ID: 13437
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Reproducible crash
Operating System: Linux & Solaris
Old PHP Version: 4.0CVS-2001-09-25
PHP Version: 4.1RC5
New Comment:
This problem is still happening on 4.1RC5, though it seems to be doing a little better
than before. However it's also ignoring the time value I'm passing in to
set_time_limit(), but only when it runs out of time during clean-up.
#0 0x8107f05 in _efree (ptr=0xa62065c) at zend_alloc.c:240
240 REMOVE_POINTER_FROM_LIST(p);
(gdb) bt
#0 0x8107f05 in _efree (ptr=0xa62065c) at zend_alloc.c:240
#1 0x810829b in shutdown_memory_manager (silent=1, clean_cache=1) at zend_alloc.c:469
#2 0x807169e in php_module_shutdown () at main.c:1007
#3 0x8070239 in main (argc=3, argv=0xbffffc44) at cgi_main.c:788
Previous Comments:
------------------------------------------------------------------------
[2001-10-10 22:17:21] [EMAIL PROTECTED]
Confirmed on Redhat 7.2
No crash, but print_r($us) at the end of this script displays no output.
------------------------------------------------------------------------
[2001-09-25 13:55:55] [EMAIL PROTECTED]
When I unserialize a ~7mb object that contains several levels of nested objects and
arrays, PHP displays abnormal behavior. (Script #1)
First, when script execution is complete, PHP uses 100% of the CPU until it has
consumed the limit set by set_time_limit(). At this point, it segfaults with the
following backtrace (Backtrace #1).
When compiled into Apache, this causes the memory footprint for each child process to
skyrocket; the memory is not freed until the child exits. Over time, this has resulted
in Apache using 70mb * 10 children = 700mb of RAM.
Additonally: I have experienced random crashes when PHP (4.0.4pl1) exits on Solaris.
As I can not consistently reproduce this, I can't provide a sample script that always
exhibits the problem, but the script that crashes does use mysql, and does NOT use
unserialize() at all. This problem is included in this report because both crash in
the same function when PHP is doing the same thing (shutting down).
Backtrace #1 - Linux / php4-200109251035
./configure --with-mysql=/usr/local/mysql --enable-track-vars --with-xml
--with-imap=/usr --with-zlib-dir=/usr --with-ttf=/usr --enable-bcmath
--with-kerberos=/usr/kerberos --with-openssl=/usr
Program received signal SIGSEGV, Segmentation fault.
0x80ee455 in _efree (ptr=0xa585b54) at zend_alloc.c:240
240 REMOVE_POINTER_FROM_LIST(p);
(gdb) bt
#0 0x80ee455 in _efree (ptr=0xa585b54) at zend_alloc.c:240
#1 0x80ee7eb in shutdown_memory_manager (silent=1, clean_cache=1)
at zend_alloc.c:469
#2 0x806affe in php_module_shutdown () at main.c:1008
#3 0x8069ba9 in main (argc=2, argv=0xbffffbf4) at cgi_main.c:787
Backtrace #2: Solaris / php 4.0.4pl1
./configure --with-mysql=/apps/mysql --enable-track-vars --with-xml --enable-bcmath
#0 0x89074 in _efree (ptr=0x14d1c0) at zend_alloc.c:232
232 REMOVE_POINTER_FROM_LIST(p);
(gdb) bt
#0 0x89074 in _efree (ptr=0x14d1c0) at zend_alloc.c:232
#1 0x9ad48 in zend_hash_destroy (ht=0x158008) at zend_hash.c:569
#2 0x962f8 in _zval_dtor (zvalue=0x14a328) at zend_variables.c:69
#3 0x8e9f8 in _zval_ptr_dtor (zval_ptr=0x14acf4) at zend_execute_API.c:261
#4 0x9acdc in zend_hash_destroy (ht=0x11fdf4) at zend_hash.c:564
#5 0x8e824 in shutdown_executor () at zend_execute_API.c:165
#6 0x96ffc in zend_deactivate () at zend.c:525
#7 0x24c38 in php_request_shutdown (dummy=0x0) at main.c:688
#8 0x23a78 in main (argc=3, argv=0xeffffd34) at cgi_main.c:771
Script #1:
#!/usr/local/bin/php -q
<?
set_time_limit(5);
$fn = '/path/to/very-lage-serialized.file';
$fd = fopen($fn, 'r');
$str = fread($fd, filesize($fn));
$us = unserialize($str);
?>
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=13437&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
