ID: 48752
Comment by: Brian dot White at foxfire74 dot com
Reported By: [email protected]
Status: Assigned
Bug Type: Date/time related
Operating System: Solaris 10 x86
PHP Version: 5.3.0
Assigned To: derick
New Comment:
Is anyone looking into this. This also happens in the 5.3.0 Windows
build, and, oftentimes, happens a LOT more than 15 minutes. The PHP
date_create() function calls timelib_error_container_dtor() which
crashes Apache frequently but not on every execution.
Reproduce code:
---------------
<?php
function wp_timezone_override_offset() {
$timezone_string = 'America/New_York';
@date_default_timezone_set( $timezone_string );
$timezone_object = timezone_open( $timezone_string );
$datetime_object = date_create();
if ( false === $timezone_object || false === $datetime_object ) {
return false;
}
return round( timezone_offset_get( $timezone_object, $datetime_object
) / 3600, 2 );
}
$gmt_offset = wp_timezone_override_offset();
echo "$gmt_offset\n";
?>
Expected result:
----------------
-4
Actual result: (When it crashes)
--------------
Thread 75 - System ID 2180
Entry point msvcr90!_endthreadex+6f
Create time 10/24/2009 3:18:56 AM
Time spent in user mode 0 Days 0:0:0.991
Time spent in kernel mode 0 Days 0:0:0.140
Function Arg 1 Arg 2 Arg 3 Source
php5ts!timelib_error_container_dtor+9 00000044 1118e380
0f10aed8 d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\lib\timelib.c
@ 153 + 6
php5ts!date_object_period_get_iterator+835 0f1718e0 00000000
00000000 d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @
2364 + 1f
php5ts!zif_date_create+9a 00000000 0f10aed8 00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\date\php_date.c @ 2441 + 30
php5ts!execute+10b9 0eca318c 1118e300 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 313 + 41
php5ts!execute+57ea 0eca2894 1118e380 093ff7a8
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 1601 + e
php5ts!execute+298 1137a5b0 1118e301 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 104 + a
php5ts!zend_call_function+7b0 00000000 093ff794 0eca2ca4
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_execute_api.c @ 936 + 1b
php5ts!zif_call_user_func_array+63 00000002 0f169ca0
00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\standard\basic_functions.c @
4755 + 18
php5ts!execute+10b9 0eca2ca4 1118e300 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 313 + 41
php5ts!execute+57ea 0eca213c 1118e380 093ff920
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 1601 + e
php5ts!execute+298 11474c88 1118e301 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 104 + a
php5ts!zend_call_function+7b0 00000000 093ff90c 0eca221c
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_execute_api.c @ 936 + 1b
php5ts!zif_call_user_func_array+63 00000002 0f168cf8
00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\standard\basic_functions.c @
4755 + 18
php5ts!execute+10b9 0eca221c 1118e300 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 313 + 41
php5ts!execute+57ea 0eca1484 1118e380 093ffa98
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 1601 + e
php5ts!execute+298 0f0b7f38 1118e301 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 104 + a
php5ts!zend_call_function+7b0 00000000 093ffa84 0eca1578
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_execute_api.c @ 936 + 1b
php5ts!zif_call_user_func_array+63 00000002 0f16b940
00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\ext\standard\basic_functions.c @
4755 + 18
php5ts!execute+10b9 0eca1578 1118e300 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 313 + 41
php5ts!execute+57ea 1118e380 093ffb9c 00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 1601 + e
php5ts!execute+298 0ec6dea8 1118e300 1118e380
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend_vm_execute.h @ 104 + a
php5ts!zend_execute_scripts+fe 00000008 1118e380 00000000
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\zend\zend.c @ 1189
php5ts!php_execute_script+231 093ffe28 1118e380 00000005
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\main\main.c @ 2196 + 12
php5apache2_2!zm_info_apache+1744 0bfb9e00 012522a8
0bfb9e00
d:\php-sdk\snap_5_3\vc9\x86\php-5.3.0\sapi\apache2handler\sapi_apache2.c
@ 648 + e
libhttpd!ap_run_handler+25 00000000 00000000 00000000
PHP5TS!TIMELIB_ERROR_CONTAINER_DTOR+9In
httpd__PID__5760__Date__10_24_2009__Time_05_25_07AM__374__Second_Chance_Exception_C0000005.dmp
the assembly instruction at php5ts!timelib_error_container_dtor+9 in
C:\PHP\php5ts.dll from The PHP Group has caused an access violation
exception (0xC0000005) when trying to read from memory location
0x00000044 on thread 75
Previous Comments:
------------------------------------------------------------------------
[2009-07-01 11:48:55] [email protected]
By the way, this seems to be the only problem left for our PHP 5.3
tests in production :). The server "only" crashes and is restarted by
watchdog once per 15 minutes and always with exactly that crashdump only
with the parameter time_str_len slighly different and of course other
date string values.
Thanks Derick for looking after this!
Uwe
------------------------------------------------------------------------
[2009-07-01 11:39:39] [email protected]
Yes it is threaded! (Sun Java System Webserver using NSAPI as SAPI
module is a one-process webserver with pthreads).
In 5.2.x we never had such problems, the PHP userland code did not
change.
------------------------------------------------------------------------
[2009-07-01 11:29:22] [email protected]
Is this a threaded SAPI? (I think I see what the problem is, just need
a confirmation).
------------------------------------------------------------------------
[2009-07-01 10:52:23] [email protected]
Description:
------------
I found a second problem with our PHP installation. Sometimes, not
everytime, the server crashes with sigsegv when parsing date/times. I
cannot reproduce the crash, I only can post the code that most times
crash.
Reproduce code:
---------------
This code crashes not always, but often. The $mindate initially
contains as noted in the core dump: 1998-01-01
This is enetered by a user any may look different. The code is used to
fomat any input from the users to an ATOM timestamp.
$mindate=new DateTime($mindate,new DateTimeZone('UTC'));
$search->dateTimeCoverage->min=$mindate->format(DateTime::ATOM);
Expected result:
----------------
The server should not crash.
Actual result:
--------------
Core was generated by `webservd -d
/pangaea/webserver70/https-panwebserver/config -r /pangaea/webserve'.
Program terminated with signal 11, Segmentation fault.
#0 0xfc2b5a44 in timelib_error_container_dtor (errors=0x6d) at
/pangaea/install/php-5.3.0/ext/date/lib/timelib.c:153
153 for (i = 0; i < errors->warning_count; i++) {
(gdb) where
#0 0xfc2b5a44 in timelib_error_container_dtor (errors=0x6d) at
/pangaea/install/php-5.3.0/ext/date/lib/timelib.c:153
#1 0xfc29636d in date_initialize (dateobj=0xa963cd0,
time_str=0xa9620a0 "1998-01-01", time_str_len=179481560,
format=0xfca4e4e8 "\v", timezone_object=0xa963bb8, ctor=1,
tsrm_ls=0xaa57068)
at /pangaea/install/php-5.3.0/ext/date/php_date.c:2339
#2 0xfc296728 in zim_DateTime___construct (ht=2,
return_value=0xa963d28, return_value_ptr=0x0, this_ptr=0xa963b6c,
return_value_used=0, tsrm_ls=0xaa57068) at
/pangaea/install/php-5.3.0/ext/date/php_date.c:2479
#3 0xfc56ce5d in zend_do_fcall_common_helper_SPEC
(execute_data=0xa9694a0, tsrm_ls=0xaa57068)
at /pangaea/install/php-5.3.0/Zend/zend_vm_execute.h:313
#4 0xfc56bce2 in execute (op_array=0xa950570, tsrm_ls=0xaa57068) at
/pangaea/install/php-5.3.0/Zend/zend_vm_execute.h:104
#5 0xfc54a103 in zend_execute_scripts (type=8, tsrm_ls=0xaa57068,
retval=0x0, file_count=3)
at /pangaea/install/php-5.3.0/Zend/zend.c:1188
#6 0xfc4f5562 in php_execute_script (primary_file=0xeabe7cb8,
tsrm_ls=0xaa57068) at /pangaea/install/php-5.3.0/main/main.c:2196
#7 0xfc5d5916 in php5_execute (pb=0xa818228, sn=0x9e761dc,
rq=0x9e76254) at /pangaea/install/php-5.3.0/sapi/nsapi/nsapi.c:1040
#8 0xfecfb147 in func_exec_str () from
/pangaea/webserver70/lib/libns-httpd40.so
#9 0xfecfbd2a in INTfunc_exec_directive () from
/pangaea/webserver70/lib/libns-httpd40.so
#10 0xfed009d6 in INTservact_service () from
/pangaea/webserver70/lib/libns-httpd40.so
#11 0xfed01a39 in INTservact_handle_processed () from
/pangaea/webserver70/lib/libns-httpd40.so
#12 0xfed5e358 in __1cLHttpRequestUUnacceleratedRespond6M_v_ () from
/pangaea/webserver70/lib/libns-httpd40.so
#13 0xfed5d5ba in __1cLHttpRequestNHandleRequest6MpnGnetbuf_I_i_ ()
from /pangaea/webserver70/lib/libns-httpd40.so
#14 0xfed5be90 in __1cNDaemonSessionDrun6M_v_ () from
/pangaea/webserver70/lib/libns-httpd40.so
#15 0xfeb861fc in ThreadMain () from
/pangaea/webserver70/lib/libnsprwrap.so
#16 0xfe0bb6c9 in _pt_root () from
/pangaea/webserver70/lib/libnspr4.so
#17 0xfd37fd36 in _thr_setup () from /lib/libc.so.1
#18 0xfd380020 in L3_doit () from /lib/libc.so.1
#19 0xfb321400 in ?? ()
#20 0x00000000 in ?? ()
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=48752&edit=1
