Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479edit=1
ID: 40479
Comment by: laacz at laacz dot lv
Reported by:rrossi at maggioli dot it
Summary:zend_mm_heap corrupted
Status: Feedback
Type: Bug
Package:Reproducible crash
Operating System: Suse Linux 9.0
PHP Version:5.2.1
Block user comment: N
Private report: N
New Comment:
Second this by running code, provided by f dot ardelian at gmail dot com at
2011-08-31 07:49 UTC:
# php -q zend_mm_heap_corrupted.php
If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted
# php --version
PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by
eAccelerator
with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans
Previous Comments:
[2011-09-02 11:28:40] christoffer at westart dot se
I must agree with Florin, we are experiencing the same kinds of issues, both
with
CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be
fixed. Any updates?
[2011-08-31 07:49:32] f dot ardelian at gmail dot com
The cause is pretty clear to me: when the script ends, the garbage collector
starts to destroy the objects and the `unset()` in the destructor probably
invokes the garbage collector again. The error message doesn't always appear on
the screen nor in the error log (sometimes it does). The Segmentation fault
always appears in the error log. Breaks if PHP is installed using apt-get or
yum or comes with your Linux distro. Seems to work fine on Windows and codepads
(custom compiled PHPs). Definitely breaks on Debian. Don't forget to set
memory_limit to have enough room in memory to create all the objects (128M
seems to be enough on Debian to create 150,000 objects).
?php
define('OBJECT_COUNT', 20 * 1000);
class Object {
private static $world = array();
private static $maxGuid = 0;
protected $_guid = null;
public function __construct() {
self::$world[$this-_guid = self::$maxGuid++] = $this;
}
public function __destruct() {
unset(self::$world[$this-_guid]);
}
}
for ($i = 0; $i OBJECT_COUNT; ++$i) {
new Object();
}
// You probably won't see this because of the zend_mm_heap corrupted
echo 'If you see this, try to increase OBJECT_COUNT to 100,000';
?
If this code pinpoints the four and a half years-old issue, email me a beer.
Florin Ardelian
[2010-10-16 00:06:47] fel...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with ?php and ends with ?,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
[2010-09-16 13:23:05] michael202 at gmx dot de
The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-(
Sometimes it is twice a day sometimes every few days.
Apache starts giving these messages:
child pid x exit signal Segmentation fault (11)
And if your are lucky, the scripts still return xml-results.
If you get a no result from the script (i.a. white page in browser),
you'll need a apache stop and start (graceful does not help)
and the error_log says:
seg fault or similar nasty error detected in the parent process
[2010-08-09 10:32:10] sht dot alien at gmx dot net
I had it coming when I started my unittests. But it happened out of nowhere ^^
Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug
backtrace (as seen below). But I came up with a solution: ZendDebugger was the
root of all evil. I'll check out if there's a newer version available...
FAILURES!
Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9.
*** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer:
0x035b5a8f ***
=== Backtrace: =
/lib/libc.so.6(+0x775b6)[0x7f56f13105b6]
/lib/libc.so.6(cfree+0x73)[0x7f56f1316e53]
/usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b]
/usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845]
/usr/local/zend/bin/php[0x656822]
/usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929]
/usr/local/zend/bin/php[0x63e486]
/usr/local/zend/bin/php[0x64a8b2]
/usr/local
[PHP-BUG] Bug #51424 [NEW]: crypt() function hangs after 3rd call
From:
Operating system: Ubuntu 9.04 x64
PHP version: 5.3.2
Package: Strings related
Bug Type: Bug
Bug description:crypt() function hangs after 3rd call
Description:
When calling crypt() function more than once, it hangs after third call to
it.
Configure parameters:
$ php -i | grep configure
Configure Command = './configure' '--enable-bcmath' '--enable-soap'
'--with-
pgsql' '--with-ldap' '--enable-sqlite-utf8' '--with-apxs2=/usr/bin/apxs2'
'--
prefix=/usr/local' '--with-pdo-mysql' '--with-config-file-path=/etc/httpd'
'--
with-openssl=/usr' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd'
'--with-pdo-
mysql=mysqlnd' '--enable-zip' '--localstatedir=/var' '--enable-ftp'
'--with-
jpeg-dir=/usr' '--with-gd' '--enable-sockets' '--with-zlib-dir=/usr'
'--with-
xmlrpc' '--enable-mbstring=all' '--with-iconv' '--with-gettext' '--with-
imap=/usr' '--with-imap-ssl=/usr' '--with-curl' '--with-mcrypt=/usr/local'
'--
with-freetype-dir=/usr/include/freetype2' '--enable-gd-native-ttf'
'--with-
mssql' '--with-snmp' '--with-kerberos' '--enable-maintainer-zts'
'--enable-
pcntl'
Compiled in and loaded modules (from get_loaded_extensions()): Core, date,
ereg,
libxml, openssl, pcre, sqlite3, zlib, bcmath, ctype, curl, dom, fileinfo,
filter, ftp, gd, gettext, hash, iconv, session, json, ldap, mbstring,
mcrypt,
mssql, standard, SPL, pcntl, PDO, mysqlnd, pdo_sqlite, pgsql, Phar, posix,
Reflection, pdo_mysql, SimpleXML, snmp, soap, sockets, mysqli, SQLite,
imap,
tokenizer, xml, xmlreader, xmlrpc, xmlwriter, zip, mysql
Test script:
---
?php
echo #1: . crypt('MUrGtL', 'AB') . \n;
echo #2: . crypt('MUrGtL', 'AB') . \n;
echo #3: . crypt('MUrGtL', 'AB') . \n;
?
Expected result:
$ php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
#3: ABcghTMliojv2
$
Actual result:
--
# php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
--
Edit bug report at http://bugs.php.net/bug.php?id=51424edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=51424r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=51424r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=51424r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=51424r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=51424r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=51424r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=51424r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=51424r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=51424r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=51424r=support
Expected behavior:
http://bugs.php.net/fix.php?id=51424r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=51424r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=51424r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=51424r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=51424r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=51424r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=51424r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=51424r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=51424r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=51424r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=51424r=mysqlcfg
Bug #51424 [Fbk-Opn]: crypt() function hangs after 3rd call
Edit report at http://bugs.php.net/bug.php?id=51424edit=1
ID: 51424
User updated by: laacz at laacz dot lv
Reported by: laacz at laacz dot lv
Summary: crypt() function hangs after 3rd call
-Status: Feedback
+Status: Open
Type: Bug
Package: Strings related
Operating System: Ubuntu 9.04 x64
PHP Version: 5.3.2
New Comment:
Since I do not know how to attach files here, there goes links:
php_config.h: http://pastebin.com/xxKxuBS2
config.h: http://pastebin.com/8KcBe0FF
Also, added strace output: http://pastebin.com/sP4hT4LB
Previous Comments:
[2010-03-29 12:41:22] paj...@php.net
I can't reproduce it here using ubuntu 9.10.
Can you attach the config.log and main/php_config.h (from the build
directory if you compile PHP outside the root src directory).
[2010-03-29 12:30:34] laacz at laacz dot lv
Description:
When calling crypt() function more than once, it hangs after third call
to it.
Configure parameters:
$ php -i | grep configure
Configure Command = './configure' '--enable-bcmath' '--enable-soap'
'--with-
pgsql' '--with-ldap' '--enable-sqlite-utf8'
'--with-apxs2=/usr/bin/apxs2' '--
prefix=/usr/local' '--with-pdo-mysql'
'--with-config-file-path=/etc/httpd' '--
with-openssl=/usr' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd'
'--with-pdo-
mysql=mysqlnd' '--enable-zip' '--localstatedir=/var' '--enable-ftp'
'--with-
jpeg-dir=/usr' '--with-gd' '--enable-sockets' '--with-zlib-dir=/usr'
'--with-
xmlrpc' '--enable-mbstring=all' '--with-iconv' '--with-gettext'
'--with-
imap=/usr' '--with-imap-ssl=/usr' '--with-curl'
'--with-mcrypt=/usr/local' '--
with-freetype-dir=/usr/include/freetype2' '--enable-gd-native-ttf'
'--with-
mssql' '--with-snmp' '--with-kerberos' '--enable-maintainer-zts'
'--enable-
pcntl'
Compiled in and loaded modules (from get_loaded_extensions()): Core,
date, ereg,
libxml, openssl, pcre, sqlite3, zlib, bcmath, ctype, curl, dom,
fileinfo,
filter, ftp, gd, gettext, hash, iconv, session, json, ldap, mbstring,
mcrypt,
mssql, standard, SPL, pcntl, PDO, mysqlnd, pdo_sqlite, pgsql, Phar,
posix,
Reflection, pdo_mysql, SimpleXML, snmp, soap, sockets, mysqli, SQLite,
imap,
tokenizer, xml, xmlreader, xmlrpc, xmlwriter, zip, mysql
Test script:
---
?php
echo #1: . crypt('MUrGtL', 'AB') . \n;
echo #2: . crypt('MUrGtL', 'AB') . \n;
echo #3: . crypt('MUrGtL', 'AB') . \n;
?
Expected result:
$ php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
#3: ABcghTMliojv2
$
Actual result:
--
# php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
--
Edit this bug report at http://bugs.php.net/bug.php?id=51424edit=1
Bug #51424 [Fbk-Opn]: crypt() function hangs after 3rd call
Edit report at http://bugs.php.net/bug.php?id=51424edit=1
ID: 51424
User updated by: laacz at laacz dot lv
Reported by: laacz at laacz dot lv
Summary: crypt() function hangs after 3rd call
-Status: Feedback
+Status: Open
Type: Bug
Package: Strings related
Operating System: Ubuntu 9.04 x64
PHP Version: 5.3.2
New Comment:
Added GDB backtrace as a patch (what a system:).
Previous Comments:
[2010-03-29 13:07:54] paj...@php.net
It works just fine here.
Can you try to run it through gdb, stop the app when it reached the
endless loop, and get a backtrace (bt)?
[2010-03-29 13:05:31] paj...@php.net
Click Here to Submit a Patch sounds like what you need
[2010-03-29 12:50:19] laacz at laacz dot lv
Since I do not know how to attach files here, there goes links:
php_config.h: http://pastebin.com/xxKxuBS2
config.h: http://pastebin.com/8KcBe0FF
Also, added strace output: http://pastebin.com/sP4hT4LB
[2010-03-29 12:41:22] paj...@php.net
I can't reproduce it here using ubuntu 9.10.
Can you attach the config.log and main/php_config.h (from the build
directory if you compile PHP outside the root src directory).
[2010-03-29 12:30:34] laacz at laacz dot lv
Description:
When calling crypt() function more than once, it hangs after third call
to it.
Configure parameters:
$ php -i | grep configure
Configure Command = './configure' '--enable-bcmath' '--enable-soap'
'--with-
pgsql' '--with-ldap' '--enable-sqlite-utf8'
'--with-apxs2=/usr/bin/apxs2' '--
prefix=/usr/local' '--with-pdo-mysql'
'--with-config-file-path=/etc/httpd' '--
with-openssl=/usr' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd'
'--with-pdo-
mysql=mysqlnd' '--enable-zip' '--localstatedir=/var' '--enable-ftp'
'--with-
jpeg-dir=/usr' '--with-gd' '--enable-sockets' '--with-zlib-dir=/usr'
'--with-
xmlrpc' '--enable-mbstring=all' '--with-iconv' '--with-gettext'
'--with-
imap=/usr' '--with-imap-ssl=/usr' '--with-curl'
'--with-mcrypt=/usr/local' '--
with-freetype-dir=/usr/include/freetype2' '--enable-gd-native-ttf'
'--with-
mssql' '--with-snmp' '--with-kerberos' '--enable-maintainer-zts'
'--enable-
pcntl'
Compiled in and loaded modules (from get_loaded_extensions()): Core,
date, ereg,
libxml, openssl, pcre, sqlite3, zlib, bcmath, ctype, curl, dom,
fileinfo,
filter, ftp, gd, gettext, hash, iconv, session, json, ldap, mbstring,
mcrypt,
mssql, standard, SPL, pcntl, PDO, mysqlnd, pdo_sqlite, pgsql, Phar,
posix,
Reflection, pdo_mysql, SimpleXML, snmp, soap, sockets, mysqli, SQLite,
imap,
tokenizer, xml, xmlreader, xmlrpc, xmlwriter, zip, mysql
Test script:
---
?php
echo #1: . crypt('MUrGtL', 'AB') . \n;
echo #2: . crypt('MUrGtL', 'AB') . \n;
echo #3: . crypt('MUrGtL', 'AB') . \n;
?
Expected result:
$ php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
#3: ABcghTMliojv2
$
Actual result:
--
# php crypt.php
#1: ABcghTMliojv2
#2: ABcghTMliojv2
--
Edit this bug report at http://bugs.php.net/bug.php?id=51424edit=1
Bug #51424 [Fbk-Opn]: crypt() function hangs after 3rd call
Edit report at http://bugs.php.net/bug.php?id=51424edit=1 ID: 51424 User updated by: laacz at laacz dot lv Reported by: laacz at laacz dot lv Summary: crypt() function hangs after 3rd call -Status: Feedback +Status: Open Type: Bug Package: Strings related Operating System: Ubuntu 9.04 x64 PHP Version: 5.3.2 New Comment: Updated backtrace (patch:). Previous Comments: [2010-03-29 13:21:47] paj...@php.net Stupid me, you did not call crypt php. Please do it again using: gdb --args php crypt.php or gdb php run crypt.php break bt [2010-03-29 13:18:08] paj...@php.net It does not look like a crypt issue at all. Is the src file you call exactly what you pasted here? Or can you attach it as zip please? [2010-03-29 13:14:42] laacz at laacz dot lv Added GDB backtrace as a patch (what a system:). [2010-03-29 13:07:54] paj...@php.net It works just fine here. Can you try to run it through gdb, stop the app when it reached the endless loop, and get a backtrace (bt)? [2010-03-29 13:05:31] paj...@php.net Click Here to Submit a Patch sounds like what you need The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=51424 -- Edit this bug report at http://bugs.php.net/bug.php?id=51424edit=1
Bug #51424 [Fbk-Opn]: crypt() function hangs after 3rd call
Edit report at http://bugs.php.net/bug.php?id=51424edit=1 ID: 51424 User updated by: laacz at laacz dot lv Reported by: laacz at laacz dot lv Summary: crypt() function hangs after 3rd call -Status: Feedback +Status: Open Type: Bug Package: Strings related Operating System: Ubuntu 9.04 x64 PHP Version: 5.3.2 New Comment: Thank you. Provided fixes this exact bug. Previous Comments: [2010-03-29 13:55:26] paj...@php.net Can you try using the attached patch please? It should fix the dead lock. [2010-03-29 13:54:56] paj...@php.net The following patch has been added/updated: Patch Name: Dead_lock_fix_attempt Revision: 1269863696 URL: http://bugs.php.net/patch-display.php?bug=51424patch=Dead_lock_fix_attemptrevision=1269863696 [2010-03-29 13:27:52] laacz at laacz dot lv Updated backtrace (patch:). [2010-03-29 13:21:47] paj...@php.net Stupid me, you did not call crypt php. Please do it again using: gdb --args php crypt.php or gdb php run crypt.php break bt [2010-03-29 13:18:08] paj...@php.net It does not look like a crypt issue at all. Is the src file you call exactly what you pasted here? Or can you attach it as zip please? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=51424 -- Edit this bug report at http://bugs.php.net/bug.php?id=51424edit=1
#47564 [NEW]: unpacking unsigned long 32bit bit endian returns wrong result
From: laacz at laacz dot lv
Operating system: 6.1-STABLE FreeBSD (amd64)
PHP version: 5.2.9
PHP Bug Type: Strings related
Bug description: unpacking unsigned long 32bit bit endian returns wrong result
Description:
Unpacking unsigned long (32bit; always big endian; N) on 64bit
system returns 64bit signed int instead of 32bit.
You can do 0x on unpacked value, and get desired result,
but that's still a bug.
Reproduce code:
---
?php
list(,$command_id) = unpack('N', chr(0x80) . chr(0x00) . chr(0x00) .
chr(0x09));
echo hexdec(dechex($command_id)) . \n0x . dechex($command_id) . \n;
?
Expected result:
2147483657
0x8009
Actual result:
--
1.8446744071562E+19
0x8009
--
Edit bug report at http://bugs.php.net/?id=47564edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=47564r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=47564r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=47564r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=47564r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=47564r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=47564r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=47564r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=47564r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=47564r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=47564r=support
Expected behavior:
http://bugs.php.net/fix.php?id=47564r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=47564r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=47564r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=47564r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47564r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=47564r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=47564r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=47564r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=47564r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=47564r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=47564r=mysqlcfg
#41397 [NEW]: imap_headerinfo breaks after calling imap_fetch_overview
From: laacz at laacz dot lv Operating system: Gentoo PHP version: 5.2.2 PHP Bug Type: IMAP related Bug description: imap_headerinfo breaks after calling imap_fetch_overview Description: If imap_fetch_overview is called, imap_headerinfo returns only first from multiple recepients in 'to' and 'toaddress'. Reproduce code: --- // IMAP connection before this $info = imap_headerinfo($imap, 110) // Following outputs [EMAIL PROTECTED], [EMAIL PROTECTED], Another user [EMAIL PROTECTED] echo $info-toaddress . \n; $messages = imap_fetch_overview($imap, $range); $info = imap_headerinfo($imap, 110); // Following outputs [EMAIL PROTECTED] echo $info-toaddress . \n; Expected result: [EMAIL PROTECTED], [EMAIL PROTECTED], Another user [EMAIL PROTECTED] [EMAIL PROTECTED], [EMAIL PROTECTED], Another user [EMAIL PROTECTED] -- Edit bug report at http://bugs.php.net/?id=41397edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=41397r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=41397r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=41397r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=41397r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=41397r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=41397r=needtrace Need Reproduce Script:http://bugs.php.net/fix.php?id=41397r=needscript Try newer version:http://bugs.php.net/fix.php?id=41397r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=41397r=support Expected behavior:http://bugs.php.net/fix.php?id=41397r=notwrong Not enough info: http://bugs.php.net/fix.php?id=41397r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=41397r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=41397r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=41397r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=41397r=dst IIS Stability:http://bugs.php.net/fix.php?id=41397r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=41397r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=41397r=float No Zend Extensions: http://bugs.php.net/fix.php?id=41397r=nozend MySQL Configuration Error:http://bugs.php.net/fix.php?id=41397r=mysqlcfg
