0x7f0f164482c0, ast = 0x7f0f164482c0, zv = 0x7f0f164482c0, ptr = 0x7f0f164482c0, ce = 0x7f0f164482c0, 
            func = 0x7f0f164482c0, ww = {w1 = 373588672, w2 = 32527}}, u1 = {type_info = 342287040, v = {type = 192 '\300', type_flags = 226 '\342', u = {
--Type <RET> for more, q to quit, c to continue without paging--
                extra = 5222}}}, u2 = {next = 32527, cache_slot = 32527, opline_num = 32527, lineno = 32527, num_args = 32527, fe_pos = 32527, fe_iter_idx = 32527, 
            guard = 32527, constant_flags = 32527, extra = 32527}}
#13 0x00007f0f1e0670e7 in xdebug_throw_exception_hook (exception=0x7f0f1466e2c0)
    at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/base/base.c:1580
        code = 0x7f0f1466e308
        message = 0x7f0f1466e2e8
        file = 0x7f0f1466e318
        line = 0x7f0f1466e328
        exception_ce = <optimized out>
        code_str = 0x562c65b2bd60 "190"



        dummy = {value = {lval = 139702774817448, dval = 6.902234166599668e-310, counted = 0x7f0f164462a8, str = 0x7f0f164462a8, arr = 0x7f0f164462a8, 
            obj = 0x7f0f164462a8, res = 0x7f0f164462a8, ref = 0x7f0f164462a8, ast = 0x7f0f164462a8, zv = 0x7f0f164462a8, ptr = 0x7f0f164462a8, ce = 0x7f0f164462a8, 
            func = 0x7f0f164462a8, ww = {w1 = 373580456, w2 = 32527}}, u1 = {type_info = 2932227328, v = {type = 0 '\000', type_flags = 61 '=', u = {
                extra = 44742}}}, u2 = {next = 2862486326, cache_slot = 2862486326, opline_num = 2862486326, lineno = 2862486326, num_args = 2862486326, 
            fe_pos = 2862486326, fe_iter_idx = 2862486326, guard = 2862486326, constant_flags = 2862486326, extra = 2862486326}}
#14 xdebug_throw_exception_hook (exception=0x7f0f1466e2c0) at /usr/src/debug/php83-php-pecl-xdebug3-3.3.1-1.el9.remi.x86_64/src/src/base/base.c:1532
        code = <optimized out>
        message = <optimized out>
        file = <optimized out>
        line = <optimized out>
        exception_ce = <optimized out>
        code_str = <optimized out>
        dummy = {value = {lval = <optimized out>, dval = <optimized out>, counted = <optimized out>, str = <optimized out>, arr = <optimized out>, 
            obj = <optimized out>, res = <optimized out>, ref = <optimized out>, ast = <optimized out>, zv = <optimized out>, ptr = <optimized out>, 
            ce = <optimized out>, func = <optimized out>, ww = {w1 = <optimized out>, w2 = <optimized out>}}, u1 = {type_info = <optimized out>, v = {
              type = <optimized out>, type_flags = <optimized out>, u = {extra = <optimized out>}}}, u2 = {next = <optimized out>, cache_slot = <optimized out>, 
            opline_num = <optimized out>, lineno = <optimized out>, num_args = <optimized out>, fe_pos = <optimized out>, fe_iter_idx = <optimized out>, 
            guard = <optimized out>, constant_flags = <optimized out>, extra = <optimized out>}}
#15 0x0000562c638383d6 in zend_throw_exception_internal (exception=0x7f0f1466e2c0) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_exceptions.c:219
No locals.
#16 0x0000562c6382f767 in ZEND_THROW_SPEC_TMPVAR_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:14697
        value = 0x7f0f2b633820
#17 0x0000562c63a7f717 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:58713
        vm_stack_data = {orig_opline = 0x7f0f146ac0c0, orig_execute_data = 0x7f0f2b633650, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#18 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b6336e0
        fbc = <optimized out>
        ret = <optimized out>
#19 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f14745540, orig_execute_data = 0x7f0f2b633570, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#20 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b633650
        fbc = <optimized out>
        ret = <optimized out>
#21 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f13a8dde0, orig_execute_data = 0x7f0f2b633400, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#22 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
--Type <RET> for more, q to quit, c to continue without paging--
        call = 0x7f0f2b633570
        fbc = <optimized out>
        ret = <optimized out>
#23 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f146a5460, orig_execute_data = 0x7f0f2b633180, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#24 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b633400
        fbc = <optimized out>
        ret = <optimized out>
#25 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f146b0660, orig_execute_data = 0x7f0f2b632f80, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#26 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b633180
        fbc = <optimized out>
        ret = <optimized out>
#27 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f14717240, orig_execute_data = 0x7f0f2b632df0, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#28 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b632f80
        fbc = <optimized out>
        ret = <optimized out>
#29 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f14756e40, orig_execute_data = 0x7f0f2b632cd0, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#30 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b632df0
        fbc = <optimized out>
        ret = <optimized out>
#31 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f1518ac60, orig_execute_data = 0x7f0f2b6327d0, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#32 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b632cd0
        fbc = <optimized out>
        ret = <optimized out>
#33 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f1515a0c0, orig_execute_data = 0x7f0f2b632740, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#34 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b6327d0
        fbc = <optimized out>
        ret = <optimized out>
#35 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f1512e480, orig_execute_data = 0x7f0f2b6324e0, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#36 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b632740
        fbc = <optimized out>
        ret = <optimized out>
#37 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f1516f020, orig_execute_data = 0x7f0f2b6320d0, hybrid_jit_red_zone = "\340$c+\017\177\000\000\221J\253c,V\000"}
--Type <RET> for more, q to quit, c to continue without paging--
#38 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b6324e0
        fbc = <optimized out>
        ret = <optimized out>
#39 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f150be8c0, orig_execute_data = 0x7f0f2b618520, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#40 0x0000562c6383617c in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:2052
        call = 0x7f0f2b6320d0
        fbc = <optimized out>
        ret = <optimized out>
#41 0x0000562c63837143 in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57256
        vm_stack_data = {orig_opline = 0x7f0f148a1720, orig_execute_data = 0x7f0f2b613020, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#42 0x0000562c63a55f94 in ZEND_INCLUDE_OR_EVAL_SPEC_OBSERVER_HANDLER () at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:5125
        return_value = <optimized out>
        call = 0x7f0f2b618520
        new_op_array = 0x7f0f15a87200
        inc_filename = <optimized out>
#43 0x0000562c63a7ef1a in execute_ex (ex=0x7f0f2b600040) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:57332
        vm_stack_data = {orig_opline = 0x7ffe8728c3a0, orig_execute_data = 0x0, hybrid_jit_red_zone = "\000\000\000\000\000\000\000\000\221J\253c,V\000"}
#44 0x0000562c63a89165 in zend_execute (op_array=0x7f0f145bfd00, return_value=0x0) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend_vm_execute.h:61604
        execute_data = 0x7f0f2b613020
        object_or_called_scope = <optimized out>
        call_info = <optimized out>
#45 0x0000562c63a13d30 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/Zend/zend.c:1881
        files = {{gp_offset = 40, fp_offset = 16777216, overflow_arg_area = 0x7ffe87289ed0, reg_save_area = 0x7ffe87289e60}}
        i = 1
        file_handle = <optimized out>
        op_array = 0x7f0f145bfd00
        ret = 727922400
#46 0x0000562c639a789a in php_execute_script (primary_file=<optimized out>) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/main/main.c:2501
        realfile = "\000\000\000\000\000\000\000\000\063\262(\207\376\177\000\000\000\254z\025\017\177\000\000\320ۛc,V\000\000@\225\230\025\017\177\000\000\063\262(\207\376\177\000\000\001\000\000\000\000\000\000\000\000\342o\025\017\177\000\000\360W\211\025\017\177\000\000M\353\233c,V\000\000\001\000\000\000\000\000\000\000}\022\360\027\017\177\000\000 \a\232\025\017\177\000\000\002", '\000' <repeats 15 times>, "\001\000\000\000\000\000\000\000\002\000\000\000\017\177\000\000\000\006\232\025\017\177\000\000\300\262(\207\376\177\000\000\000\342o\025\017\177\000\000 \a\232\025\017\177\000\000\360W\211\025\017\177\000\000\000\254z\025\017\177\000\000r\265\357\027\017\177\000\000\006h\306c,V\000\000\251"...
        __orig_bailout = <optimized out>
        __bailout = {{__jmpbuf = {140731166016640, 3743359753757349024, 94748686305676, 94748686305780, 94748686305780, 1, 3743359751448384672, 
              6941978565112190112}, __mask_was_saved = 0, __saved_mask = {__val = {0, 8028844331305624623, 3275917259925381475, 8675450682573027440, 
                139639862620206, 0, 0, 0, 94748650721380, 140731166011680, 139703129028336, 140731166011680, 12294285158349421824, 139702749981808, 0, 
                139703129437584}}}}
        prepend_file_p = <optimized out>
        append_file_p = <optimized out>
        prepend_file = {handle = {fp = 0x7f0f2b69e0e0, stream = {handle = 0x7f0f2b69e0e0, isatty = 0, reader = 0x562c639bccd0 <_php_stream_read>, 
              fsizer = 0x562c639a5800 <php_zend_stream_fsizer>, closer = 0x562c639a4ae0 <php_zend_stream_closer>}}, filename = 0x7f0f2b682240, 
          opened_path = 0x7f0f2b682300, type = 2 '\002', primary_script = false, in_list = true, 
          buf = 0x7f0f2b69f000 "<?php\nif( defined('PHP_SAPI') && PHP_SAPI === 'cli' ){\n\t$server_name = getenv('SERVER_NAME') ?? '';\n\t$doc_root = getenv('DOCUMENT--Type <RET> for more, q to quit, c to continue without paging--
_ROOT') ?? '';\n\n\tif( empty($server_name) ){\n\t\techo \"Missing server name"..., len = 33773}
        append_file = {handle = {fp = 0x0, stream = {handle = 0x0, isatty = 0, reader = 0x0, fsizer = 0x0, closer = 0x0}}, filename = 0x7f0f2b682280, 
          opened_path = 0x0, type = 0 '\000', primary_script = false, in_list = false, buf = 0x0, len = 0}
        old_cwd = <optimized out>
        use_heap = false
        retval = false
#47 0x0000562c63842653 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/php83-php-8.3.2-1.el9.x86_64/sapi/fpm/fpm/fpm_main.c:1920
        primary_script = <optimized out>
        __orig_bailout = <optimized out>
        __bailout = {{__jmpbuf = {94748656330144, -3743023946181684064, 6, 94748656224160, 94748656331288, 1, 3743359753755251872, 6941978340087125152}, 
            __mask_was_saved = 0, __saved_mask = {__val = {0, 0, 1024, 0, 1704878755, 657320635, 139703134951520, 657320635, 1704878755, 657320635, 0, 0, 0, 0, 
                12294285158349421824, 94748681880272}}}}
        exit_status = <optimized out>
        cgi = 0
        c = <optimized out>
        use_extended_info = <optimized out>
        file_handle = {handle = {fp = 0x7f0f2b69e000, stream = {handle = 0x7f0f2b69e000, isatty = 0, reader = 0x562c639bccd0 <_php_stream_read>, 
              fsizer = 0x562c639a5800 <php_zend_stream_fsizer>, closer = 0x562c639a4ae0 <php_zend_stream_closer>}}, filename = 0x7f0f2b677578, 
          opened_path = 0x7f0f2b6775e8, type = 2 '\002', primary_script = false, in_list = true, 
          buf = 0x7f0f1485c000 "<?php\r\n/**\r\n * @version   $Id: index.php 3750 2006-05-31 10:39:39Z stingrey $\r\n * @package   Joomla\r\n * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.\r\n * @license   http://ww"..., len = 40961}
        orig_optind = <optimized out>
        orig_optarg = <optimized out>
        ini_builder = {value = 0x0, length = 0}
        max_requests = 100
        requests = <optimized out>
        fcgi_fd = <optimized out>
        request = <optimized out>
        fpm_config = <optimized out>
        fpm_prefix = <optimized out>
        fpm_pid = <optimized out>
        test_conf = <optimized out>
        force_daemon = <optimized out>
        force_stderr = <optimized out>
        php_information = <optimized out>
        php_allow_to_run_as_root = <optimized out>
        __func__ = "main"
        ret = <optimized out>
        __orig_bailout = <optimized out>
        __bailout = {{__jmpbuf = {<optimized out>, <optimized out>, <optimized out>, <optimized out>, <optimized out>, <optimized out>, <optimized out>, 
              <optimized out>}, __mask_was_saved = <optimized out>, __saved_mask = {__val = {<optimized out> <repeats 16 times>}}}}
        __str = <optimized out>
bt_full.txt (23,783 bytes)   

eiwaen

2024-03-28 16:14

reporter   ~0006867

It seems we are affected by the same problem, as we're getting seemingly random segmentation faults since upgrading to Xdebug 3.3.1 (from Xdebug 3.2.x) on PHP 8.2.
Just as for the reporter, it also happens when there is no debug session ongoing.

Would it help to provide more data? If so, please provide information what is required (I'm not familiar with inspecting segmentation faults).

derick

2024-03-29 14:34

administrator   ~0006881

Can any of you reproduce this on the command line, with the run of a single request?

Preferably, you run it like:

USE_ZEND_ALLOC=0 gdb --args php script.php

(and then "run")

If that crashes, I am also interested in seeing the same, but run like:

USE_ZEND_ALLOC=0 valgrind php script.php

As so far, I can't reproduce this yet — although it does happen when an exception is thrown:

        tmp_str = {l = 4860617, a = 4862335, d = 0x55cb13ccf0e0 &quot;\n\033[1m\033[31mDoctrine\\ORM\\Mapping\\MappingException\033[0m: Class \&quot;Macroactive\\Core\\Common\\Domain\\Model\\Email\&quot; is not a valid entity or mapped super class.\033[22m in \033[31m/www/platform/vendor/doctrine/orm/lib/&quot;...} 

Perhaps this happens during auto loading?

SCIF

2024-03-30 00:11

reporter   ~0006885

Hi @derick,

Perhaps this happens during auto loading?

Nope, the crash happens during the tests execution so most likely this is some issue during the import? Weird though.

SCIF

2024-03-30 00:38

reporter   ~0006886

Hi @dercik,

The first command has crashed so please find attached the log of the running valgrind. Is this expected that tests passed and not crashed in this case??

valgrind.log.gz (13,307 bytes)

eiwaen

2024-04-02 09:35

reporter   ~0006888

In our case, I believe we haven't experienced a segmentation fault for command line scripts.
Only HTTP requests seem affected.

We're using the official 8.2-apache Docker image.

wahalahti

2024-04-09 21:02

reporter   ~0006892

We are facing similar problems with PHP 8.0.30 and xdebug 3.3.1 in develop mode for HTTP requests. Couldn't reproduce in command line when quickly tested.

PHP error log indicated "exited on signal 11" without any lines written to xdebug log.

derick

2024-04-15 13:54

administrator   ~0006913

I have released Xdebug 3.3.1, which could have fixed this issue. Can you please try it?

SCIF

2024-04-16 01:02

reporter   ~0006918

Hi @derick, thanks for the update!

I think you meant 3.3.2, not 3.3.1. I have updated my docker image and still can see segfault on the same test suite. Do you need valgrind or gdb logs?

SCIF

2024-04-16 01:36

reporter   ~0006919

GDB shows a warning:

warning: Error disabling address space randomization: Operation not permitted
[Thread debugging using libthread_db enabled]

Not sure if it was present before.

Nothing has changed in the logs of the valgrind.
Attaching new logs.

valgrind.log-2.gz (10,596 bytes)
gdb-log.txt.gz (2,854 bytes)

eiwaen

2024-04-17 08:29

reporter   ~0006925

Thanks, @derick, for releasing 3.3.2!

For us, the problem seems to be gone, i.e. there were no more segmentation faults since we updated to the new version.

Issue History

Date Modified Username Field Change
2024-01-30 10:10 jozef.kovac New Issue
2024-01-30 11:58 derick Assigned To => derick
2024-01-30 11:58 derick Status new => feedback
2024-01-30 11:58 derick Note Added: 0006822
2024-01-30 19:13 jozef.kovac Note Added: 0006828
2024-01-30 19:13 jozef.kovac File Added: bt_full.txt
2024-01-30 19:13 jozef.kovac Status feedback => assigned
2024-02-08 14:32 derick Relationship added has duplicate 0002235
2024-03-28 16:14 eiwaen Note Added: 0006867
2024-03-29 14:34 derick Status assigned => feedback
2024-03-29 14:34 derick Note Added: 0006881
2024-03-30 00:11 SCIF Note Added: 0006885
2024-03-30 00:38 SCIF Note Added: 0006886
2024-03-30 00:38 SCIF File Added: valgrind.log.gz
2024-04-02 09:35 eiwaen Note Added: 0006888
2024-04-09 21:02 wahalahti Note Added: 0006892
2024-04-15 13:54 derick Note Added: 0006913
2024-04-16 01:02 SCIF Note Added: 0006918
2024-04-16 01:36 SCIF Note Added: 0006919
2024-04-16 01:36 SCIF File Added: valgrind.log-2.gz
2024-04-16 01:36 SCIF File Added: gdb-log.txt.gz
2024-04-17 08:29 eiwaen Note Added: 0006925