You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PHP seems to crash (SIGSEGV) when compiled with ASAN in ext/phar/phar.c memory management. I have suspected PHP at first, but I have simplified the code to:
p = (nil)
p = 0x6020000014d0
ASAN:DEADLYSIGNAL
=================================================================
==24265==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7fd76261ef00 bp 0x7fd76293fb00 sp 0x7ffc900bca90 T0)
==24265==The signal is caused by a READ memory access.
==24265==Hint: address points to the zero page.
#0 0x7fd76261eeff (/lib/x86_64-linux-gnu/libc.so.6+0x77eff)
#1 0x7fd75f86ef72 in zm_globals_ctor_phar /home/ondrej/Projects/php-src/ext/phar/phar.c:3357:2
#2 0xf90991 in zend_startup_module_ex /home/ondrej/Projects/php-src/Zend/zend_API.c:1837:4
#3 0xf92074 in zend_startup_module_zval /home/ondrej/Projects/php-src/Zend/zend_API.c:1858:10
#4 0x10199d7 in zend_hash_apply /home/ondrej/Projects/php-src/Zend/zend_hash.c:1505:12
#5 0xf91aa6 in zend_startup_modules /home/ondrej/Projects/php-src/Zend/zend_API.c:1969:2
#6 0xcfa362 in php_module_startup /home/ondrej/Projects/php-src/main/main.c:2258:2
#7 0x165474a in php_cli_startup /home/ondrej/Projects/php-src/sapi/cli/php_cli.c:431:6
#8 0x164f705 in main /home/ondrej/Projects/php-src/sapi/cli/php_cli.c:1357:6
#9 0x7fd7625c72b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
#10 0x436e59 in _start (/home/ondrej/Projects/php-src/sapi/cli/php+0x436e59)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x77eff)
==24265==ABORTING
Running under gdb results in:
p = (nil)
p = 0x602000001530
Program received signal SIGSEGV, Segmentation fault.
_int_free (av=0x7ffff6c29b00 <main_arena>, p=0x602000001520, have_lock=0) at malloc.c:4013
4013 malloc.c: No such file or directory.
#0 _int_free (av=0x7ffff6c29b00 <main_arena>, p=0x602000001520, have_lock=0) at malloc.c:4013
size = 8935141712242671632
fb = <optimized out>
nextchunk = 0x7c00602c00001530
nextsize = <optimized out>
nextinuse = <optimized out>
prevsize = <optimized out>
bck = <optimized out>
fwd = <optimized out>
errstr = 0x0
locked = <optimized out>
__func__ = "_int_free"
#1 0x00007ffff3b6ef73 in zm_globals_ctor_phar (phar_globals=0x7ffff3dff328 <phar_globals>) at ext/phar/phar.c:3357
mime = {mime = 0x2971c10 <module_registry> "\001", len = 384, type = -112 '\220'}
p = 0x602000001530
#2 0x0000000000f90992 in zend_startup_module_ex (module=0x60f0000006d0) at Zend/zend_API.c:1837
name_len = 3
lcname = 0x60300001b9a0
#3 0x0000000000f92075 in zend_startup_module_zval (zv=0x6190000001c0) at Zend/zend_API.c:1858
module = 0x60f0000006d0
#4 0x00000000010199d8 in zend_hash_apply (ht=0x2971c10 <module_registry>, apply_func=0xf92030 <zend_startup_module_zval>) at Zend/zend_hash.c:1505
idx = 6
p = 0x6190000001c0
result = 0
#5 0x0000000000f91aa7 in zend_startup_modules () at Zend/zend_API.c:1969
No locals.
#6 0x0000000000cfa363 in php_module_startup (sf=0x1cc80c0 <cli_sapi_module>, additional_modules=0x0, num_additional_modules=0) at main/main.c:2258
retval = 0
module_number = 0
php_os = 0x1839cc0 <.str.32> "Linux"
module = 0x6030000007c0
zuf = <optimized out>
zuv = <optimized out>
#7 0x000000000165474b in php_cli_startup (sapi_module=0x1cc80c0 <cli_sapi_module>) at sapi/cli/php_cli.c:431
No locals.
#8 0x000000000164f706 in main (argc=14, argv=0x60c000000040) at sapi/cli/php_cli.c:1357
c = -1
exit_status = 0
module_started = 0
sapi_started = 1
use_extended_info = 0
ini_path_override = 0x0
ini_entries = 0x611000000040 "html_errors=0\nregister_argc_argv=1\nimplicit_flush=1\noutput_buffering=0\nmax_execution_time=0\nmax_input_time=-1\nextension_dir=\"./modules\"\nextension=phar.so\nopen_basedir=\noutput_buffering=0\nmemory_limit="...
ini_entries_len = 205
ini_ignore = 1
sapi_module = 0x1cc80c0 <cli_sapi_module>
php_optarg = 0x602000000350 ""
php_optind = 14
Program terminated with signal SIGSEGV, Segmentation fault.
The text was updated successfully, but these errors were encountered:
Hi,
PHP seems to crash (SIGSEGV) when compiled with ASAN in ext/phar/phar.c memory management. I have suspected PHP at first, but I have simplified the code to:
And that should definitely not crash as
__zend_malloc
is a simple function:and copying the
__zend_malloc
under different name intoext/phar/phar.c
results in no SIGSEGV.To reproduce, download current PHP-7.0 branch from https://github.com/php/php-src, apply following patch:
and compile with:
to reproduce the SIGSEGV that happens during build process, do:
This should result in something like this:
Running under gdb results in:
The text was updated successfully, but these errors were encountered: