From:
Operating system: Redhat 4U4
PHP version: 5.2.13
Package: Apache related
Bug Type: Bug
Bug description:apache process sigsegv (double free or corruption (fasttop))
Description:
------------
Hello.
We have this problem with 5.2.12 and still with 5.2.13.
In very random situation apache process sigsegv with
this in error log:
*** glibc detected *** double free or corruption (fasttop): 0x88aa9300 ***
[Thu Mar 18 06:22:06 2010] [notice] seg fault or similar nasty error
detected in the parent process
[Thu Mar 18 06:22:07 2010] [notice] child pid 1107 exit signal Segmentation
fault (11), possible coredump in /tmp
gdb shows this:
(gdb) backtrace
#0 0x0013a2c2 in abort () from /lib/tls/libc.so.6
#1 0x0016c4ea in __libc_message () from /lib/tls/libc.so.6
#2 0x00172c6f in _int_free () from /lib/tls/libc.so.6
#3 0x00172fea in free () from /lib/tls/libc.so.6
#4 0x01287c44 in php_error_cb (type=1, error_filename=0xc36f894
"theme.php(10) : eval()'d code",
error_lineno=9, format=0x1570b84 "Maximum execution time of %d second%s
exceeded",
args=0xa0f6195c "\036") at /tmp/php-5.2.13/main/main.c:836
#5 0x012c8b2a in zend_error (type=1,
format=0x1570b84 "Maximum execution time of %d second%s exceeded")
at /tmp/php-5.2.13/Zend/zend.c:976
#6 0x012bd76d in zend_timeout (dummy=27) at
/tmp/php-5.2.13/Zend/zend_execute_API.c:1347
#7 <signal handler called>
#8 0x00175030 in malloc () from /lib/tls/libc.so.6
#9 0x00179cd0 in strdup () from /lib/tls/libc.so.6
#10 0x012879e7 in php_error_cb (type=2, error_filename=0xc36f894
"theme.php(10) : eval()'d code",
error_lineno=9, format=0x15723f4 "%s%s%s(): supplied argument is not a
valid %s resource",
args=0xa0f61d48 "ÅKT\001ÅKT\001OjT\001FŽU\001x\035ö \001") at
/tmp/php-5.2.13/main/main.c:845
Lines of code from backtrace are:
833 /* store the error if it has changed */
834 if (display) {
835 if (PG(last_error_message)) {
836 free(PG(last_error_message));
837 }
838 if (PG(last_error_file)) {
839 free(PG(last_error_file));
840 }
841 if (!error_filename) {
842 error_filename = "Unknown";
843 }
844 PG(last_error_type) = type;
845 PG(last_error_message) = strdup(buffer);
846 PG(last_error_file) = strdup(error_filename);
847 PG(last_error_lineno) = error_lineno;
Test script:
---------------
It's independent from scripts.
For last 12h on over 3mln requests we have only 15 such errors.
Expected result:
----------------
We expected not to receive sigsegv's for apache.
--
Edit bug report at http://bugs.php.net/bug.php?id=51319&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=51319&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=51319&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=51319&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=51319&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=51319&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=51319&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=51319&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=51319&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=51319&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=51319&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=51319&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=51319&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=51319&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=51319&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=51319&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=51319&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=51319&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=51319&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=51319&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=51319&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=51319&r=mysqlcfg
