php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79998 Opcache JIT segfault
Submitted: 2020-08-19 17:14 UTC Modified: -
From: adam at adsar dot co dot uk Assigned:
Status: Open Package: JIT
PHP Version: 8.0.0beta1 OS: CentOS 8.2.2004
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: adam at adsar dot co dot uk
New email:
PHP Version: OS:

 

 [2020-08-19 17:14 UTC] adam at adsar dot co dot uk
Description:
------------
We use the PEAR DB library to access a MySQL server.

If we try and get a result from the MySQL server over 126 times, it segfaults when the JIT is enabled.

opcache.jit_buffer_size=32M
opcache.jit=1235

Test script:
---------------
wget http://download.pear.php.net/package/PEAR-1.10.12.tgz
tar zxvf PEAR-1.10.12.tgz
mv PEAR-1.10.12/* ./

wget http://download.pear.php.net/package/DB-1.10.0.tgz
tar zxvf DB-1.10.0.tgz
mv DB-1.10.0/* ./



<?php

require_once 'DB.php'; 

$db = DB::connect("mysqli://username:password@databaseIP/databasename");

for($i=0;$i<127;$i++) {
    $db->getOne("select 1");
}


Actual result:
--------------
           PID: 7535 (php-fpm)
           UID: 48 (apache)
           GID: 48 (apache)
        Signal: 11 (SEGV)
     Timestamp: Wed 2020-08-19 16:49:30 UTC (42s ago)
  Command Line: php-fpm: pool www
    Executable: /opt/remi/php80/root/usr/sbin/php-fpm
 Control Group: /system.slice/php80-php-fpm.service
          Unit: php80-php-fpm.service
         Slice: system.slice
       Boot ID: 90c2d9a3c0464be19521cd71a01a6959
    Machine ID: 55930b9a23b7461d8dee6412d10a4e7b
      Hostname: handsetdeals
       Storage: /var/lib/systemd/coredump/core.php-fpm.48.90c2d9a3c0464be19521cd71a01a6959.7535.1597855770000000.lz4
       Message: Process 7535 (php-fpm) of user 48 dumped core.

                Stack trace of thread 7535:
                #0  0x00007f81030a9687 __strlen_avx2 (libc.so.6)
                #1  0x000055f6bbf560ea xbuf_format_converter (php-fpm)
                #2  0x000055f6bbfb672d zend_vstrpprintf (php-fpm)
                #3  0x000055f6bbdf8c97 zend_error_va_list (php-fpm)
                #4  0x000055f6bbdf8ec7 zend_error (php-fpm)
                #5  0x00007f8100aee686 zend_jit_deprecated_helper (opcache.so)
                #6  0x000000004973971f n/a (n/a)




(gdb) bt
#0  0x00007f81030a9687 in __strlen_avx2 () from /lib64/libc.so.6
#1  0x000055f6bbf560ea in xbuf_format_converter (xbuf=0x7ffc6ede7a10, is_char=false, fmt=0x55f6bc0b1177 "s() is deprecated", ap=0x7ffc6ede7a80)
    at /usr/src/debug/php80-php-8.0.0~beta2-29.el8.remi.x86_64/main/spprintf.c:572
#2  0x000055f6bbfb672d in zend_vstrpprintf (max_len=max_len@entry=0, format=<optimized out>, ap=<optimized out>)
    at /usr/src/debug/php80-php-8.0.0~beta2-29.el8.remi.x86_64/Zend/zend.c:253
#3  0x000055f6bbdf8c97 in zend_error_va_list (orig_type=8192, error_filename=0x42042550 "/var/www/html/break/DB/common.php", error_lineno=1223,
    format=<optimized out>, args=<optimized out>) at /usr/src/debug/php80-php-8.0.0~beta2-29.el8.remi.x86_64/Zend/zend.c:1434
#4  0x000055f6bbdf8ec7 in zend_error (type=8192, format=0x55f6bc0b116b "Method %s::%s() is deprecated")
    at /usr/src/debug/php80-php-8.0.0~beta2-29.el8.remi.x86_64/Zend/zend.c:1507
#5  0x00007f8100aee686 in zend_jit_deprecated_helper () from /opt/remi/php80/root/usr/lib64/php/modules/opcache.so
#6  0x000000004973971f in ?? ()
#7  0x000000004200f938 in ?? ()
#8  0x0000000049733557 in ?? ()
#9  0x00007ffc6edea1d0 in ?? ()
#10 0x0000000042053a10 in ?? ()
#11 0x0000000000000008 in ?? ()
#12 0x000055f6bbf6f252 in php_stdiop_close (stream=0x7f8100e16230, close_handle=<optimized out>)
    at /usr/src/debug/php80-php-8.0.0~beta2-29.el8.remi.x86_64/main/streams/plain_wrapper.c:514
#13 0x000055f600000002 in ?? ()
#14 0x00007f8100e692a0 in ?? ()
#15 0x0000000000000001 in ?? ()
#16 0x000055f6bc52be10 in executor_globals ()
#17 0xb2ebdc8315da0700 in ?? ()
#18 0x00007ffc6edea1d0 in ?? ()
#19 0x00007f8100e16020 in ?? ()
#20 0x000055f6bc52bce0 in ?? ()
#21 0x00007f8100e02000 in ?? ()
#22 0x0000000000000000 in ?? ()


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-09-17 16:54 UTC] adam at adsar dot co dot uk
Just a quick note - tested again on beta 4, and still seems to be breaking.

Best,
Adam
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sat Oct 31 20:01:24 2020 UTC