ID: 46434 Updated by: fel...@php.net Reported By: charlie dot orford at gmail dot com -Status: Open +Status: Feedback Bug Type: Session related Operating System: Debian 4/Etch PHP Version: 5.2CVS-2008-10-31 New Comment:
Please try using this snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://windows.php.net/snapshots/ Previous Comments: ------------------------------------------------------------------------ [2008-10-31 21:20:18] charlie dot orford at gmail dot com GDB backtrace #3: =================================== Core was generated by `/usr/local/apache/bin/httpd -k start'. Program terminated with signal 11, Segmentation fault. #0 0x00002b121af85f7d in ps_gc_mm (mod_data=<value optimized out>, maxlifetime=1800, nrdels=0x7fff911a30bc) at /usr/src/lamp/php5.2-200810311530/ext/session/mod_mm.c:422 422 if (sd->ctime < limit) { (gdb) bt full #0 0x00002b121af85f7d in ps_gc_mm (mod_data=<value optimized out>, maxlifetime=1800, nrdels=0x7fff911a30bc) at /usr/src/lamp/php5.2-200810311530/ext/session/mod_mm.c:422 data = (ps_mm *) 0x78b210 limit = 1225485826 ohash = (ps_sd **) 0x2b121d6c2060 ehash = (ps_sd **) 0x2b121d6c3058 sd = (ps_sd *) 0x7c65707989b73ff3 next = (ps_sd *) 0x708 #1 0x00002b121af82e04 in php_session_start () at /usr/src/lamp/php5.2-200810311530/ext/session/session.c:1344 nrdels = 0 ppid = (zval **) 0x2b12199abaa8 data = (zval **) 0x2b12199ac630 p = 0x2b12199b28c0 "X,\233\031\022+" lensess = 429598912 #2 0x00002b121af83689 in zif_session_start (ht=26, return_value=0x7c65707989b73ff3, return_value_ptr=0x2b121b841960, this_ptr=0x2b121a82834a, return_value_used=460575968) at /usr/src/lamp/php5.2-200810311530/ext/session/session.c:1824 No locals. #3 0x00002b121b0c7177 in zend_do_fcall_common_helper_SPEC ( execute_data=0x7fff911a49d0) ---Type <return> to continue, or q <return> to quit--- at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:200 i = 32767 p = <value optimized out> arg_count = 47356836608064 return_reference = 0 '\0' opline = (zend_op *) 0x2b121f6c7930 original_return_value = <value optimized out> current_scope = (zend_class_entry *) 0x0 current_this = (zval *) 0x0 return_value_used = 460575968 should_change_scope = 0 '\0' #4 0x00002b121b0b6fa3 in execute (op_array=0x2b12199b1030) at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:92 execute_data = {opline = 0x2b121f6c7930, function_state = { function_symbol_table = 0x0, function = 0x746fa0, reserved = { 0x2b121b06a12c, 0x2b12199b1138, 0x0, 0x2b12199b1138}}, fbc = 0x0, op_array = 0x2b12199b1030, object = 0x0, Ts = 0x7fff911a3200, CVs = 0x7fff911a31e0, original_in_execution = 1 '\001', symbol_table = 0x2b121b73d668, prev_execute_data = 0x7fff911a60f0, old_error_reporting = 0x0} #5 0x00002b121b0b991f in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER ( execute_data=0x7fff911a60f0) at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:2087 ---Type <return> to continue, or q <return> to quit--- saved_object = (zval *) 0x0 saved_function = (zend_function *) 0x2b12199ad2e8 opline = (zend_op *) 0x2b12199b5308 new_op_array = (zend_op_array *) 0x2b12199b1030 original_return_value = (zval **) 0x7fff911a6358 inc_filename = <value optimized out> tmp_inc_filename = {value = {lval = 47356769981664, dval = 2.3397353145946181e-310, str = { val = 0x2b121b73d4e0 "(N\032\221ÿ\177", len = 454017753}, ht = 0x2b121b73d4e0, obj = {handle = 460575968, handlers = 0x2b121b0fc2d9}}, refcount = 0, type = 0 '\0', is_ref = 0 '\0'} failure_retval = 224 'à' #6 0x00002b121b0b6fa3 in execute (op_array=0x2b12199ad2e8) at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:92 execute_data = {opline = 0x2b12199b5308, function_state = { function_symbol_table = 0x0, function = 0x2b12199b1030, reserved = { 0x2b121b06a12c, 0x2b12199addb8, 0x0, 0x2b12199addb8}}, fbc = 0x0, op_array = 0x2b12199ad2e8, object = 0x0, Ts = 0x7fff911a4ba0, CVs = 0x7fff911a4b80, original_in_execution = 1 '\001', symbol_table = 0x2b121b73d668, prev_execute_data = 0x7fff911a6390, old_error_reporting = 0x0} #7 0x00002b121b0b991f in ZEND_INCLUDE_OR_EVAL_SPEC_CONST_HANDLER ( ---Type <return> to continue, or q <return> to quit--- execute_data=0x7fff911a6390) at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:2087 saved_object = (zval *) 0x0 saved_function = (zend_function *) 0x2b12199ac848 opline = (zend_op *) 0x2b12199acf48 new_op_array = (zend_op_array *) 0x2b12199ad2e8 original_return_value = (zval **) 0x7fff911a64b0 inc_filename = <value optimized out> tmp_inc_filename = {value = {lval = 3, dval = 1.4821969375237396e-323, str = {val = 0x3 <Address 0x3 out of bounds>, len = 454017753}, ht = 0x3, obj = {handle = 3, handlers = 0x2b121b0fc2d9}}, refcount = 0, type = 0 '\0', is_ref = 0 '\0'} failure_retval = 224 'à' #8 0x00002b121b0b6fa3 in execute (op_array=0x2b12199ac848) at /usr/src/lamp/php5.2-200810311530/Zend/zend_vm_execute.h:92 execute_data = {opline = 0x2b12199acf48, function_state = { function_symbol_table = 0x0, function = 0x2b12199ad2e8, reserved = { 0x2b121b06a12c, 0x2b12199acc10, 0x0, 0x2b12199acc10}}, fbc = 0x0, op_array = 0x2b12199ac848, object = 0x0, Ts = 0x7fff911a62b0, CVs = 0x7fff911a62a0, original_in_execution = 0 '\0', symbol_table = 0x2b121b73d668, prev_execute_data = 0x0, old_error_reporting = 0x0} #9 0x00002b121b097c6d in zend_execute_scripts (type=8, ---Type <return> to continue, or q <return> to quit--- retval=<value optimized out>, file_count=3) at /usr/src/lamp/php5.2-200810311530/Zend/zend.c:1134 files = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fff911a65b0, reg_save_area = 0x7fff911a64c0}} i = 1 file_handle = (zend_file_handle *) 0x7fff911a8860 orig_op_array = (zend_op_array *) 0x0 orig_retval_ptr_ptr = (zval **) 0x0 local_retval = (zval *) 0x0 #10 0x00002b121b055f58 in php_execute_script (primary_file=0x7fff911a8860) at /usr/src/lamp/php5.2-200810311530/main/main.c:2011 realfile = "ó\024\000\000\000\000\000\000;\000\000\000\000\000\000\000##\000\000\000\000\000\000b\020\000\000\000\000\000\000m\024\000\000\000\000\000\000Ö!\000\000\000\000\000\000¦\005\000\000\000\000\000\000\237\032\000\000\000\000\000\000å\036\000\000\000\000\000\000Z\v\000\000\000\000\000\000ÿ,\000\000\000\000\000\000V\017\000\000\000\000\000\000\231\032\000\000\000\000\000\000i$\000\000\000\000\000\000\033#\000\000\000\000\000\000b\"\000\000\000\000\000\000ò#\000\000\000\000\000\000é\035\000\000\000\000\000\000\001\n\000\000\000\000\000\000W&\000\000\000\000\000\000d&\000\000\000\000\000\000\203\006\000\000\000\000\000\000Õ\n\000\000\000\000\000\000á\031\000\000\000\000\000\000µ\b\000\000\000\000\000\000"... prepend_file_p = (zend_file_handle *) 0x0 append_file_p = (zend_file_handle *) 0x2b1200000000 ---Type <return> to continue, or q <return> to quit--- prepend_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'} append_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, reader = 0, closer = 0, fteller = 0, interactive = 0}}, free_filename = 0 '\0'} old_cwd = 0x7fff911a65c0 "/" retval = 0 #11 0x00002b121b119885 in php_handler (r=0x881fe8) at /usr/src/lamp/php5.2-200810311530/sapi/apache2handler/sapi_apache2.c:629 __bailout = {{__jmpbuf = {120, 3, 8921064, 6052448, 8912728, 140735627823648, 140735627822976, 47356763542355}, __mask_was_saved = 0, __saved_mask = {__val = {0, 0, 17179869184, 8920936, 4623373, 47356750571568, 47356747237712, 8920936, 5921512, 6053712, 8921064, 8912728, 140735627823648, 0, 47356738320017, 8920936}}}} ctx = (php_struct * volatile) 0x8867c0 conf = (void *) 0x604a98 brigade = (apr_bucket_brigade * volatile) 0x887478 bucket = <value optimized out> rv = <value optimized out> parent_req = (request_rec * volatile) 0x0 #12 0x000000000043c179 in ap_run_handler (r=0x881fe8) at config.c:157 n = 3 ---Type <return> to continue, or q <return> to quit--- rv = 461642080 #13 0x000000000043f25c in ap_invoke_handler (r=0x881fe8) at config.c:372 handler = 0x65ae80 "application/x-httpd-php" result = 0 old_handler = 0x0 ignore = <value optimized out> #14 0x0000000000464598 in ap_process_request (r=0x881fe8) at http_request.c:258 access_status = 1225485826 #15 0x0000000000461a3c in ap_process_http_connection (c=0x875e88) at http_core.c:190 r = (request_rec *) 0x881fe8 csd = (apr_socket_t *) 0x0 #16 0x0000000000442e11 in ap_run_process_connection (c=0x875e88) at connection.c:43 n = 0 rv = 461642080 #17 0x00000000004736b6 in child_main (child_num_arg=<value optimized out>) at prefork.c:650 numdesc = 1 pdesc = (const apr_pollfd_t *) 0x873ef0 current_conn = (conn_rec *) 0x875e88 csd = (void *) 0x875c98 ptrans = (apr_pool_t *) 0x875c18 ---Type <return> to continue, or q <return> to quit--- allocator = (apr_allocator_t *) 0x873b10 status = <value optimized out> i = <value optimized out> lr = <value optimized out> pollset = (apr_pollset_t *) 0x873e38 sbh = (ap_sb_handle_t *) 0x873e30 bucket_alloc = (apr_bucket_alloc_t *) 0x87ff58 last_poll_idx = 1 #18 0x0000000000473934 in make_child (s=0x5bef68, slot=5) at prefork.c:746 pid = 0 #19 0x00000000004741d6 in ap_mpm_run (_pconf=<value optimized out>, plog=<value optimized out>, s=<value optimized out>) at prefork.c:881 pidfile = <value optimized out> active_children = <value optimized out> cutoff = <value optimized out> index = <value optimized out> remaining_children_to_start = 0 rv = <value optimized out> #20 0x000000000042a167 in main (argc=3, argv=0x7fff911a8e08) at main.c:740 c = 0 '\0' configtestonly = 0 confname = 0x47d51f "conf/httpd.conf" def_server_root = 0x47d52f "/usr/local/apache" ---Type <return> to continue, or q <return> to quit--- temp_error_log = 0x0 error = <value optimized out> process = (process_rec *) 0x5b3220 server_conf = <value optimized out> pglobal = (apr_pool_t *) 0x5b3128 pconf = (apr_pool_t *) 0x5b5138 plog = (apr_pool_t *) 0x5f9358 ptemp = (apr_pool_t *) 0x5c1198 pcommands = (apr_pool_t *) 0x5b7148 opt = (apr_getopt_t *) 0x5b7240 rv = 0 optarg = 0x2b121aa3a170 "Ô'" (gdb) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/46434 -- Edit this bug report at http://bugs.php.net/?id=46434&edit=1
