php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #71403 odbc segfault
Submitted: 2016-01-18 11:05 UTC Modified: 2016-02-08 22:22 UTC
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:3 (100.0%)
Same OS:0 (0.0%)
From: ice21zero at gmail dot com Assigned:
Status: Open Package: PDO ODBC
PHP Version: 7.0.3 OS: CentOS 6.7 , Ubuntu 14.04
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ice21zero at gmail dot com
New email:
PHP Version: OS:

 

 [2016-01-18 11:05 UTC] ice21zero at gmail dot com
Description:
------------
HP vertica query trouth unixODBC make segmentation fault

Actual result:
--------------
#0  zend_mm_alloc_small (size=<value optimized out>) at /usr/src/debug/php-7.0.2/Zend/zend_alloc.c:1291
#1  zend_mm_alloc_heap (size=<value optimized out>) at /usr/src/debug/php-7.0.2/Zend/zend_alloc.c:1358
#2  _emalloc (size=<value optimized out>) at /usr/src/debug/php-7.0.2/Zend/zend_alloc.c:2442
#3  0x00007ffff015c96f in zend_string_alloc (execute_data=<value optimized out>, return_value=0x7fffe3b5f740)
    at /usr/src/debug/php-7.0.2/Zend/zend_string.h:121
#4  zend_string_init (execute_data=<value optimized out>, return_value=0x7fffe3b5f740)
    at /usr/src/debug/php-7.0.2/Zend/zend_string.h:157
#5  zif_odbc_result (execute_data=<value optimized out>, return_value=0x7fffe3b5f740)
    at /usr/src/debug/php-7.0.2/ext/odbc/php_odbc.c:2224
#6  0x00000000005d32e9 in dtrace_execute_internal (execute_data=<value optimized out>,
    return_value=<value optimized out>) at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:107
#7  0x00007ffff3dd27cf in xdebug_execute_internal () from /usr/lib64/php/modules/xdebug.so
#8  0x0000000000658552 in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7fffe3b5f4f0)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:844
#9  0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#10 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7fffe3b5f4f0)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#11 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#12 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7fffe3b5f420)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#13 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#14 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7fffe3b5f420)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#15 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#16 0x00000000005d5af8 in zend_call_function (fci=0x7fffffff9600, fci_cache=0x7fffffff9650)
    at /usr/src/debug/php-7.0.2/Zend/zend_execute_API.c:860
#17 0x00000000005fffb7 in zend_call_method (object=0x7fffdc435b98, obj_ce=<value optimized out>,
    fn_proxy=<value optimized out>, function_name=0x6ec643 "next", function_name_len=<value optimized out>,
    retval_ptr=0x0, param_count=0, arg1=0x0, arg2=0x0) at /usr/src/debug/php-7.0.2/Zend/zend_interfaces.c:104
#18 0x00000000006004da in zend_user_it_move_forward (_iter=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_interfaces.c:234
#19 0x000000000065bb65 in ZEND_FE_FETCH_R_SPEC_VAR_HANDLER (execute_data=0x7fffe3b5f020)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:15884
#20 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#21 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7fffe3b5f020)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#22 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#23 0x000000000060d88e in zend_generator_resume (orig_generator=0x7fffdb210a00)
    at /usr/src/debug/php-7.0.2/Zend/zend_generators.c:683
#24 0x000000000065bb65 in ZEND_FE_FETCH_R_SPEC_VAR_HANDLER (execute_data=0x7ffff401d330)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:15884
#25 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#26 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff401d330)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#27 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#28 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4019b90)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#29 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#30 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4019b90)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#31 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#32 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff40187e0)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#33 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#34 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff40187e0)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
---Type <return> to continue, or q <return> to quit---
#35 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#36 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4017b80)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#37 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#38 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4017b80)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#39 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#40 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4015970)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#41 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#42 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4015970)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#43 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#44 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4015360)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#45 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#46 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4015360)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#47 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#48 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4015000)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#49 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#50 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4015000)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#51 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#52 0x0000000000646a67 in ZEND_CALL_TRAMPOLINE_SPEC_HANDLER (execute_data=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:1771
#53 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#54 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4015000)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#55 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#56 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4014a80)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#57 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#58 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4014a80)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#59 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#60 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff40146c0)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#61 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#62 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff40146c0)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#63 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#64 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff40143a0)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#65 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#66 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff40143a0)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#67 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#68 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4014240)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#69 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#70 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4014240)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#71 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#72 0x00000000006583ca in ZEND_DO_FCALL_SPEC_HANDLER (execute_data=0x7ffff4014030)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:800
#73 0x0000000000620750 in execute_ex (ex=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:417
#74 0x00000000005d342e in dtrace_execute_ex (execute_data=0x7ffff4014030)
    at /usr/src/debug/php-7.0.2/Zend/zend_dtrace.c:83
#75 0x00007ffff3dd2e87 in xdebug_execute_ex () from /usr/lib64/php/modules/xdebug.so
#76 0x000000000067380b in zend_execute (op_array=0x7ffff4082000, return_value=<value optimized out>)
    at /usr/src/debug/php-7.0.2/Zend/zend_vm_execute.h:458
#77 0x00000000005e1d93 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/src/debug/php-7.0.2/Zend/zend.c:1427
#78 0x00000000005837d0 in php_execute_script (primary_file=0x7fffffffd200)
    at /usr/src/debug/php-7.0.2/main/main.c:2471
#79 0x0000000000677abf in do_cli (argc=12, argv=0x9df9a0) at /usr/src/debug/php-7.0.2/sapi/cli/php_cli.c:974
#80 0x00000000006782ca in main (argc=12, argv=0x9df9a0) at /usr/src/debug/php-7.0.2/sapi/cli/php_cli.c:1345

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-01-18 13:34 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2016-01-18 13:34 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2016-01-18 14:02 UTC] ice21zero at gmail dot com
-Status: Feedback +Status: Open
 [2016-01-18 14:02 UTC] ice21zero at gmail dot com
odbc_result() /var/www/optimisator/app/Vendor/Vertica/VerticaStatement.php:130
odbc_field_name() /var/www/optimisator/app/Vendor/Vertica/VerticaStatement.php:130
    
--- code sample start ----

public function fetch($fetchMode = null, $cursor_orientation = null, $cursor_offset = null)
    {
        $fetchMode = $fetchMode ?: $this->defaultFetchMode;

        if (!$fetched = @odbc_fetch_row($this->sth)) {
            return false;
        }

        $numFields = odbc_num_fields($this->sth);
        $row = [];

        switch ($fetchMode) {
            case \PDO::FETCH_ASSOC:
            case \PDO::FETCH_OBJ:
            case \PDO::FETCH_LAZY:
                for ($i = 1; $i <= $numFields; $i++) {
/*row 130 */                   $row[odbc_field_name($this->sth, $i)] = odbc_result($this->sth, $i);
                }
                if (
                    \PDO::FETCH_OBJ == $fetchMode or
                    \PDO::FETCH_LAZY == $fetchMode
                ) {
                    $row = (object)$row;
                }
                break;

            case \PDO::FETCH_NUM:
                for ($i = 1; $i <= $numFields; $i++) {
                    $row[] = odbc_result($this->sth, $i);
                }
                break;

            case \PDO::FETCH_BOTH;
                for ($i = 1; $i <= $numFields; $i++) {
                    $value = odbc_result($this->sth, $i);

                    $row[] = $row[odbc_field_name($this->sth, $i)] = $value;
                }
                break;

            default:
                throw new VerticaException(sprintf('Unsupported fetch mode "%s"', $fetchMode));
        }

        return $row;
}

--- code sample end ----
 [2016-01-18 15:43 UTC] pajoye@php.net
Do you have a script like please?

1. connect
2. query with the actual query being used
3. fetch
4. close (if used in your initial report)
 [2016-01-21 15:21 UTC] ice21zero at gmail dot com
not able to exclude code from project to one sript. build php from git php-src and se that now.

Call Stack:
    0.0001     352472   1. {main}() /var/www/optimisator/app/Console/cake.php:0
    0.0006     417832   2. ShellDispatcher::run() /var/www/optimisator/app/Console/cake.php:34
    0.0210    3973768   3. ShellDispatcher->dispatch() /var/www/optimisator/lib/Cake/Console/ShellDispatcher.php:66
    0.0264    4911936   4. Shell->runCommand() /var/www/optimisator/lib/Cake/Console/ShellDispatcher.php:207
    0.0439    5393536   5. CronShell->doNow() /var/www/optimisator/lib/Cake/Console/Shell.php:357
    0.4249   12563576   6. k50WorkerJob->gearman_runEvent() /var/www/optimisator/app/Console/Command/CronShell.php:352
    0.4249   12563952   7. k50WorkerJob->__call() /var/www/optimisator/app/Console/Command/CronShell.php:352
    0.6536   12609808   8. gearman_runEvent() /var/www/optimisator/app/Lib/k50/Workers/k50WorkerJob.php:79
    0.6594   13272984   9. Event->run() /var/www/optimisator/app/Lib/k50/Workers/events.php:27
    0.7858   17558792  10. Event->runDirectKeysEvent() /var/www/optimisator/app/Model/Event.php:493
   13.7959   57432336  11. DirectRules->checkRulesForKeys() /var/www/optimisator/app/Model/Event.php:1027
   13.7963   57436880  12. DirectAggregatedRows->getKeysParams() /var/www/optimisator/app/Model/DirectRules.php:388
   14.5799  140151568  13. VerticaReportStatistics->getStoredStat() /var/www/optimisator/app/Model/DirectAggregatedRows.php:182
   14.6201  140156808  14. VerticaReportStatistics->iterateRecords() /var/www/optimisator/app/Lib/k50/Stat/VerticaReportStatistics.php:53
   14.6205  140159632  15. VerticaDirectKeys->createSqlParameters() /var/www/optimisator/app/Lib/k50/Stat/VerticaReportStatistics.php:150
   14.6266  140425336  16. StatQueryBuilder->finalize() /var/www/optimisator/app/Model/VerticaDirectKeys.php:176
   14.6266  140426536  17. SimpleQueryBuilder->getSql() /var/www/optimisator/app/Lib/k50/Stat/StatQueryBuilder.php:673
   14.6266  140427232  18. Vertica->buildStatement() /var/www/optimisator/app/Lib/k50/SimpleQueryBuilder.php:78
   14.6267  140437200  19. Vertica->renderStatement() /var/www/optimisator/app/Model/Datasource/Database/Vertica.php:1125

Fatal Error Error: Allowed memory size of 12582912000 bytes exhausted (tried to allocate 140453607299560 bytes) in [/var/www/optimisator/app/Model/Datasource/Database/Vertica.php, line 1152]
 [2016-02-08 22:22 UTC] ice21zero at gmail dot com
-Operating System: CentOS 6.7 +Operating System: CentOS 6.7 , Ubuntu 14.04 -PHP Version: 7.0.2 +PHP Version: 7.0.3
 [2016-02-08 22:22 UTC] ice21zero at gmail dot com
updated to php 7.0.3 , result the same segmentation fault mayme memory leak in some module
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC