Hi,
There's a problem with the memory manager (HEAD):
[EMAIL PROTECTED]:~/build/php-unicode-debug$ cli -d"memory_limit=500k" -r
'leak(212930);'
[Sat Nov 11 21:39:42 2006] Script: '-'
/home/mike/cvs/php-src/Zend/zend_builtin_functions.c(1181) : Freeing
0xB6E73000 (212930 bytes), script=-
zend_mm_heap corrupted
Segmentation fault
[EMAIL PROTECTED]:~/build/php-unicode-debug$ gdb --args sapi/cli/php
-d"memory_limit=500k" -r 'leak(212800);'
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
(gdb) r
Starting program: /home/mike/build/php-unicode-debug/sapi/cli/php
-dmemory_limit=500k -r leak\(212800\)\;
[Thread debugging using libthread_db enabled]
[New Thread -1225652560 (LWP 9328)]
[Sat Nov 11 21:40:04 2006] Script: '-'
/home/mike/cvs/php-src/Zend/zend_builtin_functions.c(1181) : Freeing
0xB6EEB0A0 (212800 bytes), script=-
zend_mm_heap corrupted
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1225652560 (LWP 9328)]
0xffffe410 in __kernel_vsyscall ()
(gdb) bt
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xb7035ba6 in kill () from /lib/tls/i686/cmov/libc.so.6
#2 0x08298639 in zend_mm_panic (message=0x83e9a2b "zend_mm_heap corrupted") at
/home/mike/cvs/php-src/Zend/zend_alloc.c:61
#3 0x08298f14 in zend_mm_find_leaks (segment=0xb6edf008, b=0xb6eeb07c) at
/home/mike/cvs/php-src/Zend/zend_alloc.c:673
#4 0x082990dd in zend_mm_check_leaks (heap=0x841b4b0) at
/home/mike/cvs/php-src/Zend/zend_alloc.c:735
#5 0x08299b2a in zend_mm_shutdown (heap=0x841b4b0, full_shutdown=0, silent=0)
at /home/mike/cvs/php-src/Zend/zend_alloc.c:997
#6 0x0829b940 in shutdown_memory_manager (silent=0, full_shutdown=0,
tsrm_ls=0x841a018) at /home/mike/cvs/php-src/Zend/zend_alloc.c:1875
#7 0x0824a439 in php_request_shutdown (dummy=0x0) at
/home/mike/cvs/php-src/main/main.c:1435
#8 0x08360230 in main (argc=4, argv=0xbfd39c94) at
/home/mike/cvs/php-src/sapi/cli/php_cli.c:1270
[EMAIL PROTECTED]:~/build/php-unicode-debug$ valgrind sapi/cli/php
-d"memory_limit=500k" -r 'leak(211800);'
==9345== Memcheck, a memory error detector.
==9345== Copyright (C) 2002-2006, and GNU GPL'd, by Julian Seward et al.
==9345== Using LibVEX rev 1606, a library for dynamic binary translation.
==9345== Copyright (C) 2004-2006, and GNU GPL'd, by OpenWorks LLP.
==9345== Using valgrind-3.2.0-Debian, a dynamic binary instrumentation
framework.
==9345== Copyright (C) 2000-2006, and GNU GPL'd, by Julian Seward et al.
==9345== For more details, rerun with: -v
==9345==
[Sat Nov 11 21:44:38 2006] Script: '-'
/home/mike/cvs/php-src/Zend/zend_builtin_functions.c(1181) : Freeing
0x052AF490 (211800 bytes), script=-
==9345== Invalid read of size 4
==9345== at 0x8298F01: zend_mm_find_leaks (zend_alloc.c:670)
==9345== by 0x82990DC: zend_mm_check_leaks (zend_alloc.c:735)
==9345== by 0x8299B29: zend_mm_shutdown (zend_alloc.c:997)
==9345== by 0x829B93F: shutdown_memory_manager (zend_alloc.c:1875)
==9345== by 0x824A438: php_request_shutdown (main.c:1435)
==9345== by 0x836022F: main (php_cli.c:1270)
==9345== Address 0x52E302C is 4 bytes after a block of size 262,144 alloc'd
==9345== at 0x4021396: malloc (vg_replace_malloc.c:149)
==9345== by 0x8298843: zend_mm_mem_malloc_alloc (zend_alloc.c:230)
==9345== by 0x829A243: _zend_mm_alloc_int (zend_alloc.c:1208)
==9345== by 0x829B194: _emalloc (zend_alloc.c:1646)
==9345== by 0x8263991: php_output_activate (output.c:116)
==9345== by 0x8249481: php_request_startup (main.c:1195)
==9345== by 0x835F714: main (php_cli.c:1015)
zend_mm_heap corrupted
==9345==
==9345== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 47 from 1)
==9345== malloc/free: in use at exit: 1,104,886 bytes in 14,284 blocks.
==9345== malloc/free: 15,049 allocs, 765 frees, 1,463,471 bytes allocated.
==9345== For counts of detected errors, rerun with: -v
==9345== searching for pointers to 14,284 not-freed blocks.
==9345== checked 1,236,528 bytes.
==9345==
==9345== LEAK SUMMARY:
==9345== definitely lost: 0 bytes in 0 blocks.
==9345== possibly lost: 0 bytes in 0 blocks.
==9345== still reachable: 1,104,886 bytes in 14,284 blocks.
==9345== suppressed: 0 bytes in 0 blocks.
==9345== Reachable blocks (those to which a pointer was found) are not shown.
==9345== To see them, rerun with: --show-reachable=yes
Segmentation fault
Bytes to leak may differ as you can see. The problem doesn't seem to be tied
to leaks though, because I can replicate with code that doesn't leak and that
generates a different backtrace:
[EMAIL PROTECTED]:~/build/php-unicode-debug$ gdb --quiet sapi/cli/php
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
(gdb) r -d"memory_limit=500k" -d"output_buffering=1" -r 'while(true) echo
"foo";' > /dev/null
Starting program: /home/mike/build/php-unicode-debug/sapi/cli/php
-d"memory_limit=500k" -d"output_buffering=1" -r 'while(true) echo "foo";' >
/dev/null
[Thread debugging using libthread_db enabled]
[New Thread -1225435472 (LWP 9350)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1225435472 (LWP 9350)]
0x0829a048 in _zend_mm_alloc_int (heap=0x841b4c8, size=10,
__zend_filename=0x83d057c "/home/mike/cvs/php-src/main/SAPI.c",
__zend_lineno=267, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at /home/mike/cvs/php-src/Zend/zend_alloc.c:1139
1139 size_t s = ZEND_MM_FREE_BLOCK_SIZE(p);
(gdb) bt
#0 0x0829a048 in _zend_mm_alloc_int (heap=0x841b4c8, size=10,
__zend_filename=0x83d057c "/home/mike/cvs/php-src/main/SAPI.c",
__zend_lineno=267, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at /home/mike/cvs/php-src/Zend/zend_alloc.c:1139
#1 0x0829b195 in _emalloc (size=10, __zend_filename=0x83d057c
"/home/mike/cvs/php-src/main/SAPI.c", __zend_lineno=267,
__zend_orig_filename=0x0, __zend_orig_lineno=0)
at /home/mike/cvs/php-src/Zend/zend_alloc.c:1646
#2 0x0829b5ed in _estrdup (s=0x83cf29b "text/html", __zend_filename=0x83d057c
"/home/mike/cvs/php-src/main/SAPI.c", __zend_lineno=267,
__zend_orig_filename=0x0, __zend_orig_lineno=0)
at /home/mike/cvs/php-src/Zend/zend_alloc.c:1754
#3 0x082545e9 in sapi_get_default_content_type (tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/SAPI.c:267
#4 0x08254608 in sapi_get_default_content_type_header
(default_header=0xbffdc898, tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/SAPI.c:275
#5 0x082560e2 in sapi_send_headers (tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/SAPI.c:727
#6 0x081b17f1 in php_header (tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/ext/standard/head.c:54
#7 0x08266638 in php_output_op (op=0,
str=0xb6f241fc "foo"..., len=180390, tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/output.c:1073
#8 0x08264605 in php_output_write (
str=0xb6f241fc "foo"..., len=180390, tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/output.c:278
#9 0x08266ff5 in php_output_stack_pop (flags=1, tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/output.c:1250
#10 0x08264937 in php_output_end_all (tsrm_ls=0x841a018) at
/home/mike/cvs/php-src/main/output.c:358
#11 0x0824a042 in php_request_shutdown (dummy=0x0) at
/home/mike/cvs/php-src/main/main.c:1388
#12 0x08360230 in main (argc=5, argv=0xbffdcf14) at
/home/mike/cvs/php-src/sapi/cli/php_cli.c:1270
Regards,
--
Michael
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
