From: valters at videinfra dot com Operating system: Debian Lenny PHP version: 5.2.12 PHP Bug Type: Unknown/Other Function Bug description: segfault with Zend Memory Manager = enabled
Description: ------------ ./configure --prefix=/usr/local/php5.2 --sysconfdir=/etc --with-apxs2=/usr/local/apache/bin/apxs --with-config-file-path=/etc/php/apache2-php5 --with-config-file-scan-dir=/etc/php/apache2-php5/ext-active --without-pear --enable-bcmath --enable-calendar --with-curl --enable-exif --enable-ftp --with-gettext --with-gmp --enable-mbstring --with-mcrypt --with-mhash --with-openssl --with-openssl-dir --with-pgsql --with-pspell --enable-soap --enable-sockets --with-xmlrpc --with-xsl --enable-zip --with-zlib --enable-dba --with-db4 --with-gdbm --with-freetype-dir --with-jpeg-dir --with-png-dir --with-gd --with-imap --with-imap-ssl --with-ldap --with-pdo-dblib --with-pdo-pgsql --with-pdo-sqlite --with-readline --with-sqlite --enable-sqlite-utf8 --with-kerberos --disable-ipv6 there is no segfault with --enable-debug and it seems that this crash happens after the end of the script. The crash happens when php is compiled with Zend Memory Manager = enabled Server version: Apache/2.2.14 (Unix) [notice] child pid 8480 exit signal Segmentation fault (11) Actual result: -------------- 0xb79d7ffa in zend_mm_remove_from_free_list (heap=<value optimized out>, mm_block=0x8f35784) at /root/php-5.2.12/Zend/zend_alloc.c:822 822 ZEND_MM_CHECK_TREE(mm_block); (gdb) bt #0 0xb79d7ffa in zend_mm_remove_from_free_list (heap=<value optimized out>, mm_block=0x8f35784) at /root/php-5.2.12/Zend/zend_alloc.c:822 #1 0xb79d8131 in _zend_mm_free_int (heap=0x8965fd8, p=<value optimized out>) at /root/php-5.2.12/Zend/zend_alloc.c:1979 #2 0xb79fbe5a in zend_hash_destroy (ht=0x8f36c64) at /root/php-5.2.12/Zend/zend_hash.c:531 #3 0xb79f18d5 in _zval_dtor_func (zvalue=0x8f42320) at /root/php-5.2.12/Zend/zend_variables.c:42 #4 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x8f41fc0) at /root/php-5.2.12/Zend/zend_variables.h:35 #5 0xb79fbe2e in zend_hash_destroy (ht=0x8f36e7c) at /root/php-5.2.12/Zend/zend_hash.c:526 #6 0xb7a0bcb3 in zend_object_std_dtor (object=0x8f41460) at /root/php-5.2.12/Zend/zend_objects.c:45 #7 0xb7a0bce2 in zend_objects_free_object_storage (object=0x8f41460) at /root/php-5.2.12/Zend/zend_objects.c:122 #8 0xb7a0f018 in zend_objects_store_del_ref_by_handle (handle=51) at /root/php-5.2.12/Zend/zend_objects_API.c:211 #9 0xb7a0f038 in zend_objects_store_del_ref (zobject=0x8f4094c) at /root/php-5.2.12/Zend/zend_objects_API.c:169 #10 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x91dcf74) at /root/php-5.2.12/Zend/zend_variables.h:35 #11 0xb79fbe2e in zend_hash_destroy (ht=0x91dcf10) at /root/php-5.2.12/Zend/zend_hash.c:526 #12 0xb7a0bcb3 in zend_object_std_dtor (object=0x91dceb8) at /root/php-5.2.12/Zend/zend_objects.c:45 #13 0xb7a0bce2 in zend_objects_free_object_storage (object=0x91dceb8) at /root/php-5.2.12/Zend/zend_objects.c:122 #14 0xb7a0f018 in zend_objects_store_del_ref_by_handle (handle=102) at /root/php-5.2.12/Zend/zend_objects_API.c:211 #15 0xb7a0f038 in zend_objects_store_del_ref (zobject=0x91dcea0) at /root/php-5.2.12/Zend/zend_objects_API.c:169 #16 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x91dd028) at /root/php-5.2.12/Zend/zend_variables.h:35 #17 0xb79fbe2e in zend_hash_destroy (ht=0x91dcb00) at /root/php-5.2.12/Zend/zend_hash.c:526 #18 0xb79f18d5 in _zval_dtor_func (zvalue=0x91dbff4) at /root/php-5.2.12/Zend/zend_variables.c:42 #19 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x9113624) at /root/php-5.2.12/Zend/zend_variables.h:35 #20 0xb79fbe2e in zend_hash_destroy (ht=0x91dc424) at /root/php-5.2.12/Zend/zend_hash.c:526 #21 0xb7a0bcb3 in zend_object_std_dtor (object=0x911424c) at /root/php-5.2.12/Zend/zend_objects.c:45 #22 0xb7a0bce2 in zend_objects_free_object_storage (object=0x911424c) at /root/php-5.2.12/Zend/zend_objects.c:122 #23 0xb7a0f018 in zend_objects_store_del_ref_by_handle (handle=97) at /root/php-5.2.12/Zend/zend_objects_API.c:211 #24 0xb7a0f038 in zend_objects_store_del_ref (zobject=0x9108a8c) at /root/php-5.2.12/Zend/zend_objects_API.c:169 #25 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x91dcae0) at /root/php-5.2.12/Zend/zend_variables.h:35 #26 0xb79fbe2e in zend_hash_destroy (ht=0x91dc3d4) at /root/php-5.2.12/Zend/zend_hash.c:526 #27 0xb79f18d5 in _zval_dtor_func (zvalue=0x908e678) at /root/php-5.2.12/Zend/zend_variables.c:42 #28 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x91de514) at /root/php-5.2.12/Zend/zend_variables.h:35 #29 0xb79fbe2e in zend_hash_destroy (ht=0x9189c04) at /root/php-5.2.12/Zend/zend_hash.c:526 #30 0xb79f18d5 in _zval_dtor_func (zvalue=0x9165f54) at /root/php-5.2.12/Zend/zend_variables.c:42 #31 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x9165f00) at /root/php-5.2.12/Zend/zend_variables.h:35 #32 0xb79fbe2e in zend_hash_destroy (ht=0x9189b20) at /root/php-5.2.12/Zend/zend_hash.c:526 #33 0xb7a0bcb3 in zend_object_std_dtor (object=0x918ad50) at /root/php-5.2.12/Zend/zend_objects.c:45 #34 0xb7a0bce2 in zend_objects_free_object_storage (object=0x918ad50) at /root/php-5.2.12/Zend/zend_objects.c:122 #35 0xb7a0f018 in zend_objects_store_del_ref_by_handle (handle=4) at /root/php-5.2.12/Zend/zend_objects_API.c:211 #36 0xb7a0f038 in zend_objects_store_del_ref (zobject=0x8ae57d4) at /root/php-5.2.12/Zend/zend_objects_API.c:169 #37 0xb79e5460 in _zval_ptr_dtor (zval_ptr=0x8a999b0) at /root/php-5.2.12/Zend/zend_variables.h:35 #38 0xb79fbe2e in zend_hash_destroy (ht=0x8a99694) at /root/php-5.2.12/Zend/zend_hash.c:526 #39 0xb79e94f6 in destroy_zend_class (pce=0x8ace6bc) at /root/php-5.2.12/Zend/zend_opcode.c:184 #40 0xb79fbae2 in zend_hash_apply_deleter (ht=0x8966270, p=0x8ace6b0) at /root/php-5.2.12/Zend/zend_hash.c:611 #41 0xb79fbbf0 in zend_hash_reverse_apply (ht=0x8966270, apply_func=0xb79e4b70 <clean_non_persistent_class>) at /root/php-5.2.12/Zend/zend_hash.c:760 #42 0xb79e7f02 in shutdown_executor () at /root/php-5.2.12/Zend/zend_execute_API.c:291 #43 0xb79f2353 in zend_deactivate () at /root/php-5.2.12/Zend/zend.c:860 #44 0xb79b0e07 in php_request_shutdown (dummy=0x0) at /root/php-5.2.12/main/main.c:1504 #45 0xb7a5e321 in php_handler (r=0x8bd0fb8) at /root/php-5.2.12/sapi/apache2handler/sapi_apache2.c:477 #46 0x0807c3c9 in ap_run_handler (r=0x8bd0fb8) at config.c:158 #47 0x0807f729 in ap_invoke_handler (r=0x8bd0fb8) at config.c:372 #48 0x08096ff6 in ap_process_request (r=0x8bd0fb8) at http_request.c:282 #49 0x08094078 in ap_process_http_connection (c=0x8ab8db0) at http_core.c:190 #50 0x08083849 in ap_run_process_connection (c=0x8ab8db0) at connection.c:43 #51 0x080b1b5d in child_main (child_num_arg=<value optimized out>) at prefork.c:662 #52 0x080b1e27 in make_child (s=0x88b1db0, slot=0) at prefork.c:702 #53 0x080b2532 in ap_mpm_run (_pconf=0x88ad0a8, plog=0x88eb1a0, s=0x88b1db0) at prefork.c:978 #54 0x08068ed0 in main (argc=Cannot access memory at address 0x0 ) at main.c:740 -- Edit bug report at http://bugs.php.net/?id=50995&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=50995&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=50995&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=50995&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=50995&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=50995&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=50995&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=50995&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=50995&r=needscript Try newer version: http://bugs.php.net/fix.php?id=50995&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=50995&r=support Expected behavior: http://bugs.php.net/fix.php?id=50995&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=50995&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=50995&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=50995&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50995&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=50995&r=dst IIS Stability: http://bugs.php.net/fix.php?id=50995&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=50995&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=50995&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=50995&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=50995&r=mysqlcfg
