From: ray at unreal64 dot net Operating system: Windows NT4 SP PHP version: 4.3.5RC3 PHP Bug Type: Scripting Engine problem Bug description: segfault while shutdown_executor
Description: ------------ ZendEngine fall down while executing 'shutdown_executor' function. Actually, maybe 2 separate bugs, maybe one. While writing own template engine (in C - Zend extension) I discover problem - sometimes apache fall down after script was executed. From disasm I found it fall down while releasing memory (actually, freeing 'list' items). This happend time from time. So, I wanted to find if the bug is at my extension or Zend/Php itselfs. I downloaded latest RC, compile and I get this problem every time I run compiled version (no changes, original). I thought it is because of my template (who knows, over 12.000 lines of C code :) So, I disabled it for testing. The problem still here.... On OpenBSD I don't have similar problem. I didn't test other OS. HW configuration (maybe important): I have dual P3 board. 1G memory. 2 soundscards, 1 video, 1 network card. Nothing else special. I am using MSC6. Reproduce code: --------------- Can't exactly say how to reproduce. However, at my computer/installation, it occurs every time, even 'empty' PHP script is executed. In debug build. In release (downloaded binary files), this problem apear every 10th request (not exactly, it changes, randomly). In debug build (from sources) similar problem (at my opinion) appears every request. My php.ini is stadnard, _all_ extensions are disables. Basically, nothing interesting was changes (except magic_quotes and similar stuffs). Expected result: ---------------- Release/free all memory resources and do not fall down :) Actual result: -------------- Segfault.... Call stack while fall down: ... shutdown_executor (zend_execute_API.c) -> zend_hash_destroy(&EG(included_files)); zend_hash_destroy (zend_hash.c) -> pefree(q, ht->persistent); _free (msc lib function) At this function, debug build shows warning about corupted heap block (and fall down if ignored). Release build fall down somewhere in kernel heap memory management (release build uses NT 'heap', debug uses CRT debug version). No other messages or debug strings are showed. Or at least I didn't notice anything. No script is needed. Enough is <? echo "Sex"; ?> If I 'skip' (while debugging) freeing of this bad block, request is normally neded and send to browser. All other blocks are valid and freed without any problem. When I enable my own extensions and other (real word configuration), and COMMENT line zend_hash_destroy(&EG(included_files)); in function 'shutdown_executor' everything works excelent... It seems, the problem arise somewhere from depth of scripting engine or stadnard extension. I can do further research, but someone have to tell me what exactly I should try to find/look for/test. I don't have too much spare time to make Zend source code analyzing by myself. I am not abble to grab current CVS snapshot, because I wasn't ablle to compile it. Latest RC was compiled without troubles. -- Edit bug report at http://bugs.php.net/?id=27400&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27400&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27400&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=27400&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=27400&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=27400&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=27400&r=needscript Try newer version: http://bugs.php.net/fix.php?id=27400&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=27400&r=support Expected behavior: http://bugs.php.net/fix.php?id=27400&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=27400&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=27400&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=27400&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27400&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=27400&r=dst IIS Stability: http://bugs.php.net/fix.php?id=27400&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=27400&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=27400&r=float
