php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #47118 Segmentation fault on ociexecute
Submitted: 2009-01-15 20:13 UTC Modified: 2009-08-17 20:22 UTC
From: holger at noefer dot org Assigned: sixd (profile)
Status: Closed Package: OCI8 related
PHP Version: 5.2.8 OS: Solaris 8
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: holger at noefer dot org
New email:
PHP Version: OS:

 

 [2009-01-15 20:13 UTC] holger at noefer dot org 
Description:
------------
Hello,

we have a problem with PHP and Oracle.
The versions are the following:

php 5.2.8 (latest)
Latest Oracle Instant Client 10.2.0.4.0 (latest)
Apache 1.3.37

./configure \
--prefix=/opt/php-5.2.8 \
--with-apxs=/opt/apache-content/bin/apxs \
--with-mysql=/opt/mysql-for-php5 \
--enable-shmop \
--enable-sysvsem \
--enable-ftp \
--enable-sysvshm \
--with-oci8=instantclient,/usr/oracle_instant/instantclient_10_2 \
--with-freetype-dir=/opt/lib \
--with-zlib-dir=/opt/lib \
--with-jpeg-dir=/opt/lib \
--with-gd \
--with-gettext \
--with-iconv-dir

[Thu Jan 15 20:46:09 2009] [notice] child pid 13292 exit signal Segmentation Fault (11)
[13289] EACCELERATOR: PHP crashed on opline 69 of ociexecute() at /www/vhost/inc/ticker/artikel.inc.php:755

[Thu Jan 15 20:46:16 2009] [notice] child pid 13289 exit signal Segmentation Fault (11)
[13902] EACCELERATOR: PHP crashed on opline 69 of ociexecute() at /www/vhost/inc/ticker/artikel.inc.php:755

[Thu Jan 15 20:46:17 2009] [notice] child pid 13902 exit signal Segmentation Fault (11)
[13278] EACCELERATOR: PHP crashed on opline 141 of ociexecute() at /www/vhost/inc/ticker/dpaticker.inc.php:77

PHP seems to crash on ociexecute. If I disable eaccelerator and Zend 
optimiser the problem is the same.

Best regards and thanks for help,
Holger

Actual result:
--------------
server:/opt/apache-content/coredump # gdb /opt/apache-content/libexec/libhttpd.ep core
GNU gdb 6.6
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.8"...
Reading symbols from /opt/apache-content/libexec/libhttpd.so...done.
Loaded symbols for /opt/apache-content/libexec/libhttpd.so
Reading symbols from /opt/BerkeleyDB.3.3/lib/libdb-3.3.so...done.
Loaded symbols for /usr/local/BerkeleyDB.3.3/lib/libdb-3.3.so
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libpthread.so.1...done.
Loaded symbols for /usr/lib/libpthread.so.1
Reading symbols from /opt/lib/libexpat.so.0...done.
Loaded symbols for /opt/lib/libexpat.so.0
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/platform/SUNW,Sun-Fire-880/lib/libc_psr.so.1...done.
Loaded symbols for /usr/platform/SUNW,Sun-Fire-880/lib/libc_psr.so.1
Reading symbols from /usr/lib/libthread.so.1...done.
Loaded symbols for /usr/lib/libthread.so.1
Reading symbols from /usr/lib/nss_files.so.1...done.
Loaded symbols for /usr/lib/nss_files.so.1
Reading symbols from /opt/apache-content/libexec/mod_env.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_env.so
Reading symbols from /opt/apache-content/libexec/mod_log_config.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_log_config.so
Reading symbols from /opt/apache-content/libexec/mod_mime.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_mime.so
Reading symbols from /opt/apache-content/libexec/mod_status.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_status.so
Reading symbols from /opt/apache-content/libexec/mod_dir.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_dir.so
Reading symbols from /opt/apache-content/libexec/mod_cgi.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_cgi.so
Reading symbols from /opt/apache-content/libexec/libproxy.so...done.
Loaded symbols for /opt/apache-content/libexec/libproxy.so
Reading symbols from /opt/apache-content/libexec/mod_alias.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_alias.so
Reading symbols from /opt/apache-content/libexec/mod_rewrite.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_rewrite.so
Reading symbols from /opt/apache-content/libexec/mod_access.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_access.so
Reading symbols from /opt/apache-content/libexec/mod_auth.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_auth.so
Reading symbols from /opt/apache-content/libexec/mod_setenvif.so...done.
Loaded symbols for /opt/apache-content/libexec/mod_setenvif.so
Reading symbols from /opt/apache-content/libexec/libssl.so...done.
Loaded symbols for /opt/apache-content/libexec/libssl.so
Reading symbols from /opt/openssl/lib/libssl.so.0.9.8...done.
Loaded symbols for /opt/openssl/lib/libssl.so.0.9.8
Reading symbols from /opt/openssl/lib/libcrypto.so.0.9.8...done.
Loaded symbols for /opt/openssl/lib/libcrypto.so.0.9.8
Reading symbols from /opt/lib/libgcc_s.so.1...done.
Loaded symbols for /opt/lib/libgcc_s.so.1
Reading symbols from /opt/apache-content/libexec/libphp5.so...done.
Loaded symbols for /opt/apache-content/libexec/libphp5.so
Reading symbols from /usr/lib/librt.so.1...done.
Loaded symbols for /usr/lib/librt.so.1
Reading symbols from /opt/mysql-5.0.67-solaris8-sparc/lib/libmysqlclient.so.15...done.
Loaded symbols for /opt/mysql-for-php5/lib/libmysqlclient.so.15
Reading symbols from /usr/lib/libintl.so.1...
warning: Lowest section in /usr/lib/libintl.so.1 is .hash at 00000074
done.
Loaded symbols for /usr/lib/libintl.so.1
Reading symbols from /opt/lib/libfreetype.so.6...done.
Loaded symbols for /opt/lib/libfreetype.so.6
Reading symbols from /opt/lib/libpng.so.3...done.
Loaded symbols for /opt/lib/libpng.so.3
Reading symbols from /opt/lib/libz.so...done.
Loaded symbols for /opt/lib/libz.so
Reading symbols from /opt/lib/libjpeg.so.62...done.
Loaded symbols for /opt/lib/libjpeg.so.62
Reading symbols from /usr/lib/libresolv.so.2...done.
Loaded symbols for /usr/lib/libresolv.so.2
Reading symbols from /usr/lib/libm.so.1...done.
Loaded symbols for /usr/lib/libm.so.1
Reading symbols from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1...done.
Loaded symbols for /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
Reading symbols from /opt/lib/libxml2.so.2...done.
Loaded symbols for /opt/lib/libxml2.so.2
Reading symbols from /opt/lib/libiconv.so.2...done.
Loaded symbols for /opt/lib/libiconv.so.2
Reading symbols from /usr/lib/libaio.so.1...done.
Loaded symbols for /usr/lib/libaio.so.1
Reading symbols from /usr/lib/libgen.so.1...done.
Loaded symbols for /usr/lib/libgen.so.1
Reading symbols from /usr/oracle_instant/instantclient_10_2/libnnz10.so...done.
Loaded symbols for /usr/oracle_instant/instantclient_10_2/libnnz10.so
Reading symbols from /usr/lib/libkstat.so.1...done.
Loaded symbols for /usr/lib/libkstat.so.1
Reading symbols from /usr/lib/libsched.so.1...done.
Loaded symbols for /usr/lib/libsched.so.1
Reading symbols from /opt/php-5.2.8/lib/php/extensions/saprfc.so...done.
Loaded symbols for /opt/php-5.2.8/lib/php/extensions/saprfc.so
Reading symbols from /usr/sap/rfcsdk/lib/librfccm.so...done.
Loaded symbols for /usr/sap/rfcsdk/lib/librfccm.so
Reading symbols from /usr/lib/libw.so.1...
warning: Lowest section in /usr/lib/libw.so.1 is .hash at 00000074
done.
Loaded symbols for /usr/lib/libw.so.1
Reading symbols from /opt/php-5.2.8/lib/php/extensions/libpdf_php.so...done.
Loaded symbols for /opt/php-5.2.8/lib/php/extensions/libpdf_php.so
Reading symbols from /opt/php-5.2.8/lib/php/extensions/eaccelerator.so...done.
Loaded symbols for /opt/php-5.2.8/lib/php/extensions/eaccelerator.so
Reading symbols from /usr/oracle_instant/instantclient_10_2/libociei.so...done.
Loaded symbols for /usr/oracle_instant/instantclient_10_2/libociei.so
Reading symbols from /usr/lib/locale/de/de.so.2...done.
Loaded symbols for /usr/lib/locale/de/de.so.2
Reading symbols from /usr/lib/ld.so.1...done.
Loaded symbols for /lib/ld.so.1
Core was generated by `/opt/apache-content/bin/httpd -R /opt/apache-content/libexec -f /opt/apache-con'.
Program terminated with signal 11, Segmentation fault.
#0  0xff0991f0 in __sigprocmask () from /usr/lib/libthread.so.1
(gdb) bt
#0  0xff0991f0 in __sigprocmask () from /usr/lib/libthread.so.1
#1  0xff08e574 in _resetsig () from /usr/lib/libthread.so.1
#2  0xff08dd14 in _sigon () from /usr/lib/libthread.so.1
#3  0xff090d54 in _thrp_kill () from /usr/lib/libthread.so.1
#4  0xff098d50 in kill () from /usr/lib/libthread.so.1
#5  0xff328d34 in sig_coredump () from /opt/apache-content/libexec/libhttpd.so
#6  <signal handler called>
#7  0xff0991f0 in __sigprocmask () from /usr/lib/libthread.so.1
#8  0xff08e574 in _resetsig () from /usr/lib/libthread.so.1
#9  0xff08dd14 in _sigon () from /usr/lib/libthread.so.1
#10 0xff090d54 in _thrp_kill () from /usr/lib/libthread.so.1
#11 0xff098d50 in kill () from /usr/lib/libthread.so.1
#12 <signal handler called>
#13 0xfcdd2e94 in ttcfopr () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#14 0xfcdc81a0 in ttcdrv () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#15 0xfcc7030c in nioqwa () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#16 0xfcab0718 in upirtrc () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#17 0xfca1d150 in kpurcsc () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#18 0xfc9bad7c in kpuexecv8 () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#19 0xfc9bd420 in kpuexec () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#20 0xfca75004 in OCIStmtExecute () from /usr/oracle_instant/instantclient_10_2/libclntsh.so.10.1
#21 0xfe54b804 in php_oci_statement_execute (statement=0xc3058, mode=32) at /home/user/php5-new/php-5.2.8/ext/oci8/oci8_statement.c:442
#22 0xfe552d98 in zif_oci_execute (ht=798808, return_value=0xaf5d18, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1)
    at /home/user/php5-new/php-5.2.8/ext/oci8/oci8_interface.c:1302
#23 0xfe6eec80 in zend_do_fcall_common_helper_SPEC (execute_data=0xffbea828) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:200
#24 0xfe6ee418 in execute (op_array=0x926f70) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#25 0xfe6eea30 in zend_do_fcall_common_helper_SPEC (execute_data=0xffbeab80) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:234
#26 0xfe6ee418 in execute (op_array=0x926e90) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#27 0xfe6eea30 in zend_do_fcall_common_helper_SPEC (execute_data=0xffbec8e0) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:234
#28 0xfe6ee418 in execute (op_array=0x853ff8) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#29 0xfe6eea30 in zend_do_fcall_common_helper_SPEC (execute_data=0xffbecb48) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:234
#30 0xfe6ee418 in execute (op_array=0xa29e08) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#31 0xfe6f7b40 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xffbed4f0) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:4662
#32 0xfe6ee418 in execute (op_array=0xa4e3f8) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#33 0xfe6f7b40 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xffbedec8) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:4662
#34 0xfe6ee418 in execute (op_array=0xb4b60) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#35 0xfe6f7b40 in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER (execute_data=0xffbeea00) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:4662
#36 0xfe6ee418 in execute (op_array=0xb30b0) at /home/user/php5-new/php-5.2.8/Zend/zend_vm_execute.h:92
#37 0xfe6d1f70 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/user/php5-new/php-5.2.8/Zend/zend.c:1134
#38 0xfe68f290 in php_execute_script (primary_file=0xffbef098) at /home/user/php5-new/php-5.2.8/main/main.c:2023
#39 0xfe748800 in apache_php_module_main (r=0xffbef080, display_source_mode=0) at /home/user/php5-new/php-5.2.8/sapi/apache/sapi_apache.c:53
#40 0xfe7494f8 in send_php (r=0x8d2b8, display_source_mode=0, filename=0x0) at /home/user/php5-new/php-5.2.8/sapi/apache/mod_php5.c:664
#41 0xfe749634 in send_parsed_php (r=0x8d2b8) at /home/user/php5-new/php-5.2.8/sapi/apache/mod_php5.c:679
#42 0xff31518c in ap_invoke_handler () from /opt/apache-content/libexec/libhttpd.so
#43 0xff33b600 in process_request_internal () from /opt/apache-content/libexec/libhttpd.so
#44 0xff33b69c in ap_process_request () from /opt/apache-content/libexec/libhttpd.so
#45 0xff32bbdc in child_main () from /opt/apache-content/libexec/libhttpd.so
#46 0xff32c010 in make_child () from /opt/apache-content/libexec/libhttpd.so
#47 0xff32c14c in startup_children () from /opt/apache-content/libexec/libhttpd.so
#48 0xff32cdf0 in standalone_main () from /opt/apache-content/libexec/libhttpd.so
#49 0xff32dd04 in ap_main () from /opt/apache-content/libexec/libhttpd.so
#50 0x0001075c in main ()
(gdb)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-01-15 21:46 UTC] sixd@php.net 
Please help narrow down the problem with the aim of supplying a reproducable testcase.  Look at patterns in the frequency of crash, the statement(s) that crash, and the environment (machine, environment variables, build options, connection etc) that causes the crash.
 [2009-01-30 15:04 UTC] holger at noefer dot org 
Hello,

sorry for the long time I did not respond to the bug but it
is hard to aim the bug.

The bug seems to appear when I use persistent connections.

Here are the default settings in php.ini
oci8.default_prefetch => 10 => 10
oci8.max_persistent => -1 => -1
oci8.old_oci_close_semantics => 0 => 0
oci8.persistent_timeout => -1 => -1
oci8.ping_interval => 60 => 60
oci8.privileged_connect => Off => Off
oci8.statement_cache_size => 20 => 20

Should the oci8.persistent_timeout be changed?

I will try to post some code next week.

Best regards,
Holger
 [2009-01-30 18:52 UTC] holger at noefer dot org 
Hello,

I changed oci8.default_prefetch from 10 to 100.
The segmentation faults seems to be fewer than before.

Perhaps it is related to this bug?
http://bugs.php.net/bug.php?id=41069

Best regards,
Holger
 [2009-02-10 19:41 UTC] sixd@php.net 
If you think it is #41069, you can examine use of Oracle dblinks in your application.

The changes in php_oci_statement_set_prefetch() in http://cvs.php.net/viewvc.cgi/pecl/oci8/oci8_statement.c?r1=1.7.2.14.2.28.2.4&r2=1.7.2.14.2.28.2.5 are the patch, if you want to test a code fix.

If this doesn't help, I'd recommend upgrading OCI8 to 1.3.4 from PECL before we continue investigation.
 [2009-06-18 21:13 UTC] holger at noefer dot org 
Hi,

sorry for my very late response.
The workaround to increase oci8.default_prefetch worked for me,
sometimes I got an segmenation fault.

After that I applied the patch and removed the increased oci8.default_prefetch value from php.ini.
The patch works fine and resolved my problem, no segmentation
faults seen any more.

Thanks for helping with the bug.

Best regards,
Holger
 [2009-08-17 20:22 UTC] sixd@php.net 
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP -- 
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php

If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.

---------------------------

Duplicate of http://bugs.php.net/bug.php?id=41069
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 21:01:36 2024 UTC