php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78244 fpm segfaults in concat_function
Submitted: 2019-07-03 09:24 UTC Modified: 2019-07-03 11:10 UTC
From: sjon@php.net Assigned: sjon (profile)
Status: Closed Package: Reproducible crash
PHP Version: 7.3.7 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sjon@php.net
New email:
PHP Version: OS:

 

 [2019-07-03 09:24 UTC] sjon@php.net
Description:
------------
I experience a segfault in the almost-released 7.3.7 but have yet been unable to create a reproduce script. Looking at strace - this happens while all output has been generated, so it's possibly while destructing

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x000055ef3e4e204e in zend_mm_alloc_small (heap=0x7fa664600040, size=64, bin_num=7, __zend_filename=0x55ef3ed873e8 "php-7.3.7/Zend/zend_string.h", __zend_lineno=133, __zend_orig_filename=0x0, __zend_orig_lineno=0) at php-7.3.7/Zend/zend_alloc.c:1289
1289			heap->free_slot[bin_num] = p->next_free_slot;
(gdb) bt
#0  0x000055ef3e4e204e in zend_mm_alloc_small (heap=0x7fa664600040, size=64, bin_num=7, __zend_filename=0x55ef3ed873e8 "php-7.3.7/Zend/zend_string.h", __zend_lineno=133, __zend_orig_filename=0x0, __zend_orig_lineno=0) at php-7.3.7/Zend/zend_alloc.c:1289
#1  0x000055ef3e4e22f7 in zend_mm_alloc_heap (heap=0x7fa664600040, size=64, __zend_filename=0x55ef3ed873e8 "php-7.3.7/Zend/zend_string.h", __zend_lineno=133, __zend_orig_filename=0x0, __zend_orig_lineno=0) at php-7.3.7/Zend/zend_alloc.c:1360
#2  0x000055ef3e4e4fcd in _emalloc (size=32, __zend_filename=0x55ef3ed873e8 "php-7.3.7/Zend/zend_string.h", __zend_lineno=133, __zend_orig_filename=0x0, __zend_orig_lineno=0) at php-7.3.7/Zend/zend_alloc.c:2500
#3  0x000055ef3e50c01b in zend_string_alloc (len=6, persistent=0) at php-7.3.7/Zend/zend_string.h:133
#4  0x000055ef3e515374 in concat_function (result=0x7fa664621ae0, op1=0x7fa65b352b50, op2=0x7fff4e2f5170) at php-7.3.7/Zend/zend_operators.c:1852
#5  0x000055ef3e594d92 in ZEND_CONCAT_SPEC_CONST_TMPVAR_HANDLER () at php-7.3.7/Zend/zend_vm_execute.h:6695
#6  0x000055ef3e5f5c80 in execute_ex (ex=0x7fa664621030) at php-7.3.7/Zend/zend_vm_execute.h:56127
#7  0x000055ef3e5fa922 in zend_execute (op_array=0x7fa664602100, return_value=0x0) at php-7.3.7/Zend/zend_vm_execute.h:60881
#8  0x000055ef3e51e2b0 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at php-7.3.7/Zend/zend.c:1568
#9  0x000055ef3e482830 in php_execute_script (primary_file=0x7fff4e2f78f0) at php-7.3.7/main/main.c:2630
#10 0x000055ef3e60e056 in main (argc=4, argv=0x7fff4e2f7d88) at php-7.3.7/sapi/fpm/fpm/fpm_main.c:1950



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-07-03 09:24 UTC] sjon@php.net
-PHP Version: 7.3.7RC3 +PHP Version: 7.3.7
 [2019-07-03 09:29 UTC] remi@php.net
Can you please try with opcache disable ?
 [2019-07-03 09:37 UTC] sjon@php.net
disabling the opcache fixes this issue
 [2019-07-03 09:37 UTC] sjon@php.net
-Package: Reproducible crash +Package: opcache
 [2019-07-03 09:38 UTC] nikic@php.net
-Package: opcache +Package: Reproducible crash
 [2019-07-03 09:38 UTC] nikic@php.net
Can you try with current 7.3 HEAD? This is most likely fixed by https://github.com/php/php-src/commit/4892bbc167dfa0ea188baebbce538225f4a0455a.
 [2019-07-03 11:10 UTC] sjon@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: sjon
 [2019-07-03 11:10 UTC] sjon@php.net
compiling 7.3.7 with https://github.com/php/php-src/commit/4892bbc167dfa0ea188baebbce538225f4a0455a.diff applied does indeed fix this.

Thanks!
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sat Jan 25 23:01:24 2020 UTC