ID: 38525 User updated by: judas dot iscariote at gmail dot com Reported By: judas dot iscariote at gmail dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: linux PHP Version: 5.2.0RC2 New Comment:
apache 2.2.X with prefork MPM Previous Comments: ------------------------------------------------------------------------ [2006-08-21 12:11:13] [EMAIL PROTECTED] Which Apache version is used and what is the MPM ? ------------------------------------------------------------------------ [2006-08-21 10:40:32] judas dot iscariote at gmail dot com well. additionally , this is a 64bit machine,but can be reproduced in IIRC can be reproduced in 32 bit too. it linux with latest 5.2 CVS, also reproduced in "released" RC2 tarball. not reproducible with 5.1.x cause this is caused by the new memory manager. A trace with xdebug loaded also ends abruptly in random places.. sometimes just after end of an IMAP stream, >=> ' Logout completed.\r\n' 6.4978 9175040 -> trim(' Logout completed.\r\n') /srv/www/htdocs/squirrelmail/functions/imap_general.php:203 >=> 'Logout completed.' >=> array (0 => array (0 => '* BYE Logging out\r\n')) >=> array (0 => '* BYE Logging out\r\n') >=> array (0 => '* BYE Logging out\r\n') >=> NULL >=> 1 6.5415 5767168 TRACE END [2006-08-20 18:37:19] or in other ocassions (weird) it segfaults **just after that** when squirelmail tries to register and object in a session , session variable si created and then die, :( also, the random error happends not only with right_main.php of SM but with read_body.php or the simple login.php. Im done, I don't know how else to look, not sure If I can provide reproduce code either. any clues ? ------------------------------------------------------------------------ [2006-08-21 10:18:19] judas dot iscariote at gmail dot com took me a while to reproduce it again, oO. that 's whaT I obtained with valgrind. ==15053== Conditional jump or move depends on uninitialised value(s) ==15053== at 0x59E1002: vfprintf (in /lib64/libc-2.4.so) ==15053== by 0x59FE6F8: vsprintf (in /lib64/libc-2.4.so) ==15053== by 0x59E91A7: sprintf (in /lib64/libc-2.4.so) ==15053== by 0x7D120DA: _convert_to_string (zend_operators.c:556) ==15053== by 0x7D1A6C2: zend_make_printable_zval (zend.c:266) ==15053== by 0x7D58B84: ZEND_ADD_VAR_SPEC_TMP_CV_HANDLER (zend_vm_execute.h:6552) ==15053== by 0x7D4407E: execute (zend_vm_execute.h:92) ==15053== by 0x7D4480F: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:234) ==15053== by 0x7D454AD: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==15053== by 0x7D4407E: execute (zend_vm_execute.h:92) ==15053== by 0x7D1C4DA: zend_execute_scripts (zend.c:1095) ==15053== by 0x7CBE341: php_execute_script (main.c:1759) ==15053== ==15053== Process terminating with default action of signal 11 (SIGSEGV) ==15053== Bad permissions for mapped region at address 0x18 ==15053== at 0x7CF7D50: zend_mm_add_to_free_list (zend_alloc.c:465) ==15053== by 0x7CF986B: _zend_mm_alloc_int (zend_alloc.c:1233) ==15053== by 0x7CFA7C5: _zend_mm_realloc_int (zend_alloc.c:1543) ==15053== by 0x7CFAAE5: _erealloc (zend_alloc.c:1633) ==15053== by 0x7C82C92: php_var_serialize_string (var.c:540) ==15053== by 0x7C8650F: php_var_serialize_intern (var.c:810) ==15053== by 0x7C86709: php_var_serialize_intern (var.c:827) ==15053== by 0x7C87325: php_var_serialize (var.c:845) ==15053== by 0x7B8B8D4: ps_srlzr_encode_php (session.c:479) ==15053== by 0x7B8C43C: php_session_encode (session.c:581) ==15053== by 0x7B8CFB1: php_session_save_current_state (session.c:860) ==15053== by 0x7B91F3C: php_session_flush (session.c:1845) ==15053== ==15053== ERROR SUMMARY: 63 errors from 13 contexts (suppressed: 155 from 1) ==15053== malloc/free: in use at exit: 20,326,987 bytes in 11,487 blocks. ==15053== malloc/free: 214,233 allocs, 202,746 frees, 315,649,047 bytes allocated. ==15053== For counts of detected errors, rerun with: -v ==15053== searching for pointers to 11,487 not-freed blocks. ==15053== checked 17,712,560 bytes. ==15053== ==15053== LEAK SUMMARY: ==15053== definitely lost: 924 bytes in 35 blocks. ==15053== possibly lost: 0 bytes in 0 blocks. ==15053== still reachable: 20,326,063 bytes in 11,452 blocks. ==15053== suppressed: 0 bytes in 0 blocks. ==15053== Use --leak-check=full to see details of leaked memory. hell:~ # ------------------------------------------------------------------------ [2006-08-21 08:53:05] [EMAIL PROTECTED] Obviously the new heap implementation from Zend is unstable. ------------------------------------------------------------------------ [2006-08-21 08:39:58] [EMAIL PROTECTED] Could you also please try to see if valgrind tells you anything? valgrind --tool=memcheck --log-file=httpd /path/to/apache/httpd -X And check out httpd.<PID> file. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38525 -- Edit this bug report at http://bugs.php.net/?id=38525&edit=1