Closed
Description
After switching to PHP 8.4 (redis 6.1.0), we're seeing memory corruption segfaults occurring during zend_deactivate.
I understand the source of the corruption might actually be some other extension/code, but since the stack trace contains redis frames, reporting this here as well.
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3 0x0000778718bc227e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4 0x0000778718ba58ff in __GI_abort () at ./stdlib/abort.c:79
#5 0x000059634ccbbb76 in zend_mm_panic (message=0x59634d0042b7 "zend_mm_heap corrupted") at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_alloc.c:398
#6 0x000059634ccbbe70 in zend_mm_get_next_free_slot (slot=<optimized out>, bin_num=<optimized out>, heap=<optimized out>)
at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_alloc.c:1326
#7 zend_mm_alloc_small (bin_num=<optimized out>, heap=<optimized out>) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_alloc.c:1410
#8 zend_mm_alloc_heap (size=<optimized out>, heap=<optimized out>) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_alloc.c:1488
#9 _emalloc (size=<optimized out>) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_alloc.c:2740
#10 0x000059634cfc5cac in zend_string_alloc (persistent=false, len=<optimized out>) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_string.h:176
#11 smart_str_erealloc (len=128, str=0x7ffcddb1bf20) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_smart_str.c:36
#12 smart_str_erealloc (str=str@entry=0x7ffcddb1bf20, len=len@entry=128) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_smart_str.c:30
#13 0x0000778711c52f73 in smart_str_alloc (persistent=false, len=128, str=0x7ffcddb1bf20) at /usr/include/php/20240924/Zend/zend_smart_str.h:50
#14 redis_pool_spprintf (redis_sock=redis_sock@entry=0x77870816d380, fmt=0x42259268 "") at /usr/src/php-redis-6.1.0-2+ubuntu24.04.1+deb.sury.org+1/build-8.4/library.c:876
#15 0x0000778711c53420 in redis_sock_get_connection_pool (redis_sock=0x77870816d380) at /usr/src/php-redis-6.1.0-2+ubuntu24.04.1+deb.sury.org+1/build-8.4/library.c:114
#16 0x0000778711c5e628 in redis_sock_disconnect (redis_sock=0x77870816d380, force=0, is_reset_mode=1)
at /usr/src/php-redis-6.1.0-2+ubuntu24.04.1+deb.sury.org+1/build-8.4/library.c:3233
#17 0x0000778711c18cda in free_redis_object (object=0x778708094cc8) at /usr/src/php-redis-6.1.0-2+ubuntu24.04.1+deb.sury.org+1/build-8.4/redis.c:201
#18 0x000059634cfb7af3 in zend_objects_store_free_object_storage (objects=objects@entry=0x59634d180fd8 <executor_globals+856>, fast_shutdown=fast_shutdown@entry=true)
at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_objects_API.c:105
#19 0x000059634cf17349 in zend_shutdown_executor_values (fast_shutdown=fast_shutdown@entry=true) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_execute_API.c:425
#20 0x000059634cf179e2 in shutdown_executor () at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend_execute_API.c:442
#21 0x000059634cfd5f59 in zend_deactivate () at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/Zend/zend.c:1347
#22 0x000059634ce6704b in php_request_shutdown (dummy=dummy@entry=0x0) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/main/main.c:1950
#23 0x000059634cce0c7e in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/php8.4-8.4.4-1+ubuntu24.04.1+deb.sury.org+1/sapi/fpm/fpm/fpm_main.c:1966
Metadata
Metadata
Assignees
Labels
No labels