Topic: Segmentation Fault on php71 under CentOs / Amazon Linux

Hello guys, thx for the php 71 package you built. We are facing a Segmentation
Fault (probably on libicu), do you have some clue about it?

How to reproduce on CentOS:

yum install php71 php71-php-cli php71-php-intl

php segfault.php


//
// segfault.php
//

<?php
$a = new \Collator('en_US');
$b = [new stdclass, new stdclass];
$a->sort($b);

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Some news, we compiled php 7.1.9 on amazon linux on docker and reproduced the segmentation fault. We also discovered that when we do not install re2c the seg fault do not happen. But we could not discover why it happens since on php docker image for debian jessie (php:latest) it works.

How to build a broken php7.1.9 on Amazon linux container:

PHP_URL="https://secure.php.net/get/php-7.1.9.tar.xz/from/this/mirror"

CFLAGS="-fstack-protector-strong -fpic -fpie -O2"
CPPFLAGS="$CFLAGS"
LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie"

PHP_INI_DIR=/usr/local/etc/php
mkdir -p $PHP_INI_DIR/conf.d

yum install wget xz gcc gcc-c++ libxml2-devel openssl-devel  \
  curl-devel libicu-devel libedit-devel autoconf findutils pcre-devel -y

yum install re2c -y # Shame!! Shame!! Shame!!

mkdir -p /tmp/php7 /usr/src/php

wget $PHP_URL -O /tmp/php7/php.tar.xz
tar -xJf /tmp/php7/php.tar.xz -C /usr/src/php
cd /usr/src/php/php-7.1.9
./configure \
  --with-config-file-path="$PHP_INI_DIR" \
  --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \
  --disable-cgi \
  --enable-ftp \
  --enable-mbstring \
  --enable-mysqlnd \
  --enable-bcmath \
  --enable-calendar \
  --enable-intl \
  --enable-soap \
  --enable-zip \
  --with-pdo-mysql \
  --with-curl \
  --with-libedit \
  --with-openssl \
  --with-zlib
  --with-pcre-regex=/usr \
  --with-libdir="lib64"

make -j "$(nproc)"
make install

We are really confused about this, someone knows what is happening?

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

ok, I can reproduce on RHEL-6 (not on Fedora)
Segfault only with PHP 7.1 or 7.2, not with 7.0

FYI the build doesn't use re2c, but generated file in the upstream tarball.
You build use old system libicu (4.2) while the one in the repo use libicu-last (50.1.2)

I need to dig deeper.

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

On RHEL 7.4, segfaults with 7.0 and 7.1 but not with 7.2.... strange...

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

GDB backtrace

(gdb) bt
#0  i_zval_ptr_dtor (zval_ptr=0x7fffffffa770) at /usr/src/debug/php-7.1.9/Zend/zend_variables.h:47
#1  _zval_ptr_dtor (zval_ptr=0x7fffffffa770) at /usr/src/debug/php-7.1.9/Zend/zend_execute_API.c:550
#2  0x00007fffed27f678 in collator_convert_object_to_string (obj=obj@entry=0x7ffff3a5d668, rv=rv@entry=0x7fffffffa770)
    at /usr/src/debug/php-7.1.9/ext/intl/collator/collator_convert.c:258
#3  0x00007fffed27e367 in collator_regular_compare_function (result=0x7fffffffa810, op1=<optimized out>, op2=0x7ffff3a5d668)
    at /usr/src/debug/php-7.1.9/ext/intl/collator/collator_sort.c:63
#4  0x00007fffed27e2a8 in collator_compare_func (a=a@entry=0x7ffff3a5d648, b=b@entry=0x7ffff3a5d668) at /usr/src/debug/php-7.1.9/ext/intl/collator/collator_sort.c:223
#5  0x0000555555810e95 in zend_sort_2 (swp=0x5555557fffc0 <zend_hash_bucket_renum_swap>, cmp=0x7fffed27e280 <collator_compare_func>, b=0x7ffff3a5d668, a=0x7ffff3a5d648)
    at /usr/src/debug/php-7.1.9/Zend/zend_sort.c:94
#6  zend_insert_sort (base=0x7ffff3a5d648, nmemb=<optimized out>, siz=32, cmp=0x7fffed27e280 <collator_compare_func>, swp=0x5555557fffc0 <zend_hash_bucket_renum_swap>)
    at /usr/src/debug/php-7.1.9/Zend/zend_sort.c:159
#7  0x0000555555808f4b in zend_hash_sort_ex (ht=ht@entry=0x7ffff3a561f8, sort=<optimized out>, compar=compar@entry=0x7fffed27e280 <collator_compare_func>, 
    renumber=renumber@entry=1 '\001') at /usr/src/debug/php-7.1.9/Zend/zend_hash.c:2270
#8  0x00007fffed27e89f in collator_sort_internal (renumber=1, execute_data=<optimized out>, return_value=<optimized out>)
    at /usr/src/debug/php-7.1.9/ext/intl/collator/collator_sort.c:325
#9  0x00005555558972d4 in ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER () at /usr/src/debug/php-7.1.9/Zend/zend_vm_execute.h:1097
#10 0x000055555583e0eb in execute_ex (ex=<optimized out>) at /usr/src/debug/php-7.1.9/Zend/zend_vm_execute.h:429
#11 0x0000555555899738 in zend_execute (op_array=op_array@entry=0x7ffff3a83000, return_value=return_value@entry=0x7ffff3a641c0)
    at /usr/src/debug/php-7.1.9/Zend/zend_vm_execute.h:474
#12 0x00005555557f43a3 in zend_execute_scripts (type=-207540176, type@entry=8, retval=0x7ffff3a641c0, retval@entry=0x0, file_count=file_count@entry=3)
    at /usr/src/debug/php-7.1.9/Zend/zend.c:1480
#13 0x0000555555790270 in php_execute_script (primary_file=primary_file@entry=0x7fffffffcf60) at /usr/src/debug/php-7.1.9/main/main.c:2552
#14 0x000055555589b99c in do_cli (argc=5, argv=0x555555c1ee10) at /usr/src/debug/php-7.1.9/sapi/cli/php_cli.c:993
#15 0x0000555555621cca in main (argc=5, argv=0x555555c1ee10) at /usr/src/debug/php-7.1.9/sapi/cli/php_cli.c:1381
Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Better to track this upstream: https://bugs.php.net/bug.php?id=75193

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

So I have a possible fix, https://github.com/php/php-src/pull/2750
But I prefer to wait for other dev feedback before applying to PHP 7.0 and up

Hope to have it in 7.0.24RC1, 7.1.10RC1 and 7.2.0RC2 planed for later this week.


P.S.1: I've pinged 7.0 / 7.1 RM for faster review.
P.S.2: rh-php71 also affected

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

IIRC  Amazon Linux is EL-6 ? right ?

Can you please try php71-php-7.1.9-3 from "remi-test", which have this patch applied.

P.S.1: available for both EL-6 and EL-7
P.S.2: of course, I cannot reproduce the segfault anymore with this build

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Patch verified, applied upstream, will be in 7.0.24RC1, 7.1.10RC1 and 7.2.0RC2 later this week.

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Thanks @remi

We lost the last hours to discover what was going on. We will try the remi-test and let you know.

[]'s

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Worked on CentOs.
On Amazon linux worked on el6, and on el7 we had missing dependencies.

Thx again smile

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

> Worked on CentOs.

Great, thanks for the feedback.

> on el7 we had missing dependencies.

Probably unrelated, but what is missing ? (at least for my information, as I know Amazon Linux is not really centos)

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

For some reason the package name is a little different

Requires: htpd-mmn = 20120211x8664
Available: htpd24-2.4.25-1.68.amzn1.x86_64 amzn-main
  htpd-mmn = 20120211x86-64
  htpd-mmn = 20120211

* htpd = httpd for some reason the forum dont allow the package name

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

> Available: htpd24-2.4.25-1.68.amzn1.x86_64 amzn-main

Ok, this mean Amazon choose to replace default base httpd package.
So you can't use php (mod_php), but have to use php-fpm instead.
(BTW, IMHO, php-fpm is more modern, mod_php should be deprecated)

Thanks for the information

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

Thx you by the attention and for fixing this bus smile

One last question. We will use remi-test on our production machine until the new stable version is released, is that a problem ?

[]'s

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

> We will use remi-test on our production machine until the new stable version is released, is that a problem ?

Should be ok, but check that you don't pull unwanted packages from it.

BTW, 7.024 / 7.1.10 will be in stable in ~2 weeks

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

hello,

im also facing strange segfaults with mod_php 7.0.23 and apache 2.4.6 on centos7.
going back to php 7.0.22 solves the problem.

here is a simple oneliner which produces segfault on one vhost while 10 out of 10 times while not on another, pretty strange, eh?
<?php
mail($a, $b, $c)

any idea? what debug information should I supply?

regards!

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

another oneliner which segfaulted apache with php 7.0.23:
<?php
unlink('something_that_doesnt_exist');

Re: Segmentation Fault on php71 under CentOs / Amazon Linux

tibyke, this is another issue, beeter to open a new thread.

BTW, I cannot reproduce, and have not enough information (at least extension list, and a gdb backtrace)

Desktop: Fedora 25 x86_64 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 26 x86_64 + remi (SCL only)
Hosting Server: CentOS 6.9 x86_64 + EPEL + remi + remi-php70