php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #62757 php-fpm carshed when used apc_bin_dumpfile with apc.serializer
Submitted: 2012-08-06 12:51 UTC Modified: 2012-08-10 14:43 UTC
From: cfc4n at cnxct dot com Assigned: laruence (profile)
Status: Closed Package: APC (PECL)
PHP Version: 5.3.10 OS: CentOS 5.6
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: cfc4n at cnxct dot com
New email:
PHP Version: OS:

 

 [2012-08-06 12:51 UTC] cfc4n at cnxct dot com 
Description:
------------
My php.ini config with this:
;apc version 3.1.9
apc.enabled = 1
apc.enable_cli = 1
apc.cache_by_default = on
apc.shm_segments = 1
apc.shm_size = 128M
apc.num_files_hint = 300
apc.user_entries_hint = 4096
apc.write_lock = On
apc.stat = 0
apc.stat_ctime = 0
apc.ttl=0
apc.user_ttl=0
apc.serializer=igbinary ;// igbinary and php
make install with PHP ver 5.3.10 and php-fpm,when I Requst test script,PHP-FPM 
shutdown like "WARNING: [pool www] child 9043 exited on signal 11 (SIGSEGV - 
core dumped) after 2.097479 seconds from start" 

Test script:
---------------
//定义需要cache的目录
$arrCacheDir = array();
array_push($arrCacheDir,PROJECTROOT.'core');
/* 循环读取需要cache的目录*/
foreach ($arrCacheDir as $value)
{
    compileDir($value);
}

/* 生成bin文件*/
 if (!writeBin())
{
    exit('write to '.APCBIN.'xyws_vn.bin failed!!!');
}
function compileDir ($dir)
{
......
//开始缓存文件
if (apc_compile_file($dir.DIRECTORY_SEPARATOR.$file))
{
    $arrCacheFile[] = $dir.DIRECTORY_SEPARATOR.$file;
}
......
}

Expected result:
----------------
run ok....

Actual result:
--------------
apc.serializer=php:
#0  apc_swizzle_hashtable (bd=0x2b787542a030, ll=0x7fffe0149c60, 
ht=0x2b78754be9c6, swizzle_cb=0x2b787492fa00 <apc_swizzle_zval>, is_ptr=1) at 
/root/Redis/APC-3.1.9/apc_bin.c:408
#1  0x00002b787492fa6d in apc_swizzle_zval (bd=0x2b787542a030, 
ll=0x7fffe0149c60, zv=0x2b78754bdb80) at /root/Redis/APC-3.1.9/apc_bin.c:463
#2  0x00002b787492fd4f in apc_swizzle_op_array (bd=0x2b787542a030, 
ll=0x7fffe0149c60, op_array=0x2b78754bd8ff) at /root/Redis/APC-
3.1.9/apc_bin.c:205
#3  0x00002b787492fe81 in apc_swizzle_function (bd=0x2b787542a030, 
ll=0x7fffe0149c60, func=0x2b78754be9c6) at /root/Redis/APC-3.1.9/apc_bin.c:268
#4  0x00002b787492f982 in apc_swizzle_hashtable (bd=0x2b787542a030, 
ll=0x7fffe0149c60, ht=0x2b7875431366, swizzle_cb=0x2b787492fe60 
<apc_swizzle_function>, is_ptr=0) at /root/Redis/APC-3.1.9/apc_bin.c:411
#5  0x00002b7874930765 in apc_swizzle_class_entry (files=0x5cfcfd8, user_vars=
<value optimized out>) at /root/Redis/APC-3.1.9/apc_bin.c:294
#6  apc_bin_dump (files=0x5cfcfd8, user_vars=<value optimized out>) at 
/root/Redis/APC-3.1.9/apc_bin.c:794
#7  0x00002b78749219e1 in zif_apc_bin_dumpfile (ht=<value optimized out>, 
return_value=0x5c2a470, return_value_ptr=<value optimized out>, this_ptr=<value 
optimized out>, return_value_used=<value optimized out>)
    at /root/Redis/APC-3.1.9/php_apc.c:1418
#8  0x0000000000718b98 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x2b78753a9fd0) at /root/soft/php-5.3.6/Zend/zend_vm_execute.h:316
#9  0x000000000071819c in execute (op_array=0x5bec870) at /root/soft/php-
5.3.6/Zend/zend_vm_execute.h:107
#10 0x00002b7873644aa6 in zend_oe () from 
/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-
20090626/ZendGuardLoader.so
#11 0x00000000007186c2 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x2b78753a9050) at /root/soft/php-5.3.6/Zend/zend_vm_execute.h:340
#12 0x000000000071819c in execute (op_array=0x5bd0c48) at /root/soft/php-
5.3.6/Zend/zend_vm_execute.h:107
#13 0x00002b7873644aa6 in zend_oe () from 
/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-
20090626/ZendGuardLoader.so
#14 0x00000000006f312d in zend_execute_scripts (type=8, retval=0x0, 
file_count=3) at /root/soft/php-5.3.6/Zend/zend.c:1194
#15 0x00000000006a25bd in php_execute_script (primary_file=0x7fffe014e710) at 
/root/soft/php-5.3.6/main/main.c:2268
#16 0x000000000077d81f in main (argc=3, argv=<value optimized out>) at 
/root/soft/php-5.3.6/sapi/fpm/fpm/fpm_main.c:1917

apc.serializer=igbinary:
#0  zend_hash_get_current_key_ex (ht=0x2aaaab56eb30, str_index=0x7fffe9b2eda8, 
str_length=0x7fffe9b2ee00, num_index=0x7fffe9b2eda0, duplicate=0 '\000', 
pos=0x7fffe9b2edb8) at /root/soft/php-5.3.6/Zend/zend_hash.c:1119
1119                    if (p->nKeyLength) {
(gdb) bt
#0  zend_hash_get_current_key_ex (ht=0x2aaaab56eb30, str_index=0x7fffe9b2eda8, 
str_length=0x7fffe9b2ee00, num_index=0x7fffe9b2eda0, duplicate=0 '\000', 
pos=0x7fffe9b2edb8) at /root/soft/php-5.3.6/Zend/zend_hash.c:1119
#1  0x00002af4013ddb03 in igbinary_serialize_array (igsd=0x7fffe9b2ee50, z=
<value optimized out>) at /root/soft/igbinary-1.1.1/igbinary.c:862
#2  igbinary_serialize_zval (igsd=0x7fffe9b2ee50, z=<value optimized out>) at 
/root/soft/igbinary-1.1.1/igbinary.c:1225
#3  0x00002af4013e3d10 in igbinary_serialize (ret=0x7fffe9b2ef00, 
ret_len=0x7fffe9b2ef08, z=0x2aaaab56e938) at /root/soft/igbinary-
1.1.1/igbinary.c:333
#4  0x00002af4013e3e29 in igbinary_apc_serializer (buf=0x2aaaab56eb30, 
buf_len=0x7fffe9b2eda8, value=0x0, config=0x7fffe9b2eda0) at 
/root/soft/igbinary-1.1.1/igbinary.c:534
#5  0x00002af400d85fbb in my_serialize_object (dst=0x2af401888466, 
src=0x2aaaab56e938, ctxt=<value optimized out>) at /root/Redis/APC-
3.1.9/apc_compile.c:244
#6  my_copy_zval (dst=0x2af401888466, src=0x2aaaab56e938, ctxt=<value optimized 
out>) at /root/Redis/APC-3.1.9/apc_compile.c:363
#7  0x00002af400d8e1e0 in apc_bin_dump (files=0xbbb0130, user_vars=<value 
optimized out>) at /root/Redis/APC-3.1.9/apc_bin.c:726
#8  0x00002af400d7f9e1 in zif_apc_bin_dumpfile (ht=<value optimized out>, 
return_value=0xbbf1c48, return_value_ptr=<value optimized out>, this_ptr=<value 
optimized out>, return_value_used=<value optimized out>)
    at /root/Redis/APC-3.1.9/php_apc.c:1418
#9  0x0000000000718b98 in zend_do_fcall_common_helper_SPEC 
(execute_data=0x2af401807050) at /root/soft/php-5.3.6/Zend/zend_vm_execute.h:316
#10 0x000000000071819c in execute (op_array=0xbb2d900) at /root/soft/php-
5.3.6/Zend/zend_vm_execute.h:107
#11 0x00002af3ffaa2aa6 in zend_oe () from 
/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-
20090626/ZendGuardLoader.so
#12 0x00000000006f312d in zend_execute_scripts (type=8, retval=0x0, 
file_count=3) at /root/soft/php-5.3.6/Zend/zend.c:1194
#13 0x00000000006a25bd in php_execute_script (primary_file=0x7fffe9b339f0) at 
/root/soft/php-5.3.6/main/main.c:2268
#14 0x000000000077d81f in main (argc=3, argv=<value optimized out>) at 
/root/soft/php-5.3.6/sapi/fpm/fpm/fpm_main.c:1917

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-08-06 13:18 UTC] cfc4n at cnxct dot com 
and ,when I do that,It's return a Error...
$arrDrop = array('helpers/post.php');
$arr = array();
foreach ($arrDrop as $key => $value)
{
    apc_compile_file(WWWROOT.$value);
    $arr[] = WWWROOT.$value;
}

var_dump(apc_bin_dumpfile($arr,null,'a.bin'));
?>

helpers/post.php is here : http://paste.ubuntu.org.cn/138814
 [2012-08-07 08:03 UTC] cfc4n at cnxct dot com 
Sorry,It's a bug of apc_bin_dumpfile  function,not apc_compile_file.I did not 
seriously look at this information of coredump...
Maybe It's a same bug as BUG #62765
 [2012-08-07 08:03 UTC] cfc4n at cnxct dot com
-PHP Version: 5.3Git-2012-08-06 (Git) +PHP Version: 5.3.10
 [2012-08-08 05:31 UTC] cfc4n at cnxct dot com 
if Dump bin file done. and it make a new carshed when used apc_bin_load 
function.(ubuntu 12.04  php5.3.10 deb install)
E.G:
(gdb) bt
#0  0x00007f03c3088306 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007f03c2275b5c in apc_pmemcpy (p=0x7f23ba68e652, n=8, pool=<optimized 
out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:52
#2  0x00007f03c2266f45 in apc_string_pmemcpy (pool=0x7f03b37e1040, len=
<optimized out>, str=<optimized out>) at /root/APC-3.1.9/apc_compile.c:288
#3  my_copy_zval (dst=0x7f03b37e3420, src=0x7f03b024926a, ctxt=0x7fff7c215300) 
at /root/APC-3.1.9/apc_compile.c:337
#4  0x00007f03c226f39d in my_copy_znode (dst=0x7f03b37e3418, src=<optimized 
out>, ctxt=<optimized out>) at /root/APC-3.1.9/apc_compile.c:427
#5  0x00007f03c226f46a in my_copy_zend_op (dst=0x7f03b37e33d0, 
src=0x7f03b024921a, ctxt=0x7fff7c215300) at /root/APC-3.1.9/apc_compile.c:446
#6  0x00007f03c2270242 in apc_copy_op_array (dst=0x7f03b37e2fe0, 
src=0x7f03b0249033, ctxt=0x7fff7c215300) at /root/APC-3.1.9/apc_compile.c:1222
#7  0x00007f03c2278dbd in apc_bin_load (bd=0x7f03aff47048, flags=<optimized 
out>) at /root/APC-3.1.9/apc_bin.c:901
#8  0x00007f03c2268d5b in zif_apc_bin_loadfile (ht=<optimized out>, 
return_value=0x17dde00, return_value_ptr=<optimized out>, this_ptr=<optimized 
out>, return_value_used=<optimized out>) at /root/APC-3.1.9/php_apc.c:1536
#9  0x000000000070efcd in ?? ()
#10 0x00000000006bfb3b in execute ()
#11 0x000000000069b0a0 in zend_execute_scripts ()
#12 0x0000000000647753 in php_execute_script ()
#13 0x000000000042b885 in ?? ()
#14 0x00007f03c301876d in __libc_start_main () from /lib/x86_64-linux-
gnu/libc.so.6
#15 0x000000000042c0e5 in _start ()
(gdb) f 0
#0  0x00007f03c3088306 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) f 1
#1  0x00007f03c2275b5c in apc_pmemcpy (p=0x7f23ba68e652, n=8, pool=<optimized 
out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:52
52        return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
(gdb) f 2
#2  0x00007f03c2266f45 in apc_string_pmemcpy (pool=0x7f03b37e1040, len=
<optimized out>, str=<optimized out>) at /root/APC-3.1.9/apc_compile.c:288
288         return apc_pmemcpy(str, len, pool TSRMLS_CC);
 [2012-08-08 05:31 UTC] cfc4n at cnxct dot com
-Summary: php-fpm carshed when i used apc_compile_file function +Summary: php-fpm carshed when i used apc_bin_dumpfile and apc_bin_load function
 [2012-08-08 15:02 UTC] laruence@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.
 [2012-08-08 15:02 UTC] laruence@php.net
-Status: Open +Status: Feedback
 [2012-08-10 10:39 UTC] cfc4n at cnxct dot com
-Status: Feedback +Status: Open
 [2012-08-10 10:39 UTC] cfc4n at cnxct dot com 
I find the code of this bug.
c.php
//// APC_bin_dump函数不支持函数的参数设置为默认数组的语法
//// 类中不支持 空数组属性
/**/
class ApiLib{
    //not support 1 
    private $arr=array();

    //not support 2
    function test($arr = array()) {
        return true;
    }
}
?>

a.php
<?php
$str = dirname(__FILE__).DIRECTORY_SEPARATOR.'c.php';
apc_store('aaaa',"xxxxx",1);
apc_compile_file($str);
apc_bin_dumpfile(array($str), null,'ccc.bin');
?>
Run a.php with http method (nginx + php-fpm),fpm will coredump...
 [2012-08-10 14:40 UTC] laruence@php.net 
change summary
 [2012-08-10 14:40 UTC] laruence@php.net
-Summary: php-fpm carshed when i used apc_bin_dumpfile and apc_bin_load function +Summary: php-fpm carshed when used apc_bin_dumpfile with apc.serializer
 [2012-08-10 14:41 UTC] laruence@php.net 
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=327043
Log: Fixed Bug #62757 (php-fpm carshed when used apc_bin_dumpfile with apc.serializer)
 [2012-08-10 14:43 UTC] laruence@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-08-10 14:43 UTC] laruence@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: laruence
 [2012-08-10 16:17 UTC] laruence@php.net 
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=327049
Log: Re-fixed bug #62757

and silent memleaks reporting temporarily
 [2012-08-15 08:06 UTC] laruence@php.net 
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=327126
Log: Re-fix #62757, previous is ugly
 [2013-01-07 12:54 UTC] jan dot slusarczyk at gmail dot com 
Related To: Bug #63909
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Nov 24 03:01:32 2024 UTC