#29681 [Com]: Parent: child process exited with status 3221225477

[mail at kasimir-k dot fi]

 ID:               29681
 Comment by:       mail at kasimir-k dot fi
 Reported By:      tony at marston-home dot demon dot co dot uk
 Status:           Verified
 Bug Type:         Zend Engine 2 problem
 Operating System: *
 PHP Version:      5CVS-STABLE-2005-01-18
 New Comment:

I have this loop:

for ($i = 0, $_i = count($items); $i < $_i; $i++) {
   $item_index[$items[$i]['item_id']] =& $items[$i];
}

I run it on two platforms:
WinXP - PHP 4.3.4 - Apache/2.0.48 (Win32)
Linux - PHP 4.3.10 - Apache/2.0.52 (Fedora)

On Linux - no problems.
On WinXP - once count($item_classes) > 107, the script dies


Previous Comments:
------------------------------------------------------------------------

[2005-01-18 14:55:44] [EMAIL PROTECTED]

The original problem here, reproduced using the script bundle posted by
Tony, triggers crashes in free() when run with "MALLOC_CHECK_=3", using
5.0.4-dev.  Backtrace below.  Doesn't look like this is
Apache-related:

#5  0x0041baca in free () from /lib/tls/libc.so.6
No symbol table info available.
#6  0x010035b7 in _efree (ptr=0x86e443c) at
/net/jedi/local/php/5.0/Zend/zend_alloc.c:287
        p = (zend_mem_header *) 0x4e0800
        cache_index = 6
#7  0x0101f1fa in zend_hash_destroy (ht=0x86f1714)
    at /net/jedi/local/php/5.0/Zend/zend_hash.c:526
        p = (Bucket *) 0x0
        q = (Bucket *) 0x86e47dc
#8  0x01029c7f in zend_objects_free_object_storage (object=0x872be84)
    at /net/jedi/local/php/5.0/Zend/zend_objects.c:91
No locals.
#9  0x0102c24a in zend_objects_store_del_ref (zobject=0x0)
    at /net/jedi/local/php/5.0/Zend/zend_objects_API.c:159
        handle = 1
        obj = (struct _store_object *) 0x86d9b88
#10 0x010170d0 in _zval_dtor (zvalue=0x86efb2c)
    at /net/jedi/local/php/5.0/Zend/zend_variables.c:61
No locals.
#11 0x0100c491 in _zval_ptr_dtor (zval_ptr=0x10a995c)
    at /net/jedi/local/php/5.0/Zend/zend_execute_API.c:392
No locals.
#12 0x0104b894 in zend_do_fcall_common_helper
(execute_data=0xbff34610,
    opline=0x86ee780, op_array=0x86e306c)
    at /net/jedi/local/php/5.0/Zend/zend_execute.c:2797
        i = 141458196
        p = (zval **) 0x86efb2c
        arg_count = 17471360
        original_return_value = (zval **) 0xbff346ac
        current_scope = (zend_class_entry *) 0x0
        current_this = (zval *) 0x0
        return_value_used = 1
        should_change_scope = 1 '\001'
#13 0x0104ba48 in zend_do_fcall_by_name_handler (execute_data=0x0,
opline=0x86ee780,
    op_array=0x86e306c) at
/net/jedi/local/php/5.0/Zend/zend_execute.c:2825
No locals.
#14 0x01039b77 in execute (op_array=0x86e306c)
    at /net/jedi/local/php/5.0/Zend/zend_execute.c:1400
        execute_data = {opline = 0x86ee780, function_state = {
    function_symbol_table = 0x870e404, function = 0x872a444, reserved =
{0x100f260,
      0x86e3364, 0xbff36970, 0x0}}, fbc = 0x872a444, fbc_constructor =
0x0,
  op_array = 0x86e306c, object = 0x86efb2c, Ts = 0xbff33430,
  original_in_execution = 0 '\0', calling_scope = 0x86f0a54,
prev_execute_data = 0x0}
#15 0x01018b25 in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
    at /net/jedi/local/php/5.0/Zend/zend.c:1069
        files = 0xbff34764 ""
        i = 1
        file_handle = (zend_file_handle *) 0xbff36970
        orig_op_array = (zend_op_array *) 0x0
        local_retval = (zval *) 0x0


------------------------------------------------------------------------

[2004-11-16 12:23:16] php_bug at cklowe dot com

This bug looks to be the same as bug 26286:
http://bugs.php.net/bug.php?id=26286

------------------------------------------------------------------------

[2004-10-21 19:20:21] tony at marston-home dot demon dot co dot uk

I have reinstated my sample code at
http://www.tonymarston.co.uk/error.zip

There are instructions inside on how to reproduce the error.

------------------------------------------------------------------------

[2004-08-14 18:36:27] tony at marston-home dot demon dot co dot uk

Description:
------------
I am using the Windows binaries for 5.0.1 with MySQL 4.1.3b and Apache
2.0.50 as my development PC.

I have a script which runs OK the first time, but if I repeat it
straight away it causes Apache to crash and restart. I have stepped
through with debug and found the place where it crashes (it is always
the same place) but all it is doing is accessing the properties within
an object, properties which I have set in a previous call to the same
object.

I found it impossible to reproduce the bug in 20 lines of code, but
what I have done is to isolate the single script and its included
modules and gradually removed code until the error disappeared. I have
put this code into a zip file for convenience. You can download this
zip file at http://www.tonymarston.co.uk/error.zip

Reproduce code:
---------------
http://www.tonymarston.co.uk/error.zip



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=29681&edit=1