ID: 44342 Updated by: [EMAIL PROTECTED] Reported By: i dot galic at brainsware dot org -Status: Open +Status: Bogus Bug Type: Reproducible crash Operating System: Solaris 10, Update 6, Sparc 64 PHP Version: 5.2.5 New Comment:
As you wish. Previous Comments: ------------------------------------------------------------------------ [2008-03-17 13:40:54] i dot galic at brainsware dot org After a few days of waiting -- and with the new compile without the "thread-safety" -- I'm getting core dumps again: http://dpaste.com/hold/39794/ As this look completely different, I suggest closing this ticket here - and I shall open up a new one, as soon as I can actually reproduce it. ------------------------------------------------------------------------ [2008-03-13 12:03:42] [EMAIL PROTECTED] Why exactly do you use --enable-maintainer-zts anyway? # ./configure --help | grep maintainer --enable-maintainer-zts Enable thread safety - for code maintainers only!! It's meant for developers to test quickly whether their changes might be causing compile problems or not. It's definately NOT meant for production use! ------------------------------------------------------------------------ [2008-03-12 13:41:41] i dot galic at brainsware dot org ad suhosin: I've been use suhosin for years now, never experiencing any problems, that's why I patched this PHP version, too, I understand your standpoint though, that you do not support third party modules ( just a random google: suhosin thread safe: http://blog.php-security.org/archives/82-Suhosin-0.9.20-and-crypt-Thread-Safety-Vulnerability.html ) ad configure: I generally compile as many modules as possible, and prefer them shared, so I can *load* those which my users/applications need. ad *FLAGS: I CAN NOT leave out the CFLAGS/LDFLAGS etc out, because I'm compiling with Sun's Studio 12, on Solaris 10, on a T2000, 64bit. Despite the festering size of 116706 lines (contrast this with Apache, which comes with a similar amount of modules: 23854), PHP's configure does not build with ./configure && make && make install out of the box on this platform (neither does apache, btw ;) FYI: I recompiled PHP without --enable-maintainer-zts, and been running for three days now without core-dumps. For whatever that's worth. Unfortunately, this is a productive system, and I do not have a test system for it to test it without suhosin but - with --enable-maintainer-zts, so I don't know what to do with this bug right now. I'm building it non-the-less, if I get a system, I shall provide you with straces, *without* suhosin. ------------------------------------------------------------------------ [2008-03-11 21:53:52] [EMAIL PROTECTED] ANY 3rd party modification not coming from php.net is not supported by php.net. So please, provide the trace without suhosin. And cut down your configure line to shortest possible. And don't define any CFLAGS / etc. either. ------------------------------------------------------------------------ [2008-03-09 00:36:21] i dot galic at brainsware dot org So far my digging has born the idea that the reason is --enable-maintainer-zts, which enforces thread safety upon PHP by killing it ruthlessly, if it just so happens to behave in a thread-unsafe-manner. Now, I still would classify this as bug, because I only have PHP core modules loaded, namely: mysql.so mysqli.so pdo.so pdo_mysql.so bcmath.so gd.so php.net claims that it's core modules *are* thread safe -- unless noted otherwise. As not even the notorious gd: http://php.net/gd states to be thread-unsafe, this is either a bug, or lack of documentation. Whatever it is, I do not like the idea that this happens after a call to a destructor. It suggests to me the possibility of a potentially exploitable buffer-overflow or an otherwise corrupted memory. So I don't quite know which of the evils to choose (I have already recompiled PHP without the -zts flag, but haven't gotten yet to test it). ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/44342 -- Edit this bug report at http://bugs.php.net/?id=44342&edit=1
