From: max at to-the-max dot net Operating system: FreeBSD 6.2-STABLE - AMD64 PHP version: 5.2.1 PHP Bug Type: PostgreSQL related Bug description: Crashes when using PostgreSQL module
Description: ------------ Every couple hundred of requests PHP crashes while accessing a PostgreSQL database. Backtrace always points to ext/pgsql/pgsql.c __zend_lineno=375 Reproduce code: --------------- Different scripts. All have in common that they use the PostgreSQL module. Actual result: -------------- === Backtrace 1 === www3# gdb /usr/local/bin/php php.core.500 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Core was generated by `php'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt.so.3...done. Loaded symbols for /lib/libcrypt.so.3 Reading symbols from /usr/local/pgsql/lib/libpq.so.5...done. Loaded symbols for /usr/local/pgsql/lib/libpq.so.5 Reading symbols from /usr/local/lib/libiconv.so.3...done. Loaded symbols for /usr/local/lib/libiconv.so.3 Reading symbols from /lib/libz.so.3...done. Loaded symbols for /lib/libz.so.3 Reading symbols from /lib/libm.so.4...done. Loaded symbols for /lib/libm.so.4 Reading symbols from /lib/libc.so.6...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x7fff00000031, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 1012 if (p->info._size != ZEND_MM_NEXT_BLOCK(p)->info._prev) { (gdb) bt #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x7fff00000031, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 #1 0x000000000067c6e1 in _zend_mm_free_int (heap=0x95c000, p=0x7fff00000031, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1520 #2 0x000000000067d90d in _efree (ptr=0x7fff00000031, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1877 #3 0x000000000050f30f in _php_pgsql_notice_ptr_dtor (ptr=0xac0098) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:375 #4 0x00000000006a9872 in zend_hash_clean (ht=0x9539a8) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:552 #5 0x000000000050fbfc in zm_deactivate_pgsql (type=1, module_number=10) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:574 #6 0x00000000006a44d6 in module_registry_cleanup (module=0x9f5e00) at /usr/home/max/tmp/php-5.2.1/Zend/zend_API.c:1945 #7 0x00000000006a9cf2 in zend_hash_apply (ht=0x957d40, apply_func=0x6a44a0 <module_registry_cleanup>) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:673 #8 0x000000000069c205 in zend_deactivate_modules () at /usr/home/max/tmp/php-5.2.1/Zend/zend.c:839 #9 0x00000000006458e1 in php_request_shutdown (dummy=0x0) at /usr/home/max/tmp/php-5.2.1/main/main.c:1293 #10 0x0000000000718b06 in main (argc=1, argv=0x7fffffffedc8) at /usr/home/max/tmp/php-5.2.1/sapi/cgi/cgi_main.c:1796 === Backtrace 2 === www3# gdb /usr/local/bin/php php.core.501 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Core was generated by `php'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt.so.3...done. Loaded symbols for /lib/libcrypt.so.3 Reading symbols from /usr/local/pgsql/lib/libpq.so.5...done. Loaded symbols for /usr/local/pgsql/lib/libpq.so.5 Reading symbols from /usr/local/lib/libiconv.so.3...done. Loaded symbols for /usr/local/lib/libiconv.so.3 Reading symbols from /lib/libz.so.3...done. Loaded symbols for /lib/libz.so.3 Reading symbols from /lib/libm.so.4...done. Loaded symbols for /lib/libm.so.4 Reading symbols from /lib/libc.so.6...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x3d0000004e, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 1012 if (p->info._size != ZEND_MM_NEXT_BLOCK(p)->info._prev) { (gdb) bt #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x3d0000004e, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 #1 0x000000000067c6e1 in _zend_mm_free_int (heap=0x95c000, p=0x3d0000004e, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1520 #2 0x000000000067d90d in _efree (ptr=0x3d0000004e, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1877 #3 0x000000000050f30f in _php_pgsql_notice_ptr_dtor (ptr=0xabac18) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:375 #4 0x00000000006a9872 in zend_hash_clean (ht=0x9539a8) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:552 #5 0x000000000050fbfc in zm_deactivate_pgsql (type=1, module_number=10) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:574 #6 0x00000000006a44d6 in module_registry_cleanup (module=0x9f5e00) at /usr/home/max/tmp/php-5.2.1/Zend/zend_API.c:1945 #7 0x00000000006a9cf2 in zend_hash_apply (ht=0x957d40, apply_func=0x6a44a0 <module_registry_cleanup>) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:673 #8 0x000000000069c205 in zend_deactivate_modules () at /usr/home/max/tmp/php-5.2.1/Zend/zend.c:839 #9 0x00000000006458e1 in php_request_shutdown (dummy=0x0) at /usr/home/max/tmp/php-5.2.1/main/main.c:1293 #10 0x0000000000718b06 in main (argc=1, argv=0x7fffffffedc8) at /usr/home/max/tmp/php-5.2.1/sapi/cgi/cgi_main.c:1796 === Backtrace 2 === www3# gdb /usr/local/bin/php php.core.501 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Core was generated by `php'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libcrypt.so.3...done. Loaded symbols for /lib/libcrypt.so.3 Reading symbols from /usr/local/pgsql/lib/libpq.so.5...done. Loaded symbols for /usr/local/pgsql/lib/libpq.so.5 Reading symbols from /usr/local/lib/libiconv.so.3...done. Loaded symbols for /usr/local/lib/libiconv.so.3 Reading symbols from /lib/libz.so.3...done. Loaded symbols for /lib/libz.so.3 Reading symbols from /lib/libm.so.4...done. Loaded symbols for /lib/libm.so.4 Reading symbols from /lib/libc.so.6...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x3d0000004e, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 1012 if (p->info._size != ZEND_MM_NEXT_BLOCK(p)->info._prev) { (gdb) bt #0 0x000000000067b0b9 in zend_mm_check_ptr (heap=0x95c000, ptr=0x3d0000004e, silent=1, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1012 #1 0x000000000067c6e1 in _zend_mm_free_int (heap=0x95c000, p=0x3d0000004e, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1520 #2 0x000000000067d90d in _efree (ptr=0x3d0000004e, __zend_filename=0x78d218 "/usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c", __zend_lineno=375, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /usr/home/max/tmp/php-5.2.1/Zend/zend_alloc.c:1877 #3 0x000000000050f30f in _php_pgsql_notice_ptr_dtor (ptr=0xabac18) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:375 #4 0x00000000006a9872 in zend_hash_clean (ht=0x9539a8) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:552 #5 0x000000000050fbfc in zm_deactivate_pgsql (type=1, module_number=10) at /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c:574 #6 0x00000000006a44d6 in module_registry_cleanup (module=0x9f5e00) at /usr/home/max/tmp/php-5.2.1/Zend/zend_API.c:1945 #7 0x00000000006a9cf2 in zend_hash_apply (ht=0x957d40, apply_func=0x6a44a0 <module_registry_cleanup>) at /usr/home/max/tmp/php-5.2.1/Zend/zend_hash.c:673 #8 0x000000000069c205 in zend_deactivate_modules () at /usr/home/max/tmp/php-5.2.1/Zend/zend.c:839 #9 0x00000000006458e1 in php_request_shutdown (dummy=0x0) at /usr/home/max/tmp/php-5.2.1/main/main.c:1293 #10 0x0000000000718b06 in main (argc=1, argv=0x7fffffffedc8) at /usr/home/max/tmp/php-5.2.1/sapi/cgi/cgi_main.c:1796 === Other debug messages === Some debug messages also indicate memory leaks: [Sat Mar 3 16:32:07 2007] Script: '/home/site/index.php' /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c(357) : Freeing 0x0098A360 (16 bytes), script=/home/site/index.php [Sat Mar 3 16:32:07 2007] Script: '/home/site/index.php' /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c(285) : Freeing 0x0098E3E8 (256 bytes), script=/home/site/index.php === Total 2 memory leaks detected === [Sat Mar 3 16:32:07 2007] Script: '/home/site/index.php' /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c(285) : Freeing 0x00B3BE08 (256 bytes), script=/home/site/index.php [Sat Mar 3 16:32:07 2007] Script: '/home/site/index.php' /usr/home/max/tmp/php-5.2.1/ext/pgsql/pgsql.c(357) : Freeing 0x0098B7E8 (16 bytes), script=/home/site/index.php -- Edit bug report at http://bugs.php.net/?id=40708&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=40708&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=40708&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=40708&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=40708&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=40708&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=40708&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=40708&r=needscript Try newer version: http://bugs.php.net/fix.php?id=40708&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=40708&r=support Expected behavior: http://bugs.php.net/fix.php?id=40708&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=40708&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=40708&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=40708&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=40708&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=40708&r=dst IIS Stability: http://bugs.php.net/fix.php?id=40708&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=40708&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=40708&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=40708&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=40708&r=mysqlcfg