php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74342 Segmentation fault in zend_objects_store_call_destructors
Submitted: 2017-03-30 14:33 UTC Modified: 2017-03-30 15:05 UTC
From: tom60 at op dot pl Assigned:
Status: Duplicate Package: opcache
PHP Version: 7.1.3 OS: Debian Jessie 64 bit
Private report: No CVE-ID: None
 [2017-03-30 14:33 UTC] tom60 at op dot pl
Description:
------------
I've attached a backtrace of a segmentation fault that occured on our production Apache server after calling opcache_reset(). The issue is not easily reproducible as it probably depends on the kind of requests being processed at the time Opcache is cleared.

Previously reported as: https://bugs.php.net/bug.php?id=72183

Actual result:
--------------

warning: .dynamic section for "/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0" is not at the expected address (wrong library or version mismatch?)
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/opt/apache2/sbin/apache2 -k start'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fe896489388 in zend_objects_store_call_destructors (objects=objects@entry=0x7fe896dd1bf8 <executor_globals+824>)
    at /src/php-7.1.3/Zend/zend_objects_API.c:49
49                              zend_object *obj = objects->object_buckets[i];
(gdb) bt
#0  0x00007fe896489388 in zend_objects_store_call_destructors (objects=objects@entry=0x7fe896dd1bf8 <executor_globals+824>)
    at /src/php-7.1.3/Zend/zend_objects_API.c:49
#1  0x00007fe89643c6f3 in shutdown_destructors () at /src/php-7.1.3/Zend/zend_execute_API.c:244
#2  0x00007fe89644d5f4 in zend_call_destructors () at /src/php-7.1.3/Zend/zend.c:984
#3  0x00007fe8963ec445 in php_request_shutdown (dummy=<optimized out>) at /src/php-7.1.3/main/main.c:1824
#4  0x00007fe8964f151f in php_apache_request_dtor (r=<optimized out>) at /src/php-7.1.3/sapi/apache2handler/sapi_apache2.c:590
#5  php_handler (r=0x7fe896dd1bf8 <executor_globals+824>) at /src/php-7.1.3/sapi/apache2handler/sapi_apache2.c:769
#6  0x0000562016933930 in ap_run_handler (r=r@entry=0x56201852f6b0) at config.c:170
#7  0x0000562016933e79 in ap_invoke_handler (r=r@entry=0x56201852f6b0) at config.c:434
#8  0x0000562016953f6c in ap_internal_redirect (new_uri=<optimized out>, r=<optimized out>) at http_request.c:765
#9  0x00005620169ad882 in handler_redirect (r=0x562018532fd0) at mod_rewrite.c:5195
#10 0x0000562016933930 in ap_run_handler (r=r@entry=0x562018532fd0) at config.c:170
#11 0x0000562016933e79 in ap_invoke_handler (r=0x562018532fd0) at config.c:434
#12 0x0000562016954cd2 in ap_process_async_request (r=0x562018532fd0) at http_request.c:436
#13 0x0000562016954e70 in ap_process_request (r=0x562018532fd0) at http_request.c:471
#14 0x0000562016950e95 in ap_process_http_sync_connection (c=0x562018513590) at http_core.c:210
#15 ap_process_http_connection (c=0x562018513590) at http_core.c:251
#16 0x000056201693d160 in ap_run_process_connection (c=0x562018513590) at connection.c:42
#17 0x00005620169b5702 in child_main (child_num_arg=-1763894280, child_bucket=1290580960) at prefork.c:723
#18 0x00005620169b5980 in make_child (s=0x562018230508, slot=69, bucket=0) at prefork.c:824
#19 0x00005620169b67d5 in perform_idle_server_maintenance (p=<optimized out>) at prefork.c:932
#20 prefork_run (_pconf=0x7fe896dd1bf8 <executor_globals+824>, plog=0x7ffe4cecb4b4, s=0x7ffe4cecb490) at prefork.c:1128
#21 0x00005620169167fe in ap_run_mpm (pconf=0x562018201138, plog=0x56201823eb68, s=0x562018230508) at mpm_common.c:94
#22 0x000056201690f3e8 in main (argc=3, argv=0x7ffe4cecb768) at main.c:783

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-03-30 15:05 UTC] requinix@php.net
-Status: Open +Status: Duplicate
 [2017-03-30 15:05 UTC] requinix@php.net
This backtrace is basically the same as the other so I'm going to reopen that bug report.
It may be difficult but please try again to come up with a reproduce script. Maybe see if changing some opcache settings affects or even eliminates the segfault.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Oct 18 06:01:27 2019 UTC