ID: 46300
Comment by: bierisplezier at gmail dot com
Reported By: pioklo at serveradmin dot pl
Status: No Feedback
Bug Type: Reproducible crash
Operating System: debian 4.0 64bit
PHP Version: 5.2.7RC1
New Comment:
Hi!
I have the same problem, tried php5.2.4 till php5.2.8 all with the same
error. When I compiled php with debug support I got a different
backtrace which is shown at the end.
We use nginx + php in fastcgi mode. I tried to find the code causing
the problem but due to the huge ammount of code I could find the cause.
(seems to be random, no specific url crashes all the time).
If you need more info from the gdb output let me know.
php configure
'./configure' '--prefix=/usr/lib64/php5' '--host=x86_64-pc-linux-gnu'
'--mandir=/usr/lib64/php5/man' '--infodir=/usr/lib64/php5/info'
'--sysconfdir=/etc' '--cache-file=./config.cache' '--with-libdir=lib64'
'--with-pcre-regex=/usr' '--disable-cli' '--enable-cgi'
'--enable-fastcgi' '--disable-discard-path'
'--enable-force-cgi-redirect' '--enable-fpm'
'--with-fpm-conf=/etc/php/cgi-php5/php-fpm.conf'
'--with-config-file-path=/etc/php/cgi-php5'
'--with-config-file-scan-dir=/etc/php/cgi-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2=shared'
'--disable-calendar' '--disable-ctype' '--with-curl=shared'
'--without-curlwrappers' '--disable-dbase' '--disable-exif'
'--without-fbsql' '--without-fdftk' '--disable-filter'
'--enable-ftp=shared' '--with-gettext=shared' '--without-gmp'
'--disable-ipv6' '--without-kerberos' '--enable-mbstring=shared'
'--with-mcrypt=shared' '--without-mhash' '--without-msql'
'--without-mssql' '--without-ncurses' '--with-openssl'
'--with-openssl-dir=/usr' '--enable-pcntl=shared' '--disable-pdo'
'--without-pgsql' '--without-pspell' '--without-recode'
'--disable-simplexml' '--enable-shmop' '--without-snmp' '--disable-soap'
'--enable-sockets=shared' '--without-sybase' '--without-sybase-ct'
'--enable-sysvmsg=shared' '--enable-sysvsem=shared'
'--enable-sysvshm=shared' '--without-tidy' '--disable-tokenizer'
'--disable-wddx' '--disable-xmlreader' '--disable-xmlwriter'
'--with-xmlrpc=shared' '--without-xsl' '--enable-zip=shared'
'--with-zlib=shared' '--enable-debug' '--without-cdb' '--without-db4'
'--disable-flatfile' '--without-gdbm' '--disable-inifile'
'--without-qdbm' '--with-freetype-dir=/usr' '--with-t1lib=/usr'
'--disable-gd-jis-conv' '--with-gd=shared,/usr'
'--with-mysql=shared,/usr'
'--with-mysql-sock=/var/run/mysqld/mysqld.sock'
'--with-mysqli=shared,/usr/bin/mysql_config' '--with-readline'
'--without-libedit' '--with-mm' '--without-sqlite'
php-cgi -m
[PHP Modules]
bz2
cgi-fcgi
curl
date
dom
ftp
gd
gettext
hash
iconv
json
libxml
mbstring
mcrypt
memcache
mysql
mysqli
openssl
pcntl
pcre
posix
readline
Reflection
session
shmop
sockets
SPL
standard
sysvmsg
sysvsem
sysvshm
xml
xmlrpc
zip
zlib
[Zend Modules]
this GDB was configured as "x86_64-pc-linux-gnu"...
Using host libthread_db library "/lib/libthread_db.so.1".
Reading symbols from /lib64/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /usr/lib64/libmm.so.13...done.
Loaded symbols for /usr/lib/libmm.so.13
Reading symbols from /lib64/libhistory.so.5...done.
Loaded symbols for /lib/libhistory.so.5
Reading symbols from /lib64/libreadline.so.5...done.
Loaded symbols for /lib/libreadline.so.5
Reading symbols from /lib64/libncurses.so.5...done.
Loaded symbols for /lib/libncurses.so.5
Reading symbols from /usr/lib64/libpcre.so.0...done.
Loaded symbols for /usr/lib/libpcre.so.0
Reading symbols from /lib64/libz.so.1...done.
Loaded symbols for /lib/libz.so.1
Reading symbols from /lib64/libbz2.so.1...done.
Loaded symbols for /lib/libbz2.so.1
Reading symbols from /lib64/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib64/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib64/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib64/librt.so.1...done.
Loaded symbols for /lib/librt.so.1
Reading symbols from /usr/lib64/libssl.so.0.9.8...done.
Loaded symbols for /usr/lib/libssl.so.0.9.8
Reading symbols from /usr/lib64/libcrypto.so.0.9.8...done.
Loaded symbols for /usr/lib/libcrypto.so.0.9.8
Reading symbols from /usr/lib64/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/bz2.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/bz2.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/curl.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/curl.so
Reading symbols from /usr/lib64/libcurl.so.4...done.
Loaded symbols for /usr/lib/libcurl.so.4
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/ftp.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/ftp.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/gd.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/gd.so
Reading symbols from /usr/lib64/libgd.so.2...done.
Loaded symbols for /usr/lib/libgd.so.2
Reading symbols from /usr/lib64/libt1.so.5...done.
Loaded symbols for /usr/lib/libt1.so.5
Reading symbols from /usr/lib64/libfreetype.so.6...done.
Loaded symbols for /usr/lib/libfreetype.so.6
Reading symbols from /usr/lib64/libjpeg.so.62...done.
Loaded symbols for /usr/lib/libjpeg.so.62
Reading symbols from /usr/lib64/libpng12.so.0...done.
Loaded symbols for /usr/lib/libpng12.so.0
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/gettext.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/gettext.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mbstring.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mbstring.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mcrypt.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mcrypt.so
Reading symbols from /usr/lib64/libmcrypt.so.4...done.
Loaded symbols for /usr/lib/libmcrypt.so.4
Reading symbols from /usr/lib64/libltdl.so.3...done.
Loaded symbols for /usr/lib/libltdl.so.3
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/memcache.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/memcache.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mysql.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mysql.so
Reading symbols from /usr/lib64/libmysqlclient.so.16...done.
Loaded symbols for /usr/lib/libmysqlclient.so.16
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mysqli.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/mysqli.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/pcntl.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/pcntl.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sockets.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sockets.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvmsg.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvmsg.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvsem.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvsem.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvshm.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/sysvshm.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/xmlrpc.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/xmlrpc.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/zip.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/zip.so
Reading symbols from
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/zlib.so...done.
Loaded symbols for
/usr/lib64/php5/lib/php/extensions/debug-non-zts-20060613/zlib.so
Reading symbols from /lib64/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib64/libnss_compat.so.2...done.
Loaded symbols for /lib/libnss_compat.so.2
Reading symbols from /lib64/libnss_nis.so.2...done.
Loaded symbols for /lib/libnss_nis.so.2
Reading symbols from /lib64/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
Reading symbols from /usr/lib64/gconv/ISO8859-1.so...done.
Loaded symbols for /usr/lib64/gconv/ISO8859-1.so
Core was generated by `/usr/bin/php-cgi --fpm'.
Program terminated with signal 11, Segmentation fault.
#0 0x00000000005f9069 in zend_mm_check_ptr (heap=0x9dc300,
ptr=0x5c05b9000, silent=1, __zend_filename=0x74bc28
"/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c",
__zend_lineno=240, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_alloc.c:1299
1299 if (p->info._size != ZEND_MM_NEXT_BLOCK(p)->info._prev) {
(gdb) bt
#0 0x00000000005f9069 in zend_mm_check_ptr (heap=0x9dc300,
ptr=0x5c05b9000, silent=1, __zend_filename=0x74bc28
"/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c",
__zend_lineno=240, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_alloc.c:1299
#1 0x00000000005fac72 in _zend_mm_free_int (heap=0x9dc300,
p=0x5c05b9000, __zend_filename=0x74bc28
"/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c",
__zend_lineno=240, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_alloc.c:1938
#2 0x00000000005fc33f in _efree (ptr=0x5c05b9000,
__zend_filename=0x74bc28
"/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c",
__zend_lineno=240, __zend_orig_filename=0x0, __zend_orig_lineno=0)
at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_alloc.c:2306
#3 0x0000000000612d01 in destroy_op_array (op_array=0x2f24868) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c:240
#4 0x0000000000612865 in destroy_zend_function (function=0x2f24868) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c:113
#5 0x000000000061287c in zend_function_dtor (function=0x2f24868) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c:125
#6 0x000000000062d153 in zend_hash_destroy (ht=0x72e99b8) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_hash.c:526
#7 0x0000000000612a70 in destroy_zend_class (pce=0x2adbcc8) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_opcode.c:186
#8 0x000000000062d519 in zend_hash_apply_deleter (ht=0x9dcc40,
p=0x2adbcb0) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_hash.c:611
#9 0x000000000062db6e in zend_hash_reverse_apply (ht=0x9dcc40,
apply_func=0x60baeb <clean_non_persistent_class>) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_hash.c:760
#10 0x000000000060c42b in shutdown_executor () at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend_execute_API.c:291
#11 0x000000000061e219 in zend_deactivate () at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/Zend/zend.c:860
#12 0x00000000005be91a in php_request_shutdown (dummy=0x0) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/main/main.c:1492
#13 0x00000000006ae4c0 in main (argc=2, argv=0x7fffb348d168) at
/var/tmp/portage/dev-lang/php-5.2.8/work/php-5.2.8/sapi/cgi/cgi_main.c:2187
Previous Comments:
------------------------------------------------------------------------
[2008-10-27 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2008-10-19 14:13:18] j...@php.net
First you need to disable all 3rd party extensions, like the Zend
extensions you seem to have enabled.
------------------------------------------------------------------------
[2008-10-15 12:33:05] pioklo at serveradmin dot pl
I do not know where the script crashes
I have Zend framework and all requests are passed into index.php and
then Zend run the appropriate class.
In lighttpd logs I have only
mod_proxy_backend_fastcgi.c.484: (trace) 0 / 0 -> 1
mod_proxy_backend_fastcgi.c.487: (error) looks like the fastcgi-backend
(/index.php) terminated before it sent a FIN packet
and dump core file.
Regards,
Piotr Kloc
------------------------------------------------------------------------
[2008-10-15 12:14:11] der...@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2008-10-15 12:10:59] pioklo at serveradmin dot pl
Description:
------------
Hello There!
I have lighttpd and php
I am using Zend framework,all request are passed into index.php
www1:~# gdb /usr/local/bin/php-cgi /tmp/phpcore/core
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /usr/lib/libtidy-0.99.so.0...done.
Loaded symbols for /usr/lib/libtidy-0.99.so.0
Reading symbols from /usr/local/lib/libmhash.so.2...done.
Loaded symbols for /usr/local/lib/libmhash.so.2
Reading symbols from /usr/local/lib/libmcrypt.so.4...done.
Loaded symbols for /usr/local/lib/libmcrypt.so.4
Reading symbols from /usr/lib/libiconv.so.2...done.
Loaded symbols for /usr/lib/libiconv.so.2
Reading symbols from /usr/local/lib/libfreetype.so.6...done.
Loaded symbols for /usr/local/lib/libfreetype.so.6
Reading symbols from /usr/local/lib/libpng.so.3...done.
Loaded symbols for /usr/local/lib/libpng.so.3
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /usr/local/lib/libcurl.so.4...done.
Loaded symbols for /usr/local/lib/libcurl.so.4
Reading symbols from
/usr/local/mysql/lib/mysql/libmysqlclient.so.16...done.
Loaded symbols for /usr/local/mysql/lib/mysql/libmysqlclient.so.16
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/librt.so.1...done.
Loaded symbols for /lib/librt.so.1
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from
/usr/local/Zend/lib/ZendExtensionManager.so...done.
Loaded symbols for /usr/local/Zend/lib/ZendExtensionManager.so
Reading symbols from
/usr/local/lib/php/extensions/no-debug-non-zts-20060613/fileinfo.so...done.
Loaded symbols for
/usr/local/lib/php/extensions/no-debug-non-zts-20060613/fileinfo.so
Reading symbols from /usr/lib/libmagic.so.1...done.
Loaded symbols for /usr/lib/libmagic.so.1
Reading symbols from
/usr/local/lib/php/extensions/no-debug-non-zts-20060613/memcache.so...done.
Loaded symbols for
/usr/local/lib/php/extensions/no-debug-non-zts-20060613/memcache.so
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from
/usr/local/Zend/lib/Optimizer-3.3.3/php-5.2.x/ZendOptimizer.so...done.
Loaded symbols for
/usr/local/Zend/lib/Optimizer-3.3.3/php-5.2.x/ZendOptimizer.so
Core was generated by `/usr/local/bin/php-cgi'.
Program terminated with signal 11, Segmentation fault.
[New process 13920]
#0 zend_mm_remove_from_free_list (heap=0xcf1210, mm_block=0x127fbe8)
at /root/php-5.2.7RC1/Zend/zend_alloc.c:832
832 if (UNEXPECTED(prev->next_free_block !=
mm_block) || UNEXPECTED(next->prev_free_block != mm_block)) {
(gdb) bt fully
No symbol "fully" in current context.
(gdb) bt
#0 zend_mm_remove_from_free_list (heap=0xcf1210, mm_block=0x127fbe8)
at /root/php-5.2.7RC1/Zend/zend_alloc.c:832
#1 0x00000000007093f8 in _zend_mm_free_int (heap=0xcf1210,
p=0x127fbf8) at /root/php-5.2.7RC1/Zend/zend_alloc.c:1969
#2 0x00000000007193d4 in shutdown_executor () at
/root/php-5.2.7RC1/Zend/zend_execute_API.c:313
#3 0x0000000000723ea3 in zend_deactivate () at
/root/php-5.2.7RC1/Zend/zend.c:860
#4 0x00000000006e206c in php_request_shutdown (dummy=<value optimized
out>) at /root/php-5.2.7RC1/main/main.c:1492
#5 0x00000000007972b2 in main (argc=1, argv=0x7fffbfb738f8) at
/root/php-5.2.7RC1/sapi/cgi/cgi_main.c:2033
(gdb)
Regards,
Piotr Kloc
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=46300&edit=1
