ID: 45339
Updated by: [EMAIL PROTECTED]
Reported By: willh at metavera dot com
-Status: Open
+Status: Assigned
Bug Type: Scripting Engine problem
-Operating System: Linux 2.6.18-5-686-bigmem
+Operating System: *
-PHP Version: 5.2CVS-2008-06-23 (snap)
+PHP Version: 5.2CVS, 5.3CVS, 6CVS (2008-07-23)
-Assigned To:
+Assigned To: dmitry
New Comment:
Using the provided example code (and with USE_ZEND_ALLOC=0):
* HEAD and PHP_5_3: Crash in the CG stuff
* PHP_5_2: Leaks all over the place.
Dmitry, can you check this out please?
Previous Comments:
------------------------------------------------------------------------
[2008-07-14 18:39:40] nic dot rodgers at enableinteractive dot co dot
uk
I get exactly the same backtrace on my codebase. This occurs under
5.2.5, 5.2.6 and the latest snapshot.
------------------------------------------------------------------------
[2008-06-26 16:53:37] willh at metavera dot com
A couple interesting notes/observations.
Removing the new by reference (&new) and replace it with new appears
to no longer replicate the crash.
Changing
static public function initialize($object,$method,$arguments =
array())
to read
static public function initialize(&$object,$method,$arguments =
array())
Appears to no longer replicate the crash. Notice the & in the function
signature.
Also passing something other than $this to MVCallback::initialize()
appears to no longer replicate the crash.
Commenting out line 1965 - 1967 in zend_alloc.c appears to prevent the
crash (the if(ZEND_MM_PREV_BLOCK_IS_FREE.. block). This likely causes
memory leaks or poor utilization of memory but the process no longer
crashes.
------------------------------------------------------------------------
[2008-06-24 23:16:40] willh at metavera dot com
I made a typo in the above comment.
" Unfortunately this script does not crash on our development server. "
should read ...
" Unfortunately this script does not crash on our production server. "
------------------------------------------------------------------------
[2008-06-24 22:27:49] willh at metavera dot com
I have managed to isolate the PHP code that appeared to be triggering
this issue on our production server and have crafted a relativity
short, 71 lines, script that crashes PHP on our development servers.
These servers run a different distribution of Linux but PHP is
configured and compiled similarly. Unfortunately this script does not
crash on our development server.
The development server has php5.2-200806191230 configured in the
following manner...
'./configure' '--prefix=/usr/local/' '--with-apxs2' '--with-libxml-
dir' '--with-openssl' '--with-zlib' '--enable-bcmath' '--enable-
calendar' '--with-curl' '--with-curlwrappers' '--enable-exif' '--
enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--with-gettext' '--
with-gmp' '--enable-mbstring' '--with-pdo-pgsql' '--with-pgsql' '--
enable-soap' '--with-tidy' '--enable-zip' '--with-xsl' '--with-jpeg-
dir=/usr/lib' '--with-png-dir=/usr/lib' '--with-ttf=/usr/lib' '--
enable-zip' '--with-freetype-dir=/usr/lib' '--with-bz2' '--enable-
sockets' '--with-kerberos' '--with-mcrypt' '--enable-sysvshm' '--
enable-sysvsem' '--with-config-file-path=/etc'
The following script is expected to exit normally but it crashes when
USE_ZEND_ALLOC=1 . The following script does not crash when
USE_ZEND_ALLOC=0.
I apologize for the length of the script, it is a short as I was able
to make it and still manage to get it to crash.
_____________________
<?php
class MVCallback {
protected $key;
protected $object; /*The object to call the method on*/
protected $method; /*the method name */
protected $arguments = array();
static public function initialize($object,$method,$arguments =
array()){
$callback = new self();
$callback->object = $object;
$callback->method = $method;
$callback->arguments = $arguments;
return $callback;
}
}
class callback_db_column {
protected $callback = null;
protected $format_function;
public function __construct($name,$column_name=_U ){
$this->set_format_func('sprintf');
}
public function callback(){
return $this->callback;
}
public function set_callback($aMVCallback){
$this->callback = $aMVCallback;
return $this;
}
protected function & set_format_func($aString){
$this->format_function = &$aString;
}
}
class foo {
protected $columns = array();
function & add_column(&$col){
$this->columns[] = &$col;
}
public function
add_column_for_date($column_name,$value_name,$format_function){
$col = new callback_db_column($column_name,$value_name);
$col->set_callback(
MVCallback::initialize($this,
'value_with_timezone',
array($format_function,$value_name))
);
$this->add_column(&$col);
}
function __construct($base_table=_U) {
$this->add_column_for_date(COL_RES_START,RES_START,
'stamp_to_string');
$this->add_column_for_date(COL_RES_END, RES_END,
'stamp_to_string');
$this->add_column_for_date(COL_RES_START_SHORT, RES_START,
'stamp_to_input_string');
$this->add_column_for_date(COL_RES_END_SHORT, RES_END,
'stamp_to_input_string');
}
}
for($i=1; $i<=5000; ++$i){
$foo = &new foo($u='foo');
}
------------------------------------------------------------------------
[2008-06-23 20:40:30] willh at metavera dot com
We tried --enable-debug and having USE_ZEND_ALLOC=0 environment
variable
set- no crash.
We tried the non-enable-debug set and having USE_ZEND_ALLOC=0 set- no
crash.
So with USE_ZEND_ALLOC=0 no crashes.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/45339
--
Edit this bug report at http://bugs.php.net/?id=45339&edit=1
