Description:
------------
Preconditions:
 - PHP running in IIS using FastCGI
 - error_log is set to "syslog"
 - session.save_path points to a directory to which the application pool user doesn't have write access


Test script:
---------------
<?
session_start();
echo (phpinfo());
?>

Expected result:
----------------
accessing the page should do:
 - report an error, such as "php[6288] PHP Warning:  session_start(): open(D:\sessions\sess_2bpr1lnu59pc559ng7dm0onau3, O_RDWR) failed: Permission denied (13) in [...]"
 - display the result of phpinfo()

Actual result:
--------------
On every first of two requests, php behaves as expected. On every second request, PHP:
 - logs a part of the response in the expected event entry, just before " session_start(): "

this looks like a dangling pointer, which should point to the name of the currently executed php function, but actually points to any place of the zend heap. possibly someone forgot to zero some pointer variable after freeing the memory it pointed to?

 - PHP crashes with 0xc0000005, the callstack is the following:
>	php5.dll!_efree(void * ptr=0x010aa660) Zeile 2440	C
 	php5.dll!closelog() Zeile 70	C
 	php5.dll!php_request_shutdown(void * dummy=0x00000000) Zeile 1854	C
 	php-cgi.exe!main(int argc=0x00000001, char * * argv=0x00bcafb0) Zeile 2508	C
 	php-cgi.exe!__tmainCRTStartup() Zeile 536	C


The error message is: "Unbehandelte Ausnahme bei 0x6DAE5189 (php5.dll) in php-cgi.exe_150318_151707.dmp: 0xC0000005: Zugriffsverletzung beim Lesen an Position 0x717418CC"

It seems the memory which is to be freed has already been freed before, but the pointer has not been set to NULL. The similar problem than before?