PHP :: Bug #60078 :: SIGSEGV in xhprof.c

Bug #60078

SIGSEGV in xhprof.c

Submitted:

2011-10-17 16:51 UTC

Modified:

2017-10-24 08:24 UTC

Votes:	2
Avg. Score:	3.0 ± 0.0
Reproduced:	1 of 2 (50.0%)
Same Version:	1 (100.0%)
Same OS:	0 (0.0%)

From:

odoucet@php.net

Assigned:

Status:

Suspended

Package:

xhprof (PECL)

PHP Version:

Irrelevant

OS:

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	odoucet@php.net
New email:
PHP Version:		OS:

New Comment:

[2011-10-17 16:51 UTC] odoucet@php.net

Description:
------------
I'll try to be as precise as possible : 
This happens in a special case that can be reproduced 100%, but I cannot provide 
a test 
script (it is using 20MB of closed customer code).

This happens only whith xhprof_enable(). No problem is encountered when the 
module is just 
loaded with no call to xhprof_enable()


In latest clone from git (commit a6bae51236 for file xhprof.c) 
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff3575f49 in hp_mode_shared_endfn_cb (top=0xef0210, symbol=<value 
optimized out>) 
at /usr/src/xhprof/extension/xhprof.c:1553


 bt
#0  hp_mode_shared_endfn_cb (top=0xef0210, symbol=<value optimized out>) at 
/usr/src/xhprof/extension/xhprof.c:1553
#1  0x00007ffff357609e in hp_mode_hier_endfn_cb (entries=<value optimized out>) 
at 
/usr/src/xhprof/extension/xhprof.c:1573
#2  0x00007ffff3576e66 in hp_compile_file (file_handle=<value optimized out>, 
type=8) at 
/usr/src/xhprof/extension/xhprof.c:1721
#3  0x00000000007218a4 in ?? ()
#4  0x000000000071f294 in execute ()
#5  0x00000000006faf7b in zend_execute_scripts ()
#6  0x00000000006b573a in php_execute_script ()
#7  0x0000000000772287 in main ()


Ok so problem is in the function "hp_mode_shared_endfn_cb"

Let's try to see what is the value of each variable here : 

 print /f hp_globals.cpu_frequencies[hp_globals.cur_cpu_id]
Cannot access memory at address 0x0


ok so problem is in this expression.

print hp_globals.cpu_frequencies
$8 = (double *) 0x0
(gdb) print /f hp_globals.cur_cpu_id
$9 = 0


Ok so I can see that hp_globals.cpu_frequencies equals NULL (right ?), and we 
attempt to 
access it as an array.
I read the source code quickly, and I can see that this array should be filled 
at some 
point. Seems it is not.


I made a dirty patch just to avoid the SIGSEGV, but all my timings in xhprof 
reports are 
inaccurate now.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-10-18 13:22 UTC] odoucet@php.net

More debugging : 

it seems bug is happening in get_cpu_frequency() that returned 0 on line 1335 so 
array hp_globals.cpu_frequencies is 
wiped out by function clear_frequencies();


Just before, we have an error ("setaffinity: Invalid argument") thrown by line 
1228, so my guess is that function 
bind_to_cpu() failed, and at the end program is segfaulting because this has an 
impact on an array.

[2011-10-19 17:39 UTC] scottmac@php.net

Any more information about the OS or version of PHP? I have this working fine on 
OS X with PHP 5.3 and PHP 5.4.

[2011-10-19 17:45 UTC] odoucet@php.net

System is Linux 64 x64 (kernel 2.6.36)
Bi CPU Intel(R) Xeon(R) CPU           L5630  @ 2.13GHz

I found this bug on a particular machine where some CPUs are deactivated on purpose 
(sorry, this is a major information but I only detected it now).
Command used to deactivate a thread: echo 0 > /sys/devices/system/cpu/cpu1/online

function bind_to_cpu failed for cpu 1, and now I can see why.
Do you have any idea how to handle this on xhprof ? Maybe not resetting the whole 
hp_globals.cpu_frequencies array if bind_ failed ?

[2011-10-24 09:44 UTC] odoucet@php.net

I created a patch for this (tested successfully) : 
https://github.com/olivierd/xhprof/commit/2e74533746bf14b0bcfc9a6fae08e1bf9b4f724b

[2012-06-11 14:10 UTC] felipe@php.net

-Status: Open +Status: Feedback

[2012-06-11 14:10 UTC] felipe@php.net

Have this issue been fixed?

[2012-06-11 14:16 UTC] odoucet@php.net

No this bug has not been fixed.

I provide a new working URL that seems to fix this issue : 
https://github.com/odoucet/xhprof/commit/2e74533746bf14b0bcfc9a6fae08e1bf9b4f724b

[2012-06-11 14:17 UTC] odoucet@php.net

-Status: Feedback +Status: Open

[2012-06-12 18:01 UTC] sixd@php.net

-Assigned To: +Assigned To: scottmac

[2017-10-24 06:11 UTC] kalle@php.net

-Status: Assigned +Status: Open -Assigned To: scottmac +Assigned To:

[2017-10-24 08:24 UTC] kalle@php.net

-Status: Open +Status: Suspended

[2017-10-24 08:24 UTC] kalle@php.net

This package has not had a release for over 4 years, and the last bit of git activity was over 2 years ago, so I think its safe to say this extension is no longer in active development. If development picks back up, then please re-open this report

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 14:01:32 2024 UTC