Edit report at https://bugs.php.net/bug.php?id=61576&edit=1
ID: 61576
Updated by: ras...@php.net
Reported by: dev at pp3345 dot de
Summary: Zend's Memory Management seems to be completely
buggy since 5.4.0
Status: Not a bug
Type: Bug
Package: Scripting Engine problem
Operating System: Debian Squeeze
PHP Version: 5.4.0
Block user comment: N
Private report: N
New Comment:
Well, without a concrete example that doesn't involve DeepTrace messing around
in
the internals I don't see how we could possibly track this down. Nothing
remotely
like it has been reported so far.
Previous Comments:
------------------------------------------------------------------------
[2012-03-31 00:05:27] pmathis at snapserv dot net
I'm the developer of this extension and I tested
already many different things. Every function
runs through without any problem and I can't
see any issues so far. I already tried different
things like repairing all the internal functions,
setting the opcode handlers to NULL (eq. default
handler) or destroying some hashtables by
myself. Actually it is impossible to reproduce
this "bug", it happens randomly and I can't see
any kind of critical memory leak. Because of
that and the fact that these simple changes in
code (see above) will fix the crash, I think it is
Zend related
------------------------------------------------------------------------
[2012-03-30 23:55:35] ras...@php.net
Ok, so you can't test without DeepTrace, I understand that. But that doesn't
make
it any less likely that the problem is in that extension. It does a lot of low-
level stuff and there were a lot of changes related to memory management in 5.4
that would affect an extension like DeepTrace. I see no evidence here that
there
is a PHP bug.
------------------------------------------------------------------------
[2012-03-30 23:30:50] dev at pp3345 dot de
These problems also occured with DeepTrace 1.2, which was completely free of
any
leaks or memory issues. 1.3 is a complete recode which mainly adds some
features
to remove interfaces. I know the developer of DeepTrace and I was working with
him
to track down and fix all memory issues. Pancake will also run with DeepTrace
1.2
but typo3 probably won't work because it uses interfaces, which were not
supported
in 1.2. Also, it is quite impossible to run Pancake without DeepTrace as it is
really necessary to replace some PHP-functions in order to be able to directly
run
PHP-source under Pancake.
------------------------------------------------------------------------
[2012-03-30 23:22:16] ras...@php.net
And if you disable DeepTrace can you reproduce this? The memory management is
obviously not completely buggy as it works fine for a whole lot of people and
as
your Valgrind shows right at the top:
==3187== Invalid read of size 1
==3187== at 0x8E25081: zif_dt_remove_constant (DeepTrace_constants.c:74)
there are memory issues in the DeepTrace extension, so I suspect that DeepTrace
has not been updated to support 5.4 properly.
------------------------------------------------------------------------
[2012-03-30 23:12:37] dev at pp3345 dot de
Description:
------------
I'm currently developing an HTTP-Server in PHP (
https://github.com/pp3345/Pancake ) which uses the Zend-Extension
DeepTrace ( https://github.com/NeoXiD/DeepTrace ). Since PHP 5.4 I'm
experiencing crashs under some circumstances.
For example, when running typo3 (Version 4.6.6 Blank Package) Pancake's
PHPWorkers often crash when trying to run
typo3's installer with strange errors like those:
PHP Fatal error: Call to undefined function â() in
/var/vhosts/pancake/default/typo3/typo3_src-
4.6.6/typo3/sysext/install/mod/class.tx_install_session.php on line 395
PHP Fatal error: Couldn't execute method â0/::t3lib_autoloader::autoload in
Unknown on line 0
PHP Fatal error: Allowed memory size of 268435456 bytes exhausted (tried to
allocate 12624869704 bytes) in
validpathstr on line 926
PHP Fatal error: Cannot call overloaded function for non-object in
/var/vhosts/pancake/default/typo3/typo3_src-
4.6.6/t3lib/config_default.php on line 924 (this line is only trying to run a
public static function of some class!)
Often they even crash without showing any errors. Another example is Wordpress,
which crashes only under 1 specific
(at least I only found 1 till now) circumstance: When trying to run die() when
trying to delete a comment in the
adminpanel. Pancake configures DeepTrace to set a user-defined handler for the
exit-opcode. So then DeepTrace calls
Pancake's function to handle the exit, which still seems to run fine, but then
zend_fcall_info_call() causes a crash,
AFTER executing my handler. This only happens in this specific case under
Wordpress, I couldn't reproduce it with
other calls to die(). But I found a way to avoid this crash. Look at these
three
lines of code from Wordpress:
wp-admin/admin-ajax.php line 195
-------------------------------
if ( !$total || !$per_page || !$page || !$url ) {
die( (string) time() );
}
This is the die() that causes the crash. It only crashes if these three lines
are in EXACTLY this way. So if I for
example do this:
if ( !$total || !$per_page || !$page || !$url ||
!$some_dummy_that_does_not_even_exist) {
die( (string) time() );
}
or this:
if ( !$total || !$per_page || !$page || !$url ) {
some_dummy_function_that_does_not_do_anything();
die( (string) time() );
}
it will not crash.
I believe that there is a serious bug in the parser / the memory management
that
causes this strange behaviour.
I tried to use valgrind to find out what exactly is causing the crashs:
http://dev.pp3345.de/valgrind_pancake_crash.txt
As you can see, Zend causes a lot of errors including a General Protection
Fault
and it tries to access memory
addresses that don't even exist.
These problems seem to be reproducible as it will also crash with similar
errors
on other machines with Pancake and
this configuration. Anyway, I was unable to find a way to reproduce it outside
Pancake and I'm really sorry for that.
I commited the current version of Pancake but please be aware that the
delivered
version of DeepTrace is outdated so
you'll probably need to compile it again yourself.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=61576&edit=1
