From owner-freebsd-ports@freebsd.org Tue Apr 23 15:48:01 2019 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 44FEC159D95D for ; Tue, 23 Apr 2019 15:48:01 +0000 (UTC) (envelope-from marcelbonnet@gmail.com) Received: from mail-oi1-x242.google.com (mail-oi1-x242.google.com [IPv6:2607:f8b0:4864:20::242]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 883BF76DBA for ; Tue, 23 Apr 2019 15:47:59 +0000 (UTC) (envelope-from marcelbonnet@gmail.com) Received: by mail-oi1-x242.google.com with SMTP id a6so11671920oie.5 for ; Tue, 23 Apr 2019 08:47:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WfDuN9OfsPIL/g2zeVpQUoW1Das01oPJKTnHl4ZzwI4=; b=i9T6zwWGDzNKvlS9UXHA1IAJbMidZ52Ey1DALX7nzokweY+MsyPJLDdZP9LgeBpfdT MpbCEi8382icBnsjzrP/Razv8eCkugVJUActofdgRcdXsdWullLginZdITWYRPPVQfO6 0xAMR17CxoljvCj0cqwoomBCyjScJlWWm8NXa5BDm0MZ7Zce+GDtPbAbNZoa58SMLrbD lJmtWvQsAaGjO2AT5h0hBZeJ9+zt+Y5y96IUI2TO0otwmuz08/FF1WZraoF4RxKbltCG iwGV26iCegzokbR3ocLS+qDJJx+Yy3239FN5ppAifNvZQJu2Y6mmGVdEyahjh/phpNX7 1Gww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WfDuN9OfsPIL/g2zeVpQUoW1Das01oPJKTnHl4ZzwI4=; b=mkPIND1uM+R0LMfNNMIM8t9k5mkwrqZsS+9zMOhg6aF/FJP4hK4wY+/6IPKkVTpInD +ybWaF5IZL0Q1B7eHc1rtwx1SAPNdeFBSLxefFZCewKtkYBPyyRehuGf2YsOC/OTLt7J 7FuEpUZp203GlB47Um5IFxO9oaskmBku6yfHlc4cEKsjcSSU3Z5BsXJ2e/eU0wfVqRHC vNHcHjdJLqXnKsa+c2WWh9G6Bk6yrQ6suQ5+S5Qx70bQeeO/GLQuFFTwdh8izB0kHpjz wF8V60hKhKP5GgosEIkwPH4GErguRdleTBNrCZUW45YnZYPtLXf44mqUPgMLVZWnbPW6 iwCQ== X-Gm-Message-State: APjAAAVu1LmoB56y1GlqhWu1js70LW1hANl1Vi9CQLOLY0w2wYJy87cU E7ZdB95pQaSc2In2dwmvlmNprBHeWhbWCg4p+NI= X-Google-Smtp-Source: APXvYqxl2iYj5dTMDjOTfZ7fYwqTlGWIBckkIeukw+wxBuA69YagblJ3eR+Rp4SUEXf//fp8yOtCWLjaNU80BgGxUpc= X-Received: by 2002:aca:5046:: with SMTP id e67mr2313440oib.60.1556034478228; Tue, 23 Apr 2019 08:47:58 -0700 (PDT) MIME-Version: 1.0 References: <67841009-B4BC-4F0A-BB53-77487EE19CBD@lassitu.de> In-Reply-To: <67841009-B4BC-4F0A-BB53-77487EE19CBD@lassitu.de> From: Marcel Bonnet Date: Tue, 23 Apr 2019 12:47:46 -0300 Message-ID: Subject: Re: PHP 7.2: SIGSEGV in OpenSSL To: Stefan Bethke Cc: FreeBSD Ports X-Rspamd-Queue-Id: 883BF76DBA X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=i9T6zwWG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of marcelbonnet@gmail.com designates 2607:f8b0:4864:20::242 as permitted sender) smtp.mailfrom=marcelbonnet@gmail.com X-Spamd-Result: default: False [-3.30 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[5]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; MIME_BASE64_TEXT(0.10)[]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.79)[-0.791,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2.4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-0.60)[ip: (2.43), ipnet: 2607:f8b0::/32(-3.12), asn: 15169(-2.26), country: US(-0.06)]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Apr 2019 15:48:01 -0000 Hi. Did you find a solution? Please let me know. A simple command, like below, is enought to cause a segmentation fault. but it depends on which extensions are enabled (php73-ldap or php73-curl ; probably any using openssl) $ php -r "phpinfo();" $ uname -a FreeBSD machine.STUDIO 12.0-STABLE FreeBSD 12.0-STABLE #2 r344331M: Fri Mar 8 08:36:23 -03 2019 marcelbonnet@machine.STUDIO:/usr/obj/usr/src/amd64.amd64/sys/MACHINE-12 amd64 $ pkg iinfo php73 php73-7.3.4 php73-composer-1.8.4 php73-ctype-7.3.4 php73-curl-7.3.4 php73-filter-7.3.4 php73-hash-7.3.4 php73-intl-7.3.4 php73-json-7.3.4 php73-mbstring-7.3.4 php73-opcache-7.3.4 php73-openssl-7.3.4 php73-phar-7.3.4 $ gdb /usr/local/bin/php php.core GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Core was generated by `php -r phpinfo();'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libelf.so.2...Reading symbols from /usr/lib/debug//lib/libelf.so.2.debug...done. done. Loaded symbols for /lib/libelf.so.2 Reading symbols from /lib/libcrypt.so.5...Reading symbols from /usr/lib/debug//lib/libcrypt.so.5.debug...done. done. Loaded symbols for /lib/libcrypt.so.5 Reading symbols from /usr/local/lib/libargon2.so.0...done. Loaded symbols for /usr/local/lib/libargon2.so.0 Reading symbols from /lib/libm.so.5...Reading symbols from /usr/lib/debug//lib/libm.so.5.debug...done. done. Loaded symbols for /lib/libm.so.5 Reading symbols from /lib/libthr.so.3...Reading symbols from /usr/lib/debug//lib/libthr.so.3.debug...done. done. Loaded symbols for /lib/libthr.so.3 Reading symbols from /usr/local/lib/libxml2.so.2...done. Loaded symbols for /usr/local/lib/libxml2.so.2 Reading symbols from /lib/libz.so.6...Reading symbols from /usr/lib/debug//lib/libz.so.6.debug...done. done. Loaded symbols for /lib/libz.so.6 Reading symbols from /usr/lib/liblzma.so.5...Reading symbols from /usr/lib/debug//usr/lib/liblzma.so.5.debug...done. done. Loaded symbols for /usr/lib/liblzma.so.5 Reading symbols from /usr/local/lib/libpcre2-8.so.0...done. Loaded symbols for /usr/local/lib/libpcre2-8.so.0 Reading symbols from /lib/libc.so.7...BFD: /lib/libc.so.7: invalid relocation type 37 BFD: BFD 2.17.50 [FreeBSD] 2007-07-03 assertion fail /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/elf64-x86-64.c:276 Reading symbols from /usr/lib/debug//lib/libc.so.7.debug...done. done. Loaded symbols for /lib/libc.so.7 Reading symbols from /usr/local/lib/php/20180731-debug/opcache.so...done. Loaded symbols for /usr/local/lib/php/20180731-debug/opcache.so Reading symbols from /lib/libcrypto.so.111...Reading symbols from /usr/lib/debug//lib/libcrypto.so.111.debug...done. done. Loaded symbols for /lib/libcrypto.so.111 Reading symbols from /libexec/ld-elf.so.1...Reading symbols from /usr/lib/debug//libexec/ld-elf.so.1.debug...done. done. Loaded symbols for /libexec/ld-elf.so.1 #0 openssl_lh_strcasehash (c=0x802b618a2
) at /usr/src/crypto/openssl/crypto/lhash/lhash.c:361 361 if (c == NULL || *c == '\0') [New Thread 800f63000 (LWP 100460/)] (gdb) bt #0 openssl_lh_strcasehash (c=0x802b618a2
) at /usr/src/crypto/openssl/crypto/lhash/lhash.c:361 #1 0x0000000801c811fd in obj_name_hash (a=0x7fffffffdad0) at /usr/src/crypto/openssl/crypto/objects/o_names.c:166 #2 0x0000000801d37036 in OPENSSL_LH_delete (lh=0x800f87fc0, data=0x7fffffffdad0) at /usr/src/crypto/openssl/crypto/lhash/lhash.c:302 #3 0x0000000801c80e78 in OBJ_NAME_remove (name=0x802b618a2
, type=1) at obj_lcl.h:12 #4 0x0000000801d3731a in OPENSSL_LH_doall (lh=0x800f87fc0, func=0x801c81170 ) at /usr/src/crypto/openssl/crypto/lhash/lhash.c:198 #5 0x0000000801c81108 in OBJ_NAME_cleanup (type=1) at obj_lcl.h:12 #6 0x0000000801c8e468 in evp_cleanup_int () at /usr/src/crypto/openssl/crypto/evp/names.c:83 #7 0x0000000801d6915d in OPENSSL_cleanup () at /usr/src/crypto/openssl/crypto/init.c:567 #8 0x0000000800ccb205 in __cxa_finalize (dso=0x0) at /usr/src/lib/libc/stdlib/atexit.c:239 #9 0x0000000800c5b781 in exit (status=0) at /usr/src/lib/libc/stdlib/exit.c:74 #10 0x00000000007a9560 in main (argc=3, argv=0x7fffffffde08) at php_cli.c:1427 Current language: auto; currently minimal On Mon, 21 Jan 2019 at 17:00, Stefan Bethke wrote: > I'm seeing a lot of coredumps with a stack trace similar to this, on a > 12-stable machine: > > # gdb /usr/local/sbin/httpd /httpd.core > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you > are > welcome to change it and/or distribute copies of it under certain > conditions. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for details. > This GDB was configured as "amd64-marcel-freebsd"... > Core was generated by `/usr/local/sbin/httpd -DNOHTTPACCEPT'. > Program terminated with signal 11, Segmentation fault. > ... > (gdb) bt > #0 openssl_lh_strcasehash (c=0x803466cf2
bounds>) > at /freebsd/checkout/src/12/crypto/openssl/crypto/lhash/lhash.c:361 > #1 0x000000080138564d in obj_name_hash (a=0x7fffffffe9d0) > at /freebsd/checkout/src/12/crypto/openssl/crypto/objects/o_names.c:166 > #2 0x000000080143be77 in OPENSSL_LH_delete (lh=0x800a27240, > data=0x7fffffffe9d0) > at /freebsd/checkout/src/12/crypto/openssl/crypto/lhash/lhash.c:302 > #3 0x00000008013852c8 in OBJ_NAME_remove ( > name=0x803466cf2
, type=1) > at obj_lcl.h:12 > #4 0x000000080143c15a in OPENSSL_LH_doall (lh=0x800a27240, > func=0x8013855c0 ) > at /freebsd/checkout/src/12/crypto/openssl/crypto/lhash/lhash.c:198 > #5 0x0000000801385558 in OBJ_NAME_cleanup (type=1) at obj_lcl.h:12 > #6 0x0000000801392918 in evp_cleanup_int () > at /freebsd/checkout/src/12/crypto/openssl/crypto/evp/names.c:83 > #7 0x000000080146e39d in OPENSSL_cleanup () > at /freebsd/checkout/src/12/crypto/openssl/crypto/init.c:567 > #8 0x00000008007a24e5 in __cxa_finalize (dso=0x0) > at /freebsd/checkout/src/12/lib/libc/stdlib/atexit.c:233 > #9 0x00000008007320e1 in exit (status=54947058) > at /freebsd/checkout/src/12/lib/libc/stdlib/exit.c:62 > #10 0x0000000800a55118 in ?? () > #11 0x00007fffffffeb90 in ?? () > > The one case I could isolate the PHP code is calling > stream_socket_enable_crypto(), but I suspect there might be others. Is > anybody else seeing this? > > > Stefan > > -- > Stefan Bethke Fon +49 151 14070811 > > _______________________________________________ > freebsd-ports@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > -- Marcel Bonnet github.com/marcelbonnet/