Problem/Motivation

When rendering placeholders in replacePlaceholders() within Drupal 10.3x, a segmentation fault can occur due to improper handling of PHP Fibers. The issue arises because the $placeholder variable from the initial foreach loop is reused in the subsequent foreach loop in the following while loop. This leads to corruption of the Fibers, as they may access inconsistent or overwritten state during execution.

The segmentation fault occurs because Fibers rely on strict state management, and reusing the $placeholder variable introduces unintended side effects that compromise Fiber integrity.

Steps to reproduce

  • Make sure Datadog Tracer is installed and enabled on your environment
  • Set up a Drupal 10.3.10 site with a theme or module that uses lazy builders for placeholders (e.g., for rendering status messages or other dynamic content).
  • Ensure the replacePlaceholders() method is invoked on a renderable array containing multiple placeholders.
  • Observe that under certain circumstances (e.g., heavy traffic or complex placeholder rendering), the application crashes with a segmentation fault.

Proposed resolution

The issue can be resolved by using distinct variable names for the foreach loop and the while loop to avoid unintended overwrites of the $placeholder variable. Specifically:

  • In the foreach loop, keep $placeholder as it is.
  • In the foreach loop inside the while loop, introduce a separate variable, such as $fiber_placeholder, to manage Fiber processing.

Remaining tasks

  • Verify that the proposed resolution resolves the segmentation fault issue.
  • Add test cases to ensure that placeholders render correctly without errors or segmentation faults.
  • Review and merge the fix into the appropriate Drupal core branch.

User interface changes

none

Introduced terminology

none

API changes

none

Data model changes

none

Release notes snippet

Fixed a segmentation fault issue in replacePlaceholders() caused by the reuse of the $placeholder variable across multiple loops. This issue was addressed by using distinct variable names to prevent Fiber corruption during placeholder rendering.

CommentFileSizeAuthor
#2 core-segfault_in_replacePlaceholders-3490455-2.patch1.03 KBcleverhoods

Issue fork drupal-3490455

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

cleverhoods created an issue. See original summary.

cleverhoods’s picture

cleverhoods commented
StatusFileSize
new core-segfault_in_replacePlaceholders-3490455-2.patch1.03 KB

Providing patch for 10.3.x

cilefen’s picture

cilefen commented
Version: 10.3.x-dev » 11.x-dev
Status: Active » Needs work
Issue tags: -fibers, -segmentation fault, -rendering problems +Needs merge request, +Needs tests

Thanks for this.

This needs a merge request to be tested, and as you have said, some kind of a regression test.

I am updating this issue's tags according to the issue tag guidelines.

immaculatexavier made their first commit to this issue’s fork.

immaculatexavier opened merge request !10938

Version: 11.x-dev » main

Drupal core is now using the main branch as the primary development branch. New developments and disruptive changes should now be targeted to the main branch.

Read more in the announcement.