php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #42305 Segmentation fault after php script proccessing end
Submitted: 2007-08-15 08:47 UTC Modified: 2007-10-07 01:00 UTC
From: danil dot megrabjan at gmail dot com Assigned:
Status: No Feedback Package: PDO related
PHP Version: 5.2.4 OS: SLES10
Private report: No CVE-ID: None
View Add Comment Developer Edit
Have you experienced this issue?
Rate the importance of this bug to you:

 [2007-08-15 08:47 UTC] danil dot megrabjan at gmail dot com 
Description:
------------
After proccessing php-script i have my total result in browser, but in apache logs i see that "[Wed Aug 15 11:16:11 2007] [notice] child pid 8922 exit signal Segmentation fault (11)"
I use gdb so that i have any details about this problem.

I think, that main problem consist in php garbage collector whe it try  to free...

Reproduce code:
---------------
Very many code... i dont`n now how i may send this big code. Just as i don't know how i can this code made is shorten in 20 lines.

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213375712 (LWP 9388)]
0xb7cc7f49 in free () from /lib/libc.so.6
(gdb) bt
#0  0xb7cc7f49 in free () from /lib/libc.so.6
#1  0xb79302c1 in free_zend_constant (c=0x804a9bd7) at /usr/src/debug/php-5.2.3/Zend/zend_constants.c:35
#2  0xb7949ae5 in zend_hash_apply_deleter (ht=0x4ab08800, p=0x804a9ba0) at /usr/src/debug/php-5.2.3/Zend/zend_hash.c:805
#3  0xb7949bee in zend_hash_reverse_apply (ht=0x800b7068, apply_func=0xb792f240 <clean_non_persistent_constant>)
    at /usr/src/debug/php-5.2.3/Zend/zend_hash.c:954
#4  0xb7930138 in clean_non_persistent_constants () at /usr/src/debug/php-5.2.3/Zend/zend_constants.c:231
#5  0xb7931ab4 in shutdown_executor () at /usr/src/debug/php-5.2.3/Zend/zend_execute_API.c:303
#6  0xb793eecf in zend_deactivate () at /usr/src/debug/php-5.2.3/Zend/zend.c:941
#7  0xb78f579d in php_request_shutdown (dummy=0x0) at /usr/src/debug/php-5.2.3/main/main.c:1323
#8  0xb79c541c in php_handler (r=0x8048fd38) at /usr/src/debug/php-5.2.3/sapi/apache2handler/sapi_apache2.c:467
#9  0x8002f94d in ap_run_handler (r=0x8048fd38) at config.c:157
#10 0x80033227 in ap_invoke_handler (r=0x8048fd38) at config.c:372
#11 0x8003f084 in ap_internal_redirect (new_uri=0x8048fd18 "/infin.php?query=start/1/666666", r=0x80486f48)
    at http_request.c:477
#12 0xb756ec10 in ?? () from /usr/lib/apache2-prefork/mod_rewrite.so
#13 0x8048fd18 in ?? ()
#14 0x80486f48 in ?? ()
#15 0xb757367f in ?? () from /usr/lib/apache2-prefork/mod_rewrite.so
#16 0x8048fc50 in ?? ()
#17 0x00000000 in ?? ()

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-09-25 09:51 UTC] jani@php.net 
One more thing to try:

http://snaps.php.net/php5.2-latest.tar.gz

I've seen same kind of backtrace and they were totally unrelated to any xml operations. Also I think there was such bug already fixed in CVS so please give the snapshot a try. If it does crash, remember to send the backtrace (not forgetting the --enable-debug in configure line!)
 [2007-09-27 09:53 UTC] jani@php.net 
So all other crashes are gone, only this odbc thing crashes?
From what I can see, it actually segfaults outside PHP. Can you please add a backtrace without the full output? ie. just use 'bt'.
 [2007-09-27 10:37 UTC] danil dot megrabjan at gmail dot com 
Yep, now i have only one crash situation. Maybe PDO_ODBC or unixODBC...

Short bt, for you:
#0  0xb785cbee in uodbc_update_stats (h=0x74656c, stats_type_mask=3, value=0x1) at __stats.c:379
#1  0xb7814c3f in __SQLAllocHandle (handle_type=3, input_handle=0x8335408, output_handle=0x847c608, requested_version=0)
    at SQLAllocHandle.c:1064
#2  0xb78159e4 in SQLAllocHandle (handle_type=21512, input_handle=0x8335408, output_handle=0x847c608)
    at SQLAllocHandle.c:1270
#3  0xb7a56487 in odbc_handle_preparer (dbh=0x825c6f4,
    sql=0x847c220 "SELECT TPRTREE.PT_ID, TPRTREE.PT_PARENTID, TPRTREE.PT_CODE, TPRTREE.PT_ORDER, TASKCODE=(CASE WHEN PT_LEVEL1=0 THEN PT_CODE ELSE CONVERT(int,PT_LEVEL1) END), TPRTREE.PT_VISIBLENAME, TPRTREE.PT_LEVEL1, "..., sql_len=453,
    stmt=0x847b3f8, driver_options=0x847afd0) at /home/bagroff/distfiles/php5.2-200709251230/ext/pdo_odbc/odbc_driver.c:172
#4  0xb7a4a27d in zim_PDO_prepare (ht=2, return_value=0x847b954, return_value_ptr=0x0, this_ptr=0x82e2bac,
    return_value_used=1) at /home/bagroff/distfiles/php5.2-200709251230/ext/pdo/pdo_dbh.c:580
#5  0xb7c5abdc in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe41994)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:200
#6  0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe41994)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#7  0xb7c5a73d in execute (op_array=0x842c3a0) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#8  0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe41da4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#9  0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe41da4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#10 0xb7c5a73d in execute (op_array=0x8425e84) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#11 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe42494)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#12 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe42494)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#13 0xb7c5a73d in execute (op_array=0x8425084) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#14 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe43464)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#15 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe43464)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#16 0xb7c5a73d in execute (op_array=0x83a527c) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#17 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe43694)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#18 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe43694)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#19 0xb7c5a73d in execute (op_array=0x83a1a10) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#20 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe438d4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#21 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe438d4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#22 0xb7c5a73d in execute (op_array=0x82bcd74) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#23 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe43be4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
---Type <return> to continue, or q <return> to quit---
#24 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe43be4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#25 0xb7c5a73d in execute (op_array=0x83307d4) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#26 0xb7c5ad56 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfe440b4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:234
#27 0xb7c5b829 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfe440b4)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:322
#28 0xb7c5a73d in execute (op_array=0x825c5ec) at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend_vm_execute.h:92
#29 0xb7c359bf in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/bagroff/distfiles/php5.2-200709251230/Zend/zend.c:1134
#30 0xb7be43da in php_execute_script (primary_file=0xbfe463f4)
    at /home/bagroff/distfiles/php5.2-200709251230/main/main.c:2000
#31 0xb7caf333 in php_handler (r=0x8297aa8)
    at /home/bagroff/distfiles/php5.2-200709251230/sapi/apache2handler/sapi_apache2.c:631
#32 0x08074639 in ap_run_handler (r=0x8297aa8) at config.c:157
#33 0x08077797 in ap_invoke_handler (r=0x8297aa8) at config.c:372
#34 0x0808dd4a in ap_internal_redirect (new_uri=0x829b668 "/infin.php?query=connect", r=0x8292820) at http_request.c:477
#35 0x080a4eb4 in handler_redirect (r=0x8292820) at mod_rewrite.c:4729
#36 0x08074639 in ap_run_handler (r=0x8292820) at config.c:157
#37 0x08077797 in ap_invoke_handler (r=0x8292820) at config.c:372
#38 0x0808dec8 in ap_process_request (r=0x8292820) at http_request.c:258
#39 0x0808b1bb in ap_process_http_connection (c=0x828c9a0) at http_core.c:184
#40 0x0807b559 in ap_run_process_connection (c=0x828c9a0) at connection.c:43
#41 0x080a9090 in child_main (child_num_arg=<value optimized out>) at prefork.c:640
#42 0x080a92f3 in make_child (s=0x80d7ce8, slot=0) at prefork.c:680
#43 0x080aa0cc in ap_mpm_run (_pconf=0x80d30a8, plog=0x81111a0, s=0x80d7ce8) at prefork.c:956
#44 0x080623d5 in main (argc=135073952, argv=0x828a7c8) at main.c:730

If this segfaults outside PHP i don`t know what i must doing with this trouble :(
 [2007-09-29 03:13 UTC] jani@php.net 
First of all you need to come up with the shortest possible script that can be used to reproduce this issue.
 [2007-10-07 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 26 12:01:30 2024 UTC