|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2021-01-19 15:21 UTC] nikic@php.net
[2021-01-19 15:36 UTC] hanno at hboeck dot de
[2021-02-15 14:01 UTC] nikic@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2021 The PHP GroupAll rights reserved. |
Last updated: Sun Feb 28 04:01:23 2021 UTC |
Description: ------------ I observed a crash of php with a local apache+mod_php installation while installing Moodle. Unfortunately the moodle installer is quite complex, so I cannot easily trim this down to a simple testcase. In the apache error log I got this message: zend_mm_heap corrupted Given this indicated memory corruption I tried this with an asan build of php+apache, which gave me a stack trace which I'll attach. This indicated an invalid free call (attempting free on address which was not malloc'ed). There may be a connection to opcache, when disabling the opcache module the crash no longer occured. Stack trace from asan: ==25422==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0x7fdcec97fdc8 in thread T62 #0 0x7fdcfd545387 in __interceptor_free (/usr/lib/gcc/x86_64-pc-linux-gnu/10.2.0/libasan.so.6+0xae387) #1 0x7fdcf8a0a7e4 in zend_string_release /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_string.h:281 #2 0x7fdcf8a0a7e4 in zend_symtable_clean /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_hash.c:1727 #3 0x7fdcf8bba1a4 in zend_clean_and_cache_symbol_table /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_execute.c:3445 #4 0x7fdcf8bba1a4 in zend_clean_and_cache_symbol_table /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_execute.c:3438 #5 0x7fdcf8bbb01b in zend_leave_helper_SPEC /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_vm_execute.h:1165 #6 0x7fdcf8bbe652 in execute_ex /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_vm_execute.h:53933 #7 0x7fdcf8be99d6 in zend_execute /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend_vm_execute.h:57957 #8 0x7fdcf89d2d58 in zend_execute_scripts /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/Zend/zend.c:1679 #9 0x7fdcf88a5097 in php_execute_script /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/main/main.c:2621 #10 0x7fdcf8befcd7 in php_handler /var/tmp/portage/dev-lang/php-7.4.14/work/sapis-build/apache2/sapi/apache2handler/sapi_apache2.c:700 #11 0x557945a99484 in ap_run_handler /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/server/config.c:170 #12 0x557945a9a104 in ap_invoke_handler /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/server/config.c:444 #13 0x557945ad6e71 in ap_process_async_request /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/modules/http/http_request.c:452 #14 0x557945acd3e4 in ap_process_http_async_connection /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/modules/http/http_core.c:158 #15 0x557945acd3e4 in ap_process_http_connection /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/modules/http/http_core.c:252 #16 0x557945ab3354 in ap_run_process_connection /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/server/connection.c:42 #17 0x557945af2c40 in process_socket /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/server/mpm/event/event.c:1050 #18 0x557945af4949 in worker_thread /var/tmp/portage/www-servers/apache-2.4.46-r4/work/httpd-2.4.46/server/mpm/event/event.c:2083 #19 0x7fdcfd136e7d in start_thread /var/tmp/portage/sys-libs/glibc-2.32-r7/work/glibc-2.32/nptl/pthread_create.c:463 #20 0x7fdcfd06592e in __clone (/lib64/libc.so.6+0xf892e)