php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52038 zend_mm_heap corrupted at end of program
Submitted: 2010-06-09 21:39 UTC Modified: 2013-02-18 00:34 UTC
Votes:4
Avg. Score:4.2 ± 0.8
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:1 (25.0%)
From: gar37bic at gmail dot com Assigned:
Status: No Feedback Package: Reproducible crash
PHP Version: 5.3.2 OS: Linux Ubuntu 10.0.0.4
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: gar37bic at gmail dot com
New email:
PHP Version: OS:

 

 [2010-06-09 21:39 UTC] gar37bic at gmail dot com
Description:
------------
I'm posting as a crash, even though the program completes its work before segfaulting.

I have a large, complex PHP command-line program that uses PHPExcel to read spreadsheet files, builds large data arrays, then uses XML_Serializer to generate XML, and writes the XML to a file.  The main program is primarily a sequential class loader, that reads in about 40 class files.  It also uses getopt() to parse command line options.  Maximum memory use is around 300-400 megabytes.

This program works fine.  However, under certain circumstances (including my 'verbose' logging output option, which generates 60,000 lines of log data), the program completes its work but after the final line of output, it says 'zend_mm_heap corrupted'.

Whether this occurs depends on the input spreadsheet, and is not directly related to the size of the sheet or the size of the output XML, or the maximum memory used. 

I have found that, for the spreadsheet that generates the error, by changing one array element in the default command line option definitions, I can turn the error on and off.

If I run the program as 'php my_program.php -blah', it acts the same as if I run it directly as 'my_program.php -blah'.  However, if I run the program as 'php -e my_program.php -blah' I never get the zend message.

I have run this under gdb using php -e to get a stack.  Under gdb it segfaults for both versions of the program.  The stack is identical for both versions of the program and the zend_mm_heap message does not appear.

Here the is the gdb stack.  (The first line is the ending line of my program.)

Program ending with status 0x0, 0 warnings and 0 errors

Program received signal SIGSEGV, Segmentation fault.
0x00000000006b549f in ?? ()
(gdb) bt
#0  0x00000000006b549f in ?? ()
#1  0x00000000006b59fb in ?? ()
#2  0x00000000006a1e4e in zend_hash_destroy ()
#3  0x0000000000694e2f in _zval_dtor_func ()
#4  0x0000000000688e5d in _zval_ptr_dtor ()
#5  0x00000000006a1e28 in zend_hash_destroy ()
#6  0x00000000006b6d69 in zend_object_std_dtor ()
#7  0x00000000006b6d89 in zend_objects_free_object_storage ()
#8  0x00000000006ba27c in zend_objects_store_free_object_storage ()
#9  0x0000000000689255 in ?? ()
#10 0x0000000000695b72 in ?? ()
#11 0x0000000000641825 in php_request_shutdown ()
#12 0x0000000000725314 in ?? ()
#13 0x00007ffff52a7c4d in __libc_start_main (main=<value optimized out>, 
    argc=<value optimized out>, ubp_av=<value optimized out>, 
    init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fffffffe218)
    at libc-start.c:226
#14 0x000000000042c639 in _start ()


Unfortunately, I can not post the code or the data.  It's large, and it's confidential, and the problem has appeared and disappeared with minor code changes over the last week so I don't think I can reduce it.  However if anyone has any ideas, I'd be willing to help as much as I can.

Loaded modules: core mod_log_config mod_logio prefork http_core mod_so mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_deflate mod_dir mod_env mod_mime mod_negotiation mod_php5 mod_python mod_reqtimeout mod_setenvif mod_ssl mod_status mod_userdir 

Expected result:
----------------
I don't expect to see 'zend_mm_heap corrupted'


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-06-10 11:13 UTC] kalle@php.net
Any chance you can compile apache with debugging symbols so we can see if it segfaults in any of the apache shutdown functions, or the sapi you use as i dont except it to be CLI looking at the bt?
 [2010-06-10 11:13 UTC] kalle@php.net
-Status: Open +Status: Feedback
 [2010-06-10 16:44 UTC] gar37bic at gmail dot com
I can work on building and running under Apache next week but not before then.  This program was built as a CLI program but I can hack in the necessaries to run it from Apache, once I get Apache built that way.

One additional bit of info, but it is probably not relevant - During development I normally have set error_reporting(-1).  I have to turn 'STRICT' error reporting off (E_ALL & ~E_STRICT) while I'm running the XML_Serializer module, because of a large number of complaints about deprecated static function assignments (I forget the details).  As soon as the serialization is complete I restore the original setting.
 [2010-11-24 13:04 UTC] jani@php.net
-Status: Feedback +Status: Open
 [2010-11-24 13:09 UTC] jani@php.net
-Status: Open +Status: Feedback
 [2010-11-24 13:09 UTC] jani@php.net
Try PHP 5.3.3, update any 3rd party extensions as well and build with debug symbols (--enable-debug for PHP configure line).
 [2013-02-18 00:34 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 00:01:28 2024 UTC