php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #27178 PHP segfault (sometimes) when runnig the script
Submitted: 2004-02-07 10:24 UTC Modified: 2004-02-08 15:26 UTC
From: bjoern at thinkphphq dot de Assigned:
Status: Not a bug Package: Scripting Engine problem
PHP Version: 4.3.4 OS: Linux (Debian, RedHat, SuSE)
Private report: No CVE-ID: None
View Developer Edit
 [2004-02-07 10:24 UTC] bjoern at thinkphphq dot de 
Description:
------------
Hi there,

http://www.rent-a-phpwizard.de/2debug.tgz

On a RedHat 7.3 (512 MB):

[bjoern@baer 2debug]$ php segf.php
Segmentation fault

gdb output:

(gdb) run /home/bjoern/2debug/segf.php
Starting program: /usr/local/bin/php /home/bjoern/2debug/segf.php

Program received signal SIGSEGV, Segmentation fault.
0x0813adff in execute (op_array=0x81b436c)
    at /usr/local/src/php-4.3.4/Zend/zend_execute.c:1758
1758                                            ALLOC_ZVAL(valptr);

(gdb) bt full
#0  0x0813adff in execute (op_array=0x81b436c)
    at /usr/local/src/php-4.3.4/Zend/zend_execute.c:1758
        valptr = (zval *) 0x0
        value = (zval *) 0x4213502c
        execute_data = {opline = 0x42135014, function_state = {
    function_symbol_table = 0x0, function = 0x81b436c, reserved = {0x81206e9, 0x81b43d4,
      0xbffffaa0, 0x0}}, fbc = 0x0, ce = 0x0, object = {ptr = 0x0}, Ts = 0xbeeba750,
  original_in_execution = 0 '\0', op_array = 0x81b436c, prev_execute_data = 0x0}
#1  0x08127c44 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/local/src/php-4.3.4/Zend/zend.c:884
        files = 0xbfffd834
        i = 1
        file_handle = (zend_file_handle *) 0xbffffaa0
        orig_op_array = (zend_op_array *) 0x0
        local_retval = (zval *) 0x0
#2  0x08100f5c in php_execute_script (primary_file=0xbffffaa0)
    at /usr/local/src/php-4.3.4/main/main.c:1729
        orig_bailout = {{__jmpbuf = {135755056, 135777368, -1073743236, -1073743144,
      -1073743520, 135536498}, __mask_was_saved = 0, __saved_mask = {__val = {
        0 <repeats 32 times>}}}}
        orig_bailout_set = 1 '\001'
        prepend_file_p = (zend_file_handle *) 0x0
        append_file_p = (zend_file_handle *) 0x0
        prepend_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {
    fd = 0, fp = 0x0}, free_filename = 0 '\0'}
        append_file = {type = 0 '\0', filename = 0x0, opened_path = 0x0, handle = {
    fd = 0, fp = 0x0}, free_filename = 0 '\0'}
        old_cwd = 0xbfffd840 ""
        old_primary_file_path = 0x0
        retval = 0
#3  0x081426fc in main (argc=2, argv=0xbffffb44)
    at /usr/local/src/php-4.3.4/sapi/cli/php_cli.c:819
        orig_bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0}, __mask_was_saved = 0,
    __saved_mask = {__val = {0 <repeats 32 times>}}}}
        exit_status = 0
        c = 135506888
        file_handle = {type = 2 '\002',
---Type <return> to continue, or q <return> to quit---
  filename = 0xbffffc44 "/home/bjoern/2debug/segf.php", opened_path = 0x0, handle = {
    fd = 135989232, fp = 0x81b07f0}, free_filename = 0 '\0'}
        behavior = 1
        orig_optind = 1
        orig_optarg = 0x0
        arg_free = 0xbffffc44 "/home/bjoern/2debug/segf.php"
        arg_excp = (char **) 0x42135014
        script_file = 0xbffffc44 "/home/bjoern/2debug/segf.php"
        global_vars = {head = 0x0, tail = 0x0, size = 4, count = 0, dtor = 0,
  persistent = 0 '\0', traverse_ptr = 0x8177aac}
        interactive = 0
        module_started = 1
        lineno = 1
        exec_direct = 0x0
        param_error = 0x0
        hide_argv = 0
#4  0x42017589 in __libc_start_main () from /lib/i686/libc.so.6
No symbol table info available.


georg, Andrey and Sterling already had a look at the problem. It seemed to be an error in the Fastcache function
but they also weren't sure if the problem really was in
the FASTCACHE function.

The strangeness is, on a SuSE 7.3 (1 GB RAM, 256 MB swap) the script works. On a debian with 256 MB PHP says "Could not allocate <huge number> bytes of memory" and terminates (which would be okay), on an old SuSE 6.4 with 392 MB RAM the script segfaults again, same bt as above.

We're not really sure where the problem could be.

Reproduce code:
---------------
http://www.rent-a-phpwizard.de/2debug.tgz

extract, cd to 2debug/ and then run "php segf.php".

Expected result:
----------------
a message like "Done"

Actual result:
--------------
see above, on some systems a segfault with the bt shown above, on some systems it does work correctly.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-02-07 22:51 UTC] sniper@php.net 
You're hitting the limits. (e.g. there can only be certain amount of array elements, etc.)
 [2004-02-08 13:04 UTC] bjoern at thinkphphq dot de 
But why does it segfault on some servers and on some exit with "Couldn't allocate 8902389044 bytes of memory" (which would be an acceptable exit)?
 [2004-02-08 15:26 UTC] wez@php.net 
IIRC, Edin had problems with his nasty script that used 1GB of ram when php was linked with a particular version of glibc.  Perhaps this is also the case here?
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Jul 18 18:00:02 2025 UTC