php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60078 SIGSEGV in xhprof.c
Submitted: 2011-10-17 16:51 UTC Modified: 2017-10-24 08:24 UTC
Votes:2
Avg. Score:3.0 ± 0.0
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: odoucet@php.net Assigned:
Status: Suspended Package: xhprof (PECL)
PHP Version: Irrelevant OS: -
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2011-10-17 16:51 UTC] odoucet@php.net
Description:
------------
I'll try to be as precise as possible : 
This happens in a special case that can be reproduced 100%, but I cannot provide 
a test 
script (it is using 20MB of closed customer code).

This happens only whith xhprof_enable(). No problem is encountered when the 
module is just 
loaded with no call to xhprof_enable()


In latest clone from git (commit a6bae51236 for file xhprof.c) 
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff3575f49 in hp_mode_shared_endfn_cb (top=0xef0210, symbol=<value 
optimized out>) 
at /usr/src/xhprof/extension/xhprof.c:1553


 bt
#0  hp_mode_shared_endfn_cb (top=0xef0210, symbol=<value optimized out>) at 
/usr/src/xhprof/extension/xhprof.c:1553
#1  0x00007ffff357609e in hp_mode_hier_endfn_cb (entries=<value optimized out>) 
at 
/usr/src/xhprof/extension/xhprof.c:1573
#2  0x00007ffff3576e66 in hp_compile_file (file_handle=<value optimized out>, 
type=8) at 
/usr/src/xhprof/extension/xhprof.c:1721
#3  0x00000000007218a4 in ?? ()
#4  0x000000000071f294 in execute ()
#5  0x00000000006faf7b in zend_execute_scripts ()
#6  0x00000000006b573a in php_execute_script ()
#7  0x0000000000772287 in main ()


Ok so problem is in the function "hp_mode_shared_endfn_cb"

Let's try to see what is the value of each variable here : 

 print /f hp_globals.cpu_frequencies[hp_globals.cur_cpu_id]
Cannot access memory at address 0x0


ok so problem is in this expression.

print hp_globals.cpu_frequencies
$8 = (double *) 0x0
(gdb) print /f hp_globals.cur_cpu_id
$9 = 0


Ok so I can see that hp_globals.cpu_frequencies equals NULL (right ?), and we 
attempt to 
access it as an array.
I read the source code quickly, and I can see that this array should be filled 
at some 
point. Seems it is not.


I made a dirty patch just to avoid the SIGSEGV, but all my timings in xhprof 
reports are 
inaccurate now.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-10-18 13:22 UTC] odoucet@php.net
More debugging : 

it seems bug is happening in get_cpu_frequency() that returned 0 on line 1335 so 
array hp_globals.cpu_frequencies is 
wiped out by function clear_frequencies();


Just before, we have an error ("setaffinity: Invalid argument") thrown by line 
1228, so my guess is that function 
bind_to_cpu() failed, and at the end program is segfaulting because this has an 
impact on an array.
 [2011-10-19 17:39 UTC] scottmac@php.net
Any more information about the OS or version of PHP? I have this working fine on 
OS X with PHP 5.3 and PHP 5.4.
 [2011-10-19 17:45 UTC] odoucet@php.net
System is Linux 64 x64 (kernel 2.6.36)
Bi CPU Intel(R) Xeon(R) CPU           L5630  @ 2.13GHz

I found this bug on a particular machine where some CPUs are deactivated on purpose 
(sorry, this is a major information but I only detected it now).
Command used to deactivate a thread: echo 0 > /sys/devices/system/cpu/cpu1/online

function bind_to_cpu failed for cpu 1, and now I can see why.
Do you have any idea how to handle this on xhprof ? Maybe not resetting the whole 
hp_globals.cpu_frequencies array if bind_ failed ?
 [2011-10-24 09:44 UTC] odoucet@php.net
I created a patch for this (tested successfully) : 
https://github.com/olivierd/xhprof/commit/2e74533746bf14b0bcfc9a6fae08e1bf9b4f724b
 [2012-06-11 14:10 UTC] felipe@php.net
-Status: Open +Status: Feedback
 [2012-06-11 14:10 UTC] felipe@php.net
Have this issue been fixed?
 [2012-06-11 14:16 UTC] odoucet@php.net
No this bug has not been fixed.

I provide a new working URL that seems to fix this issue : 
https://github.com/odoucet/xhprof/commit/2e74533746bf14b0bcfc9a6fae08e1bf9b4f724b
 [2012-06-11 14:17 UTC] odoucet@php.net
-Status: Feedback +Status: Open
 [2012-06-12 18:01 UTC] sixd@php.net
-Assigned To: +Assigned To: scottmac
 [2017-10-24 06:11 UTC] kalle@php.net
-Status: Assigned +Status: Open -Assigned To: scottmac +Assigned To:
 [2017-10-24 08:24 UTC] kalle@php.net
-Status: Open +Status: Suspended
 [2017-10-24 08:24 UTC] kalle@php.net
This package has not had a release for over 4 years, and the last bit of git activity was over 2 years ago, so I think its safe to say this extension is no longer in active development. If development picks back up, then please re-open this report
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Mar 24 10:01:25 2019 UTC