PHP :: Bug #72585 :: APCu zend_mm

Bug #72585

APCu zend_mm_heap issues

Submitted:

2016-07-12 15:58 UTC

Modified:

2016-07-25 09:02 UTC

Votes:	2
Avg. Score:	4.5 ± 0.5
Reproduced:	2 of 2 (100.0%)
Same Version:	2 (100.0%)
Same OS:	2 (100.0%)

From:

sean dot mcnamara at kobas dot co dot uk

Assigned:

Status:

Closed

Package:

APC (PECL)

PHP Version:

7.0.8

OS:

CentOS

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2016-07-12 15:58 UTC] sean dot mcnamara at kobas dot co dot uk

Description:
------------
Since upgrading from PHP 7.0.7 to PHP 7.0.8 (using APCu 5.1.5) I've encountered an issue with using APCu to cache data.

Basically caching the value works correctly, I'm also only noticing this occurring when caching arrays.

For some reason the first call to apcu_fetch() works fine, but on the second call it presents me with a zend_mm_heap corrupted error and absolutely kills the page with no nice 404 or 500.

Rolling back to 7.0.7 fixes the issue so this really seems tied to 7.0.8. I was thinking perhaps it was just an issue with 7.0.8 overall however when I setup the same versions on a cloud 9 instance the error did not reproduce.

Steps to reproduce:

Fresh CentOS 7.2 x64

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum install php70w php70w-opcache php70w-fpm 
yum install php70w-pecl-apcu

Run test script (make sure apcu is enabled + if running by command line apcu.enable_cli is true)

Test script:
---------------
<?php
$key = 'cache_key';

apcu_store($key, ['net' => 23]);

$result = apcu_fetch($key);

print_r($result); // At this point result is as expected.

$result = apcu_fetch($key); // This causes error: `zend_mm_heap corrupted`

print_r($result); // Never gets printed

Expected result:
----------------
Expect to not have a zend_mm_heap corrupted and get the stored value.

Actual result:
--------------
#0  zend_mm_free_heap (ptr=0x7fe215542370, heap=0x7fe226600040) at /usr/src/debug/php-7.0.8/Zend/zend_alloc.c:1408
#1  _efree (ptr=0x7fe215542370) at /usr/src/debug/php-7.0.8/Zend/zend_alloc.c:2466
#2  0x00007fe22ae64b19 in zend_string_release (s=<optimized out>) at /usr/src/debug/php-7.0.8/Zend/zend_string.h:271
#3  zend_array_destroy (ht=0x7fe226656268) at /usr/src/debug/php-7.0.8/Zend/zend_hash.c:1341
#4  0x00007fe22ae98c45 in zend_assign_to_variable (value_type=4 '\004', value=0x7fe226613100, variable_ptr=0x7fe2266130a0) at /usr/src/debug/php-7.0.8/Zend/zend_execute.h:103
#5  ZEND_ASSIGN_SPEC_CV_VAR_HANDLER () at /usr/src/debug/php-7.0.8/Zend/zend_vm_execute.h:33580
#6  0x00007fe22ae924eb in execute_ex (ex=<optimized out>) at /usr/src/debug/php-7.0.8/Zend/zend_vm_execute.h:414
#7  0x00007fe22ae43c19 in dtrace_execute_ex (execute_data=<optimized out>) at /usr/src/debug/php-7.0.8/Zend/zend_dtrace.c:83
#8  0x00007fe21fc754df in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#9  0x00007fe22aedc6df in zend_execute (op_array=op_array@entry=0x7fe22667e000, return_value=return_value@entry=0x0) at /usr/src/debug/php-7.0.8/Zend/zend_vm_execute.h:458
#10 0x00007fe22ae53933 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at /usr/src/debug/php-7.0.8/Zend/zend.c:1427
#11 0x00007fe22adf4b78 in php_execute_script (primary_file=primary_file@entry=0x7ffe7e98b860) at /usr/src/debug/php-7.0.8/main/main.c:2494
#12 0x00007fe22aede348 in do_cli (argc=2, argv=0x7fe22ccd3a90) at /usr/src/debug/php-7.0.8/sapi/cli/php_cli.c:974
#13 0x00007fe22ac9207a in main (argc=2, argv=0x7fe22ccd3a90) at /usr/src/debug/php-7.0.8/sapi/cli/php_cli.c:1344

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-07-13 01:26 UTC] kalle@php.net

-Status: Open +Status: Feedback

[2016-07-13 01:26 UTC] kalle@php.net

Does this happen without xdebug enabled? And if so, does it happen without dtrace enabled?

[2016-07-24 04:22 UTC] pecl-dev at lists dot php dot net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.

[2016-07-25 09:02 UTC] sean dot mcnamara at kobas dot co dot uk

-Status: No Feedback +Status: Closed

[2016-07-25 09:02 UTC] sean dot mcnamara at kobas dot co dot uk

So this is still happening, it occurs with xdebug disabled and I've reported it on Github to the yum repo maintainer (https://github.com/webtatic-rpms/php70w/issues/1) and I believe its probably related to the APCu issue here (https://github.com/krakjoe/apcu/issues/185)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 07:01:27 2024 UTC