From: prism at pld-linux dot org Operating system: PLD Linux Distribution PHP version: 5.0.4 PHP Bug Type: Zend Engine 2 problem Bug description: Segfault after code execution (destructor calls)
Description: ------------ Zend engine or all modules which use persistent_list. persistent_list is destroyed after modules are unloaded. But some modules register own destructors for elements put on persistent_list. When Zend destroys such entry from persistent_list, it tries to call destructor from unloaded module and segfaults. Reproduce code: --------------- Look here: http://comments.gmane.org/gmane.linux.pld.devel.english/785 and start reading from post written at 16 Apr 17:33 by Michal Lukaszek, and below from that. Expected result: ---------------- No segfault. Actual result: -------------- > (gdb) bt > #0 0xb78a6978 in ?? () > #1 0xb7f557da in plist_entry_destructor (ptr=0x81e11b8) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend_list.c:204 > #2 0xb7f5385f in zend_hash_apply_deleter (ht=0x8052c50, p=0x81ec1a0) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend_hash.c:574 > #3 0xb7f53ab0 in zend_hash_graceful_reverse_destroy (ht=0x8052c50) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend_hash.c:640 > #4 0xb7f558f6 in zend_destroy_rsrc_list (ht=0x8052c50, tsrm_ls=0x804f0a0) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend_list.c:234 > #5 0xb7f49c20 in zend_shutdown (tsrm_ls=0x804f0a0) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend.c:714 > #6 0xb7ef42d5 in php_module_shutdown (tsrm_ls=0x804f0a0) > at /home/comp/rpm/BUILD/php-5.0.4/main/main.c:1518 > #7 0x0804be1e in main (argc=2, argv=0xbffff174) > at /home/comp/rpm/BUILD/php-5.0.4/sapi/cli/php_cli.c:1055 > (gdb) f 1 > #1 0xb7f557da in plist_entry_destructor (ptr=0x81e11b8) > at /home/comp/rpm/BUILD/php-5.0.4/Zend/zend_list.c:204 > 204 ld->plist_dtor_ex(le TSRMLS_CC); > (gdb) p ld->plist_dtor_ex > $1 = 0xb78a6978 > (gdb) x ld->plist_dtor_ex > 0xb78a6978: Cannot access memory at address 0xb78a6978 it's in (unloaded) php-mysql module > The list here is "persistent_list", which is used by php-mysql for > persistent connection - so it's probably bug in php-mysql module or php > engine itself. -- Edit bug report at http://bugs.php.net/?id=32751&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=32751&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=32751&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=32751&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=32751&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=32751&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=32751&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=32751&r=needscript Try newer version: http://bugs.php.net/fix.php?id=32751&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=32751&r=support Expected behavior: http://bugs.php.net/fix.php?id=32751&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=32751&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=32751&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=32751&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=32751&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=32751&r=dst IIS Stability: http://bugs.php.net/fix.php?id=32751&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=32751&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=32751&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=32751&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=32751&r=mysqlcfg
