Bug #64722 [Asn-Csd]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 User updated by:tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted -Status: Assigned +Status: Closed Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Hey guys - thanks so much for fixing this - I checked out git commit 1143f58a7094ed9a4960bfb714fa2773dda7c704, built it and can confirm its no longer segfaulting. cool thanks :) Previous Comments: [2013-06-14 10:35:34] tj dot botha at plista dot com Ok - so I managed to create a script which breaks it: namespace SomeName\db; class PDO extends \PDO { public $name; public function setName($name) { $this-name = $name; } } class DatabaseManager { private static $connections; private static $options = array( PDO::ATTR_PERSISTENT = 1 ); public static function createConnection($name) { $pdo = null; $pdo = new PDO(mysql:host=localhost;port=3306;dbname=db_youfilter, root, lmnop, self::$options); self::$connections[$name] = $pdo; } } DatabaseManager::createConnection(foo); DatabaseManager::createConnection(bar); Turns out this is a similar bug to https://bugs.php.net/bug.php?id=63176 And this issue is still open. We will probably work around this problem by not extending PDO. [2013-06-12 08:57:49] tj dot botha at plista dot com This issue can be closed - There is a problem between the combination of ( or rather lack of using imagick ), pdo, and the error handling, and possibly the logging system, unique to the site and not 100% reproducible using a reduced test script (and I also do not want spend a whole day writing one) using imagick 3 RC 2 with pdo enabled works for now. If you want to reproduce the behavior, attempt to imagine the circumstances in which zend_object_std_dtor gets called twice for the same object. [2013-05-02 15:08:42] tj dot botha at plista dot com Even more correct: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); object-guards = NULL; } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); object-properties = NULL; } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } [2013-05-02 14:42:26] tj dot botha at plista dot com In my mind, the correct function should look like this (without knowing the exact context in which it runs) //source_code/Zend/zend_objects.c: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } However, this appears in my apache logs, only when running in debug mode: [Thu May 02 16:41:28.476657 2013] [auth_digest:notice] [pid 23396] AH01757: generating secret for digest authentication ... [Thu May 02 16:41:29.052276 2013] [ssl:warn] [pid 23396] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Thu May 02 16:41:29.052747 2013] [lbmethod_heartbeat:notice] [pid 23396] AH02282
Bug #63176 [Com]: Segmentation fault when instantiate 2 persistent PDO to the same db server
Edit report at https://bugs.php.net/bug.php?id=63176edit=1 ID: 63176 Comment by: tj dot botha at plista dot com Reported by:jrbasso at gmail dot com Summary:Segmentation fault when instantiate 2 persistent PDO to the same db server Status: Closed Type: Bug Package:PDO related Operating System: Ubunt 12.04.1 PHP Version:5.4.7 Assigned To:wez Block user comment: N Private report: N New Comment: Hey guys - thanks very much for fixing this! I pulled 1143f58a7094ed9a4960bfb714fa2773dda7c704 this morning and confirm we're also no longer segfaulting. :) Previous Comments: [2013-06-16 15:02:30] larue...@php.net @wez what do you think? thanks [2013-06-16 15:01:46] larue...@php.net bug has been fixed, will behavior like 5.3 but it's a little weird that's two different drived class will share one same dbh, and the dbh hold only one drived class instance. see the test script I committed: https://github.com/php/php- src/blob/6cd6349ff8842a9356723b7b192eb3c93fb64c7e/ext/pdo_mysql/tests/bug63176.php t note the result are all PDO2 maybe we should also add the drived class name into the persistent id? thanks [2013-06-16 14:57:04] larue...@php.net Automatic comment on behalf of laruence Revision: http://git.php.net/?p=php-src.git;a=commit;h=49e57a31659a82443b9413127f8d58a72f09ed5b Log: Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to the same db server) [2013-06-14 19:31:44] jrbasso at gmail dot com @thz, the workaround I did was to create 2 DNS names for the same DB. So PHP will think they are 2 different servers and connect twice. [2013-06-14 13:16:48] thz at plista dot com Hi, we are experiencing the same error and it's preventing us from moving to PHP 5.4. Are there any plans to fix this or are we going to have to live with not being able to derive from PDO? We have done extensive debugging and may be able to provide some information as to why this happens, but due to a lack of internal knowledge of how the Zend engine works, we haven't been able to come up with a fix. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=63176 -- Edit this bug report at https://bugs.php.net/bug.php?id=63176edit=1
Bug #64722 [Csd-Asn]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 User updated by:tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted -Status: Closed +Status: Assigned Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Ok - so I managed to create a script which breaks it: namespace SomeName\db; class PDO extends \PDO { public $name; public function setName($name) { $this-name = $name; } } class DatabaseManager { private static $connections; private static $options = array( PDO::ATTR_PERSISTENT = 1 ); public static function createConnection($name) { $pdo = null; $pdo = new PDO(mysql:host=localhost;port=3306;dbname=db_youfilter, root, lmnop, self::$options); self::$connections[$name] = $pdo; } } DatabaseManager::createConnection(foo); DatabaseManager::createConnection(bar); Turns out this is a similar bug to https://bugs.php.net/bug.php?id=63176 And this issue is still open. We will probably work around this problem by not extending PDO. Previous Comments: [2013-06-12 08:57:49] tj dot botha at plista dot com This issue can be closed - There is a problem between the combination of ( or rather lack of using imagick ), pdo, and the error handling, and possibly the logging system, unique to the site and not 100% reproducible using a reduced test script (and I also do not want spend a whole day writing one) using imagick 3 RC 2 with pdo enabled works for now. If you want to reproduce the behavior, attempt to imagine the circumstances in which zend_object_std_dtor gets called twice for the same object. [2013-05-02 15:08:42] tj dot botha at plista dot com Even more correct: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); object-guards = NULL; } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); object-properties = NULL; } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } [2013-05-02 14:42:26] tj dot botha at plista dot com In my mind, the correct function should look like this (without knowing the exact context in which it runs) //source_code/Zend/zend_objects.c: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } However, this appears in my apache logs, only when running in debug mode: [Thu May 02 16:41:28.476657 2013] [auth_digest:notice] [pid 23396] AH01757: generating secret for digest authentication ... [Thu May 02 16:41:29.052276 2013] [ssl:warn] [pid 23396] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Thu May 02 16:41:29.052747 2013] [lbmethod_heartbeat:notice] [pid 23396] AH02282: No slotmem from mod_heartmonitor [Thu May 02 16:41:29.141345 2013] [core:warn] [pid 23396] AH00098: pid file /usr/local/apache2/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? [Thu May 2 16:41:35 2013] Script: '/.../index.php' /home/tj/php-5.4.14/Zend/zend_API.c(1127) : Freeing
Bug #64722 [Fbk-Csd]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 User updated by:tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted -Status: Feedback +Status: Closed Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: This issue can be closed - There is a problem between the combination of ( or rather lack of using imagick ), pdo, and the error handling, and possibly the logging system, unique to the site and not 100% reproducible using a reduced test script (and I also do not want spend a whole day writing one) using imagick 3 RC 2 with pdo enabled works for now. If you want to reproduce the behavior, attempt to imagine the circumstances in which zend_object_std_dtor gets called twice for the same object. Previous Comments: [2013-05-02 15:08:42] tj dot botha at plista dot com Even more correct: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); object-guards = NULL; } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); object-properties = NULL; } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } [2013-05-02 14:42:26] tj dot botha at plista dot com In my mind, the correct function should look like this (without knowing the exact context in which it runs) //source_code/Zend/zend_objects.c: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } However, this appears in my apache logs, only when running in debug mode: [Thu May 02 16:41:28.476657 2013] [auth_digest:notice] [pid 23396] AH01757: generating secret for digest authentication ... [Thu May 02 16:41:29.052276 2013] [ssl:warn] [pid 23396] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Thu May 02 16:41:29.052747 2013] [lbmethod_heartbeat:notice] [pid 23396] AH02282: No slotmem from mod_heartmonitor [Thu May 02 16:41:29.141345 2013] [core:warn] [pid 23396] AH00098: pid file /usr/local/apache2/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? [Thu May 2 16:41:35 2013] Script: '/.../index.php' /home/tj/php-5.4.14/Zend/zend_API.c(1127) : Freeing 0x7FFFE89B6050 (16 bytes), script=/usr/local/apache2/htdocs/www/plista/www.2.3.2/app/webroot/index.php === Total 1 memory leaks detected === But the project loads without problems. [2013-05-02 13:51:47] tj dot botha at plista dot com Hey guys - I have run various tests - using valgrind I did not find anything. I have debugged the code, and I have narrowed down the problem. It is not a race condition, the problem is dangling pointers are getting freed: below is still okay: //php_source/ext/pdo/pdo_dbh.c static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { ... zend_object_std_dtor(dbh-std TSRMLS_CC); dbh-std.properties = NULL; ... } The problem arrives here in zend_object_std_dtor, in php_source/Zend/zend_objects.c The situation can be recreated when a zend_object has properties AND a properties_table Look at the code below: In my case, the below function gets called TWICE: ZEND_API void zend_object_std_dtor
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Hey guys - I have run various tests - using valgrind I did not find anything. I have debugged the code, and I have narrowed down the problem. It is not a race condition, the problem is dangling pointers are getting freed: below is still okay: //php_source/ext/pdo/pdo_dbh.c static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { ... zend_object_std_dtor(dbh-std TSRMLS_CC); dbh-std.properties = NULL; ... } The problem arrives here in zend_object_std_dtor, in php_source/Zend/zend_objects.c The situation can be recreated when a zend_object has properties AND a properties_table Look at the code below: In my case, the below function gets called TWICE: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); if (object-properties_table) { efree(object-properties_table); } } else if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); } } efree(object-properties_table); } } The important bits are: ... if (object-properties) { ... if (object-properties_table) { efree(object_properties_table); //this creates dangling pointers 0x5a5a5a5a5a5a5a5a //Now, object-properties_table[0, 1, 2, ... n] are all dangling pointers } ... } else if (object-properties_table) { ... //now the second time this function gets called, at some point during the zval_ptr_dtor call on object- properties_table[i], a function tries to decrease the ref val on the dangling pointer, and this causes SIGSEGV 11 (zend_mm_heap corrupted) ... } I do not know what the correct behavior should be. I have tried removing the else if and then setting the properties_table to NULL after de-allocation and forcing de- allocation of both, however different modifications to the code have lead to different problems and I do not seem to find a 100% correct solution. The solution I had in mind to work perfect lead to for example: /home/tj/php-5.4.14/Zend/zend_API.c(1127) : Freeing 0x7FFFE89B6418 (16 bytes), script=/.../index.php === Total 1 memory leaks detected === I do not know if the function should indeed be called twice, or whether the object should only contain properties or properties_table and not both, and why the properties_table does not get set to NULL after being de-allocated, as well as the other properties_table[] pointers. In either way - it turns out that this situation is created because we are extending the PDO class in PHP, and adding custom properties and methods. I will still investigate further - but I will really appreciate some advice / help! Previous Comments: [2013-05-01 13:05:43] larue...@php.net if you can reproduce it in a 100% chance, please run it with valgrind, let's see what valgrind says about this.. thanks [2013-04-30 16:16:29] tj dot botha at plista dot com Ok - I just recompiled apache with prefork (It was supposed to be the default, instead it defaulted to event) - and recompiled PHP, and it is no longer multithreaded - and the problem persists: Apache information now: Server version: Apache/2.4.4 (Unix) Server built: Apr 30 2013 17:41:49 Server's Module Magic Number: 20120211:11 Server loaded: APR 1.4.6, APR-UTIL 1.5.2 Compiled using: APR 1.4.6, APR-UTIL 1.5.2 Architecture: 64-bit Server MPM: prefork threaded: no forked: yes (variable process count) Server compiled with -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=256 -D HTTPD_ROOT=/usr/local/apache2 -D SUEXEC_BIN=/usr/local/apache2/bin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: In my mind, the correct function should look like this (without knowing the exact context in which it runs) //source_code/Zend/zend_objects.c: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } However, this appears in my apache logs, only when running in debug mode: [Thu May 02 16:41:28.476657 2013] [auth_digest:notice] [pid 23396] AH01757: generating secret for digest authentication ... [Thu May 02 16:41:29.052276 2013] [ssl:warn] [pid 23396] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Thu May 02 16:41:29.052747 2013] [lbmethod_heartbeat:notice] [pid 23396] AH02282: No slotmem from mod_heartmonitor [Thu May 02 16:41:29.141345 2013] [core:warn] [pid 23396] AH00098: pid file /usr/local/apache2/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? [Thu May 2 16:41:35 2013] Script: '/.../index.php' /home/tj/php-5.4.14/Zend/zend_API.c(1127) : Freeing 0x7FFFE89B6050 (16 bytes), script=/usr/local/apache2/htdocs/www/plista/www.2.3.2/app/webroot/index.php === Total 1 memory leaks detected === But the project loads without problems. Previous Comments: [2013-05-02 13:51:47] tj dot botha at plista dot com Hey guys - I have run various tests - using valgrind I did not find anything. I have debugged the code, and I have narrowed down the problem. It is not a race condition, the problem is dangling pointers are getting freed: below is still okay: //php_source/ext/pdo/pdo_dbh.c static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { ... zend_object_std_dtor(dbh-std TSRMLS_CC); dbh-std.properties = NULL; ... } The problem arrives here in zend_object_std_dtor, in php_source/Zend/zend_objects.c The situation can be recreated when a zend_object has properties AND a properties_table Look at the code below: In my case, the below function gets called TWICE: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); if (object-properties_table) { efree(object-properties_table); } } else if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); } } efree(object-properties_table); } } The important bits are: ... if (object-properties) { ... if (object-properties_table) { efree(object_properties_table); //this creates dangling pointers 0x5a5a5a5a5a5a5a5a //Now, object-properties_table[0, 1, 2, ... n] are all dangling pointers } ... } else if (object-properties_table) { ... //now the second time this function gets called, at some point during the zval_ptr_dtor call on object- properties_table[i], a function tries to decrease the ref val on the dangling pointer, and this causes SIGSEGV 11 (zend_mm_heap corrupted) ... } I do not know what the correct behavior should be. I have tried removing the else if and then setting the properties_table to NULL after de-allocation and forcing de- allocation of both, however different modifications to the code have lead to different problems and I do not seem to find a 100% correct solution
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Even more correct: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); object-guards = NULL; } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); object-properties = NULL; } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } Previous Comments: [2013-05-02 14:42:26] tj dot botha at plista dot com In my mind, the correct function should look like this (without knowing the exact context in which it runs) //source_code/Zend/zend_objects.c: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); } if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); object-properties_table[i] = NULL; } } efree(object-properties_table); object-properties_table = NULL; } } However, this appears in my apache logs, only when running in debug mode: [Thu May 02 16:41:28.476657 2013] [auth_digest:notice] [pid 23396] AH01757: generating secret for digest authentication ... [Thu May 02 16:41:29.052276 2013] [ssl:warn] [pid 23396] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Thu May 02 16:41:29.052747 2013] [lbmethod_heartbeat:notice] [pid 23396] AH02282: No slotmem from mod_heartmonitor [Thu May 02 16:41:29.141345 2013] [core:warn] [pid 23396] AH00098: pid file /usr/local/apache2/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? [Thu May 2 16:41:35 2013] Script: '/.../index.php' /home/tj/php-5.4.14/Zend/zend_API.c(1127) : Freeing 0x7FFFE89B6050 (16 bytes), script=/usr/local/apache2/htdocs/www/plista/www.2.3.2/app/webroot/index.php === Total 1 memory leaks detected === But the project loads without problems. [2013-05-02 13:51:47] tj dot botha at plista dot com Hey guys - I have run various tests - using valgrind I did not find anything. I have debugged the code, and I have narrowed down the problem. It is not a race condition, the problem is dangling pointers are getting freed: below is still okay: //php_source/ext/pdo/pdo_dbh.c static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { ... zend_object_std_dtor(dbh-std TSRMLS_CC); dbh-std.properties = NULL; ... } The problem arrives here in zend_object_std_dtor, in php_source/Zend/zend_objects.c The situation can be recreated when a zend_object has properties AND a properties_table Look at the code below: In my case, the below function gets called TWICE: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); if (object-properties_table) { efree(object-properties_table); } } else if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: This appears to be a race condition - so I am unable to reproduce. I am however able to make the problem go away by modifying pdo_dbh.c to the following: static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { if (dbh-in_txn dbh-methods dbh-methods-rollback) { dbh-methods-rollback(dbh TSRMLS_CC); dbh-in_txn = 0; } if (dbh-is_persistent dbh-methods dbh-methods- persistent_shutdown) { dbh-methods-persistent_shutdown(dbh TSRMLS_CC); } //uncomment below to cause zend_mm_heap corrupted //zend_object_std_dtor(dbh-std TSRMLS_CC); //dbh-std.properties = NULL; dbh_free(dbh TSRMLS_CC); } If I recompile this into PHP it works - however now there is most likely a memory leak. I checked and this code is also new from PHP 5.3. So definitely it is causing the fault. Don't know what the real solution is though. TJ Previous Comments: [2013-04-26 17:53:01] s...@php.net Do you have a reproducible testcase? [2013-04-26 14:48:58] tj dot botha at plista dot com Description: I have a project which uses MySQL PDO. I Compiled PHP versions 5.4.6, PHP 5.4.14 and PHP 5.6 (from current GIT repositoty - 26 April 2013). I have various configuration options, but everytime I my configure command includes --with-pdo-mysql=mysqlnd, I am unable to run my project. The ONLY log file which shows any kind of information is Apache error.log: zend_mm_heap corrupted When I remove --with-pdo-mysql from configure, then my project works okay (however all my PDO functions are of course missing) and I just get normal expected PHP errors. However. When I compile PHP version 5.3.24, it works. I can successfully include --with-pdo-mysql=mysqlnd, and my project loads without problems. Test script: --- I do not have a test script - as I have no indication as to where the app fails Actual result: -- #0 0x008ee2c2 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- latest/Zend/zend.h:409 #1 0x008ee51f in i_zval_ptr_dtor (zval_ptr=0x5a5a5a5a5a5a5a5a, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute.h:76 #2 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6068a20, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #3 0x009354de in zend_object_std_dtor (object=0x271b880) at /home/tj/php-latest/Zend/zend_objects.c:54 #4 0x0068aad0 in pdo_dbh_free_storage (dbh=0x271b880) at /home/tj/php- latest/ext/pdo/pdo_dbh.c:1576 #5 0x0093c9ad in zend_objects_store_del_ref_by_handle_ex (handle=140, handlers=0x116c2e0 pdo_dbh_object_handlers) at /home/tj/php-latest/Zend/zend_objects_API.c:221 #6 0x0093c6b3 in zend_objects_store_del_ref (zobject=0x7f88d60a4af8) at /home/tj/php-latest/Zend/zend_objects_API.c:173 #7 0x00901b6c in _zval_dtor_func (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.c:54 #8 0x008ee4c1 in _zval_dtor (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.h:35 #9 0x008ee58c in i_zval_ptr_dtor (zval_ptr=0x7f88d60a4af8, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute.h:81 #10 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6030b28, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #11 0x00901f7b in _zval_ptr_dtor_wrapper (zval_ptr=0x7f88d6030b28) at /home/tj/php-latest/Zend/zend_variables.c:182 #12 0x009174a7 in zend_hash_destroy (ht=0x7f88d6069138) at /home/tj/php- latest/Zend/zend_hash.c:560 #13 0x00901b2f in _zval_dtor_func (zvalue=0x7f88d6b1ece8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.c:45 #14 0x008ee4c1 in _zval_dtor (zvalue=0x7f88d6b1ece8
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: I just want to emphasize - that commenting out the code not a solution - since it causes errors later down the line. Also, when stepping / breaking at problem area through the code - the project starts loading in bits and pieces, no segfaults occur. Only when left to run without breakpoints does it crash - therefor this really does seem like a concurrency problem. Previous Comments: [2013-04-30 12:45:41] tj dot botha at plista dot com This appears to be a race condition - so I am unable to reproduce. I am however able to make the problem go away by modifying pdo_dbh.c to the following: static void pdo_dbh_free_storage(pdo_dbh_t *dbh TSRMLS_DC) { if (dbh-in_txn dbh-methods dbh-methods-rollback) { dbh-methods-rollback(dbh TSRMLS_CC); dbh-in_txn = 0; } if (dbh-is_persistent dbh-methods dbh-methods- persistent_shutdown) { dbh-methods-persistent_shutdown(dbh TSRMLS_CC); } //uncomment below to cause zend_mm_heap corrupted //zend_object_std_dtor(dbh-std TSRMLS_CC); //dbh-std.properties = NULL; dbh_free(dbh TSRMLS_CC); } If I recompile this into PHP it works - however now there is most likely a memory leak. I checked and this code is also new from PHP 5.3. So definitely it is causing the fault. Don't know what the real solution is though. TJ [2013-04-26 17:53:01] s...@php.net Do you have a reproducible testcase? [2013-04-26 14:48:58] tj dot botha at plista dot com Description: I have a project which uses MySQL PDO. I Compiled PHP versions 5.4.6, PHP 5.4.14 and PHP 5.6 (from current GIT repositoty - 26 April 2013). I have various configuration options, but everytime I my configure command includes --with-pdo-mysql=mysqlnd, I am unable to run my project. The ONLY log file which shows any kind of information is Apache error.log: zend_mm_heap corrupted When I remove --with-pdo-mysql from configure, then my project works okay (however all my PDO functions are of course missing) and I just get normal expected PHP errors. However. When I compile PHP version 5.3.24, it works. I can successfully include --with-pdo-mysql=mysqlnd, and my project loads without problems. Test script: --- I do not have a test script - as I have no indication as to where the app fails Actual result: -- #0 0x008ee2c2 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- latest/Zend/zend.h:409 #1 0x008ee51f in i_zval_ptr_dtor (zval_ptr=0x5a5a5a5a5a5a5a5a, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute.h:76 #2 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6068a20, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #3 0x009354de in zend_object_std_dtor (object=0x271b880) at /home/tj/php-latest/Zend/zend_objects.c:54 #4 0x0068aad0 in pdo_dbh_free_storage (dbh=0x271b880) at /home/tj/php- latest/ext/pdo/pdo_dbh.c:1576 #5 0x0093c9ad in zend_objects_store_del_ref_by_handle_ex (handle=140, handlers=0x116c2e0 pdo_dbh_object_handlers) at /home/tj/php-latest/Zend/zend_objects_API.c:221 #6 0x0093c6b3 in zend_objects_store_del_ref (zobject=0x7f88d60a4af8) at /home/tj/php-latest/Zend/zend_objects_API.c:173 #7 0x00901b6c in _zval_dtor_func (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.c:54 #8 0x008ee4c1 in _zval_dtor (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.h:35 #9 0x008ee58c in i_zval_ptr_dtor (zval_ptr=0x7f88d60a4af8, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute.h:81 #10 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6030b28, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #11
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: That is an old backtrace - here is the newest: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffd8fe9700 (LWP 31920)] 0x7fffeb6a5722 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- 5.4.14/Zend/zend.h:395 395 return --pz-refcount__gc; (gdb) backtrace #0 0x7fffeb6a5722 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- 5.4.14/Zend/zend.h:395 #1 0x7fffeb6a7d06 in _zval_ptr_dtor (zval_ptr=0x7fffd6d39378, __zend_filename=0x7fffebb88468 /home/tj/php-5.4.14/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:432 #2 0x7fffeb6f258a in zend_object_std_dtor (object=0x7fffd00f56c0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects.c:54 #3 0x7fffeb3e0056 in pdo_dbh_free_storage (dbh=0x7fffd00f56c0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/ext/pdo/pdo_dbh.c:1577 #4 0x7fffeb6fac18 in zend_objects_store_del_ref_by_handle_ex (handle=122, handlers=0x7fffebeb8a20 pdo_dbh_object_handlers, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects_API.c:221 #5 0x7fffeb6fa759 in zend_objects_store_del_ref (zobject=0x7fffd6d240e0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects_API.c:173 #6 0x7fffeb6baacd in _zval_dtor_func (zvalue=0x7fffd6d240e0, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.c:54 #7 0x7fffeb6a58c1 in _zval_dtor (zvalue=0x7fffd6d240e0, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.h:35 #8 0x7fffeb6a7da9 in _zval_ptr_dtor (zval_ptr=0x7fffd6bee268, __zend_filename=0x7fffebb84cb0 /home/tj/php-5.4.14/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:438 #9 0x7fffeb6baef5 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fffd6bee268) at /home/tj/php-5.4.14/Zend/zend_variables.c:182 #10 0x7fffeb6d3281 in zend_hash_destroy (ht=0x7fffd6d39768) at /home/tj/php- 5.4.14/Zend/zend_hash.c:560 #11 0x7fffeb6baa76 in _zval_dtor_func (zvalue=0x7fffd7d18be8, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.c:45 #12 0x7fffeb6a58c1 in _zval_dtor (zvalue=0x7fffd7d18be8, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.h:35 #13 0x7fffeb6a7da9 in _zval_ptr_dtor (zval_ptr=0x7fffd7d18d98, __zend_filename=0x7fffebb84228 /home/tj/php-5.4.14/Zend/zend_opcode.c, __zend_lineno=165) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:438 #14 0x7fffeb6aef6a in cleanup_user_class_data (ce=0x7fffd7d185d0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_opcode.c:165 #15 0x7fffeb6af1c8 in zend_cleanup_user_class_data (pce=0x7fffd00d6ad8, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_opcode.c:198 #16 0x7fffeb6d3ce3 in zend_hash_reverse_apply (ht=0x7fffd001a770, apply_func=0x7fffeb6af194 zend_cleanup_user_class_data, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_hash.c:799 #17 0x7fffeb6a71e8 in shutdown_executor (tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:289 #18 0x7fffeb6be217 in zend_deactivate (tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend.c:938 #19 0x7fffeb601c90 in php_request_shutdown (dummy=0x0) at /home/tj/php- 5.4.14/main/main.c:1800 #20 0x7fffeb777c6d in php_apache_request_dtor (r=0x7fffd000f068, tsrm_ls=0x7fffd0017170) at /home/tj/php- 5.4.14/sapi/apache2handler/sapi_apache2.c:507 #21 0x7fffeb7787cf in php_handler (r=0x7fffd000f068) at /home/tj/php- 5.4.14/sapi/apache2handler/sapi_apache2.c:679 #22 0x00447e40 in ap_run_handler (r=0x7fffd000f068) at config.c:169 #23 0x0044827b in ap_invoke_handler (r=r@entry=0x7fffd000f068) at config.c:432 #24 0x0045b1bc in ap_internal_redirect (new_uri=optimised out, r= optimised out) at http_request.c:644 #25 0x7fffebed6658 in handler_redirect (r=0x7fffd0002970) at mod_rewrite.c:5051 #26 0x00447e40 in ap_run_handler (r=0x7fffd0002970) at config.c:169 #27 0x0044827b in ap_invoke_handler (r=r@entry=0x7fffd0002970) at config.c:432 #28 0x0045bc5a in ap_process_async_request (r=0x7fffd0002970) at http_request.c:317 #29
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Also - some additional info which may help: (gdb) frame 3 #3 0x7fffeb3e0056 in pdo_dbh_free_storage (dbh=0x7fffd00f56c0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/ext/pdo/pdo_dbh.c:1577 1577zend_object_std_dtor(dbh-std TSRMLS_CC); (gdb) print dbh-std $1 = {ce = 0x7fffd6d3afc0, properties = 0x0, properties_table = 0x7fffd6d39378, guards = 0x0} (gdb) and for source_code/Zend/zend_objects.c:37 to 59: ZEND_API void zend_object_std_dtor(zend_object *object TSRMLS_DC) { if (object-guards) { zend_hash_destroy(object-guards); FREE_HASHTABLE(object-guards); } if (object-properties) { zend_hash_destroy(object-properties); FREE_HASHTABLE(object-properties); if (object-properties_table) { efree(object-properties_table); } } else if (object-properties_table) { int i; for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); } } efree(object-properties_table); } } (gdb) print object-properties_table[0] $2 = (zval *) 0x5a5a5a5a5a5a5a5a (gdb) print object-properties_table[0] $3 = (zval **) 0x7fffd6d39378 (gdb) print object-ce-default_properties_count $4 = 2 (gdb) print i $5 = 0 (gdb) Not sure if this loop is thread safe: for (i = 0; i object-ce-default_properties_count; i++) { if (object-properties_table[i]) { zval_ptr_dtor(object-properties_table[i]); } } Thanks for your help! Previous Comments: [2013-04-30 15:01:07] tj dot botha at plista dot com That is an old backtrace - here is the newest: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffd8fe9700 (LWP 31920)] 0x7fffeb6a5722 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- 5.4.14/Zend/zend.h:395 395 return --pz-refcount__gc; (gdb) backtrace #0 0x7fffeb6a5722 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- 5.4.14/Zend/zend.h:395 #1 0x7fffeb6a7d06 in _zval_ptr_dtor (zval_ptr=0x7fffd6d39378, __zend_filename=0x7fffebb88468 /home/tj/php-5.4.14/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:432 #2 0x7fffeb6f258a in zend_object_std_dtor (object=0x7fffd00f56c0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects.c:54 #3 0x7fffeb3e0056 in pdo_dbh_free_storage (dbh=0x7fffd00f56c0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/ext/pdo/pdo_dbh.c:1577 #4 0x7fffeb6fac18 in zend_objects_store_del_ref_by_handle_ex (handle=122, handlers=0x7fffebeb8a20 pdo_dbh_object_handlers, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects_API.c:221 #5 0x7fffeb6fa759 in zend_objects_store_del_ref (zobject=0x7fffd6d240e0, tsrm_ls=0x7fffd0017170) at /home/tj/php-5.4.14/Zend/zend_objects_API.c:173 #6 0x7fffeb6baacd in _zval_dtor_func (zvalue=0x7fffd6d240e0, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.c:54 #7 0x7fffeb6a58c1 in _zval_dtor (zvalue=0x7fffd6d240e0, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.h:35 #8 0x7fffeb6a7da9 in _zval_ptr_dtor (zval_ptr=0x7fffd6bee268, __zend_filename=0x7fffebb84cb0 /home/tj/php-5.4.14/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-5.4.14/Zend/zend_execute_API.c:438 #9 0x7fffeb6baef5 in _zval_ptr_dtor_wrapper (zval_ptr=0x7fffd6bee268) at /home/tj/php-5.4.14/Zend/zend_variables.c:182 #10 0x7fffeb6d3281 in zend_hash_destroy (ht=0x7fffd6d39768) at /home/tj/php- 5.4.14/Zend/zend_hash.c:560 #11 0x7fffeb6baa76 in _zval_dtor_func (zvalue=0x7fffd7d18be8, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php-5.4.14/Zend/zend_variables.c:45 #12 0x7fffeb6a58c1 in _zval_dtor (zvalue=0x7fffd7d18be8, __zend_filename=0x7fffebb83be8 /home/tj/php-5.4.14/Zend/zend_execute_API.c, __zend_lineno=438) at /home/tj/php
Bug #64722 [Com]: PDO extension causes zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=64722edit=1 ID: 64722 Comment by: tj dot botha at plista dot com Reported by:tj dot botha at plista dot com Summary:PDO extension causes zend_mm_heap corrupted Status: Feedback Type: Bug Package:PDO related Operating System: Ubuntu Server 12.10 PHP Version:master-Git-2013-04-26 (Git) Block user comment: N Private report: N New Comment: Ok - I just recompiled apache with prefork (It was supposed to be the default, instead it defaulted to event) - and recompiled PHP, and it is no longer multithreaded - and the problem persists: Apache information now: Server version: Apache/2.4.4 (Unix) Server built: Apr 30 2013 17:41:49 Server's Module Magic Number: 20120211:11 Server loaded: APR 1.4.6, APR-UTIL 1.5.2 Compiled using: APR 1.4.6, APR-UTIL 1.5.2 Architecture: 64-bit Server MPM: prefork threaded: no forked: yes (variable process count) Server compiled with -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=256 -D HTTPD_ROOT=/usr/local/apache2 -D SUEXEC_BIN=/usr/local/apache2/bin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs/apache_runtime_status -D DEFAULT_ERRORLOG=logs/error_log -D AP_TYPES_CONFIG_FILE=conf/mime.types -D SERVER_CONFIG_FILE=conf/httpd.conf PHP Information : System Linux dev 3.5.0-17-generic #28-Ubuntu SMP Tue Oct 9 19:31:23 UTC 2012 x86_64 Build Date Apr 30 2013 17:54:17 Configure Command'./configure' '--with- apxs2=/usr/local/apache2/bin/apxs' '--enable-mbstring' '--with-config-file- path=/etc/php5/' '--with-gettext=/usr/bin/gettext' '--with-config-file-scan- dir=/etc/php5/mods-enabled/' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd' '-- with-pdo-mysql=mysqlnd' '--with-openssl' '--with-libdir=/lib/x86_64-linux-gnu/' '--enable-debug' Server API Apache 2.0 Handler Virtual Directory Support disabled Configuration File (php.ini) Path /etc/php5/ Loaded Configuration File /etc/php5/php.ini Scan this dir for additional .ini files /etc/php5/mods-enabled/ Additional .ini files parsed/etc/php5/mods-enabled/xdebug.ini PHP API 20100412 PHP Extension 20100525 Zend Extension 220100525 Zend Extension BuildAPI220100525,NTS,debug PHP Extension Build API20100525,NTS,debug Debug Build yes Thread Safety disabled Zend Signal Handlingdisabled Zend Memory Manager enabled Zend Multibyte Support provided by mbstring IPv6 Supportenabled DTrace Support disabled Registered PHP Streams https, ftps, php, file, glob, data, http, ftp, phar Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls Registered Stream Filters convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk Apache PHP Information Apache Version Apache/2.4.4 (Unix) OpenSSL/1.0.1c PHP/5.4.14 Apache API Version 20120211 Server Administratory...@example.com Hostname:Port dev:0 User/Group www-data(33)/33 Max RequestsPer Child: 0 - Keep Alive: on - Max Per Connection: 100 TimeoutsConnection: 60 - Keep-Alive: 5 Virtual Server No Server Root /usr/local/apache2 Loaded Modules core mod_so http_core prefork mod_authn_file mod_authn_dbm mod_authn_anon mod_authn_dbd mod_authn_socache mod_authn_core mod_authz_host mod_authz_groupfile mod_authz_user mod_authz_dbm mod_authz_owner mod_authz_dbd mod_authz_core mod_access_compat mod_auth_basic mod_auth_form mod_auth_digest mod_allowmethods mod_file_cache mod_cache mod_cache_disk mod_socache_shmcb mod_socache_dbm mod_socache_memcache mod_dbd mod_dumpio mod_buffer mod_ratelimit mod_reqtimeout mod_ext_filter mod_request mod_include mod_filter mod_substitute mod_sed mod_deflate mod_mime mod_log_config mod_log_debug mod_logio mod_env mod_expires mod_headers mod_unique_id mod_setenvif mod_version mod_remoteip mod_proxy mod_proxy_connect mod_proxy_ftp mod_proxy_http mod_proxy_fcgi mod_proxy_scgi mod_proxy_ajp mod_proxy_balancer mod_proxy_express mod_session mod_session_cookie mod_session_dbd mod_slotmem_shm mod_ssl mod_lbmethod_byrequests mod_lbmethod_bytraffic mod_lbmethod_bybusyness mod_lbmethod_heartbeat mod_unixd mod_dav mod_status mod_autoindex mod_info mod_cgid mod_dav_fs mod_vhost_alias mod_negotiation mod_dir mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_php5 This is running on a Ubuntu 12.10 virtual server. Unfortunately I have to go now but I'll check in again on Thursday. Keep well, TJ Previous Comments: [2013-04-30 16:05:40] johan...@php.net so, the new backtrace has tsrm symbols, so what environment are you using?8which web
[PHP-BUG] Bug #64722 [NEW]: PDO extension causes zend_mm_heap corrupted
From: tj dot botha at plista dot com Operating system: Ubuntu Server 12.10 PHP version: master-Git-2013-04-26 (Git) Package: PDO related Bug Type: Bug Bug description:PDO extension causes zend_mm_heap corrupted Description: I have a project which uses MySQL PDO. I Compiled PHP versions 5.4.6, PHP 5.4.14 and PHP 5.6 (from current GIT repositoty - 26 April 2013). I have various configuration options, but everytime I my configure command includes --with-pdo-mysql=mysqlnd, I am unable to run my project. The ONLY log file which shows any kind of information is Apache error.log: zend_mm_heap corrupted When I remove --with-pdo-mysql from configure, then my project works okay (however all my PDO functions are of course missing) and I just get normal expected PHP errors. However. When I compile PHP version 5.3.24, it works. I can successfully include --with-pdo-mysql=mysqlnd, and my project loads without problems. Test script: --- I do not have a test script - as I have no indication as to where the app fails Actual result: -- #0 0x008ee2c2 in zval_delref_p (pz=0x5a5a5a5a5a5a5a5a) at /home/tj/php- latest/Zend/zend.h:409 #1 0x008ee51f in i_zval_ptr_dtor (zval_ptr=0x5a5a5a5a5a5a5a5a, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute.h:76 #2 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6068a20, __zend_filename=0xe38408 /home/tj/php-latest/Zend/zend_objects.c, __zend_lineno=54) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #3 0x009354de in zend_object_std_dtor (object=0x271b880) at /home/tj/php-latest/Zend/zend_objects.c:54 #4 0x0068aad0 in pdo_dbh_free_storage (dbh=0x271b880) at /home/tj/php- latest/ext/pdo/pdo_dbh.c:1576 #5 0x0093c9ad in zend_objects_store_del_ref_by_handle_ex (handle=140, handlers=0x116c2e0 pdo_dbh_object_handlers) at /home/tj/php-latest/Zend/zend_objects_API.c:221 #6 0x0093c6b3 in zend_objects_store_del_ref (zobject=0x7f88d60a4af8) at /home/tj/php-latest/Zend/zend_objects_API.c:173 #7 0x00901b6c in _zval_dtor_func (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.c:54 #8 0x008ee4c1 in _zval_dtor (zvalue=0x7f88d60a4af8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.h:35 #9 0x008ee58c in i_zval_ptr_dtor (zval_ptr=0x7f88d60a4af8, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute.h:81 #10 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6030b28, __zend_filename=0xe34970 /home/tj/php-latest/Zend/zend_variables.c, __zend_lineno=182) at /home/tj/php-latest/Zend/zend_execute_API.c:428 #11 0x00901f7b in _zval_ptr_dtor_wrapper (zval_ptr=0x7f88d6030b28) at /home/tj/php-latest/Zend/zend_variables.c:182 #12 0x009174a7 in zend_hash_destroy (ht=0x7f88d6069138) at /home/tj/php- latest/Zend/zend_hash.c:560 #13 0x00901b2f in _zval_dtor_func (zvalue=0x7f88d6b1ece8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.c:45 #14 0x008ee4c1 in _zval_dtor (zvalue=0x7f88d6b1ece8, __zend_filename=0xe335f8 /home/tj/php-latest/Zend/zend_execute.h, __zend_lineno=81) at /home/tj/php-latest/Zend/zend_variables.h:35 #15 0x008ee58c in i_zval_ptr_dtor (zval_ptr=0x7f88d6b1ece8, __zend_filename=0xe33d68 /home/tj/php-latest/Zend/zend_opcode.c, __zend_lineno=169) at /home/tj/php-latest/Zend/zend_execute.h:81 #16 0x008ef896 in _zval_ptr_dtor (zval_ptr=0x7f88d6b1ef20, __zend_filename=0xe33d68 /home/tj/php-latest/Zend/zend_opcode.c, __zend_lineno=169) at /home/tj/php-latest/Zend/zend_execute_API.c:428 ---Type return to continue, or q return to quit--- #17 0x008f562e in cleanup_user_class_data (ce=0x7f88d6b1e528) at /home/tj/php-latest/Zend/zend_opcode.c:169 #18 0x008f5757 in zend_cleanup_user_class_data (pce=0x26d28e8) at /home/tj/php-latest/Zend/zend_opcode.c:202 #19 0x00917ee7 in zend_hash_reverse_apply (ht=0x25016b0, apply_func=0x8f572e zend_cleanup_user_class_data) at /home/tj/php- latest/Zend/zend_hash.c:799 #20 0x008ef301 in shutdown_executor () at /home/tj/php- latest/Zend/zend_execute_API.c:289 #21 0x0090411e in zend_deactivate () at /home/tj/php- latest/Zend/zend.c:939 #22 0x0086c2b5 in php_request_shutdown (dummy=0x0) at /home/tj/php- latest/main/main.c:1800 #23 0x009b42f8 in do_cli (argc=2, argv=0x2500a40) at /home/tj/php- latest/sapi/cli/php_cli.c:1176 #24 0x009b4b8d in main (argc=2, argv=0x2500a40) at /home/tj/php- latest/sapi/cli/php_cli.c:1377 -- Edit