php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #71977 After opcache turned on to cause Segmentation fault
Submitted: 2016-04-06 13:48 UTC Modified: 2017-06-23 15:44 UTC
Votes:5
Avg. Score:4.6 ± 0.8
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:2 (50.0%)
From: wangduo1122 at 163 dot com Assigned:
Status: Not a bug Package: opcache
PHP Version: 7.0.5 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: wangduo1122 at 163 dot com
New email:
PHP Version: OS:

 

 [2016-04-06 13:48 UTC] wangduo1122 at 163 dot com 
Description:
------------
When turned on opcache, the first call to extension function normally , the second appeared Segmentation fault. Close opcache is normal.Through debug and found add_assoc_stringl,add_assoc_long caused Segmentation fault when turned on opcache

Test script:
---------------
ZEND_FUNCTION( L5ApiGetRoute ){
    double d_time_out   = 0;
    std::string err_msg;
    zval *za_qos_req;

    if ( ZEND_NUM_ARGS() == 2 ){
        if ( zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ad",&za_qos_req,&d_time_out) == FAILURE ){
            RETURN_LONG(-2);
    }else{
        WRONG_PARAM_COUNT;
        RETURN_LONG(-3);
    }
php_var_dump(za_qos_req, 1);
    add_assoc_stringl( za_qos_req, "hostIp", "10.175.90.28", 12);
    add_assoc_long( za_qos_req, "hostPort", 80 );
}

PHP code:
<?php
    $l5_req = array(
                'modId' => 64100225,
                'cmdId' => 65536
    );
    $l5_time_out = 0.2;
    $ret = L5ApiGetRoute($l5_req, $l5_time_out);
    print_r($l5_req);
    $l5_reqx = array(
                'modId' => 64000833,
                'key' => 3
    );
    $ret = L5ApiGetRoute($l5_reqx, $l5_time_out);
    print_r($l5_reqx);
?>

PHP.INI(opcache config)
zend_extension=opcache.so
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=10
opcache.fast_shutdown=1
opcache.enable_cli=1

Actual result:
--------------
[root@cweb_sports_api_new_10 ~/cl5/php/src]# /usr/local/qqwebsrv/php7/bin/php test.php
array(2) {
  ["modId"]=>
  int(64100225)
  ["cmdId"]=>
  int(65536)
}
Array
(
    [modId] => 64100225
    [cmdId] => 65536
    [hostIp] => 10.175.90.28
    [hostPort] => 80
)
array(2) {---------------------Get the correct parameters
  ["modId"]=>
  int(64000833)
  ["key"]=>
  int(3)
}
Array
(
    [modId] => 64000833
    [key] => 3
    [hostIp] => 10.175.90.28
    [hostPort] => 80
)
[root@cweb_sports_api_new_10 ~/cl5/php/src]# /usr/local/qqwebsrv/php7/bin/php test.php
array(2) {
  ["modId"]=>
  int(64100225)
  ["cmdId"]=>
  int(65536)
}
Array
(
    [modId] => 64100225
    [cmdId] => 65536
    [hostIp] => 10.175.90.28
    [hostPort] => 80
)
array(32696) {----------------------Did not get to the parameter
Segmentation fault (core dumped)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-04-07 06:17 UTC] nikic@php.net
-Status: Open +Status: Feedback
 [2016-04-07 06:17 UTC] nikic@php.net 
You must
a) declare the parameter as being by-reference in arginfo and
b) separate the argument by using "a/d" instead of "ad".

Does doing these two things fix the issue?
 [2016-04-07 10:07 UTC] wangduo1122 at 163 dot com
-Status: Feedback +Status: Open
 [2016-04-07 10:07 UTC] wangduo1122 at 163 dot com 
The original function is accomplished , I do not want to modify the original function .
Test the "a/d", this will not be the original parameters to be modified.
Are there any other ways to solve this problem ?
 [2016-04-08 11:45 UTC] wangduo1122 at 163 dot com 
If you turn off opcache, we would not have this problem.
 [2016-04-27 02:15 UTC] jsilver at doublesharp dot com 
I was successfully running opcache for some time, but randomly this morning I started seeing the same behavior from php-fpm. Once these errors began appearing in the log Nginx would only return a 502 Bad Gateway error until php-fpm was restarted.

Removing opcache corrected the issue, please let me know if there is other debugging I can do.


OS: CentOS 7
PHP: 7.0.5

/var/log/php-fpm/www-error.log
--------------------------------
26-Apr-2016 18:26:31] NOTICE: [pool www] child 17467 started
[26-Apr-2016 18:26:34] WARNING: [pool www] child 17344 exited on signal 11 (SIGSEGV) after 205.748769 seconds from start
[26-Apr-2016 18:26:34] NOTICE: [pool www] child 17473 started
[26-Apr-2016 18:26:34] WARNING: [pool www] child 17315 exited on signal 11 (SIGSEGV) after 258.979294 seconds from start
[26-Apr-2016 18:26:34] NOTICE: [pool www] child 17474 started
[26-Apr-2016 18:26:35] WARNING: [pool www] child 17345 exited on signal 11 (SIGSEGV) after 207.569738 seconds from start
[26-Apr-2016 18:26:35] NOTICE: [pool www] child 17476 started
[26-Apr-2016 18:26:38] WARNING: [pool www] child 17317 exited on signal 11 (SIGSEGV) after 263.001353 seconds from start
[26-Apr-2016 18:26:38] NOTICE: [pool www] child 17478 started
[26-Apr-2016 18:26:38] WARNING: [pool www] child 17337 exited on signal 11 (SIGSEGV) after 211.347670 seconds from start
[26-Apr-2016 18:26:38] NOTICE: [pool www] child 17480 started
[26-Apr-2016 18:26:39] WARNING: [pool www] child 17356 exited on signal 11 (SIGSEGV) after 209.634259 seconds from start
[26-Apr-2016 18:26:39] NOTICE: [pool www] child 17482 started
[26-Apr-2016 18:26:41] WARNING: [pool www] child 17343 exited on signal 11 (SIGSEGV) after 213.523122 seconds from start
[26-Apr-2016 18:26:41] NOTICE: [pool www] child 17489 started
[26-Apr-2016 18:26:42] WARNING: [pool www] child 17351 exited on signal 11 (SIGSEGV) after 213.560209 seconds from start


/var/log/messages
--------------------------------
Apr 26 21:26:31 web01 kernel: traps: php-fpm[17316] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:34 web01 kernel: traps: php-fpm[17344] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:34 web01 kernel: traps: php-fpm[17315] general protection ip:7f83cb4b6feb sp:7ffe89bdf7f0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:35 web01 kernel: traps: php-fpm[17345] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:38 web01 kernel: traps: php-fpm[17317] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:38 web01 kernel: traps: php-fpm[17337] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:39 web01 kernel: traps: php-fpm[17356] general protection ip:7f83cb4b6feb sp:7ffe89bdfdb0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:41 web01 kernel: traps: php-fpm[17343] general protection ip:7f83cb4b6feb sp:7ffe89bdf7f0 error:0 in opcache.so[7f83cb4a3000+2c000]
Apr 26 21:26:42 web01 kernel: traps: php-fpm[17351] general protection ip:7f83cb4b6feb sp:7ffe89bdf7f0 error:0 in opcache.so[7f83cb4a3000+2c000]
```
 [2016-06-30 09:39 UTC] sofire at gmail dot com 
OS: CentOS 6.6

PHP 7.0.7 (cli) (built: May 25 2016 17:35:28) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
    with Xdebug v2.4.0, Copyright (c) 2002-2016, by Derick Rethans




php-fpm[1921] general protection ip:7f5a9454d4c3 sp:7fffb87a8b30 error:0 in opcache.so[7f5a9453a000+2b000]
php-fpm[2054] general protection ip:7f5a9454d4c3 sp:7fffb87a8b30 error:0 in opcache.so[7f5a9453a000+2b000]
 [2017-06-23 15:44 UTC] nikic@php.net
-Status: Open +Status: Not a bug
 [2017-06-23 15:44 UTC] nikic@php.net 
Closing as this is a bug in the extension, not in opcache (see first comment).
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri May 09 15:01:27 2025 UTC