php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #15316 Segmentation fault on Interbase blob creation
Submitted: 2002-01-31 13:04 UTC Modified: 2002-12-04 22:54 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: bknotts at europa dot com Assigned:
Status: Closed Package: InterBase related
PHP Version: 4.1.1 OS: Linux 2.4.17-xfs
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: bknotts at europa dot com
New email:
PHP Version: OS:

 

 [2002-01-31 13:04 UTC] bknotts at europa dot com
When I try to insert an image into a blob, a segmentation
fault occurs in apache. This all worked fine in previous
versions of php that I used (4.0.4 - 4.0.6). I have recreated
this segfault on two different machines, with PHP as DSO, and
compiled-in.

Here is what seems to be the offending code in my script:

if ($ibaseconn) {
      $blob_id = ibase_blob_create();
      $blob_id_str = ibase_blob_close($blob_id);
      if ($noDB != "1") {
	ibase_query("UPDATE WN_Client_Data SET WN_Client_DataLogo=?, WN_Client_DataLogoType = '$thisType' 
WHERE WN_ClientID = '$WN_ClientID'",$blob_id_str);
      } else {
	ibase_query("INSERT INTO WN_Client_Data (WN_ClientID, WN_Client_DataLogo, WN_Client_DataLogoType, 
WN_Client_DataBriefDesc, WN_Client_DataExtDesc) VALUES ((SELECT WN_ClientID FROM WN_User WHERE 
WN_UserUserName='$HTTP_COOKIE_VARS[directUser]'), ?, ,'','', '');",$blob_id_str);
      }
}


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-31 13:08 UTC] bknotts at europa dot com
Here is my configure line:

./configure  --with-apxs --with-mysql=/usr --enable-track-vars --with-ldap --with-unixODBC=/usr 
--with-mcrypt --with-interbase=/opt/interbase --with-gd=/usr

 [2002-02-01 04:15 UTC] sander@php.net
Can you provide a backtrace? (see http://bugs.php.net/bugs-generating-backtrace.php)
 [2002-02-13 12:04 UTC] bknotts at europa dot com
Having trouble getting apache to listen to a port when
run under gdb. Will keep trying.

Can't seem to get a core file any other way.
 [2002-02-21 17:55 UTC] bknotts at europa dot com
Still unable to generate a backtrace, but running strace reveals this:

[pid 27126] recv(5, "\0\0\0\t\377\377\377\377\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8192, 0) = 32
[pid 27126] semop(32769, 0xbfffb5f8, 2) = 0
[pid 27126] semop(32769, 0xbfffb5fc, 1) = 0
[pid 27126] send(5, "\0\0\0C\0\0\0\5\0\0\0\2", 12, 0) = 12
[pid 27126] select(6, [5], NULL, NULL, {60, 0}) = 1 (in [5], left {60, 0})
[pid 27126] recv(5, "\0\0\0\t\377\377\377\377\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8192, 0) = 32
[pid 27126] semop(32769, 0xbfffb5f8, 2) = 0
[pid 27126] semop(32769, 0xbfffb5fc, 1) = 0
[pid 27126] open("/www/heritage.legacyunlimited.com/pages/footer.php", O_RDONLY|O_LARGEFILE) = 8
[pid 27126] getcwd("/www/heritage.legacyunlimited.com/pages/customize", 4095) = 50
[pid 27126] lstat64("/www", {st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
[pid 27126] lstat64("/www/heritage.legacyunlimited.com", {st_mode=S_IFDIR|0775, st_size=156, ...}) = 0
[pid 27126] lstat64("/www/heritage.legacyunlimited.com/pages", {st_mode=S_IFDIR|0775, st_size=4096, ...}) = 0
[pid 27126] lstat64("/www/heritage.legacyunlimited.com/pages/footer.php", {st_mode=S_IFREG|0664, 
st_size=4322, ...}) = 0
[pid 27126] ioctl(8, SNDCTL_TMR_TIMEBASE, 0xbfffb67c) = -1 EINVAL (Invalid argument)
[pid 27126] fstat64(8, {st_mode=S_IFREG|0664, st_size=4322, ...}) = 0
[pid 27126] old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40277000
[pid 27126] read(8, "<?\n/*  OLD COPYRIGHT LINKS---\nAc"..., 8192) = 4322
[pid 27126] read(8, "", 4096)           = 0
[pid 27126] read(8, "", 8192)           = 0
[pid 27126] ioctl(8, SNDCTL_TMR_TIMEBASE, 0xbfffa658) = -1 EINVAL (Invalid argument)
[pid 27126] close(8)                    = 0
[pid 27126] munmap(0x40277000, 4096)    = 0
[pid 27126] munmap(0x403a1000, 94208)   = 0
[pid 27126] chdir("/")                  = 0
[pid 27126] send(6, "\0\0\0\25\0\0\0\0", 8, 0) = 8
[pid 27126] select(7, [6], NULL, NULL, {60, 0}) = 1 (in [6], left {60, 0})
[pid 27126] recv(6, "\0\0\0\t\0\0\0\0\0\0\0\0@3\256L\0\0\0\0\0\0\0\1\0\0\0\0"..., 8192, 0) = 32
[pid 27126] send(6, "\0\0\0\6", 4, 0)   = 4
[pid 27126] shutdown(6, 2 /* send and receive */) = 0
[pid 27126] close(6)                    = 0
[pid 27126] close(7)                    = 0
[pid 27126] munmap(0x40276000, 4096)    = 0
[pid 27126] open("/opt/interbase/interbase.msg", O_RDONLY) = 6
[pid 27126] read(6, "\1\0\0\4\10\377\1\0\0\0\0\0\3\0\r@", 16) = 16
[pid 27126] lseek(6, 130824, SEEK_SET)  = 130824
[pid 27126] read(6, "\177\r\3\0`\363\1\0\377\377\377\377\370\376\1\0", 1024) = 16
[pid 27126] lseek(6, 127840, SEEK_SET)  = 127840
[pid 27126] read(6, "\25\0\0\0\20\0\0\0*\0\0\0\350\3\0\0>\0\0\0\310\7\0\0[\0"..., 1024) = 1024
[pid 27126] lseek(6, 16, SEEK_SET)      = 16
[pid 27126] read(6, "\0\0\0\0\0\0\0\0\1\0\0\0<\0\0\0arithmetic excep"..., 1024)
= 1024
[pid 27126] --- SIGSEGV (Segmentation fault) ---
[pid 27125] <... select resumed> )      = ? ERESTARTNOHAND (To be restarted)
[pid 27125] --- SIGCHLD (Child exited) ---
 [2002-02-21 18:59 UTC] bknotts at europa dot com
Incidentally, I have tried every which way to get a core dump,
but even after running apache on port 1025 as a non-root
user, and checking permissions on the CoreDumpDirectory, no
core file is created.

So, I tried attaching gdb to specific processes, but for some
reason, when I attach gdb to a particular process, the process no longer accepts
connections. Any hints?
 [2002-02-21 20:46 UTC] bknotts at europa dot com
Well, I got pretty close to getting a backtrace, but ran
across what appears to be a bug in gdb. Either that, or
I am just not finding the proper documentation.

I can get a gdb attached to the proper thread, via:

/usr/sbin/apache.dbg

gdb /usr/sbin/apache.dbg

(gdb) attach <pid>
(gdb) continue


but when
I "continue" it, it gives me a message like "Cannot find 
thread 2049: invalid thread handle".

Now, I may be doing something wrong, but I sure can't
tell what.
 [2002-03-11 20:26 UTC] bknotts at europa dot com
Does any of this information help? I see that there are now
others reporting this bug, so perhaps it can be combined with
those.
 [2002-08-09 13:26 UTC] mike at nux dot co dot uk
I am using php 4.2.2 on freebsd 4.6 and it core dumps whenever I try to insert ot update a blob in an interbase db as well. (not running from apache running the cgi version from a shell).
 [2002-10-27 19:48 UTC] cheald45 at hotmail dot com
I wonder if this could be related to a problem I ran into, detailed at http://bugs.php.net/bug.php?id=18744

Basically, I discovered that if you tried to use ibase_blob_add to add > 64k of data to a blob at any one time, the data would be truncated.

Wonder if some variation of this bug causes a core dump? Are your images > 64k in size?
 [2002-11-24 23:20 UTC] iliaa@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip


 [2002-12-04 18:15 UTC] sniper@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 [2002-12-04 18:46 UTC] bknotts at europa dot com
Sorry...I meant to reply sooner. I haven't been able to do as 
you suggest yet. I have pretty much begun migrating off 
Interbase because of various weird problems integrating with 
PHP. 
 
I have tried newer PHP versions, and the problem seems to 
be at least partially addressed, although we do see quite a 
lot of error messages if we do not turn off error reporting.
 [2002-12-04 18:49 UTC] sniper@php.net
And what are those errors you get?

 [2002-12-04 18:59 UTC] bknotts at europa dot com
I get "invalid blob id" warnings. Everything seems to work OK, 
though.
 [2002-12-04 22:54 UTC] sniper@php.net
I'm closing this report since the original problem
is now fixed. If you want to, feel free to open
new report about those warnings..if they seem to
occur without any real reason.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 06:01:30 2024 UTC