PHP :: Bug #44309 :: Apache crash because PHP frees memory twice

Bug #44309

Apache crash because PHP frees memory twice

Submitted:

2008-03-02 09:51 UTC

Modified:

2008-03-04 05:36 UTC

Votes:	1
Avg. Score:	4.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

dmitry dot dulepov at gmail dot com

Assigned:

Status:

Closed

Package:

Reproducible crash

PHP Version:

5.2.5

OS:

SuSE Linux 10.3

Private report:

CVE-ID:

None

View Developer Edit

[2008-03-02 09:51 UTC] dmitry dot dulepov at gmail dot com

Description:
------------
From time to time Apache crashes inside PHP. It is impossible to reproduce by executing a single script but this happens several times a week. I cannot get a backtrace because this is no single script that crashes. It just crashes from time to time.

I use official distributions from SuSE 10.3.

Actual result:
--------------
Stack trace:

*** glibc detected *** /usr/sbin/httpd2-prefork: munmap_chunk(): invalid pointer: 0x00007fff56096260 ***
*** glibc detected *** /usr/sbin/httpd2-prefork: double free or corruption (out): 0x00007fff56094780 ***
======= Backtrace: =========
/lib64/libc.so.6[0x2b6e5675a21d]
/usr/lib64/apache2/mod_php5.so(zend_shutdown+0x7b)[0x2b6e5a1e623b]
/usr/lib64/apache2/mod_php5.so(php_module_shutdown+0x2a)[0x2b6e5a1a228a]
/usr/lib64/apache2/mod_php5.so(php_module_shutdown_wrapper+0x9)[0x2b6e5a1a2329]
/usr/lib64/apache2/mod_php5.so[0x2b6e5a265471]
/usr/lib64/libapr-1.so.0[0x2b6e55c7686d]
/usr/lib64/libapr-1.so.0(apr_pool_destroy+0x2d)[0x2b6e55c76e9d]
/usr/sbin/httpd2-prefork[0x5555555a14ce]
/usr/sbin/httpd2-prefork[0x5555555a14fb]
/lib64/libpthread.so.0[0x2b6e562d9fb0]
/usr/lib64/apache2/mod_php5.so(php_strlcpy+0x15)[0x2b6e5a1ae3c5]
/usr/lib64/apache2/mod_php5.so(php_realpath+0x3f4)[0x2b6e5a1a0884]
/usr/lib64/apache2/mod_php5.so(virtual_file_ex+0x1d5)[0x2b6e5a1a0b75]
/usr/lib64/apache2/mod_php5.so(expand_filepath+0x10d)[0x2b6e5a1a870d]
/usr/lib64/apache2/mod_php5.so(_php_stream_fopen+0x4d)[0x2b6e5a1bbaad]
/usr/lib64/apache2/mod_php5.so(_php_stream_fopen_with_path+0x91)[0x2b6e5a1bc451]
/usr/lib64/apache2/mod_php5.so(_php_stream_open_wrapper_ex+0xdd)[0x2b6e5a1b74ed]
/usr/lib64/apache2/mod_php5.so(php_stream_open_for_zend_ex+0x1f)[0x2b6e5a1a300f]
/usr/lib64/apache2/mod_php5.so(zend_stream_fixup+0x2c)[0x2b6e5a1fa1ec]
/usr/lib64/apache2/mod_php5.so(open_file_for_scanning+0x1b)[0x2b6e5a1c597b]
/usr/lib64/apache2/mod_php5.so(compile_file+0x8d)[0x2b6e5a1c5ced]
/lib64/libgcc_s.so.1[0x2b6e5af9d8fc]
[0x555555816240]

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-03-03 12:52 UTC] jani@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows (zip):
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip

For Windows (installer):

  http://snaps.php.net/win32/php5.2-win32-installer-latest.msi

[2008-03-03 15:08 UTC] dmitry dot dulepov at gmail dot com

It is hard (if not impossible) to use CVS snapshot on a production 
server. May be someone from development team can check what happens in 
source code? Or is there anything that makes you think the problem is 
solved in CVS?

[2008-03-04 02:12 UTC] crrodriguez at suse dot de

Please report SUSE package problems at http://bugzilla.novell.com/ NOT here, unless you are sure that this problem is still present in php.net   sources.
in both cases, you must provide a test case in order to reproduce the problem and fix it.

Thanks for your attention,

[2008-03-04 05:36 UTC] dmitry dot dulepov at gmail dot com

Whatever. If you do not want bug reports, I will not post any. I thought you welcome help and want to improve the product but it seems you care only about having less work. Forget it. Let this bug be.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Jul 01 16:01:38 2025 UTC