When opening a PHP script, Apache segfaults. Error log indicates an attempt by libphp5.so to free() an invalid pointer. Error is not constrained to a particular PHP script, and does not always happen.

Reproducible: Sometimes

Steps to Reproduce:
1.Browse a PHP script served by Apache
2.Browser presents a dialogue box to open/save the file, rather than doing layout 
3.Inspection of error log reveals that Apache has creashed

Actual Results:  
Apache does not serve page

Expected Results:  
Apache serves page

Apache version: 2.2.6

PHP version: 5.2.4_pre200708051230-r2

emerge --info:

Portage 2.1.2.12 (default-linux/x86/2007.0/server, gcc-4.1.2, glibc-2.5-r4, 2.6.19-gentoo-r5 i686)
=================================================================
System uname: 2.6.19-gentoo-r5 i686 Pentium III (Katmai)
Gentoo Base System release 1.12.9
Timestamp of tree: Sat, 15 Sep 2007 02:50:01 +0000
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.4 [disabled]
app-shells/bash:     3.2_p17
dev-java/java-config: 1.3.7, 2.0.31-r5
dev-lang/python:     2.4.4-r4
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.9-r2
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.17
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.17-r2
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-O2 -march=pentium3 -fomit-frame-pointer -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distcc distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict"
GENTOO_MIRRORS="http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://www.gigaload.org/gentoo.org/ http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/"
LANG="en_GB.utf8"
LINGUAS="en_GB"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="acl acpi apache2 berkdb bitmap-fonts bzlib cgi cli cracklib crypt ctype dba doc dri evo fam fortran gdbm gpm iconv imap isdnlog java5 libwww logrotate maildir mailwrapper midi mmx mudflap mysql ncurses nls nptl nptlonly openmp pam pcre perl ppds pppd python readline reflection sasl session spl ssl tcpd threads truetype-fonts type1-fonts unicode userlocales vim vim-syntax x86 xml xmlrpc xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY