Segmentation fault in Zend OPcache (PHP-FPM)

Bug #1475309 reported by Martijn G.
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
php5 (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

There is a segmentation fault in Zend OPcache. It is quite hard to reproduce. We experience it on a Magento server with a specific piece of code enabled, that deals with image resizing. Unfortunately, I don't have the code at hand, but I'm not sure it is relevant.

Backtrace looks like this:

#0 _zend_mm_free_int (heap=0x23e4300, p=0x400d480) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_alloc.c:2104
#1 0x00007fb105d054b3 in zif_accel_chdir (ht=<optimized out>, return_value=<optimized out>, return_value_ptr=<optimized out>,
    this_ptr=<optimized out>, return_value_used=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/ext/opcache/ZendAccelerator.c:158
#2 0x00000000006dd8cb in dtrace_execute_internal (execute_data_ptr=<optimized out>, fci=<optimized out>,
    return_value_used=<optimized out>) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:97
#3 0x000000000079d935 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:552
#4 0x0000000000717668 in execute_ex (execute_data=0x7fb1087ded20) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#5 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#6 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087deb00)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#7 0x0000000000717668 in execute_ex (execute_data=0x7fb1087deb00) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#8 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#9 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087de548)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#10 0x0000000000717668 in execute_ex (execute_data=0x7fb1087de548) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#11 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#12 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087de030)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#13 0x0000000000717668 in execute_ex (execute_data=0x7fb1087de030) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#14 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#15 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087dd2c0)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#16 0x0000000000717668 in execute_ex (execute_data=0x7fb1087dd2c0) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#17 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#18 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087dbed0)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#19 0x0000000000717668 in execute_ex (execute_data=0x7fb1087dbed0) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#20 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#21 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087db898)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#22 0x0000000000717668 in execute_ex (execute_data=0x7fb1087db898) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#23 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#24 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087db1f8)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#25 0x0000000000717668 in execute_ex (execute_data=0x7fb1087db1f8) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#26 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#27 0x000000000079df80 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fb1087da738)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:584
#28 0x0000000000717668 in execute_ex (execute_data=0x7fb1087da738) at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_vm_execute.h:363
#29 0x00000000006dd7c9 in dtrace_execute_ex (execute_data=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend_dtrace.c:73
#30 0x00000000006ef250 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/Zend/zend.c:1316
#31 0x000000000068f065 in php_execute_script (primary_file=primary_file@entry=0x7fffbfcf5cb0)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/main/main.c:2506
#32 0x0000000000463b00 in main (argc=<optimized out>, argv=<optimized out>)
    at /build/php5-RpYHCf/php5-5.5.9+dfsg/sapi/fpm/fpm/fpm_main.c:1933

Please let me know if there is anything else you need.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in php5 (Ubuntu):
status: New → Confirmed
Revision history for this message
Vasiliy Romaneev (entervuz) wrote :

This bug also affects me.
root@goodmart:/var/www/vhosts/goodmart.sg/httpdocs/var/log# php -v
PHP 5.5.9-1ubuntu4.11 (cli) (built: Jul 2 2015 15:23:08)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
    with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies

What else information can i provide ?
What you can recomend to clear - what code provides an error ?

Robie Basak (racb)
Changed in php5 (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Matthew Haughton (snafu109) wrote :

Can someone affected by this bug try running the test script posted in this upstream bug to see if the same issue is triggered? https://bugs.php.net/bug.php?id=72869

If so we should link this to the upstream bug. If it can be reproduced with the script in the upstream bug report then this is not an FPM bug.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.