Edit report at https://bugs.php.net/bug.php?id=54488&edit=1
ID: 54488
User updated by: dbetz at df dot eu
Reported by: dbetz at df dot eu
Summary: SIGSEGV in zend_assign_to_variable
Status: Bogus
Type: Bug
Package: FPM related
Operating System: Gentoo
PHP Version: 5.3.6
Assigned To: fat
Block user comment: N
Private report: N
New Comment:
Hello,
after some time without problems now i get many segfaults:
Program received signal SIGSEGV, Segmentation fault.
_zend_mm_alloc_int (heap=0x8a65570, size=52) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_alloc.c:1835
1835 /root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_alloc.c:
No such file or directory.
in /root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_alloc.c
(gdb) bt full
#0 _zend_mm_alloc_int (heap=0x8a65570, size=52) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_alloc.c:1835
bitmap = <value optimized out>
best_fit = <value optimized out>
true_size = 60
block_size = <value optimized out>
remaining_size = <value optimized out>
segment_size = <value optimized out>
segment = <value optimized out>
keep_rest = <value optimized out>
#1 0x08450e8c in _zend_hash_quick_add_or_update (ht=0x94a6144, arKey=0x94a2ecc
"plaintext_parser", nKeyLength=17, h=3773187690, pData=0x94a2eb8,
nDataSize=4, pDest=0xb4dfd1f8, flag=1) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_hash.c:315
p = 0x0
#2 0x08451386 in zend_hash_copy (target=0x94a6144, source=0x92a7994,
pCopyConstructor=0x8443f90 <zval_add_ref>, tmp=0xb4dfd238, size=4)
at /root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_hash.c:787
p = 0x94a2eac
new_entry = 0x94a2e08
#3 0x0844407f in _zval_copy_ctor_func (zvalue=0x935eb10) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_variables.c:134
tmp = 0x5b
original_ht = 0x92a7994
#4 0x0844487d in _zval_copy_ctor (type=8, format=0x89b9f2c "Use of undefined
constant %s - assumed '%s'")
at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_variables.h:45
No locals.
#5 zend_error (type=8, format=0x89b9f2c "Use of undefined constant %s -
assumed '%s'")
at /root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend.c:1078
retval = <value optimized out>
z_error_type = 0x93ccd28
z_error_message = 0x94a49d8
z_error_filename = 0x935cd3c
z_error_lineno = 0x935cd88
z_context = 0x935eb10
error_filename = 0x949feec
"/kunden/145279_85737/liveforen/domaingo/includes/functions_newpost.php(668) :
eval()'d code"
error_lineno = 43
orig_user_error_handler = <value optimized out>
in_compilation = <value optimized out>
saved_class_entry = <value optimized out>
#6 0x0846a0d6 in ZEND_FETCH_CONSTANT_SPEC_UNUSED_CONST_HANDLER
(execute_data=0x8bca78c)
at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_vm_execute.h:17844
actual = 0x94a5574 "postid"
opline = 0x94a825c
#7 0x0846eaee in execute (op_array=0x8e24980) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend_vm_execute.h:107
ret = <value optimized out>
execute_data = 0x8bca78c
nested = 1 '\001'
original_in_execution = 0 '\000'
#8 0x084443e6 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/Zend/zend.c:1195
i = 1
file_handle = 0xb4e01790
orig_op_array = 0x0
orig_retval_ptr_ptr = 0x0
#9 0x083f2bd6 in php_execute_script (primary_file=0xb4e01790) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/main/main.c:2284
realfile =
"èãôC\021M\b\000\060X¢ÿÿÿÿ\000\000\000\000#\217B\bô\020+\tÃ\\ãÃÃ*\tlõôå\235X\001\065~\r\000\030äô©RL\b\003\000\000\000\bäô\b\000\000\000\000\000\000\000pU¦\bn|A£\001\005\000\001\000\000\000\000\001\000\000\000lõô¸.\027\t\220\002\000\000pU¦\b¸.\027\tHäô#\217B\b\210ÃN£\002\000\000\000\001\000\000\000däô\001ôô\000\000\000\000¸ÃN£»Ã?\bl/\027\t\020\000\000\000\002\000\000\000/ÃL£\200ÃN£Ã\032\002\000¸ÃN£ô¿N£\200ÃN£Ã\000+\t\230äô|¢A£"..---Type
<return> to continue, or q <return> to quit---
.
__orig_bailout = 0xb4e01640
__bailout = {{__jmpbuf = {-1260382320, 153810792, -1260391280,
-1260391208, 2072411008, -1166720775}, __mask_was_saved = 0, __saved_mask = {
__val = {0, 41205, 0, 4096, 96, 0, 1308693440, 0, 1307472900, 0,
1308693441, 0, 852891, 0, 153900944, 148950944, 153813200, 3034576088,
138386641, 3, 4, 3034575952, 1, 153812952, 3034584640,
3034575976, 153813428, 153810792, 149062664, 3034576088, 2076760960, 2305}}}}
prepend_file_p = 0x0
append_file_p = <value optimized out>
prepend_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0,
opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty =
0,
mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0,
old_closer = 0}, reader = 0, fsizer = 0, closer = 0}},
free_filename = 0 '\000'}
append_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path
= 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0,
mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0,
old_closer = 0}, reader = 0, fsizer = 0, closer = 0}},
free_filename = 0 '\000'}
retval = 0
#10 0x084ce08c in main (argc=3, argv=Cannot access memory at address 0x23
) at
/root/compile/php-5.3-fpm/snaps/php5.3-201107150430/sapi/fpm/fpm/fpm_main.c:1900
__bailout = {{__jmpbuf = {0, -1260381964, 0, -1260382152, 2076793728,
1570506489}, __mask_was_saved = 0, __saved_mask = {__val = {2738603973,
2749034436, 70078602, 2741702958, 2741557004, 2749023548,
3034584724, 2745840432, 13, 2741565964, 2741510004, 1480958541, 3034584860,
32, 2744109768, 0, 0, 1, 560, 2738520464, 2744109768,
2741702958, 2741609996, 2741565964, 1, 2749034436, 3034584992, 2744110208,
3034584952, 2748954464, 3034584936, 2741565964}}}}
exit_status = 0
c = <value optimized out>
file_handle = {type = ZEND_HANDLE_MAPPED, filename = 0x92b00d0
"/www/145279_85737/liveforen/domaingo/newreply.php", opened_path = 0x0, handle
= {
fd = 153901444, fp = 0x92c5984, stream = {handle = 0x92c5984,
isatty = 0, mmap = {len = 41205, pos = 0, map = 0xa30e0000,
buf = 0xa30e0000 <Address 0xa30e0000 out of bounds>, old_handle
= 0x8e0cfa0, old_closer = 0x8458cb0 <zend_stream_stdio_closer>},
reader = 0x8459290 <zend_stream_stdio_reader>, fsizer = 0x84591c0
<zend_stream_stdio_fsizer>,
closer = 0x8459210 <zend_stream_mmap_closer>}}, free_filename = 0
'\000'}
orig_optind = 1
orig_optarg = 0x0
ini_entries_len = <value optimized out>
max_requests = 1000
requests = 3
fcgi_fd = <value optimized out>
request = {listen_socket = 0, fd = 3, id = 1, keep = 0, closed = 0,
in_len = 0, in_pad = 0, out_hdr = 0x0, out_pos = 0xb4dff590 "\001\003",
out_buf =
"\001\003\000\001\000\b\000\000\000\000\000\000\000B\020=q~cC^Â¥R>hñ°!¿uû\020\220ÃQåà W·qÃüG·lÃ.&+ª:£q\a\207cÃ\t>ö\237ã|wë\233½ü\220gÃ8\b\bhg¾Ãa\217ïóÃ\026¬²£\021\216«¹ûÃ5Â¥N\220\bz\032\027Ã\024)JÃðÿ\203Y\227î¹\216ï¬\017¹7<}\të\205§¬^],Ãx\220ÿsÃ\210ô\006®Ã,KÃ\215\200i\207$lÃqcâ÷\204\217:\222Ã\027Ãm\237\033ëzúæúÃ¥²¥\224Â÷\207\226\217.N¢ÃÃHi«|¿åfÃõ2éÃ"...,
reserved = '\000' <repeats 15 times>, env = 0x92acf98}
fpm_config = 0xb4e01a8c ""
fpm_prefix = 0x0
fpm_pid = 0x0
test_conf = 0
valgrind didnt work correct. it shows me always an "out of memory" error, but
there is enough memory free ...
Previous Comments:
------------------------------------------------------------------------
[2011-07-13 05:59:13] [email protected]
OK, closed now. You can still reopen it if it happens again
------------------------------------------------------------------------
[2011-07-13 05:41:59] dbetz at df dot eu
Thanks for all your help.
The segfault isnt reproducable now.
Maybe the last vBulletin Board update changes some thing in the Object handling
or maybe i have updated some librarys.
I have tested with PHP-FPM 5.3.6 and the latest Snapshot.
So i think you can close this bugreport.
Greets,
Daniel
------------------------------------------------------------------------
[2011-07-13 04:33:38] [email protected]
Valgrind log would be quite helpful:
https://bugs.php.net/bugs-getting-valgrind-log.php
------------------------------------------------------------------------
[2011-07-12 19:08:38] [email protected]
I've asked for help on internals: http://news.php.net/php.internals/53922
see where it goes
------------------------------------------------------------------------
[2011-07-07 02:38:16] dbetz at df dot eu
Hello,
with 5.3.7RC3-dev i cant hit the bug anymore ( i think )
I will keep on testing.
Thx,
Daniel
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=54488
--
Edit this bug report at https://bugs.php.net/bug.php?id=54488&edit=1
