Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: komanek at natur dot cuni dot cz Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: For me it seems the solution is to compile PHP with --disable-zend-multibyte instead of --enable-zend-multibyte But I am not sure if it breaks something else, I didn't find much documentation on these options. Previous Comments: [2012-03-30 18:47:46] nathan at gt dot net Also to add, USE_ZEND_ALLOC=0 did not resolve but gc_disable(); did [2012-03-30 18:46:12] nathan at gt dot net I've also confirmed the above testcase triggers it on 5.3.10 via CLI. Can provide full access to any php developer interested in taking a look, just email me. [2012-03-28 11:42:16] komanek at natur dot cuni dot cz Hi, I used the USE_ZEND_ALLOC=0 and got another segfault. But in this case in the apache error log is hopefuly something useful: *** glibc detected *** /usr/local/apache2/bin/httpd: double free or corruption (!prev): 0x051d6e10 *** === Backtrace: = /lib/libc.so.6[0x7f5a8e3709a8] /lib/libc.so.6(cfree+0x76)[0x7f5a8e372ab6] /usr/local/apache2/modules/libphp5.so(zend_multibyte_read_script+0x2e)[0x7f5a887be90e] /usr/local/apache2/modules/libphp5.so(open_file_for_scanning+0x90)[0x7f5a887bed60] /usr/local/apache2/modules/libphp5.so(compile_file+0x9c)[0x7f5a887bf92c] /usr/local/apache2/modules/libphp5.so[0x7f5a8866575a] /usr/local/apache2/modules/libphp5.so[0x7f5a8881c733] /usr/local/apache2/modules/libphp5.so(execute+0x209)[0x7f5a88813c49] /usr/local/apache2/modules/libphp5.so(zend_execute_scripts+0x17b)[0x7f5a887e52db] /usr/local/apache2/modules/libphp5.so(php_execute_script+0x198)[0x7f5a8878e0f8] /usr/local/apache2/modules/libphp5.so[0x7f5a8887348f] /usr/local/apache2/bin/httpd(ap_run_handler+0x4a)[0x443f5a] /usr/local/apache2/bin/httpd(ap_invoke_handler+0xce)[0x44747e] /usr/local/apache2/bin/httpd(ap_process_request+0x18e)[0x465ece] /usr/local/apache2/bin/httpd[0x462d78] /usr/local/apache2/bin/httpd(ap_run_process_connection+0x4a)[0x44b45a] /usr/local/apache2/bin/httpd[0x46abd0] /usr/local/apache2/bin/httpd[0x46aea4] /usr/local/apache2/bin/httpd(ap_mpm_run+0xbde)[0x46baee] /usr/local/apache2/bin/httpd(main+0x99a)[0x43063a] /lib/libc.so.6(__libc_start_main+0xe6)[0x7f5a8e31b1a6] /usr/local/apache2/bin/httpd(apr_os_proc_mutex_put+0x49)[0x42f819] === Memory map: 0040-00493000 r-xp 08:01 442565 /usr/local/apache2/bin/httpd 00692000-00698000 rw-p 00092000 08:01 442565 /usr/local/apache2/bin/httpd 00698000-0069d000 rw-p 00698000 00:00 0 017e-053d4000 rw-p 017e 00:00 0 [heap] 7f5a8000-7f5a80021000 rw-p 7f5a8000 00:00 0 7f5a80021000-7f5a8400 ---p 7f5a80021000 00:00 0 7f5a8497c000-7f5a84992000 r-xp 08:01 835587 /lib/libgcc_s.so.1 7f5a84992000-7f5a84b92000 ---p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b92000-7f5a84b93000 rw-p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b9d000-7f5a84b9e000 r--s 08:11 78792612 /home/apache2/htdocs/horde/lib/core.php 7f5a84b9e000-7f5a84bc1000 r--p 08:11 78799575 /home/apache2/htdocs/horde/mnemo/locale/cs_CZ/LC_MESSAGES/mnemo.mo 7f5a84bc1000-7f5a84bc5000 r-xp 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84bc5000-7f5a84dc4000 ---p 4000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc4000-7f5a84dc6000 rw-p 3000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc6000-7f5a84dfd000 r--p 08:11 78790850 /home/apache2/htdocs/horde/imp/locale/cs_CZ/LC_MESSAGES/imp.mo 7f5a84dfd000-7f5a84dff000 r-xp 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84dff000-7f5a84ffe000 ---p 2000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84ffe000-7f5a8500 rw-p 1000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a8500-7f5a85192000 r--p 08:01 428099 /usr/lib/locale/locale-archive 7f5a85192000-7f5a851e1000 rw-p 7f5a85192000 00:00 0 7f5a851e1000-7f5a851e3000 r-xp 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a851e3000-7f5a853e2000 ---p 2000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: nathan at gt dot net Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: Also to add, USE_ZEND_ALLOC=0 did not resolve but gc_disable(); did Previous Comments: [2012-03-30 18:46:12] nathan at gt dot net I've also confirmed the above testcase triggers it on 5.3.10 via CLI. Can provide full access to any php developer interested in taking a look, just email me. [2012-03-28 11:42:16] komanek at natur dot cuni dot cz Hi, I used the USE_ZEND_ALLOC=0 and got another segfault. But in this case in the apache error log is hopefuly something useful: *** glibc detected *** /usr/local/apache2/bin/httpd: double free or corruption (!prev): 0x051d6e10 *** === Backtrace: = /lib/libc.so.6[0x7f5a8e3709a8] /lib/libc.so.6(cfree+0x76)[0x7f5a8e372ab6] /usr/local/apache2/modules/libphp5.so(zend_multibyte_read_script+0x2e)[0x7f5a887be90e] /usr/local/apache2/modules/libphp5.so(open_file_for_scanning+0x90)[0x7f5a887bed60] /usr/local/apache2/modules/libphp5.so(compile_file+0x9c)[0x7f5a887bf92c] /usr/local/apache2/modules/libphp5.so[0x7f5a8866575a] /usr/local/apache2/modules/libphp5.so[0x7f5a8881c733] /usr/local/apache2/modules/libphp5.so(execute+0x209)[0x7f5a88813c49] /usr/local/apache2/modules/libphp5.so(zend_execute_scripts+0x17b)[0x7f5a887e52db] /usr/local/apache2/modules/libphp5.so(php_execute_script+0x198)[0x7f5a8878e0f8] /usr/local/apache2/modules/libphp5.so[0x7f5a8887348f] /usr/local/apache2/bin/httpd(ap_run_handler+0x4a)[0x443f5a] /usr/local/apache2/bin/httpd(ap_invoke_handler+0xce)[0x44747e] /usr/local/apache2/bin/httpd(ap_process_request+0x18e)[0x465ece] /usr/local/apache2/bin/httpd[0x462d78] /usr/local/apache2/bin/httpd(ap_run_process_connection+0x4a)[0x44b45a] /usr/local/apache2/bin/httpd[0x46abd0] /usr/local/apache2/bin/httpd[0x46aea4] /usr/local/apache2/bin/httpd(ap_mpm_run+0xbde)[0x46baee] /usr/local/apache2/bin/httpd(main+0x99a)[0x43063a] /lib/libc.so.6(__libc_start_main+0xe6)[0x7f5a8e31b1a6] /usr/local/apache2/bin/httpd(apr_os_proc_mutex_put+0x49)[0x42f819] === Memory map: 0040-00493000 r-xp 08:01 442565 /usr/local/apache2/bin/httpd 00692000-00698000 rw-p 00092000 08:01 442565 /usr/local/apache2/bin/httpd 00698000-0069d000 rw-p 00698000 00:00 0 017e-053d4000 rw-p 017e 00:00 0 [heap] 7f5a8000-7f5a80021000 rw-p 7f5a8000 00:00 0 7f5a80021000-7f5a8400 ---p 7f5a80021000 00:00 0 7f5a8497c000-7f5a84992000 r-xp 08:01 835587 /lib/libgcc_s.so.1 7f5a84992000-7f5a84b92000 ---p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b92000-7f5a84b93000 rw-p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b9d000-7f5a84b9e000 r--s 08:11 78792612 /home/apache2/htdocs/horde/lib/core.php 7f5a84b9e000-7f5a84bc1000 r--p 08:11 78799575 /home/apache2/htdocs/horde/mnemo/locale/cs_CZ/LC_MESSAGES/mnemo.mo 7f5a84bc1000-7f5a84bc5000 r-xp 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84bc5000-7f5a84dc4000 ---p 4000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc4000-7f5a84dc6000 rw-p 3000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc6000-7f5a84dfd000 r--p 08:11 78790850 /home/apache2/htdocs/horde/imp/locale/cs_CZ/LC_MESSAGES/imp.mo 7f5a84dfd000-7f5a84dff000 r-xp 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84dff000-7f5a84ffe000 ---p 2000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84ffe000-7f5a8500 rw-p 1000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a8500-7f5a85192000 r--p 08:01 428099 /usr/lib/locale/locale-archive 7f5a85192000-7f5a851e1000 rw-p 7f5a85192000 00:00 0 7f5a851e1000-7f5a851e3000 r-xp 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a851e3000-7f5a853e2000 ---p 2000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e2000-7f5a853e3000 rw-p 1000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e3000-7f5a853ed000 r-xp 08:01 1884173 /lib/libnss_files-2.7.so 7f5a853ed000-7f5a855ed000 ---p a000 08:01 1884173 /lib/libnss_files-2.7.so 7f5a855ed000-7f5a855
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: nathan at gt dot net Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: I've also confirmed the above testcase triggers it on 5.3.10 via CLI. Can provide full access to any php developer interested in taking a look, just email me. Previous Comments: [2012-03-28 11:42:16] komanek at natur dot cuni dot cz Hi, I used the USE_ZEND_ALLOC=0 and got another segfault. But in this case in the apache error log is hopefuly something useful: *** glibc detected *** /usr/local/apache2/bin/httpd: double free or corruption (!prev): 0x051d6e10 *** === Backtrace: = /lib/libc.so.6[0x7f5a8e3709a8] /lib/libc.so.6(cfree+0x76)[0x7f5a8e372ab6] /usr/local/apache2/modules/libphp5.so(zend_multibyte_read_script+0x2e)[0x7f5a887be90e] /usr/local/apache2/modules/libphp5.so(open_file_for_scanning+0x90)[0x7f5a887bed60] /usr/local/apache2/modules/libphp5.so(compile_file+0x9c)[0x7f5a887bf92c] /usr/local/apache2/modules/libphp5.so[0x7f5a8866575a] /usr/local/apache2/modules/libphp5.so[0x7f5a8881c733] /usr/local/apache2/modules/libphp5.so(execute+0x209)[0x7f5a88813c49] /usr/local/apache2/modules/libphp5.so(zend_execute_scripts+0x17b)[0x7f5a887e52db] /usr/local/apache2/modules/libphp5.so(php_execute_script+0x198)[0x7f5a8878e0f8] /usr/local/apache2/modules/libphp5.so[0x7f5a8887348f] /usr/local/apache2/bin/httpd(ap_run_handler+0x4a)[0x443f5a] /usr/local/apache2/bin/httpd(ap_invoke_handler+0xce)[0x44747e] /usr/local/apache2/bin/httpd(ap_process_request+0x18e)[0x465ece] /usr/local/apache2/bin/httpd[0x462d78] /usr/local/apache2/bin/httpd(ap_run_process_connection+0x4a)[0x44b45a] /usr/local/apache2/bin/httpd[0x46abd0] /usr/local/apache2/bin/httpd[0x46aea4] /usr/local/apache2/bin/httpd(ap_mpm_run+0xbde)[0x46baee] /usr/local/apache2/bin/httpd(main+0x99a)[0x43063a] /lib/libc.so.6(__libc_start_main+0xe6)[0x7f5a8e31b1a6] /usr/local/apache2/bin/httpd(apr_os_proc_mutex_put+0x49)[0x42f819] === Memory map: 0040-00493000 r-xp 08:01 442565 /usr/local/apache2/bin/httpd 00692000-00698000 rw-p 00092000 08:01 442565 /usr/local/apache2/bin/httpd 00698000-0069d000 rw-p 00698000 00:00 0 017e-053d4000 rw-p 017e 00:00 0 [heap] 7f5a8000-7f5a80021000 rw-p 7f5a8000 00:00 0 7f5a80021000-7f5a8400 ---p 7f5a80021000 00:00 0 7f5a8497c000-7f5a84992000 r-xp 08:01 835587 /lib/libgcc_s.so.1 7f5a84992000-7f5a84b92000 ---p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b92000-7f5a84b93000 rw-p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b9d000-7f5a84b9e000 r--s 08:11 78792612 /home/apache2/htdocs/horde/lib/core.php 7f5a84b9e000-7f5a84bc1000 r--p 08:11 78799575 /home/apache2/htdocs/horde/mnemo/locale/cs_CZ/LC_MESSAGES/mnemo.mo 7f5a84bc1000-7f5a84bc5000 r-xp 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84bc5000-7f5a84dc4000 ---p 4000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc4000-7f5a84dc6000 rw-p 3000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc6000-7f5a84dfd000 r--p 08:11 78790850 /home/apache2/htdocs/horde/imp/locale/cs_CZ/LC_MESSAGES/imp.mo 7f5a84dfd000-7f5a84dff000 r-xp 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84dff000-7f5a84ffe000 ---p 2000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84ffe000-7f5a8500 rw-p 1000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a8500-7f5a85192000 r--p 08:01 428099 /usr/lib/locale/locale-archive 7f5a85192000-7f5a851e1000 rw-p 7f5a85192000 00:00 0 7f5a851e1000-7f5a851e3000 r-xp 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a851e3000-7f5a853e2000 ---p 2000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e2000-7f5a853e3000 rw-p 1000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e3000-7f5a853ed000 r-xp 08:01 1884173 /lib/libnss_files-2.7.so 7f5a853ed000-7f5a855ed000 ---p a000 08:01 1884173 /lib/libnss_files-2.7.so 7f5a855ed000-7f5a855ef000 rw-p a000 08:01 1884173 /lib/libnss_files-2.7.so 7f5a855ef000-7f5a855f8000 r-xp 08:01 1884175 /lib/libnss_nis-2.7.so 7f5a855f80
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: komanek at natur dot cuni dot cz Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: Hi, I used the USE_ZEND_ALLOC=0 and got another segfault. But in this case in the apache error log is hopefuly something useful: *** glibc detected *** /usr/local/apache2/bin/httpd: double free or corruption (!prev): 0x051d6e10 *** === Backtrace: = /lib/libc.so.6[0x7f5a8e3709a8] /lib/libc.so.6(cfree+0x76)[0x7f5a8e372ab6] /usr/local/apache2/modules/libphp5.so(zend_multibyte_read_script+0x2e)[0x7f5a887be90e] /usr/local/apache2/modules/libphp5.so(open_file_for_scanning+0x90)[0x7f5a887bed60] /usr/local/apache2/modules/libphp5.so(compile_file+0x9c)[0x7f5a887bf92c] /usr/local/apache2/modules/libphp5.so[0x7f5a8866575a] /usr/local/apache2/modules/libphp5.so[0x7f5a8881c733] /usr/local/apache2/modules/libphp5.so(execute+0x209)[0x7f5a88813c49] /usr/local/apache2/modules/libphp5.so(zend_execute_scripts+0x17b)[0x7f5a887e52db] /usr/local/apache2/modules/libphp5.so(php_execute_script+0x198)[0x7f5a8878e0f8] /usr/local/apache2/modules/libphp5.so[0x7f5a8887348f] /usr/local/apache2/bin/httpd(ap_run_handler+0x4a)[0x443f5a] /usr/local/apache2/bin/httpd(ap_invoke_handler+0xce)[0x44747e] /usr/local/apache2/bin/httpd(ap_process_request+0x18e)[0x465ece] /usr/local/apache2/bin/httpd[0x462d78] /usr/local/apache2/bin/httpd(ap_run_process_connection+0x4a)[0x44b45a] /usr/local/apache2/bin/httpd[0x46abd0] /usr/local/apache2/bin/httpd[0x46aea4] /usr/local/apache2/bin/httpd(ap_mpm_run+0xbde)[0x46baee] /usr/local/apache2/bin/httpd(main+0x99a)[0x43063a] /lib/libc.so.6(__libc_start_main+0xe6)[0x7f5a8e31b1a6] /usr/local/apache2/bin/httpd(apr_os_proc_mutex_put+0x49)[0x42f819] === Memory map: 0040-00493000 r-xp 08:01 442565 /usr/local/apache2/bin/httpd 00692000-00698000 rw-p 00092000 08:01 442565 /usr/local/apache2/bin/httpd 00698000-0069d000 rw-p 00698000 00:00 0 017e-053d4000 rw-p 017e 00:00 0 [heap] 7f5a8000-7f5a80021000 rw-p 7f5a8000 00:00 0 7f5a80021000-7f5a8400 ---p 7f5a80021000 00:00 0 7f5a8497c000-7f5a84992000 r-xp 08:01 835587 /lib/libgcc_s.so.1 7f5a84992000-7f5a84b92000 ---p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b92000-7f5a84b93000 rw-p 00016000 08:01 835587 /lib/libgcc_s.so.1 7f5a84b9d000-7f5a84b9e000 r--s 08:11 78792612 /home/apache2/htdocs/horde/lib/core.php 7f5a84b9e000-7f5a84bc1000 r--p 08:11 78799575 /home/apache2/htdocs/horde/mnemo/locale/cs_CZ/LC_MESSAGES/mnemo.mo 7f5a84bc1000-7f5a84bc5000 r-xp 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84bc5000-7f5a84dc4000 ---p 4000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc4000-7f5a84dc6000 rw-p 3000 08:01 1884172 /lib/libnss_dns-2.7.so 7f5a84dc6000-7f5a84dfd000 r--p 08:11 78790850 /home/apache2/htdocs/horde/imp/locale/cs_CZ/LC_MESSAGES/imp.mo 7f5a84dfd000-7f5a84dff000 r-xp 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84dff000-7f5a84ffe000 ---p 2000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a84ffe000-7f5a8500 rw-p 1000 08:01 1327349 /usr/lib/gconv/ISO8859-2.so 7f5a8500-7f5a85192000 r--p 08:01 428099 /usr/lib/locale/locale-archive 7f5a85192000-7f5a851e1000 rw-p 7f5a85192000 00:00 0 7f5a851e1000-7f5a851e3000 r-xp 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a851e3000-7f5a853e2000 ---p 2000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e2000-7f5a853e3000 rw-p 1000 08:01 451017 /usr/local/apache2/lib/apr-util-1/apr_ldap-1.so 7f5a853e3000-7f5a853ed000 r-xp 08:01 1884173 /lib/libnss_files-2.7.so 7f5a853ed000-7f5a855ed000 ---p a000 08:01 1884173 /lib/libnss_files-2.7.so 7f5a855ed000-7f5a855ef000 rw-p a000 08:01 1884173 /lib/libnss_files-2.7.so 7f5a855ef000-7f5a855f8000 r-xp 08:01 1884175 /lib/libnss_nis-2.7.so 7f5a855f8000-7f5a857f8000 ---p 9000 08:01 1884175 /lib/libnss_nis-2.7.so 7f5a857f8000-7f5a857fa000 rw-p 9000 08:01 1884175 /lib/libnss_nis-2.7.so 7f5a857fa000-7f5a85801000 r-xp 08:01 1884171 /lib/libnss_compat-2.7.so 7f5a85801000-7f
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: komanek at natur dot cuni dot cz Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: I have just run into the same problems after upgrading from 5.2.17 to 5.3.10 last weekend. Hosted on Debian server. Before I found this bug report, I created another one: https://bugs.php.net/bug.php?id=61508 , which now seems to be a duplicate of this one. It is true I have a loaded server with many extensions and many users with their own apps, so this seems not to be possible for me to check all their code or to downgrade to unsupported 5.2 branch. Previous Comments: [2012-02-20 20:05:16] andreyvit at me dot com Just had the same issue, but 100% reproducible. It does not always print zend_mm_heap corrupted, but it always segfaults PHP. I've traced it to an equivalent of the following two lines of code: $xx = new stdClass; strpos($xx, ':'); Moreover, this only crashes inside a custom error handler function. If I disable set_error_handler call, the crash disappears. The crash inside the error handler is on a pretty innocent operation, and the location is not stable (most often it crashes on assigning a large literal array to a static variable). I tried to produce a smaller test case which reproduces the crash, but failed. Some magic dust is always missing. However, this gives us an alternative theory why most people may only be seeing this in production and rarely: they may only be running a custom error handler in production, and they may have a rare critical error somewhere which can trigger it. Try disabling your error handler and see. [2011-12-11 19:37:37] arekm at maven dot pl "f dot ardelian at gmail dot com" test case works on php 5.4rc2, too (php cli segfaults) [2011-11-23 11:30:36] utnalove at yahoo dot it Hello, I use Wordpress. I am hosted in home.pl which uses IdeaWebServer instead of Apache. Very often when I enable whatever cache plugin I get the "zend_mm_heap corrupted" error. I have also a hosting in the USA with Apache and the same PHP and MySql versions. If I backup both data and database and restore it in the Apache server I can use my caching plugins without issues because the "zend_mm_heap corrupted" error never appears. Home.pl says that this is a PHP issue and it is not connected with their non- Apache server. What's your opinion in that? Is it a PHP issue or a hosting issue? Thank you [2011-11-02 10:34:30] from dot php dot net at brainbox dot cz I can reproduce the bug on Microsoft Windows XP SP3, with latest official PHP 5.3.8 NTS build. When we run script from "f dot ardelian at gmail dot com", PHP does not output "zend_mm_heap corrupted", but right after displaying the "If you see thisâ¦" line CRASHES. However, I found that when I call "gc_disable();" before script end, it finishes successfully. This helped me run the test script without problems, but didn't solve the issue in my other scripts. _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; gc_disable(); // ADDED - works for me - PHP does not crash ?> [2011-10-17 20:24:44] rob dot spekschoor at gmail dot com problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: andreyvit at me dot com Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: Just had the same issue, but 100% reproducible. It does not always print zend_mm_heap corrupted, but it always segfaults PHP. I've traced it to an equivalent of the following two lines of code: $xx = new stdClass; strpos($xx, ':'); Moreover, this only crashes inside a custom error handler function. If I disable set_error_handler call, the crash disappears. The crash inside the error handler is on a pretty innocent operation, and the location is not stable (most often it crashes on assigning a large literal array to a static variable). I tried to produce a smaller test case which reproduces the crash, but failed. Some magic dust is always missing. However, this gives us an alternative theory why most people may only be seeing this in production and rarely: they may only be running a custom error handler in production, and they may have a rare critical error somewhere which can trigger it. Try disabling your error handler and see. Previous Comments: [2011-12-11 19:37:37] arekm at maven dot pl "f dot ardelian at gmail dot com" test case works on php 5.4rc2, too (php cli segfaults) [2011-11-23 11:30:36] utnalove at yahoo dot it Hello, I use Wordpress. I am hosted in home.pl which uses IdeaWebServer instead of Apache. Very often when I enable whatever cache plugin I get the "zend_mm_heap corrupted" error. I have also a hosting in the USA with Apache and the same PHP and MySql versions. If I backup both data and database and restore it in the Apache server I can use my caching plugins without issues because the "zend_mm_heap corrupted" error never appears. Home.pl says that this is a PHP issue and it is not connected with their non- Apache server. What's your opinion in that? Is it a PHP issue or a hosting issue? Thank you [2011-11-02 10:34:30] from dot php dot net at brainbox dot cz I can reproduce the bug on Microsoft Windows XP SP3, with latest official PHP 5.3.8 NTS build. When we run script from "f dot ardelian at gmail dot com", PHP does not output "zend_mm_heap corrupted", but right after displaying the "If you see thisâ¦" line CRASHES. However, I found that when I call "gc_disable();" before script end, it finishes successfully. This helped me run the test script without problems, but didn't solve the issue in my other scripts. _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; gc_disable(); // ADDED - works for me - PHP does not crash ?> [2011-10-17 20:24:44] rob dot spekschoor at gmail dot com problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable [2011-10-05 20:08:42] rob dot spekschoor at gmail dot com I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: arekm at maven dot pl Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: "f dot ardelian at gmail dot com" test case works on php 5.4rc2, too (php cli segfaults) Previous Comments: [2011-11-23 11:30:36] utnalove at yahoo dot it Hello, I use Wordpress. I am hosted in home.pl which uses IdeaWebServer instead of Apache. Very often when I enable whatever cache plugin I get the "zend_mm_heap corrupted" error. I have also a hosting in the USA with Apache and the same PHP and MySql versions. If I backup both data and database and restore it in the Apache server I can use my caching plugins without issues because the "zend_mm_heap corrupted" error never appears. Home.pl says that this is a PHP issue and it is not connected with their non- Apache server. What's your opinion in that? Is it a PHP issue or a hosting issue? Thank you [2011-11-02 10:34:30] from dot php dot net at brainbox dot cz I can reproduce the bug on Microsoft Windows XP SP3, with latest official PHP 5.3.8 NTS build. When we run script from "f dot ardelian at gmail dot com", PHP does not output "zend_mm_heap corrupted", but right after displaying the "If you see thisâ¦" line CRASHES. However, I found that when I call "gc_disable();" before script end, it finishes successfully. This helped me run the test script without problems, but didn't solve the issue in my other scripts. _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; gc_disable(); // ADDED - works for me - PHP does not crash ?> [2011-10-17 20:24:44] rob dot spekschoor at gmail dot com problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable [2011-10-05 20:08:42] rob dot spekschoor at gmail dot com I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies [2011-09-26 08:00:03] laacz at laacz dot lv Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: utnalove at yahoo dot it Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: Hello, I use Wordpress. I am hosted in home.pl which uses IdeaWebServer instead of Apache. Very often when I enable whatever cache plugin I get the "zend_mm_heap corrupted" error. I have also a hosting in the USA with Apache and the same PHP and MySql versions. If I backup both data and database and restore it in the Apache server I can use my caching plugins without issues because the "zend_mm_heap corrupted" error never appears. Home.pl says that this is a PHP issue and it is not connected with their non- Apache server. What's your opinion in that? Is it a PHP issue or a hosting issue? Thank you Previous Comments: [2011-11-02 10:34:30] from dot php dot net at brainbox dot cz I can reproduce the bug on Microsoft Windows XP SP3, with latest official PHP 5.3.8 NTS build. When we run script from "f dot ardelian at gmail dot com", PHP does not output "zend_mm_heap corrupted", but right after displaying the "If you see thisâ¦" line CRASHES. However, I found that when I call "gc_disable();" before script end, it finishes successfully. This helped me run the test script without problems, but didn't solve the issue in my other scripts. _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; gc_disable(); // ADDED - works for me - PHP does not crash ?> [2011-10-17 20:24:44] rob dot spekschoor at gmail dot com problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable [2011-10-05 20:08:42] rob dot spekschoor at gmail dot com I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies [2011-09-26 08:00:03] laacz at laacz dot lv Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans [2011-09-02 11:28:40] christoffer at westart dot se I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: from dot php dot net at brainbox dot cz Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: I can reproduce the bug on Microsoft Windows XP SP3, with latest official PHP 5.3.8 NTS build. When we run script from "f dot ardelian at gmail dot com", PHP does not output "zend_mm_heap corrupted", but right after displaying the "If you see thisâ¦" line CRASHES. However, I found that when I call "gc_disable();" before script end, it finishes successfully. This helped me run the test script without problems, but didn't solve the issue in my other scripts. _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; gc_disable(); // ADDED - works for me - PHP does not crash ?> Previous Comments: [2011-10-17 20:24:44] rob dot spekschoor at gmail dot com problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable [2011-10-05 20:08:42] rob dot spekschoor at gmail dot com I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies [2011-09-26 08:00:03] laacz at laacz dot lv Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans [2011-09-02 11:28:40] christoffer at westart dot se I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? [2011-08-31 07:49:32] f dot ardelian at gmail dot com The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: rob dot spekschoor at gmail dot com Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: problem solved by compiling apache with prefork. Somehow Apache worker MPM + PHP 5.2 works fine but Apache worker MPM + PHP 5.3 fails terribly. Prefork seems stable Previous Comments: [2011-10-05 20:08:42] rob dot spekschoor at gmail dot com I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies [2011-09-26 08:00:03] laacz at laacz dot lv Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans [2011-09-02 11:28:40] christoffer at westart dot se I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? [2011-08-31 07:49:32] f dot ardelian at gmail dot com The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian [2010-10-16 00:06:47] fel...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: rob dot spekschoor at gmail dot com Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: I can also reproduce with script from 'f dot ardelian at gmail dot com' this error on: php --version PHP 5.3.8-pl0-gentoo (cli) (built: Oct 4 2011 10:42:38) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies Previous Comments: [2011-09-26 08:00:03] laacz at laacz dot lv Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans [2011-09-02 11:28:40] christoffer at westart dot se I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? [2011-08-31 07:49:32] f dot ardelian at gmail dot com The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian [2010-10-16 00:06:47] fel...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2010-09-16 13:23:05] michael202 at gmx dot de The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-( Sometimes it is twice a day sometimes every few days. Apache starts giving these messages: "child pid x exit signal Segmentation fault (11)" And if your are lucky, the scripts still return xml-results. If you get a no result from the script (i.a. white page in browser), you'll need a apache stop and start (graceful does not help) and the error_log says: "seg fault or similar nasty error detected in the parent process" The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=40479 -- Edit this bug report at https://bugs.php.net/bug.php?id=40479&edit=1
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: laacz at laacz dot lv Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: Second this by running code, provided by "f dot ardelian at gmail dot com" at 2011-08-31 07:49 UTC: # php -q zend_mm_heap_corrupted.php If you see this, try to increase OBJECT_COUNT to 100,000zend_mm_heap corrupted # php --version PHP 5.3.8 (cli) (built: Aug 29 2011 14:48:33) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with Xdebug v2.1.2, Copyright (c) 2002-2011, by Derick Rethans Previous Comments: [2011-09-02 11:28:40] christoffer at westart dot se I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? [2011-08-31 07:49:32] f dot ardelian at gmail dot com The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian [2010-10-16 00:06:47] fel...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2010-09-16 13:23:05] michael202 at gmx dot de The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-( Sometimes it is twice a day sometimes every few days. Apache starts giving these messages: "child pid x exit signal Segmentation fault (11)" And if your are lucky, the scripts still return xml-results. If you get a no result from the script (i.a. white page in browser), you'll need a apache stop and start (graceful does not help) and the error_log says: "seg fault or similar nasty error detected in the parent process" [2010-08-09 10:32:10] sht dot alien at gmx dot net I had it coming when I started my unittests. But it happened out of nowhere ^^ Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug backtrace (as seen below). But I came up with a solution: ZendDebugger was the root of all evil. I'll check out if there's a newer version available... FAILURES! Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9. *** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer: 0x035b5a8f *** === Backtrace: = /lib/libc.so.6(+0x775b6)[0x7f56f13105b6] /lib/libc.so.6(cfree+0x73)[0x7f56f1316e53] /usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b] /usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845] /usr/local/zend/bin/php[0x656822] /usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929] /usr/local/zend/bin/php[0x63e486] /usr/local/zend/bin/php[0x64a8b2] /usr/local/zend/bin/php(php_request_shutdown+0x1ae)[0x5f9cce] /usr/local/zend/bin/php[0x6d2be4] /lib/libc.so.6(__libc_start_main+0xfd)[0x7f56f12b7c4d] /usr/local/zend/bin/php[0x45ffaa] === Memory map: 0040-009d8000 r-xp
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: christoffer at westart dot se Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: I must agree with Florin, we are experiencing the same kinds of issues, both with CLI and mod_php, su_php and across 5.2.* and 5.3.*. We really need this to be fixed. Any updates? Previous Comments: [2011-08-31 07:49:32] f dot ardelian at gmail dot com The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian [2010-10-16 00:06:47] fel...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2010-09-16 13:23:05] michael202 at gmx dot de The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-( Sometimes it is twice a day sometimes every few days. Apache starts giving these messages: "child pid x exit signal Segmentation fault (11)" And if your are lucky, the scripts still return xml-results. If you get a no result from the script (i.a. white page in browser), you'll need a apache stop and start (graceful does not help) and the error_log says: "seg fault or similar nasty error detected in the parent process" [2010-08-09 10:32:10] sht dot alien at gmx dot net I had it coming when I started my unittests. But it happened out of nowhere ^^ Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug backtrace (as seen below). But I came up with a solution: ZendDebugger was the root of all evil. I'll check out if there's a newer version available... FAILURES! Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9. *** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer: 0x035b5a8f *** === Backtrace: = /lib/libc.so.6(+0x775b6)[0x7f56f13105b6] /lib/libc.so.6(cfree+0x73)[0x7f56f1316e53] /usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b] /usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845] /usr/local/zend/bin/php[0x656822] /usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929] /usr/local/zend/bin/php[0x63e486] /usr/local/zend/bin/php[0x64a8b2] /usr/local/zend/bin/php(php_request_shutdown+0x1ae)[0x5f9cce] /usr/local/zend/bin/php[0x6d2be4] /lib/libc.so.6(__libc_start_main+0xfd)[0x7f56f12b7c4d] /usr/local/zend/bin/php[0x45ffaa] === Memory map: 0040-009d8000 r-xp 08:01 12588460 /usr/local/zend/bin/php 00ad8000-00b5f000 rwxp 005d8000 08:01 12588460 /usr/local/zend/bin/php 00b5f000-00b7f000 rwxp 00:00 0 02b4e000-04999000 rwxp 00:00 0 [heap] 7f56e000-7f56e0021000 rwxp 00:00 0 7f56e0021000-7f56e400 ---p 00:00 0 7f56e5309000-7f56e530e000 r-xp 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e530e000-7f56e550d000 ---p 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550d000-7f56e550e000 r-xp 4000 08:01 15842
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at https://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: f dot ardelian at gmail dot com Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N Private report: N New Comment: The cause is pretty clear to me: when the script ends, the garbage collector starts to destroy the objects and the `unset()` in the destructor probably invokes the garbage collector again. The error message doesn't always appear on the screen nor in the error log (sometimes it does). The "Segmentation fault" always appears in the error log. Breaks if PHP is installed using apt-get or yum or comes with your Linux distro. Seems to work fine on Windows and codepads (custom compiled PHPs). Definitely breaks on Debian. Don't forget to set memory_limit to have enough room in memory to create all the objects (128M seems to be enough on Debian to create 150,000 objects). _guid = self::$maxGuid++] = $this; } public function __destruct() { unset(self::$world[$this->_guid]); } } for ($i = 0; $i < OBJECT_COUNT; ++$i) { new Object(); } // You probably won't see this because of the "zend_mm_heap corrupted" echo 'If you see this, try to increase OBJECT_COUNT to 100,000'; ?> If this code pinpoints the four and a half years-old issue, email me a beer. Florin Ardelian Previous Comments: [2010-10-16 00:06:47] fel...@php.net Thank you for this bug report. To properly diagnose the problem, we need a short but complete example script to be able to reproduce this bug ourselves. A proper reproducing script starts with , is max. 10-20 lines long and does not require any external resources such as databases, etc. If the script requires a database to demonstrate the issue, please make sure it creates all necessary tables, stored procedures etc. Please avoid embedding huge scripts into the report. [2010-09-16 13:23:05] michael202 at gmx dot de The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-( Sometimes it is twice a day sometimes every few days. Apache starts giving these messages: "child pid x exit signal Segmentation fault (11)" And if your are lucky, the scripts still return xml-results. If you get a no result from the script (i.a. white page in browser), you'll need a apache stop and start (graceful does not help) and the error_log says: "seg fault or similar nasty error detected in the parent process" [2010-08-09 10:32:10] sht dot alien at gmx dot net I had it coming when I started my unittests. But it happened out of nowhere ^^ Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug backtrace (as seen below). But I came up with a solution: ZendDebugger was the root of all evil. I'll check out if there's a newer version available... FAILURES! Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9. *** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer: 0x035b5a8f *** === Backtrace: = /lib/libc.so.6(+0x775b6)[0x7f56f13105b6] /lib/libc.so.6(cfree+0x73)[0x7f56f1316e53] /usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b] /usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845] /usr/local/zend/bin/php[0x656822] /usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929] /usr/local/zend/bin/php[0x63e486] /usr/local/zend/bin/php[0x64a8b2] /usr/local/zend/bin/php(php_request_shutdown+0x1ae)[0x5f9cce] /usr/local/zend/bin/php[0x6d2be4] /lib/libc.so.6(__libc_start_main+0xfd)[0x7f56f12b7c4d] /usr/local/zend/bin/php[0x45ffaa] === Memory map: 0040-009d8000 r-xp 08:01 12588460 /usr/local/zend/bin/php 00ad8000-00b5f000 rwxp 005d8000 08:01 12588460 /usr/local/zend/bin/php 00b5f000-00b7f000 rwxp 00:00 0 02b4e000-04999000 rwxp 00:00 0 [heap] 7f56e000-7f56e0021000 rwxp 00:00 0 7f56e0021000-7f56e400 ---p 00:00 0 7f56e5309000-7f56e530e000 r-xp 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e530e000-7f56e550d000 ---p 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550d000-7f56e550e000 r-xp 4000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550e000-7f56e550f000 rwxp 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550f000-7f56e5511000 r-xp 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5511000-7f56e571 ---p 2000 08:01 41397
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at http://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: michael202 at gmx dot de Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: No Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N New Comment: The problem is still in 5.3.3 on Suse 11.2, but it is not reproducible :-( Sometimes it is twice a day sometimes every few days. Apache starts giving these messages: "child pid x exit signal Segmentation fault (11)" And if your are lucky, the scripts still return xml-results. If you get a no result from the script (i.a. white page in browser), you'll need a apache stop and start (graceful does not help) and the error_log says: "seg fault or similar nasty error detected in the parent process" Previous Comments: [2010-08-09 10:32:10] sht dot alien at gmx dot net I had it coming when I started my unittests. But it happened out of nowhere ^^ Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug backtrace (as seen below). But I came up with a solution: ZendDebugger was the root of all evil. I'll check out if there's a newer version available... FAILURES! Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9. *** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer: 0x035b5a8f *** === Backtrace: = /lib/libc.so.6(+0x775b6)[0x7f56f13105b6] /lib/libc.so.6(cfree+0x73)[0x7f56f1316e53] /usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b] /usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845] /usr/local/zend/bin/php[0x656822] /usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929] /usr/local/zend/bin/php[0x63e486] /usr/local/zend/bin/php[0x64a8b2] /usr/local/zend/bin/php(php_request_shutdown+0x1ae)[0x5f9cce] /usr/local/zend/bin/php[0x6d2be4] /lib/libc.so.6(__libc_start_main+0xfd)[0x7f56f12b7c4d] /usr/local/zend/bin/php[0x45ffaa] === Memory map: 0040-009d8000 r-xp 08:01 12588460 /usr/local/zend/bin/php 00ad8000-00b5f000 rwxp 005d8000 08:01 12588460 /usr/local/zend/bin/php 00b5f000-00b7f000 rwxp 00:00 0 02b4e000-04999000 rwxp 00:00 0 [heap] 7f56e000-7f56e0021000 rwxp 00:00 0 7f56e0021000-7f56e400 ---p 00:00 0 7f56e5309000-7f56e530e000 r-xp 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e530e000-7f56e550d000 ---p 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550d000-7f56e550e000 r-xp 4000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550e000-7f56e550f000 rwxp 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550f000-7f56e5511000 r-xp 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5511000-7f56e571 ---p 2000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e571-7f56e5711000 r-xp 1000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5711000-7f56e5712000 rwxp 2000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5712000-7f56e5714000 rwxp 00:00 0 7f56e5794000-7f56e58f7000 r-xp 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e58f7000-7f56e59f7000 ---p 00163000 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e59f7000-7f56e5a21000 rwxp 00163000 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e5a21000-7f56e5a27000 rwxp 00:00 0 7f56e5a27000-7f56e5a69000 r-xp 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5a69000-7f56e5b69000 ---p 00042000 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5b69000-7f56e5b6b000 rwxp 00042000 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5b6b000-7f56e5b76000 rwxp 00:00 0 7f56e5b76000-7f56e5cd3000 r-xp 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5cd3000-7f56e5dd3000 ---p 0015d000 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5dd3000-7f56e5ddb000 rwxp 0015d000 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5ddb000-7f56e5dde000 rwxp 00:00 0 7f56e5dde000-7f56e5f5 r-xp 08:01 12583528 /usr/local/zend/lib/datacache/php-5.3.x/ZendDataCache.so 7f56e5f5-7f56e604f000 ---p 00172000 08:01 12583528
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at http://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: sht dot alien at gmx dot net Reported by:rrossi at maggioli dot it Summary:zend_mm_heap corrupted Status: No Feedback Type: Bug Package:Reproducible crash Operating System: Suse Linux 9.0 PHP Version:5.2.1 Block user comment: N New Comment: I had it coming when I started my unittests. But it happened out of nowhere ^^ Wehen I set USE_ZEND_ALLOC=0 it didn't go away, but instead I got a debug backtrace (as seen below). But I came up with a solution: ZendDebugger was the root of all evil. I'll check out if there's a newer version available... FAILURES! Tests: 284, Assertions: 1911, Errors: 4, Incomplete: 10, Skipped: 9. *** glibc detected *** /usr/local/zend/bin/php: free(): invalid pointer: 0x035b5a8f *** === Backtrace: = /lib/libc.so.6(+0x775b6)[0x7f56f13105b6] /lib/libc.so.6(cfree+0x73)[0x7f56f1316e53] /usr/local/zend/bin/php(zend_hash_destroy+0x7b)[0x656b7b] /usr/local/zend/bin/php(destroy_zend_class+0x55)[0x641845] /usr/local/zend/bin/php[0x656822] /usr/local/zend/bin/php(zend_hash_reverse_apply+0x59)[0x656929] /usr/local/zend/bin/php[0x63e486] /usr/local/zend/bin/php[0x64a8b2] /usr/local/zend/bin/php(php_request_shutdown+0x1ae)[0x5f9cce] /usr/local/zend/bin/php[0x6d2be4] /lib/libc.so.6(__libc_start_main+0xfd)[0x7f56f12b7c4d] /usr/local/zend/bin/php[0x45ffaa] === Memory map: 0040-009d8000 r-xp 08:01 12588460 /usr/local/zend/bin/php 00ad8000-00b5f000 rwxp 005d8000 08:01 12588460 /usr/local/zend/bin/php 00b5f000-00b7f000 rwxp 00:00 0 02b4e000-04999000 rwxp 00:00 0 [heap] 7f56e000-7f56e0021000 rwxp 00:00 0 7f56e0021000-7f56e400 ---p 00:00 0 7f56e5309000-7f56e530e000 r-xp 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e530e000-7f56e550d000 ---p 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550d000-7f56e550e000 r-xp 4000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550e000-7f56e550f000 rwxp 5000 08:01 15842 /lib/libnss_dns-2.11.1.so 7f56e550f000-7f56e5511000 r-xp 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5511000-7f56e571 ---p 2000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e571-7f56e5711000 r-xp 1000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5711000-7f56e5712000 rwxp 2000 08:01 41397 /lib/libnss_mdns4_minimal.so.2 7f56e5712000-7f56e5714000 rwxp 00:00 0 7f56e5794000-7f56e58f7000 r-xp 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e58f7000-7f56e59f7000 ---p 00163000 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e59f7000-7f56e5a21000 rwxp 00163000 08:01 12582939 /usr/local/zend/lib/debugger/php-5.3.x/ZendDebugger.so 7f56e5a21000-7f56e5a27000 rwxp 00:00 0 7f56e5a27000-7f56e5a69000 r-xp 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5a69000-7f56e5b69000 ---p 00042000 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5b69000-7f56e5b6b000 rwxp 00042000 08:01 12583569 /usr/local/zend/lib/optimizerplus/php-5.3.x/ZendOptimizerPlus.so 7f56e5b6b000-7f56e5b76000 rwxp 00:00 0 7f56e5b76000-7f56e5cd3000 r-xp 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5cd3000-7f56e5dd3000 ---p 0015d000 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5dd3000-7f56e5ddb000 rwxp 0015d000 08:01 12583576 /usr/local/zend/lib/utils/php-5.3.x/ZendUtils.so 7f56e5ddb000-7f56e5dde000 rwxp 00:00 0 7f56e5dde000-7f56e5f5 r-xp 08:01 12583528 /usr/local/zend/lib/datacache/php-5.3.x/ZendDataCache.so 7f56e5f5-7f56e604f000 ---p 00172000 08:01 12583528 /usr/local/zend/lib/datacache/php-5.3.x/ZendDataCache.so 7f56e604f000-7f56e6058000 rwxp 00171000 08:01 12583528 /usr/local/zend/lib/datacache/php-5.3.x/ZendDataCache.so 7f56e6058000-7f56e605b000 rwxp 00:00 0 7f56e605b000-7f56e605e000 r-xp 08:01 537567 /usr/lib/gconv/UTF-16.so 7f56e605e000-7f56e625d000 ---p 3000 08:01 537567 /usr/lib/gconv/UTF-16.so 7f56e625d000-7f56e625e000 r-xp 2000 08:01 537567 /usr/lib/gconv/UTF-16.so 7f56e625e000-7f56e625f000 rwxp 3000 08:01 537567 /usr/lib/gconv/UTF-16.so 7f56e625f
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at http://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: contact at peterfrankjohnson dot co dot uk Reported by: rrossi at maggioli dot it Summary: zend_mm_heap corrupted Status: No Feedback Type: Bug Package: Reproducible crash Operating System: Suse Linux 9.0 PHP Version: 5.2.1 New Comment: Problem: -- I had this problem when importing an xml file with over 4200 items which all needed inserting as individual records into a database. I was using doctrine to insert the records and was creating a new object for each record, but each time I ran the script it crashed with this error after inserting exactly 3,579 records each time. Solution: --- I then decided to try cleaning up the code I had written by using unset() to destroy the object after it had been finished with. All of the records were then inserted without any problems. I would advise anyone receiving this error to check that variables and objects are being destroyed with unset, because if you think about it the error is telling you that the zend memory managers heap is corrupted. Previous Comments: [2010-04-30 10:41:31] php at foxteck dot org Just for history/logging purposes, I got this same error on PHP 5.2.6 + MySQL 5.1 + Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a DAV/2 + SuPHP on RHEL 4 today. It was related to mysql_* calls, phpinfo() worked fine, no errors. Any mysql_* call crashed. Code: --- [erom...@roll tmp]$ cat /tmp/test.php function.mysql- connect]: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) in /tmp/test.php on line 2 X-Powered-By: PHP/5.2.6 Content-type: text/html HolaCould not connect: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Updating to 5.3.2 fixed the issue. Here's the config line I used in BOTH 5.2.6 and 5.3.2, everything compiled fine both times. Disregard the unused flags: './configure' \ '--prefix=/usr/local/php5-cgi' \ '--with-curl' \ '--with-freetype-dir=/usr' \ '--with-png-dir=/usr' \ '--enable-gd-native-ttf' \ '--with-jpeg-dir=/usr' \ '--with-png' \ '--enable-magic-quotes' \ '--enable-sockets' \ '--enable-sysvsem' \ '--enable-sysvshm' \ '--enable-sysvmsg' \ '--enable-track-vars' \ '--enable-trans-sid' \ '--enable-yp' \ '--enable-wddx' \ '--with-pear=/usr/share/pear' \ '--with-kerberos' \ '--with-mysql=/usr/local/mysql' \ '--with-mysqli' \ '--with-pcre-regex' \ '--disable-cli' \ '--enable-cgi' \ '--enable-mbstring' \ '--enable-fastcgi' \ '--enable-force-cgi-redirect' \ '--enable-discard-path' \ '--with-oci8=instantclient,/usr/lib/oracle/11.1.0.1/client/lib' \ '--with-gd' \ '--with-zlib' Cheers, Eduardo Romero http://foxteck.org [2009-11-16 19:16:03] gfmailweb at gmail dot com Adding export USE_ZEND_ALLOC=0 to apache2ctl on Ubuntu Hardy worked for me too. [2009-11-12 13:38:31] astehlik at intera dot de I can confirm, that my apache crashed with the error "zend_mm_heap corrupted" under heavy load. After that I get a lot of Segmentation faults (11). OS: CentOS 5.4 PHP: 5.2.11 Apache: 2.2.14 The server is running as a virtual machine in an ESXi 3.5 Server. I'm now testing the "export USE_ZEND_ALLOC=0" workaround in my apachectl. I'll provide more feedback as soon as I know if this helps. [2009-10-27 14:54:49] mike at blueroot dot co dot uk I see this error all the time on my complicated application. I am using php-fcgi + nginx + mongodb so I am fairly sure it is something in core. I find that even a small change can fix the problem, output buffering seems to be the culprit for me (ob_end_flush() seems to fix it) which is maybe why people can only reproduce on production servers? [2009-10-14 20:43:45] tulio dot silva at mpt dot gov dot br Hi all, in answer to sriram above, here we go: -bash-3.00$ /usr/local/apache2/bin/httpd -V Server version: Apache/2.2.13 (Unix) Server built: Oct 5 2009 10:20:45 Server's Module Magic Number: 20051115:23 Server loaded: APR 1.3.8, APR-Util 1.3.9 Compiled using: APR 1.3.8, APR-Util 1.3.9 Architecture: 64-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPE
Bug #40479 [Com]: zend_mm_heap corrupted
Edit report at http://bugs.php.net/bug.php?id=40479&edit=1 ID: 40479 Comment by: php at foxteck dot org Reported by: rrossi at maggioli dot it Summary: zend_mm_heap corrupted Status: No Feedback Type: Bug Package: Reproducible crash Operating System: Suse Linux 9.0 PHP Version: 5.2.1 New Comment: Just for history/logging purposes, I got this same error on PHP 5.2.6 + MySQL 5.1 + Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a DAV/2 + SuPHP on RHEL 4 today. It was related to mysql_* calls, phpinfo() worked fine, no errors. Any mysql_* call crashed. Code: --- [erom...@roll tmp]$ cat /tmp/test.php function.mysql- connect]: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) in /tmp/test.php on line 2 X-Powered-By: PHP/5.2.6 Content-type: text/html HolaCould not connect: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Updating to 5.3.2 fixed the issue. Here's the config line I used in BOTH 5.2.6 and 5.3.2, everything compiled fine both times. Disregard the unused flags: './configure' \ '--prefix=/usr/local/php5-cgi' \ '--with-curl' \ '--with-freetype-dir=/usr' \ '--with-png-dir=/usr' \ '--enable-gd-native-ttf' \ '--with-jpeg-dir=/usr' \ '--with-png' \ '--enable-magic-quotes' \ '--enable-sockets' \ '--enable-sysvsem' \ '--enable-sysvshm' \ '--enable-sysvmsg' \ '--enable-track-vars' \ '--enable-trans-sid' \ '--enable-yp' \ '--enable-wddx' \ '--with-pear=/usr/share/pear' \ '--with-kerberos' \ '--with-mysql=/usr/local/mysql' \ '--with-mysqli' \ '--with-pcre-regex' \ '--disable-cli' \ '--enable-cgi' \ '--enable-mbstring' \ '--enable-fastcgi' \ '--enable-force-cgi-redirect' \ '--enable-discard-path' \ '--with-oci8=instantclient,/usr/lib/oracle/11.1.0.1/client/lib' \ '--with-gd' \ '--with-zlib' Cheers, Eduardo Romero http://foxteck.org Previous Comments: [2009-11-16 19:16:03] gfmailweb at gmail dot com Adding export USE_ZEND_ALLOC=0 to apache2ctl on Ubuntu Hardy worked for me too. [2009-11-12 13:38:31] astehlik at intera dot de I can confirm, that my apache crashed with the error "zend_mm_heap corrupted" under heavy load. After that I get a lot of Segmentation faults (11). OS: CentOS 5.4 PHP: 5.2.11 Apache: 2.2.14 The server is running as a virtual machine in an ESXi 3.5 Server. I'm now testing the "export USE_ZEND_ALLOC=0" workaround in my apachectl. I'll provide more feedback as soon as I know if this helps. [2009-10-27 14:54:49] mike at blueroot dot co dot uk I see this error all the time on my complicated application. I am using php-fcgi + nginx + mongodb so I am fairly sure it is something in core. I find that even a small change can fix the problem, output buffering seems to be the culprit for me (ob_end_flush() seems to fix it) which is maybe why people can only reproduce on production servers? [2009-10-14 20:43:45] tulio dot silva at mpt dot gov dot br Hi all, in answer to sriram above, here we go: -bash-3.00$ /usr/local/apache2/bin/httpd -V Server version: Apache/2.2.13 (Unix) Server built: Oct 5 2009 10:20:45 Server's Module Magic Number: 20051115:23 Server loaded: APR 1.3.8, APR-Util 1.3.9 Compiled using: APR 1.3.8, APR-Util 1.3.9 Architecture: 64-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/usr/local/apache2" -D SUEXEC_BIN="/usr/local/apache2/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" So it is prefork. If ZTS is enabled with --enable-maintainer-zts, then it´s off. Also, from phpinfo(), Debug Build no Thread Safety disabled Zend Memory Manager enabled and it seems USE_ZEND_ALLOC=0 does nothing for me. I´m on CentOS 4.6 on multi-core AMD64, with nearly 1GB RAM and a very busy server. There are plenty of custom systems in this machine, so I can´t tell what is causing it, but it started after we began using Elxis 2009.0 in production state (about 15 hits/second). My configure lines includes a lot of other p