Bug 225499

*** Bug 225483 has been marked as a duplicate of this bug. ***

I followed an advice checking the debugging output on apache24 when it crashes. I can provide the following (minimalistic) information:

[ from starting recent www/apache24 with gdb ]

Starting program: /usr/local/sbin/httpd -X
[Sat Feb 03 11:41:27.704031 2018] [core:warn] [pid 59320:tid 34376777728] (2)No such file
or directory: AH00075: Failed to enable the 'httpready' Accept Filter [Sat Feb 03
11:41:27.704359 2018] [core:warn] [pid 59320:tid 34376777728] (2)No such file or
directory: AH00075: Failed to enable the 'dataready' Accept Filter [New LWP 101096 of
process 59320] [New LWP 101105 of process 59320] [New LWP 101109 of process 59320]
[New LWP 101103 of process 59320]
[New LWP 101102 of process 59320]
[New LWP 101110 of process 59320]
[New LWP 101107 of process 59320]
[New LWP 101098 of process 59320]
[New LWP 101099 of process 59320]
[New LWP 101108 of process 59320]
[New LWP 101112 of process 59320]
[New LWP 101101 of process 59320]
[New LWP 101104 of process 59320]
[New LWP 101097 of process 59320]
[New LWP 101106 of process 59320]
[New LWP 101111 of process 59320]
[New LWP 101100 of process 59320]
[LWP 101096 of process 59320 exited]

Thread 11 received signal SIGSEGV, Segmentation fault.
[Switching to LWP 101108 of process 59320]
0x0000000802300382 in ?? () from /usr/local/lib/php/20131226-zts/opcache.so

[...]

lang/php56 is compiled with option ZTS enabled.

www/mod_php56 has the following options set:

===> The following configuration options are available for mod_php56-5.6.33:
     AP2FILTER=off: Use Apache 2.x filter interface (experimental)
     PHPDBG=off
     DEBUG=off: Enable debug
     DTRACE=off: Enable DTrace support
     IPV6=on: IPv6 protocol support
     MAILHEAD=off: Enable mail header patch
     LINKTHR=on: Link thread lib (for threaded extensions)
     ZTS=on: Force Zend Thread Safety (ZTS) build
===> Use 'make config' to modify these settings

Option ZTS is strongly recommende, even required, when having a threaded Apache server.

 Failed to enable the 'httpready' Accept Filter or Failed to enable the 'dataready' Accept Filter
are typical errors if
accf_http_load="YES"
accf_data_load="YES"

is not set in boot/loader.conf.

Comment 4 Bernard Spil 2018-02-12 14:36:27 UTC

I've seen many of these errors when modules load in an incorrect order. Do you have the new modules layout?

(In reply to w.schwarzenfeld from comment #3)


I haven't changed anything critical in the configuration and the best indication for that is, that when I first reported this bug, it has been shown itself on the first boxes I've updated. By the end of last week I updated several other boxes running Apache - updating CURRENT, updating ports tree, never touched the configuration. They all show the very same error now.

Comment 6 Bernard Spil 2018-02-12 19:55:25 UTC

Does php-cli work OK? (invoke as php) and please post output of `php -M` using the same config as your mod_php56 uses.

It looks like you're using apache with worker MPM, have you tried the new (and faster) event MPM?

The problems occured when updating php56-5.6.32 -> php56-5.6.33 last week.

php-cli seems to work, invoked via "php -a":
Interactive mode enabled

php > echo function_exists("foo") ? "yes" : "no";
no
php > 

Is this right? really php -M?
# php -M
Usage: php [options] [-f] <file> [--] [args...]
   php [options] -r <code> [--] [args...]
   php [options] [-B <begin_code>] -R <code> [-E <end_code>] [--] [args...]
   php [options] [-B <begin_code>] -F <file> [-E <end_code>] [--] [args...]
   php [options] -S <addr>:<port> [-t docroot]
   php [options] -- [args...]
   php [options] -a

  -a               Run interactively
  -c <path>|<file> Look for php.ini file in this directory
  -n               No php.ini file will be used
  -d foo[=bar]     Define INI entry foo with value 'bar'
  -e               Generate extended information for debugger/profiler
  -f <file>        Parse and execute <file>.
  -h               This help
  -i               PHP information
  -l               Syntax check only (lint)
  -m               Show compiled in modules
  -r <code>        Run PHP <code> without using script tags <?..?>
  -B <begin_code>  Run PHP <begin_code> before processing input lines
  -R <code>        Run PHP <code> for every input line
  -F <file>        Parse and execute <file> for every input line
  -E <end_code>    Run PHP <end_code> after processing all input lines
  -H               Hide any passed arguments from external tools.
  -S <addr>:<port> Run with built-in web server.
  -t <docroot>     Specify document root <docroot> for built-in web server.
  -s               Output HTML syntax highlighted source.
  -v               Version number
  -w               Output source with stripped comments and whitespace.
  -z <file>        Load Zend extension <file>.

  args...          Arguments passed to script. Use -- args when first argument
                   starts with - or script is read from stdin

  --ini            Show configuration file names

  --rf <name>      Show information about function <name>.
  --rc <name>      Show information about class <name>.
  --re <name>      Show information about extension <name>.
  --rz <name>      Show information about Zend extension <name>.
  --ri <name>      Show configuration for extension <name>.

Comment 8 Bernard Spil 2018-02-13 10:25:15 UTC

(In reply to O. Hartmann from comment #7)

Added tz@ hoping he can chip in from the PHP side.

So we've established that PHP actually can interpret things. Had't read the complete thread previously. It also segfaults when running occ upgrade on the cli.

I meant output of `php -m` so you can check if all your modules are loading OK. Alternatively generate phpinfo() to see what loads and with what params.

I don't really have a clue what triggers this (but I have a port MariaDB 5.5 that doesn't build on CURRENT...). Were any Spectre/Meltdown mitigations added in the newer CURRENT you use?

If your objective is running Nextcloud, you can run it with PHP 7.2 (after update to Nextcloud 13, see PR #223778). Works fine for me. Running PHP 5.6 (ancient) on FreeBSD CURRENT (bleeding edge) is kind of weird... You will need to upgrade PHP by end of this year anyway. You will have more flexibility if you run PHP-FPM in jails (either unix domain sockets or TCP) as you can run multiple PHP versions in parallel.

Your apache is built with all modules, I hope you're not loading them all at runtime. Can you provide output of httpd -M (this one capital M) so we can see what you load?

If I were to try and fix this for myself, I'd go back to bare minimum config and enable modules one-by-one to figure out what makes it crash. You now have both Apache and PHP with dynamically loaded modules, the number of combinations is pretty much unlimited.

(In reply to Bernard Spil from comment #8)

Sorry for being so dumb on "php -m"! I'm a bit overstressed right now, so I wasn't even capable of getting the fact that it mus have been lowercase "em" insteda of its uppercase sibbling, even when the fact was sitting in front of me!

At first: yes, I build "everything" (modules) as it is the standard of the port and no, I do not load everything at runtime, since this is also considered a security risc.

Below, you'll find the modules I load a t the moment. I'm quite sure that I do not need all of them, but I stopped  tweaking. Authentication is done via our OpenLDAP backend!

Furthermore, I'll provide the "php -m" output, also attached below.

# httpd -M
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_event_module (shared)
 authn_file_module (shared)
 authn_core_module (shared)
 authz_host_module (shared)
 authz_groupfile_module (shared)
 authz_user_module (shared)
 authz_core_module (shared)
 authnz_ldap_module (shared)
 access_compat_module (shared)
 auth_basic_module (shared)
 socache_shmcb_module (shared)
 socache_memcache_module (shared)
 reqtimeout_module (shared)
 filter_module (shared)
 mime_module (shared)
 ldap_module (shared)
 log_config_module (shared)
 logio_module (shared)
 env_module (shared)
 mime_magic_module (shared)
 expires_module (shared)
 headers_module (shared)
 setenvif_module (shared)
 version_module (shared)
 session_module (shared)
 session_cookie_module (shared)
 session_crypto_module (shared)
 ssl_module (shared)
 unixd_module (shared)
 status_module (shared)
 autoindex_module (shared)
 vhost_alias_module (shared)
 negotiation_module (shared)
 dir_module (shared)
 speling_module (shared)
 userdir_module (shared)
 alias_module (shared)
 rewrite_module (shared)
 php5_module (shared)
 dav_module (shared)
 dav_svn_module (shared)
 dav_fs_module (shared)
 dav_lock_module (shared)
 authz_svn_module (shared)
 dontdothat_module (shared)


And here we go with "php -m":

# php -m
[PHP Modules]
bcmath
bz2
Core
ctype
curl
date
dom
ereg
exif
fileinfo
filter
gd
gettext
hash
iconv
imagick
intl
json
ldap
libxml
mbstring
mcrypt
memcache
mhash
mysql
mysqlnd
openssl
pcre
PDFlib
PDO
pdo_mysql
pdo_pgsql
pdo_sqlite
pgsql
Phar
posix
readline
Reflection
session
SimpleXML
snmp
soap
sockets
SPL
sqlite3
standard
sysvmsg
sysvsem
sysvshm
tidy
tokenizer
wddx
xml
xmlreader
xmlwriter
xsl
Zend OPcache
zip
zlib

[Zend Modules]
Zend OPcache

Comment 10 Torsten Zuehlsdorff 2018-02-16 08:41:17 UTC

(In reply to O. Hartmann from comment #2)

> 0x0000000802300382 in ?? () from /usr/local/lib/php/20131226-zts/opcache.so

Mh, there are plenty of bug reports regarding opcache. The only segfault issues are for 5.6.

There problem here is: there is no support for PHP 5.6 anymore. Even the extended security support ends this year - but there are no bug fixes.

Even if we can pin down the problem to PHP there won't be any fix at all.

You should at least upgrade to PHP 7.1 and check if the error still happens. If so we can analyze further.

(In reply to Torsten Zuehlsdorff from comment #10)

Checking /usr/ports/Mk/bsd.default-versions.mk reports:

[...]
# Possible values: 5.6, 7.0, 7.1, 7.2
PHP_DEFAULT?=           5.6
[...]

So I guess there is a reason, why php=5.6 is still the default? If 5.6 is still the default, we can consider this problem with opcache a serious issue that needs to be solved in 5.6!

Most modules I watched being present on the systems in question are reeled in by some ports's default settings. I do not care much about this issue, but now, it became a serious problem because its paralysing our Apache sites, which we use for SVN, RefDB, Nextcloud, bareos and other maintenance stuff. I'd rather like to isolate the opcache module from being build than starting rebuilding all PHP dependend ports according to switching towards php=7.1.

Since I have no idea which ports relying on php 5.6 are reluctant to play with 7.1, I do not want to figure that out by myself, since the boxes in question performing the build do not have lots of performance. Well, it would be another story if php 7.1 is becoming the new standard soon and there are few, clearly identifyable ports not playing well we do not use.

I checked which ports are relying on www/php56-opcache:

 # pkg info -r www/php56-opcache
php56-opcache-5.6.33:
        ZendFramework-2.3.3_2
        php56-extensions-1.0

So I consider this issue a serious one and it could not be ignored in favour of 7.1. We do not use "special cases" so I fear other will suffer from the same issue sooner or later when this crap gets common in the package tree.

Comment 12 Torsten Zuehlsdorff 2018-02-20 16:36:51 UTC

(In reply to O. Hartmann from comment #11)

> So I consider this issue a serious one and it could not be ignored in favour of 
> 7.1. We do not use "special cases" so I fear other will suffer from the same 
> issue sooner or later when this crap gets common in the package tree.

Its not ignored in favor of 7.1. There is *no* support for PHP 5.6 by the PHP group it self. Same for 7.0. 

That PHP 5.6 is currently the default PHP version has a little back story. I already prepared the ports-tree to get to 7.1. But it was stopped by mat in favor of PHP flavors. This will allow you to install every software with the PHP version you want - so without a change of default versions.

The current work is done by mat here:
https://reviews.freebsd.org/D14208

Since this will most likely land in Q1 2018 there isn't currently any plan to change the default version.

(In reply to Torsten Zuehlsdorff from comment #12)

Well, I can follow your reasoning. In the meanwhile, I set the default version of php to 7.1 and recompiled/rebuild every port necessary.

The bug reported herein is gone! There are some bumpy portions of that upgrade road, but one can get rid of such obstacles easily.

I guess, the bugreport can be closed. but need to have a notice that the problem is solved with upcoming php 7.1 - I guess?

For what it's worth, I ran into this after a rebuild, and found that setting:

[opcache]
opcache.optimization_level=0x2ef

resolved the issue for me on a MediaWiki and Drupal installation (FreeBSD 10.4).

This removes passes 5 and 9 which perform block optimization and register allocation, while leaving other optimizations intact. If this doesn't work for you you could try setting it to 0 and then flipping bits like I did.

Obviously, this is not ideal, but as others have noted, 5.6 is kind of on life support and the best solution is likely to be an orderly migration to 7.x (ideally 7.1 or above) which will require testing of your application as there are likely to be some issues. On the plus side, the performance gain is incredible.