ID: 38525
User updated by: judas dot iscariote at gmail dot com
Reported By: judas dot iscariote at gmail dot com
-Status: Feedback
+Status: Open
Bug Type: Reproducible crash
Operating System: linux
PHP Version: 5.2.0RC2
New Comment:
#1 0x00002af677a1970e in zend_mm_panic (message=0x2af677b5ade9 "Heap
corrupted")
at /local/local/bodegon/php-debug/Zend/zend_alloc.c:61
No locals.
#2 0x00002af677a19c00 in zend_mm_remove_from_free_list
(heap=0x555555867130, mm_block=0x2af679814fc0)
at /local/local/bodegon/php-debug/Zend/zend_alloc.c:473
prev = (zend_mm_free_block *) 0x555555867268
next = (zend_mm_free_block *) 0x3631f6792bdbc8
#3 0x00002af677a1c39a in _zend_mm_realloc_int (heap=0x555555867130,
p=0x2af6797d5060, size=262104,
__zend_filename=0x2af677b3bb78
"/local/local/bodegon/php-debug/ext/standard/var.c",
__zend_lineno=531,
__zend_orig_filename=0x0, __zend_orig_lineno=0) at
/local/local/bodegon/php-debug/Zend/zend_alloc.c:1450
mm_block = (zend_mm_block *) 0x2af6797d5020
next_block = (zend_mm_block *) 0x2af679814fc0
true_size = 262176
ptr = (void *) 0x23a8
#4 0x00002af677a1cae6 in _erealloc (ptr=0x2af6797d5060, size=262104,
allow_failure=0,
__zend_filename=0x2af677b3bb78
"/local/local/bodegon/php-debug/ext/standard/var.c",
__zend_lineno=531,
__zend_orig_filename=0x0, __zend_orig_lineno=0) at
/local/local/bodegon/php-debug/Zend/zend_alloc.c:1633
No locals.
#5 0x00002af6779a8e47 in php_var_serialize_long (buf=0x7fff362aa7a0,
val=407)
at /local/local/bodegon/php-debug/ext/standard/var.c:531
__nl = 261975
__dest = (smart_str *) 0x7fff362aa7a0
#6 0x00002af6779a84f0 in php_var_serialize_intern (buf=0x7fff362aa7a0,
struc=0x2af678c00088, var_hash=0x7fff362aa750)
at /local/local/bodegon/php-debug/ext/standard/var.c:807
key = 0x2af6785dc9c0 "hililist"
data = (zval **) 0x2af6787d9060
key_len = 9
index = 407
pos = (HashPosition) 0x2af6787d8e40
incomplete_class = 0 '\0'
i = 2
var_already = (ulong *) 0x555555867268
myht = (HashTable *) 0x2af6791b4710
#7 0x00002af6779a9326 in php_var_serialize (buf=0x7fff362aa7a0,
struc=0x2af678c00088, var_hash=0x7fff362aa750)
at /local/local/bodegon/php-debug/ext/standard/var.c:845
No locals.
#8 0x00002af6778ad8d5 in ps_srlzr_encode_php (newstr=0x7fff362aa808,
newlen=0x7fff362aa82c)
at /local/local/bodegon/php-debug/ext/session/session.c:479
_ht = (HashTable *) 0x2af6785592d0
---Type <return> to continue, or q <return> to quit---
buf = {
c = 0x2af6797d5060
"gettext_php_loaded|b:0;gettext_php_domain|s:0:\"\";gettext_php_dir|s:0:\"\";gettext_php_translateStrings|a:0:{}gettext_php_loaded_language|s:0:\"\";gettext_php_short_circuit|b:0;sq_base_url|s:27:\"http://hel";...,
len = 261973,
a = 262103}
var_hash = {nTableSize = 16384, nTableMask = 16383,
nNumOfElements = 8427, nNextFreeElement = 988,
pInternalPointer = 0x2af678f40f08, pListHead = 0x2af678f40f08,
pListTail = 0x2af6794865f0, arBuckets = 0x2af6791b4f48,
pDestructor = 0, persistent = 0 '\0', nApplyCount = 0 '\0',
bApplyProtection = 1 '\001', inconsistent = 0}
key = 0x2af678c000b0 "msgs"
key_length = 4
num_key = 47238021375260
struc = (zval **) 0x2af678c00088
#9 0x00002af6778ae43d in php_session_encode (newlen=0x7fff362aa82c)
at /local/local/bodegon/php-debug/ext/session/session.c:581
ret = 0x0
#10 0x00002af6778aefb2 in php_session_save_current_state () at
/local/local/bodegon/php-debug/ext/session/session.c:860
val = 0x3 <Address 0x3 out of bounds>
vallen = 0
ret = -1
#11 0x00002af6778b3f3d in php_session_flush () at
/local/local/bodegon/php-debug/ext/session/session.c:1845
orig_bailout = (jmp_buf *) 0x7fff362aa9c0
bailout = {{__jmpbuf = {160, -72001594702856356,
93824996795000, 93824995284840, 93824993674584, 93824993672000,
-72001594702856596, -71943351702066904}, __mask_was_saved = 0,
__saved_mask = {__val = {47238068320056, 0,
47238068320144, 88, 2840945349788, 47238058731560,
47238060414864, 140734102153504, 88, 140734102153536,
47238057413229, 140734102153536, 0, 0, 3017073977613,
47238058478808}}}}
#12 0x00002af6778b3f86 in zm_deactivate_session (type=1,
module_number=12)
at /local/local/bodegon/php-debug/ext/session/session.c:1859
No locals.
#13 0x00002af677a46705 in module_registry_cleanup
(module=0x5555558b2e90)
at /local/local/bodegon/php-debug/Zend/zend_API.c:1945
No locals.
#14 0x00002af677a4c4f3 in zend_hash_apply (ht=0x2af677cf99a0,
apply_func=0x2af677a466ca <module_registry_cleanup>)
at /local/local/bodegon/php-debug/Zend/zend_hash.c:666
p = (Bucket *) 0x5555558b2e30
#15 0x00002af677a3d635 in zend_deactivate_modules () at
/local/local/bodegon/php-debug/Zend/zend.c:817
orig_bailout = (jmp_buf *) 0x0
bailout = {{__jmpbuf = {160, -72001594702857076,
93824996795000, 93824995284840, 93824993674584, 93824993672000,
-72001594702856228, -71943351700553726}, __mask_was_saved = 0,
__saved_mask = {__val = {0, 47238055284985, 0,
19188171792, 47238060396720, 13793667680, 47238068320208,
140734102153824, 47238055285156, 345, 4294967315, 160,
18374742479006693916, 93824996795000, 93824995284840,
93824993674584}}}}
#16 0x00002af6779df423 in php_request_shutdown (dummy=0x0) at
/local/local/bodegon/php-debug/main/main.c:1284
report_memleaks = 1 '\001'
---Type <return> to continue, or q <return> to quit---
#17 0x00002af677ac34a3 in php_apache_request_dtor (r=0x5555559ae278)
at
/local/local/bodegon/php-debug/sapi/apache2handler/sapi_apache2.c:451
No locals.
#18 0x00002af677ac3dca in php_handler (r=0x5555559ae278)
at
/local/local/bodegon/php-debug/sapi/apache2handler/sapi_apache2.c:609
ctx = (php_struct * volatile) 0x5555559ab718
conf = (void *) 0x5555559aae48
brigade = (apr_bucket_brigade * volatile) 0x5555559bd640
bucket = (apr_bucket *) 0x5555556b4558
rv = 21845
parent_req = (request_rec * volatile) 0x0
#19 0x000055555558c6ba in ap_run_handler () from /usr/sbin/httpd2
No symbol table info available.
#20 0x000055555558faa2 in ap_invoke_handler () from /usr/sbin/httpd2
No symbol table info available.
#21 0x000055555559a1c8 in ap_process_request () from /usr/sbin/httpd2
No symbol table info available.
#22 0x0000555555597409 in ap_register_input_filter () from
/usr/sbin/httpd2
No symbol table info available.
#23 0x0000555555593772 in ap_run_process_connection () from
/usr/sbin/httpd2
No symbol table info available.
#24 0x000055555559dc09 in ap_graceful_stop_signalled () from
/usr/sbin/httpd2
No symbol table info available.
#25 0x000055555559de0e in ap_graceful_stop_signalled () from
/usr/sbin/httpd2
No symbol table info available.
#26 0x000055555559e911 in ap_mpm_run () from /usr/sbin/httpd2
No symbol table info available.
#27 0x0000555555579cb8 in main () from /usr/sbin/httpd2
No symbol table info available.
(gdb)
Previous Comments:
------------------------------------------------------------------------
[2006-08-20 18:29:05] [EMAIL PROTECTED]
Can you also try to compile your PHP with --enable-debug so
that the backtrace is more informative.
------------------------------------------------------------------------
[2006-08-20 18:18:25] judas dot iscariote at gmail dot com
Description:
------------
Hi.
We are having a weird issue, using squirrellmail with php 5.2.0RC2, PHP
crashes randomly, sometimes at login, sometimes when you click "INBOX"
after reading one mail, or simple after just clicking one mail. it's
not always in the same place.
Reproduce code:
---------------
sadly, no reproduce code ATM, Im going to check if I can produce one.
Expected result:
----------------
no crashes.
Actual result:
--------------
sadly I can't get complete trace ATM. going to check this later.
#0 0x00002b5500c9f37b in _zend_mm_alloc_int () from
/usr/lib64/apache2/mod_php5.so
#1 0x00002b5500c9f9a8 in _zend_mm_realloc_int () from
/usr/lib64/apache2/mod_php5.so
#2 0x00002b5500c54b9a in php_var_serialize_string () from
/usr/lib64/apache2/mod_php5.so
#3 0x00002b5500c5706e in php_var_serialize_intern () from
/usr/lib64/apache2/mod_php5.so
#4 0x00002b5500c57272 in php_var_serialize_intern () from
/usr/lib64/apache2/mod_php5.so
#5 0x00002b5500c57272 in php_var_serialize_intern () from
/usr/lib64/apache2/mod_php5.so
#6 0x00002b5500c58789 in php_var_serialize () from
/usr/lib64/apache2/mod_php5.so
#7 0x00002b5500be989e in ps_srlzr_encode_php () from
/usr/lib64/apache2/mod_php5.so
#8 0x00002b5500be771f in php_session_encode () from
/usr/lib64/apache2/mod_php5.so
#9 0x00002b5500bea101 in php_session_flush () from
/usr/lib64/apache2/mod_php5.so
#10 0x00002b5500bea409 in zm_deactivate_session () from
/usr/lib64/apache2/mod_php5.so
#11 0x00002b5500cb953c in module_registry_cleanup () from
/usr/lib64/apache2/mod_php5.so
#12 0x00002b5500cc1e8f in zend_hash_apply () from
/usr/lib64/apache2/mod_php5.so
#13 0x00002b5500cb7bdd in zend_deactivate_modules () from
/usr/lib64/apache2/mod_php5.so
#14 0x00002b5500c7793a in php_request_shutdown () from
/usr/lib64/apache2/mod_php5.so
#15 0x00002b5500d37c77 in php_handler () from
/usr/lib64/apache2/mod_php5.so
#16 0x000055555558c6ba in ap_run_handler () from /usr/sbin/httpd2
#17 0x000055555558faa2 in ap_invoke_handler () from /usr/sbin/httpd2
#18 0x000055555559a1c8 in ap_process_request () from /usr/sbin/httpd2
#19 0x0000555555597409 in ap_register_input_filter () from
/usr/sbin/httpd2
#20 0x0000555555593772 in ap_run_process_connection () from
/usr/sbin/httpd2
#21 0x000055555559dc09 in ap_graceful_stop_signalled () from
/usr/sbin/httpd2
#22 0x000055555559de0e in ap_graceful_stop_signalled () from
/usr/sbin/httpd2
#23 0x000055555559e911 in ap_mpm_run () from /usr/sbin/httpd2
#24 0x0000555555579cb8 in main () from /usr/sbin/httpd2
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=38525&edit=1
