ID: 45339 Updated by: [EMAIL PROTECTED] Reported By: willh at metavera dot com -Status: Open +Status: Feedback Bug Type: Reproducible crash Operating System: Linux 2.6.18-5-686-bigmem PHP Version: 5.2CVS-2008-06-23 (snap) New Comment:
Compile with --enable-debug but disable the PHP memory manager. You can do this with an environmental variable. export USE_ZEND_ALLOC=0 Then start Apache in debug mode, you can do this with httpd -X Previous Comments: ------------------------------------------------------------------------ [2008-06-23 18:49:45] willh at metavera dot com Description: ------------ PHP crashes in ZEND_MM_CHECK_TREE. The problem is reproducible with our source code but I have been unable to create a short script that duplicates the issue. The crash happens with with the CVS version of PHP, and the same crash happens with 5.2.6. I have a core file if needed. If PHP is configured with --enable-debug the crash does not happen. On crash, we also get: ---- /usr/src/t/php-5.2.6/Zend/zend_execute.c(403) : Freeing 0xB1272E30 (16 bytes), script=[redacted]/training/code/lmember/index.php Last leak repeated 2 times ---- in the error logs PHP 5.2 snap configured like ... './configure' '--prefix=/usr/local/php5' '--with-apxs2=/usr/bin/apxs2' '--with-libxml-dir' '--with-openssl' '--with-zlib' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-curlwrappers' '--enable- exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--with- gettext' '--with-gmp' '--with-imap' '--enable-mbstring' '--with-pdo- pgsql' '--with-pgsql' '--enable-soap' '--with-tidy' '--enable-zip' '-- with-xsl' '--with-imap-ssl' '--with-jpeg-dir=/usr/lib' '--with-png- dir=/usr/lib' '--with-ttf=/usr/lib' '--enable-zip' '--with-freetype- dir=/usr/lib' '--with-bz2' '--enable-sockets' '--with-kerberos' '-- with-mcrypt' '--enable-sysvshm' '--enable-sysvsem' Actual result: -------------- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1215793472 (LWP 16822)] 0xb73c0298 in _zend_mm_free_int (heap=0x8230fe8, p=<value optimized out>) at /usr/src/php-5.2.6/Zend/zend_alloc.c:817 817 ZEND_MM_CHECK_TREE(mm_block); (gdb) bt #0 0xb73c0298 in _zend_mm_free_int (heap=0x8230fe8, p=<value optimized out>) at /usr/src/php-5.2.6/Zend/zend_alloc.c:817 #1 0xb73f2482 in zend_objects_free_object_storage (object=0xa2edd24c) at /usr/src/php-5.2.6/Zend/zend_objects.c:122 #2 0xb73f532f in zend_objects_store_free_object_storage (objects=0xb76e2b28) at /usr/src/php-5.2.6/Zend/zend_objects_API.c:89 #3 0xb73cdce9 in shutdown_executor () at /usr/src/php-5.2.6/Zend/zend_execute_API.c:299 #4 0xb73d98dd in zend_deactivate () at /usr/src/php- 5.2.6/Zend/zend.c:860 #5 0xb739a569 in php_request_shutdown (dummy=0x0) at /usr/src/php-5.2.6/main/main.c:1486 #6 0xb745471d in php_handler (r=0x8355578) at /usr/src/php-5.2.6/sapi/apache2handler/sapi_apache2.c:469 #7 0x08074607 in ap_run_handler () #8 0x080777b1 in ap_invoke_handler () #9 0x0808471a in ap_internal_redirect () ... ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=45339&edit=1