From:
Operating system: Windows
PHP version: 5.3.5
Package: Gettext related
Bug Type: Bug
Bug description:Gettext extension crashes PHP/Apache
Description:
------------
We have an application working just fine on windows 2008 + apache 2.2.17 +
php 5.2.17 .
We updated to 5.3.5 and found repeatable PHP crashes, from within Apache
and also from command line.
It is repeatable, but not always (it crashes about 9 of 10 runs). Server is
virtualized as guest in a KVM host (debian lenny).
Test script:
---------------
<?php
$a = _('Albaran');
?>
Expected result:
----------------
I expected a clean end of php, with no output.
Actual result:
--------------
php__PID__4900__Date__01_25_2011__Time_06_33_38PM__118__Second_Chance_Exception_C0000005.dmp
Type of Analysis Performed Crash Analysis
Machine Name WIN2008
Operating System Windows Vista Service Pack 2
Number Of Processors 2
Process ID 4900
Process Image c:\php535\php.exe
System Up-Time 1 day(s) 06:38:51
Process Up-Time 00:00:01
Thread 0 - System ID 380
Entry point php!mainCRTStartup
Create time 25/01/2011 18:33:37
Time spent in user mode 0 Days 0:0:0.140
Time spent in kernel mode 0 Days 0:0:0.328
Function Arg 1 Arg 2 Arg 3 Source
ntdll!RtlpCoalesceFreeBlocks+35 00090000 00178490 00c0f958
ntdll!RtlpFreeHeap+1e2 00178490 00178498 00178498
ntdll!RtlFreeHeap+14e 00090000 00000000 00178490
kernel32!HeapFree+14 00090000 00000000 00178498
msvcrt!free+cd 00178498 455f7365 6f6d4053
php_gettext!libintl_dcigettext+2df 00177674 0290f0d0 00000000
php_gettext!libintl_dcgettext+1a 00000000 0290f0d0 000006c1
php_gettext!libintl_gettext+11 0290f0d0 00092640 030e9dc0
php_gettext!zif_gettext+65 0290f0d0 030e06b0 00000000
php5ts!zend_do_fcall_common_helper_SPEC+94e 00000000 02940550
00092640
php5ts!ZEND_DO_FCALL_SPEC_CONST_HANDLER+130 00c0fbd4 00092640
00c0fe70
php5ts!execute+2fe 02940550 00092600 00000000
php5ts!zend_execute_scripts+f6 00000008 00092640 00000000
php5ts!php_execute_script+245 00c0fe70 00092640 00000000
php!main+bf1 00000002 000925c8 000915a8
php!mainCRTStartup+e3 7ffdb000 00c0ffd4 776219bb
kernel32!BaseThreadInitThunk+e 7ffdb000 7139d704 00000000
ntdll!__RtlUserThreadStart+23 00402d78 7ffdb000 ffffffff
ntdll!_RtlUserThreadStart+1b 00402d78 7ffdb000 00000000
NTDLL!RTLPCOALESCEFREEBLOCKS+35
Detailed Info For Corrupt Heap
Heap 1 - 0x00180000
Heap Name Default process heap
Heap Description This heap is created by default and shared by all
modules in the process
Reserved memory 5.244.720,03 TBytes
Committed memory 2.097.264,00 TBytes (39,99% of reserved)
Uncommitted memory 3.147.456,03 TBytes (60,01% of reserved)
Number of heap segments 1 segments
Number of uncommitted ranges 996432412722 range(s)
Size of largest uncommitted range 29.440,41 TBytes
Calculated heap fragmentation 99,06%
Segment Information
Base Address Reserved Size Committed Size Uncommitted Size Number of
uncommitted ranges Largest uncommitted block Calculated heap fragmentation
0x1f92dd0d 105.908.016,03 TBytes 52.428.912,00 TBytes 53.479.104,03 TBytes
996432412722 29.440,41 TBytes 99,94%
Back to Top
In
php__PID__4900__Date__01_25_2011__Time_06_33_38PM__118__Second_Chance_Exception_C0000005.dmp
the assembly instruction at ntdll!RtlpCoalesceFreeBlocks+35 in
C:\Windows\System32\ntdll.dll from Microsoft Corporation has caused an
access violation exception (0xC0000005) when trying to read from memory
location 0x0010ff3a on thread 0
Heap corruption was detected in heap 0x00180000, however pageheap was not
enabled in this dump. Please follow the instructions in the recommendation
section for troubleshooting heap corruption issues.
Current NTGlobalFlags value: 0x0 Module Information
Image Name: C:\Windows\System32\ntdll.dll Symbol Type: PDB
Base address: 0x775e0000 Time Stamp: Sat Apr 11 08:26:41 2009
Checksum: 0x0012c163 Comments:
COM DLL: False Company Name: Microsoft Corporation
ISAPIExtension: False File Description: NT Layer DLL
ISAPIFilter: False File Version: 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Managed DLL: False Internal Name: ntdll.dll
VB DLL: False Legal Copyright: © Microsoft Corporation. All rights
reserved.
Loaded Image Name: ntdll.dll Legal Trademarks:
Mapped Image Name: Original filename: ntdll.dll
Module name: ntdll Private Build:
Single Threaded: False Product Name: Microsoft® Windows® Operating
System
Module Size: 1,15 MBytes Product Version: 6.0.6002.18005
Symbol File Name:
c:\symcache\ntdll.pdb\2A581B1A8A244C51992668A826BF4FBB2\ntdll.pdb Special
Build: &
--
Edit bug report at http://bugs.php.net/bug.php?id=53837&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=53837&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=53837&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=53837&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=53837&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=53837&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=53837&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=53837&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=53837&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=53837&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=53837&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=53837&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=53837&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=53837&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=53837&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=53837&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=53837&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=53837&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=53837&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=53837&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=53837&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=53837&r=mysqlcfg
