php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81391 Segfault in a forked process
Submitted: 2021-08-27 07:52 UTC Modified: 2021-08-27 12:47 UTC
From: mrskman at gmail dot com Assigned:
Status: Open Package: *General Issues
PHP Version: 8.0.10 OS: Ubuntu 18.04
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2021-08-27 07:52 UTC] mrskman at gmail dot com
Description:
------------
I run pcntl_fork() to process large arrays in background. One of arrays is causing segfaults on 2 of 4 servers. I tried to increase memory limit to a 10x higher value just to be sure this is not a memory issue but it still segfaults on 2 servers.

I was not able to create a test script. The only thing I have is a backtrace from attached gdb.

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
0x0000564372710a35 in execute_ex ()
(gdb) bt
#0  0x0000564372710a35 in execute_ex ()
#1  0x00005643725ac1cd in zend_call_function ()
#2  0x000056437238beb9 in zif_array_map ()
#3  0x00005643727133c4 in execute_ex ()
#4  0x00005643725ac1cd in zend_call_function ()
#5  0x000056437238beb9 in zif_array_map ()
#6  0x00005643727133c4 in execute_ex ()
#7  0x00005643725ac1cd in zend_call_function ()
#8  0x000056437238beb9 in zif_array_map ()
#9  0x00005643727133c4 in execute_ex ()
#10 0x00005643725ac1cd in zend_call_function ()
#11 0x000056437238beb9 in zif_array_map ()
#12 0x00005643727133c4 in execute_ex ()
#13 0x00005643725ac1cd in zend_call_function ()
#14 0x000056437238beb9 in zif_array_map ()
#15 0x00005643727133c4 in execute_ex ()
...
#1593 0x00005643727133c4 in execute_ex ()
#1594 0x00005643725ac1cd in zend_call_function ()
#1595 0x000056437238beb9 in zif_array_map ()
#1596 0x00005643727133c4 in execute_ex ()
#1597 0x00005643725ac1cd in zend_call_function ()
#1598 0x000056437238beb9 in zif_array_map ()
#1599 0x00005643727133c4 in execute_ex ()
#1600 0x00005643725ac1cd in zend_call_function ()
#1601 0x000056437238beb9 in zif_array_map ()
#1602 0x00005643727133c4 in execute_ex ()
#1603 0x00005643725ac1cd in zend_call_function ()
#1604 0x000056437238beb9 in zif_array_map ()
#1605 0x00005643727133c4 in execute_ex ()
#1606 0x00005643725ac1cd in zend_call_function ()
#1607 0x000056437238beb9 in zif_array_map ()
#1608 0x00005643727133c4 in execute_ex ()
#1609 0x00005643725ac1cd in zend_call_function ()
#1610 0x000056437238beb9 in zif_array_map ()
#1611 0x00005643727133c4 in execute_ex ()
#1612 0x00005643725ac1cd in zend_call_function ()
#1613 0x000056437238beb9 in zif_array_map ()
#1614 0x00005643727133c4 in execute_ex ()
#1615 0x00005643725ac1cd in zend_call_function ()
#1616 0x000056437238beb9 in zif_array_map ()
#1617 0x00005643727133c4 in execute_ex ()
#1618 0x00005643725ac1cd in zend_call_function ()
#1619 0x000056437238beb9 in zif_array_map ()
#1620 0x00005643727133c4 in execute_ex ()
#1621 0x00005643725ac1cd in zend_call_function ()
#1622 0x000056437238beb9 in zif_array_map ()
#1623 0x00005643727133c4 in execute_ex ()
#1624 0x00005643725ac1cd in zend_call_function ()
#1625 0x000056437238beb9 in zif_array_map ()
#1626 0x00005643727133c4 in execute_ex ()
#1627 0x00005643725ac1cd in zend_call_function ()
#1628 0x000056437238beb9 in zif_array_map ()
#1629 0x00005643727133c4 in execute_ex ()
#1630 0x00005643725ac1cd in zend_call_function ()
#1631 0x000056437239fce8 in zif_call_user_func_array ()
#1632 0x00005643727133c4 in execute_ex ()
#1633 0x00005643725ac1cd in zend_call_function ()
#1634 0x000056437239fce8 in zif_call_user_func_array ()
#1635 0x00005643727133c4 in execute_ex ()
#1636 0x000056437272b53d in zend_execute ()
#1637 0x00005643725cf6d9 in zend_execute_scripts ()
#1638 0x000056437250a213 in php_execute_script ()
#1639 0x000056437278ee1f in do_cli ()
#1640 0x00005643727901e6 in main ()


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-08-27 08:08 UTC] nikic@php.net
This looks like a stack overflow (due to infinite recursion or too deep recursion) to me. Does that sound plausible?
 [2021-08-27 08:41 UTC] requinix@php.net
-Status: Open +Status: Feedback
 [2021-08-27 08:44 UTC] mrskman at gmail dot com
I wouldn't say that this is an infinite recursion problem. In that case it wouldn't finish successfuly on 2 other servers. On the other hand deep recursion seems plausible.
 [2021-08-27 09:14 UTC] cmb@php.net
-Status: Feedback +Status: Open
 [2021-08-27 09:14 UTC] cmb@php.net
> On the other hand deep recursion seems plausible.

In which case this likely is a WONTFIX.
 [2021-08-27 10:06 UTC] mrskman at gmail dot com
Is there any way how to find out on which line is it causing the segfault? From my point of view the recursion isn't that deep. But there are thousands lines of code and I want to be sure.
 [2021-08-27 12:47 UTC] cmb@php.net
You can try with Xdebug, which has a setting[1] that is supposed
to catch deep/infinite recursion, and throws an Error exception in
that case.

[1] <https://xdebug.org/docs/all_settings#max_nesting_level>
 [2021-10-13 07:20 UTC] mrskman at gmail dot com
Using Xdebug I can confirm that to cause of this issue was deep recursion (nesting level 769).

I'm still uncertain if segfault in this case is expected.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed Oct 20 07:03:34 2021 UTC