Description
Expected behaviour
Actual behaviour
Segmentation fault
I'm seeing this behaviour on
- OS: CentOS
- Redis: 3.2
- PHP: 7.1.1
- phpredis: 3.0,0
Steps to reproduce, backtrace or example script
Constructor
I've checked
- There is no similar issue from other users
- Issue isn't fixed in
developbranch
Program terminated with signal 11, Segmentation fault.
#0 zend_mm_alloc_small (size=) at /usr/local/src/php-7.1.0/Zend/zend_alloc.c:1261
1261 heap->free_slot[bin_num] = p->next_free_slot;
Missing separate debuginfos, use: debuginfo-install audit-libs-2.4.5-3.el6.x86_64 bzip2-libs-1.0.5-7.el6_0.x86_64 cyrus-sasl-lib-2.1.23-15.el6_6.2.x86_64 freetype-2.3.11-17.el6.x86_64 glibc-2.12-1.192.el6.x86_64 keyutils-libs-1.4-5.el6.x86_64 krb5-libs-1.10.3-57.el6.x86_64 libc-client-2007e-11.el6.x86_64 libcom_err-1.41.12-22.el6.x86_64 libcurl-7.19.7-52.el6.x86_64 libgcrypt-1.4.5-12.el6_8.x86_64 libgpg-error-1.7-4.el6.x86_64 libidn-1.18-2.el6.x86_64 libjpeg-turbo-1.2.1-3.el6_5.x86_64 libmcrypt-2.5.8-9.el6.x86_64 libpng-1.2.49-2.el6_7.x86_64 libselinux-2.0.94-7.el6.x86_64 libssh2-1.4.2-2.el6_7.1.x86_64 libxml2-2.7.6-21.el6_8.1.x86_64 libxslt-1.1.26-2.el6_3.1.x86_64 nspr-4.11.0-1.el6.x86_64 nss-3.21.0-8.el6.x86_64 nss-softokn-freebl-3.14.3-23.el6_7.x86_64 nss-util-3.21.0-2.el6.x86_64 openldap-2.4.40-12.el6.x86_64 openssl-1.0.1e-48.el6_8.4.x86_64 pam-1.1.1-22.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 zend_mm_alloc_small (size=) at /usr/local/src/php-7.1.0/Zend/zend_alloc.c:1261
#1 zend_mm_alloc_heap (size=) at /usr/local/src/php-7.1.0/Zend/zend_alloc.c:1332
#2 _emalloc (size=) at /usr/local/src/php-7.1.0/Zend/zend_alloc.c:2417
#3 0x0000000000824640 in _ecalloc (nmemb=3, size=24) at /usr/local/src/php-7.1.0/Zend/zend_alloc.c:2495
#4 0x00007f313a0f0d4d in cluster_multibulk_resp_recursive (sock=0x7f31405ef900, elements=0, element=, err=0x7ffe315d90ec)
at /tmp/pear/temp/redis/cluster_library.c:160
#5 0x00007f313a0f0d69 in cluster_multibulk_resp_recursive (sock=0x7f31405ef900, elements=29, element=, err=0x7ffe315d90ec)
at /tmp/pear/temp/redis/cluster_library.c:162
#6 0x00007f313a0f0e91 in cluster_read_sock_resp (redis_sock=0x7f31405ef900, type=TYPE_MULTIBULK, len=32) at /tmp/pear/temp/redis/cluster_library.c:232
#7 0x00007f313a0f11cc in cluster_get_slots (redis_sock=0x7f31405ef900) at /tmp/pear/temp/redis/cluster_library.c:618
#8 0x00007f313a0f1266 in cluster_map_keyspace (c=0x7f31405bb000) at /tmp/pear/temp/redis/cluster_library.c:939
#9 0x00007f313a0edac7 in zim_RedisCluster___construct (execute_data=0x7f3140413b90, return_value=0x7ffe315d9220) at /tmp/pear/temp/redis/redis_cluster.c:455
#10 0x00000000008c39b0 in ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER (execute_data=0x7f3140413ad0) at /usr/local/src/php-7.1.0/Zend/zend_vm_execute.h:970
#11 0x00000000008a25b8 in execute_ex (ex=) at /usr/local/src/php-7.1.0/Zend/zend_vm_execute.h:432
#12 0x00000000008edd50 in zend_execute (op_array=0x7f3140480000, return_value=) at /usr/local/src/php-7.1.0/Zend/zend_vm_execute.h:474
#13 0x0000000000847163 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/local/src/php-7.1.0/Zend/zend.c:1474
#14 0x00000000007e7b30 in php_execute_script (primary_file=0x7ffe315db920) at /usr/local/src/php-7.1.0/main/main.c:2533
#15 0x00000000008fac3e in main (argc=, argv=) at /usr/local/src/php-7.1.0/sapi/fpm/fpm/fpm_main.c:1967
Core dump is happening multiple times, it always ends up seg faulting at heap->free_slot[bin_num] = p->next_free_slot, but the approach paths are different. Anything can be done here?