** Description changed: SRU Justification [ Impact ] Invoking reflection via the observer API on a class with an attribute annotation causes a dangling pointer and segmentation fault. Certain PHP extensions may register an observer of an attribute instantiation using reflection. Since Laravel 9+ and Symfony make use of attribute annotations, it's a fairly common case that can be reproduced using the Datadog PHP extension and any Laravel application. See https://github.com/DataDog/dd-trace-php/issues/1734. This bug was fixed in PHP 8.1.3 https://bugs.php.net/bug.php?id=81430 in the PR https://github.com/php/php-src/pull/7885/files This bug potentially impacts the stability of the LTS release for anyone using Laravel or Symfony which are very popular frameworks alongside tracing extensions. [ Test Plan ] - Run the test suite for php8.1 with the test case (but not the fix) from - the attached patch. You will observe "Bug #81430 (Attribute - instantiation frame accessing invalid frame pointer) - [ext/zend_test/tests/observer_bug81430_1.phpt]" in the failed tests - section. + Run the upstream tests included within this fix. To do so, an upstream + development/testing PHP extension for zend introspection is required. We + will provide the modified package source code so anyone verifying this + bug can build it. - After the patch is fully applied, both new tests pass. + The new package to be built is named "php8.1-ztest". + + The modified php8.1 source code to generate the php8.1-ztest package is + located in https://code.launchpad.net/~athos- + ribeiro/ubuntu/+source/php8.1/+git/php8.1/+ref/zend-test-ext-nofix for a + first test to confirm the bug. The test should not meet the described + expectation. + + The modified php8.1 source code to generate the php8.1-ztest package is + located in https://code.launchpad.net/~athos- + ribeiro/ubuntu/+source/php8.1/+git/php8.1/+ref/zend-test-ext for a + second test to confirm the fix. The test should now meet the + expectations described in the test itself. + + Note that the versions for the packages shipping "php8.1-ztest" are + intentionally conflicting with the version in jammy and the version + being proposed with the fix. This is because the generated php8.1-ztest + requires other packages built from the php8.1 source in its exact same + version. + + Do remember that you should only install "php8.1-ztest" from these + custom packages. The remaining php8.1 binaries should be installed from + the Ubuntu archive. [ Where problems could occur ] Could potentially impact the performance or stability of reflection operations, but this is a fairly old patch at this point.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054621 Title: PHP crashes on Laravel 9+ with certain extensions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php8.1/+bug/2054621/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
