From: Operating system: Ubuntu PHP version: 5.2.13 Package: Reproducible crash} Bug Type: Bug Bug description:PHP crashes: "zend_mm_heap corrupted" after array operation
Description: ------------ We have a reproducible crash scenario but there are two problems with that: 1. PHP doesn't crash EVERY time. 2. We didn't manage to reproduce the problem with a simple script yet. It only happens in our Drupal-driven website with about 3000 files and a complex database. However we managed to isolate the problem to a single line in code, which, if it gets rewritten, fixes the problem. Because this line actually is a little weird and not good programming style anyways, it seems plausible to us that you will be able to comprehend the problem in PHP sourcecode if you look into it directly. This is what happens if PHP crashes in our scenario: 1. The page gets completely rendered and output is written to the output stream. 2. Shutdown functions are executed. 3. After executing the last statement of the last shutdown function PHP suddenly crashes. The output buffer is discarded. The visitor sees blank page. The Apache error log receives a line that reads "zend_mm_heap corrupted" The following is the line of code that seems to cause the problem. This line of code is executed long before any output data is written and long before shutdown functions get executed. It doesn't crash directly but only seems to trigger a future crash: $tax = current(taxonomy_node_get_terms($node)); ($node is an instance of stdClass, taxonomy_node_get_terms() returns an array.) It seems that PHP may choke on its memory management later on when this line has been executed before. Maybe there's a problem because the return value is used for writing although not being saved in a variable. -- Edit bug report at http://bugs.php.net/bug.php?id=51182&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=51182&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=51182&r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=51182&r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=51182&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=51182&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=51182&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=51182&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=51182&r=needscript Try newer version: http://bugs.php.net/fix.php?id=51182&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=51182&r=support Expected behavior: http://bugs.php.net/fix.php?id=51182&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=51182&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=51182&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=51182&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=51182&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=51182&r=dst IIS Stability: http://bugs.php.net/fix.php?id=51182&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=51182&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=51182&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=51182&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=51182&r=mysqlcfg
