ID: 42401 Comment by: matthew dot horner at redprairie dot com Reported By: reprovol at microsoft dot com Status: No Feedback Bug Type: Reproducible crash Operating System: Windows Vista/LH Server PHP Version: 5.2.3 New Comment:
I am able to reproduce this issue as others have seen. If you simply run the following script, the error should reproduce itself. <?php phpinfo(); ?> The crash results in the following: --------------------------------------------------- In w3wp__PID__4852__Date__02_02_2008__Time_09_57_40AM__660__First chance exception 0XC0000374.dmp the assembly instruction at ntdll!RtlReportCriticalFailure+5b in C:\Windows\System32\ntdll.dll from Microsoft Corporation has caused an unknown exception (0xc0000374) on thread 11 I have done several different tests using IIS7 and have concluded that there are no issues with PHP4 but 5.1.6 and 5.2.5 both cause the crash. I am using Vista Businesss and confirmed with several other developers in our organization the same issues with IIS7 on Vista. Those reporting this issue to our group reported that the problem was also seen but not limited to 5.2.3. >From the DebugDiag tool, I have gathered a stack trace which identifies that faulting dll, php5ts.dll. -------------------------------------------------------------- Function Arg 1 Arg 2 Arg 3 Source ntdll!RtlReportCriticalFailure+5b c0000374 77d1cf50 01c1f838 ntdll!RtlpReportHeapFailure+21 00000002 01c1a15c 00000000 ntdll!RtlpLogHeapFailure+a1 00000008 00110000 037d7148 ntdll!RtlFreeHeap+60 00110000 00000000 037d7150 kernel32!HeapFree+14 00110000 00000000 037d7150 msvcrt!free+cd 037d7150 0143aa70 0313978a php5ts!zend_hash_graceful_reverse_destroy+2e 10000000 00000000 00000000 ntdll!LdrpCallInitRoutine+14 1000263d 10000000 00000000 ntdll!LdrpUnloadDll+3ba 10000000 01c1fa28 01c1a32c ntdll!LdrUnloadDll+46 10000000 027fffe4 01c1fa7c kernel32!FreeLibrary+15 10000000 00000000 009b07c8 isapi!ISAPI_DLL::Unload+38 009b07c8 696aa82d 009b07c8 isapi!ISAPI_DLL::~ISAPI_DLL+10 009b07c8 01c1fa94 696aa93f isapi!ISAPI_DLL::`scalar deleting destructor'+d 00000001 027fffc4 00f56578 isapi!ISAPI_DLL::DereferenceIsapiDll+37 01c1fac0 732a6bdc 009b07c8 isapi!ISAPI_DLL_HASH::AddRefRecord+23 009b07c8 ffffffff 00f56590 iisutil!CLKRLinearHashTable::_Clear+6f 00000000 00000003 00f56578 iisutil!CLKRLinearHashTable::~CLKRLinearHashTable+19 0011d898 01c1fae8 732a6e75 iisutil!CLKRLinearHashTable::`scalar deleting destructor'+d 00000001 01c1fb04 732a6fe4 iisutil!CLKRHashTable::_FreeSubTable+13 00f56578 01413938 0011d898 iisutil!CLKRHashTable::~CLKRHashTable+18 014052b0 01c1fb28 696aaee6 isapi!W3_RESTRICTION_LIST::`scalar deleting destructor'+e 00000001 696ab318 01437a90 isapi!TerminateIsapiModule+16 01437a90 72798822 01437a90 isapi!CIISModuleFactory::Terminate+14 01437a90 727988a6 01437a90 iiscore!VIRTUAL_MODULE::~VIRTUAL_MODULE+3e 01437a90 01c1fb70 72797755 iiscore!VIRTUAL_MODULE::`vector deleting destructor'+d 00000001 0000000e 727988e0 iiscore!VIRTUAL_MODULE::DereferenceVirtualModule+20 00000000 732a6cb0 01413758 iiscore!MODULE_LIST::FreeModules+21 01413bdc 01413758 7279a798 iiscore!W3_SERVER::TerminateGlobalModules+49 013f01fc 013f021c 013f01fc iiscore!W3_SERVER::Terminate+120 01385578 727945c8 01c1fb90 iiscore!IISCORE_PROTOCOL_MANAGER::StopListenerChannel+58 01385584 01385578 00000000 w3wphost!LISTENER_CHANNEL::HandleStopListenerChannel+65 00000000 03778b48 73e83e43 w3wphost!LISTENER_CHANNEL_STOP_WORKITEM::ExecuteWorkItem+10 013eedd8 01c1fbd8 73ea2567 w3wphost!W3WP_HOST::ExecuteWorkItem+13 00000000 00000000 03778b58 w3tp!THREAD_POOL_DATA::ThreadPoolThread+73 00000000 01385680 73ea0000 w3tp!THREAD_POOL_DATA::ThreadPoolThread+24 013eedd8 00000000 00000000 w3tp!THREAD_MANAGER::ThreadManagerThread+39 01385680 01c1fc50 77c8a9bd kernel32!BaseThreadInitThunk+e 01385680 01c1a534 00000000 ntdll!_RtlUserThreadStart+23 73ea1e3c 01385680 00000000 Additionally, the section of this log shows a lock being held. -------------------------------------------------------------- Locked critical section report Critical Section ntdll!LdrpLoaderLock Lock State Locked Lock Count 1 Recursion Count 1 Entry Count 0 Contention Count 6 Spin Count 0 Owner Thread 11 Owner Thread System ID 3192 I have slightly altered my configuration of IIS to accelerate the crash. Using the IIS Manager, I clicked Application Pools, selected DefaultAppPool and clicked Advanced Settings. In settings configuration screen, I changed the Idle Timeout (minutes) under Process Model to 1. Do an iisreset, execute the example script above in the brower and wait. Within one minute you should see a message stating the 'IIS Worker Process has stopped working.' I downloaded the DebugDiag tool from http://www.microsoft.com/downloads/details.aspx?FamilyID=28bd5941-c458-46f1-b24d-f60151d875a3&DisplayLang=en If you would like the complete log of the crash as reported by DebugDiag tool, I would more than happy to pass it along. If any assistance is required, please feel free to contact me and I will do everything I can. Thanks, Matt Previous Comments: ------------------------------------------------------------------------ [2008-01-10 14:01:15] ambition at ambitiondesign dot com dot au To reproduce, run any PHP code using the IIS ISAPI extension, then stop and start the IIS app pool. An error message dialog will appear, and information will be added to the Microsoft Windows Application Event Log. ------------------------------------------------------------------------ [2007-08-31 01:00:01] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ [2007-08-23 19:29:12] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with <?php and ends with ?>, is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. ------------------------------------------------------------------------ [2007-08-23 19:23:22] reprovol at microsoft dot com Description: ------------ Crash Bucket: 421917130 szAppName w3wp.exe szAppVer 7.0.6001.16510 szModName StackHash_80ba szModVer 6.0.6001.16510 Offset 000a773f Exception Code c0000374 Application Stamp 462598ef Module Stamp 4625a0ae 0:014> !heap ************************************************************** * * * HEAP ERROR DETECTED * * * ************************************************************** Details: Error address: 02ebc1d8 Heap handle: 00850000 Error type heap_failure_block_not_busy (8) Stack trace: 77ad01f8: ntdll!RtlFreeHeap+0x00000060 75f22a89: kernel32!HeapFree+0x00000014 76659fbb: msvcrt!free+0x000000cd 025a9cfe: php5ts+0x00099cfe 77ac631c: ntdll!zzz_AsmCodeRange_End 77ab42bd: ntdll!LdrpUnloadDll+0x000003d4 77aafeff: ntdll!LdrUnloadDll+0x00000046 75eb2563: kernel32!FreeLibrary+0x00000076 748ecaa0: isapi!ISAPI_DLL::Unload+0x00000038 <snip> 0:014> lmvmphp5ts start end module name 02510000 029e7000 php5ts T (no symbols) Loaded symbol image file: php5ts.dll Image path: php5ts.dll Image name: php5ts.dll Timestamp: Thu May 31 06:37:03 2007 (465ECF7F) CheckSum: 00000000 ImageSize: 004D7000 File version: 5.2.3.3 Product version: 5.2.3.0 File flags: 0 (Mask 3F) File OS: 4 Unknown Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0 Sorry 0:014> u 025a9cfe php5ts+0x99cfe: 025a9cfe ?? ??? Actual result: -------------- 77ad01f8: ntdll!RtlFreeHeap+0x00000060 75f22a89: kernel32!HeapFree+0x00000014 76659fbb: msvcrt!free+0x000000cd 025a9cfe: php5ts+0x00099cfe 77ac631c: ntdll!zzz_AsmCodeRange_End 77ab42bd: ntdll!LdrpUnloadDll+0x000003d4 77aafeff: ntdll!LdrUnloadDll+0x00000046 75eb2563: kernel32!FreeLibrary+0x00000076 748ecaa0: isapi!ISAPI_DLL::Unload+0x00000038 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=42401&edit=1
