uopz
uopz copied to clipboard
Repro pattern for SIGSEGV with PHPUnit ^9.5
Hi,
I'm encountering a blocking segfault caused by uopz_del_function , with the current last commit of uopz master branch, phpunit/phpunit:^9.5 in my composer file, inside a docker image with Symfony ^5.2, and php 8.0.2.
I still get this problem since one year now.
This works fine, doing php -f OneTest.php
, showing that uopz is working fine under basic environment:
<?php
require __DIR__ . '/../vendor/autoload.php';
use PHPUnit\Framework\TestCase;
class OneTest extends TestCase
{
/** @test */
public function it_does()
{
uopz_add_function(DateInterval::class, 'f', function () {
return true;
});
uopz_del_function(DateInterval::class, 'f');
}
}
(new OneTest())->it_does();
But this won't work anymore if I change the "entrypoint" command, doing phpunit OneTest.php
.
Then, I made gdb php
, followed by run phpunit OneTest.php
, and run bt
to get the backtrace:
#0 0x0000563f33cecdd1 in _emalloc ()
#1 0x0000563f33d02381 in ?? ()
#2 0x0000563f33cffda8 in ?? ()
#3 0x0000563f33d008b7 in ?? ()
#4 0x0000563f33cffc52 in ?? ()
#5 0x0000563f33d023f8 in ?? ()
#6 0x0000563f33cffda8 in ?? ()
#7 0x0000563f33d008b7 in ?? ()
#8 0x0000563f33cffc52 in ?? ()
#9 0x0000563f33d0114a in ?? ()
#10 0x0000563f33cffca4 in ?? ()
#11 0x0000563f33d008b7 in ?? ()
#12 0x0000563f33cffc52 in ?? ()
#13 0x0000563f33d016f6 in ?? ()
#14 0x0000563f33d02ee4 in ?? ()
#15 0x0000563f33d02f10 in ?? ()
#16 0x0000563f33cd7b5f in ?? ()
#17 0x0000563f33cd956a in compile_file ()
#18 0x0000563f33bb10d9 in ?? ()
#19 0x00007fcaa82d2c82 in opcache_compile_file.isra () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/opcache.so
#20 0x00007fcaa82d5ab9 in persistent_compile_file () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/opcache.so
#21 0x00007fcaa86ae98a in xdebug_compile_file (file_handle=<optimized out>, type=<optimized out>) at /tmp/pear/temp/xdebug/src/base/base.c:83
#22 0x0000563f33cd95e2 in compile_filename ()
#23 0x0000563f33d42c05 in ?? ()
#24 0x0000563f33d5870a in ?? ()
#25 0x0000563f33d73ad6 in execute_ex ()
#26 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413bb0) at /tmp/pear/temp/xdebug/src/base/base.c:779
#27 0x0000563f33a2687c in ?? ()
#28 0x0000563f33d73ad6 in execute_ex ()
#29 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413b10) at /tmp/pear/temp/xdebug/src/base/base.c:779
#30 0x0000563f33d065ea in zend_call_function ()
#31 0x0000563f33d06a25 in zend_call_known_function ()
#32 0x0000563f33be2f7a in ?? ()
#33 0x0000563f33d057c5 in zend_lookup_class_ex ()
#34 0x0000563f33d06d0c in zend_fetch_class_by_name ()
#35 0x00007fcaa7c0c081 in uopz_vm_new () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/uopz.so
#36 0x0000563f33d730a9 in ?? ()
#37 0x0000563f33d73ad6 in execute_ex ()
#38 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413820) at /tmp/pear/temp/xdebug/src/base/base.c:779
#39 0x0000563f33a26b2c in ?? ()
#40 0x0000563f33d73ad6 in execute_ex ()
#41 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413440) at /tmp/pear/temp/xdebug/src/base/base.c:779
#42 0x0000563f33a26b2c in ?? ()
#43 0x0000563f33d73ad6 in execute_ex ()
#44 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413330) at /tmp/pear/temp/xdebug/src/base/base.c:779
#45 0x0000563f33a2687c in ?? ()
#46 0x0000563f33d73ad6 in execute_ex ()
#47 0x00007fcaa86afe0a in xdebug_execute_ex (execute_data=0x7fcaa8413020) at /tmp/pear/temp/xdebug/src/base/base.c:779
#48 0x0000563f33d7be0e in zend_execute ()
#49 0x0000563f33d13d3d in zend_execute_scripts ()
#50 0x0000563f33cb135e in php_execute_script ()
#51 0x0000563f33da15ae in ?? ()
#52 0x0000563f33a3d80b in ?? ()
#53 0x00007fcaab53f09b in __libc_start_main (main=0x563f33a3d3c0, argc=3, argv=0x7fff75320728, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff75320718) at ../csu/libc-start.c:308
#54 0x0000563f33a3df4a in _start ()
Don't hesitate to ask for more details if needed. Thanks in advance!
Does it also crash, if you disable Xdebug altogether?
Yes it does. Here is the related backtrace once disabled:
#0 0x0000555590cecdd1 in _emalloc ()
#1 0x0000555590d02381 in ?? ()
#2 0x0000555590cffda8 in ?? ()
#3 0x0000555590d008b7 in ?? ()
#4 0x0000555590cffc52 in ?? ()
#5 0x0000555590d023f8 in ?? ()
#6 0x0000555590cffda8 in ?? ()
#7 0x0000555590d008b7 in ?? ()
#8 0x0000555590cffc52 in ?? ()
#9 0x0000555590d0114a in ?? ()
#10 0x0000555590cffca4 in ?? ()
#11 0x0000555590d008b7 in ?? ()
#12 0x0000555590cffc52 in ?? ()
#13 0x0000555590d016f6 in ?? ()
#14 0x0000555590d02ee4 in ?? ()
#15 0x0000555590d02f10 in ?? ()
#16 0x0000555590cd7b5f in ?? ()
#17 0x0000555590cd956a in compile_file ()
#18 0x0000555590bb10d9 in ?? ()
#19 0x00007f090bed2c82 in opcache_compile_file.isra () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/opcache.so
#20 0x00007f090bed5ab9 in persistent_compile_file () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/opcache.so
#21 0x0000555590cd95e2 in compile_filename ()
#22 0x0000555590d42c05 in ?? ()
#23 0x0000555590d5870a in ?? ()
#24 0x0000555590d74b3c in execute_ex ()
#25 0x0000555590d065ea in zend_call_function ()
#26 0x0000555590d06a25 in zend_call_known_function ()
#27 0x0000555590be2f7a in ?? ()
#28 0x0000555590d057c5 in zend_lookup_class_ex ()
#29 0x0000555590d06d0c in zend_fetch_class_by_name ()
#30 0x00007f090b7ad081 in uopz_vm_new () from /usr/local/lib/php/extensions/no-debug-non-zts-20200930/uopz.so
#31 0x0000555590d730a9 in ?? ()
#32 0x0000555590d73ad6 in execute_ex ()
#33 0x0000555590d7be0e in zend_execute ()
#34 0x0000555590d13d3d in zend_execute_scripts ()
#35 0x0000555590cb135e in php_execute_script ()
#36 0x0000555590da15ae in ?? ()
#37 0x0000555590a3d80b in ?? ()
#38 0x00007f090f08609b in __libc_start_main (main=0x555590a3d3c0, argc=3, argv=0x7ffc03baca88, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc03baca78)
at ../csu/libc-start.c:308
#39 0x0000555590a3df4a in _start ()
Just in case: same issue with Symfony ^6.2 and php 8.2.
False positive?