php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #78771 PHP FPM segmentation fault with opcache enabled
Submitted: 2019-11-01 17:12 UTC Modified: -
Votes:3
Avg. Score:4.7 ± 0.5
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:1 (33.3%)
From: Bruce at FutureQuest dot net Assigned:
Status: Open Package: Unknown/Other Function
PHP Version: 7.3.11 OS: Gentoo Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Have you experienced this issue?
Rate the importance of this bug to you:

 [2019-11-01 17:12 UTC] Bruce at FutureQuest dot net 
Description:
------------
We have started using PHP 7.3 in FPM mode. When we have opcache enabled, it encounters segmentation faults after a while. Disabling opcache eliminates the problem, but that isn't desirable of course. I don't have a specific script that triggers the problem, it appears to come from the interaction of several scripts.

The backtrace always points to something in zend_accel_hash, either zend_accel_hash_update (rarely) or zend_accel_hash_find_ex, in both cases in the condition immediately after "while (entry)". From what gdb is telling me, the pointers in accel_hash->hash_table has been overwritten by strings.

This is version 7.3.11 on Gentoo Linux with effectively no patches, on 32-bit systems.

I have enabled opcache.consistency_checks=1 and opcache.protect_memory=1 to no avail.

This may be the same issue as #77048, but it was suspended so I'm submitting anew. Setting opcache.optimization_level as suggested does not appear to resolve the problem.

Actual result:
--------------
#0  0xdf0c2397 in zend_accel_hash_update (accel_hash=0xd6e00050, key=0xda92ad30 "/big/dom/REDACTED", key_length=71, indirect=0 '\000', data=0xda92abc0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/zend_accelerator_hash.c:97
#1  0xdf0bd166 in cache_script_in_shared_memory (new_persistent_script=0xda92abc0, key=0xda92acd8 "/big/dom/REDACTED", key_length=71, from_shared_memory=0xf1e9fca8) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/ZendAccelerator.c:1587
#2  0xdf0becff in persistent_compile_file (file_handle=0xf1e9fd90, type=8) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/ZendAccelerator.c:2167
#3  0x043c7012 in zend_include_or_eval (inc_filename=0xdee20640, type=16) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute.c:3162
#4  0x043e1488 in ZEND_INCLUDE_OR_EVAL_SPEC_TMPVAR_HANDLER (execute_data=0xdee20510) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:12464
#5  0x0443a18a in execute_ex (ex=0xdee20020) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:55338
#6  0x0443a2ed in zend_execute (op_array=0xdeed4e60, return_value=0x0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:60889
#7  0x0435b43a in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend.c:1568
#8  0x042bf39f in php_execute_script (primary_file=0xf1ea2188) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/main/main.c:2639
#9  0x0444e3a4 in main (argc=5, argv=0xf1ea23c4) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/sapi/fpm/fpm/fpm_main.c:1950

#0  0xdf0c2589 in zend_accel_hash_find_ex (accel_hash=0xd6e00050, key=0xdee05000 "/big/dom/REDACTED", key_length=32, hash_value=3555166747, data=0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/zend_accelerator_hash.c:155
#1  0xdf0c27b0 in zend_accel_hash_str_find_entry (accel_hash=0xd6e00050, key=0xdee05000 "/big/dom/REDACTED", key_length=32) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/zend_accelerator_hash.c:221
#2  0xdf0bf2c5 in persistent_zend_resolve_path (filename=0xdee05000 "/big/dom/REDACTED", filename_len=32) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/ZendAccelerator.c:2293
#3  0x042c5084 in php_fopen_primary_script (file_handle=0xf1ea2188) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/main/fopen_wrappers.c:421
#4  0x0444e259 in main (argc=5, argv=0xf1ea23c4) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/sapi/fpm/fpm/fpm_main.c:1929

#0  0xdf0c2589 in zend_accel_hash_find_ex (accel_hash=0xd6e00050, key=0xdefc4a10 "/big/dom/REDACTED", key_length=78, hash_value=3274861205, data=0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/zend_accelerator_hash.c:155
#1  0xdf0c27b0 in zend_accel_hash_str_find_entry (accel_hash=0xd6e00050, key=0xdefc4a10 "/big/dom/REDACTED", key_length=78) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/zend_accelerator_hash.c:221
#2  0xdf0bf2c5 in persistent_zend_resolve_path (filename=0xdefc4a10 "/big/dom/REDACTED", filename_len=78) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/opcache/ZendAccelerator.c:2293
#3  0x043c6f11 in zend_include_or_eval (inc_filename=0xdee206a0, type=4) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute.c:3140
#4  0x043e1488 in ZEND_INCLUDE_OR_EVAL_SPEC_TMPVAR_HANDLER (execute_data=0xdee20650) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:12464
#5  0x0443a18a in execute_ex (ex=0xdee20650) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:55338
#6  0x04343de2 in zend_call_function (fci=0xf1e9fbc4, fci_cache=0xf1e9fbb4) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute_API.c:756
#7  0x040c6884 in zif_spl_autoload_call (execute_data=0xdee20610, return_value=0xf1e9fd34) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/ext/spl/php_spl.c:448
#8  0x04343ea8 in zend_call_function (fci=0xf1e9fd54, fci_cache=0xf1e9fd44) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute_API.c:770
#9  0x0434459a in zend_lookup_class_ex (name=0xd747f8cc, key=0xda9d4338, use_autoload=1) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute_API.c:926
#10 0x04345480 in zend_fetch_class_by_name (class_name=0xd747f8cc, key=0xda9d4338, fetch_type=512) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_execute_API.c:1361
#11 0x043d29a1 in ZEND_INIT_STATIC_METHOD_CALL_SPEC_CONST_CONST_HANDLER (execute_data=0xdee205c0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:5209
#12 0x0443a18a in execute_ex (ex=0xdee20020) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:55338
#13 0x0443a2ed in zend_execute (op_array=0xdee73320, return_value=0x0) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend_vm_execute.h:60889
#14 0x0435b43a in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/Zend/zend.c:1568
#15 0x042bf39f in php_execute_script (primary_file=0xf1ea2188) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/main/main.c:2639
#16 0x0444e3a4 in main (argc=5, argv=0xf1ea23c4) at /var/tmp/portage/dev-lang/php-7.3.11/work/sapis-build/fpm/sapi/fpm/fpm/fpm_main.c:1950

Patches

Add a Patch

Pull Requests

Add a Pull Request
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved. 		Last updated: Fri Feb 21 10:01:27 2020 UTC