Edit report at https://bugs.php.net/bug.php?id=44852&edit=1
ID: 44852 Updated by: s...@php.net Reported by: der...@php.net Summary: PDO_OCI crashes -Status: Open +Status: Feedback Type: Bug Package: PDO related Operating System: Linux PHP Version: 5.*, 6CVS (2009-04-25) Block user comment: N Private report: N New Comment: See if this is resolved now that https://bugs.php.net/bug.php?id=57702 is fixed. Previous Comments: ------------------------------------------------------------------------ [2009-04-25 15:01:13] j...@php.net See also bug #44589 ------------------------------------------------------------------------ [2008-04-28 09:14:12] der...@php.net Issue #44589 is the same, but has a bit more information. Keeping both open as they complement each other. (The other one has a test script) ------------------------------------------------------------------------ [2008-04-28 09:12:12] der...@php.net Description: ------------ PDO/OCI segfaults while describing columns. I gave a stab at a quick reproducing script, but did not manage unfortunately. I get this issue by running the WorkflowDatabaseTiein component test suite with: php -dmemory_limit=-1 UnitTest/src/runtests.php -v -D oracle://ezc:wee123@ezctest/ezctest WorkflowDatabaseTiein/tests/execution_test.php Reproduce code: --------------- Database schema: CREATE TABLE "execution" ( "execution_id" number NOT NULL, "execution_next_thread_id" number NOT NULL, "execution_parent" number NOT NULL, "execution_started" number NOT NULL, "execution_threads" clob, "execution_variables" clob, "execution_waiting_for" clob, "workflow_id" number NOT NULL ) CREATE SEQUENCE "execution_execution_id_seq" start with 1 increment by 1 nomaxvalue CREATE OR REPLACE TRIGGER "execution_execution_id_trg" before insert on "execution" for each row begin select "execution_execution_id_seq".nextval into :new."execution_id" from dual; end; ALTER TABLE "execution" ADD CONSTRAINT "execution_pkey" PRIMARY KEY ( "execution_id" ) CREATE INDEX "execution_parent" ON "execution" ( "execution_parent" ) CREATE TABLE "execution_state" ( "execution_id" number NOT NULL, "node_activated_from" clob NOT NULL, "node_id" number NOT NULL, "node_state" clob, "node_thread_id" number NOT NULL ) ALTER TABLE "execution_state" ADD CONSTRAINT "execution_state_pkey" PRIMARY KEY ( "execution_id", "node_id" ) CREATE TABLE "node" ( "node_class" varchar2(255) NOT NULL, "node_configuration" clob, "node_id" number NOT NULL, "workflow_id" number NOT NULL ) CREATE SEQUENCE "node_node_id_seq" start with 1 increment by 1 nomaxvalue CREATE OR REPLACE TRIGGER "node_node_id_trg" before insert on "node" for each row begin select "node_node_id_seq".nextval into :new."node_id" from dual; end; ALTER TABLE "node" ADD CONSTRAINT "node_pkey" PRIMARY KEY ( "node_id" ) CREATE INDEX "workflow_id" ON "node" ( "workflow_id" ) CREATE TABLE "node_connection" ( "in_node_id" number NOT NULL, "out_node_id" number NOT NULL ) CREATE INDEX "in_node_id" ON "node_connection" ( "in_node_id" ) CREATE TABLE "variable_handler" ( "class" varchar2(255) NOT NULL, "variable" varchar2(255) NOT NULL, "workflow_id" number NOT NULL ) ALTER TABLE "variable_handler" ADD CONSTRAINT "variable_handler_pkey" PRIMARY KEY ( "class", "workflow_id" ) CREATE TABLE "workflow" ( "workflow_created" number NOT NULL, "workflow_id" number NOT NULL, "workflow_name" varchar2(64) NOT NULL, "workflow_version" number DEFAULT 1 NOT NULL ) CREATE SEQUENCE "workflow_workflow_id_seq" start with 1 increment by 1 nomaxvalue CREATE OR REPLACE TRIGGER "workflow_workflow_id_trg" before insert on "workflow" for each row begin select "workflow_workflow_id_seq".nextval into :new."workflow_id" from dual; end; ALTER TABLE "workflow" ADD CONSTRAINT "workflow_pkey" PRIMARY KEY ( "workflow_id" ) CREATE UNIQUE INDEX "name_version" ON "workflow" ( "workflow_name", "workflow_version" ) Actual result: -------------- Segfault: backtrace: #0 0xb7447574 in kghualloc () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #1 0xb73e865f in kohalc () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #2 0xb73e7f4f in kohalc () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #3 0xb73e8902 in kohalw () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #4 0xb7283b83 in kollalfn () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #5 0xb6d401d3 in kpugdesc () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #6 0xb6e0e5a6 in OCIDescriptorAlloc () from /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1 No symbol table info available. #7 0x08209985 in oci_stmt_describe (stmt=0xb30291a8, colno=2) at /root/src/php-5.2.5/ext/pdo_oci/oci_statement.c:553 S = (pdo_oci_stmt *) 0xb32c384c param = (OCIParam *) 0x8959404 colname = (text *) 0x8963b4c "node_configuration" dtype = 112 data_size = 4000 scale = 0 precis = 0 namelen = 18 col = (struct pdo_column_data *) 0xb3031b40 dyn = 0 '\0' #8 0x081f94c0 in pdo_stmt_describe_columns (stmt=0xb30291a8) at /root/src/php-5.2.5/ext/pdo/pdo_stmt.c:198 col = 2 #9 0x081fa38c in zim_PDOStatement_execute (ht=0, return_value=0xb3027f54, return_value_ptr=0x0, this_ptr=0xb32cb20c, return_value_used=0) at /root/src/php-5.2.5/ext/pdo/pdo_stmt.c:509 input_params = (zval *) 0x0 ret = 1 stmt = (pdo_stmt_t *) 0xb30291a8 #10 0x0847d9e6 in execute_internal (execute_data_ptr=0xbfbd4f14, return_value_used=0) at /root/src/php-5.2.5/Zend/zend_execute.c:1385 return_value_ptr = (zval **) 0xbfbd3f94 #11 0xb6525765 in xdebug_execute_internal (current_execute_data=0xbfbd4f14, return_value_used=0) at /tmp/pear/cache/xdebug-2.0.3/xdebug.c:1605 edata = (zend_execute_data *) 0xbfbd4f14 fse = (function_stack_entry *) 0x89d1ca8 cur_opcode = (zend_op *) 0x0 do_return = 1 function_nr = 9158 #12 0x0847e093 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbd4f14) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:202 return_reference = 0 '\0' opline = (zend_op *) 0xb31a6400 original_return_value = (zval **) 0x847fa09 current_scope = (zend_class_entry *) 0xb3197098 current_this = (zval *) 0xb3021d94 return_value_used = 0 should_change_scope = 1 '\001' ctor_opline = (zend_op *) 0xb654c19c #13 0x0847ecc7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbd4f14) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:322 No locals. #14 0x0847dbe0 in execute (op_array=0xb3215f08) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:92 execute_data = {opline = 0xb31a6400, function_state = {function_symbol_table = 0xb32c2504, function = 0x88125e0, reserved = {0xbfbd7274, 0xbfbd50d4, 0xbfbd4f58, 0xb6523748}}, fbc = 0x88125e0, op_array = 0xb3215f08, object = 0xb32cb20c, Ts = 0xbfbd3860, CVs = 0xbfbd3810, original_in_execution = 1 '\001', symbol_table = 0xb32ab6f8, prev_execute_data = 0xbfbd5f34, old_error_reporting = 0x0} #15 0xb65253f7 in xdebug_execute (op_array=0xb3215f08) at /tmp/pear/cache/xdebug-2.0.3/xdebug.c:1541 dummy = (zval **) 0x0 edata = (zend_execute_data *) 0xbfbd5f34 fse = (function_stack_entry *) 0x89ce800 xfse = (function_stack_entry *) 0x5 magic_cookie = 0x0 do_return = 1 function_nr = 9032 le = (xdebug_llist_element *) 0xbfbd5038 eval_id = 0 #16 0x0847e1f7 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbd5f34) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:234 opline = (zend_op *) 0xb309d7f8 original_return_value = (zval **) 0xbfbd61a8 current_scope = (zend_class_entry *) 0xb310be10 current_this = (zval *) 0xb302b098 return_value_used = 1 should_change_scope = 1 '\001' ctor_opline = (zend_op *) 0xb654c19c #17 0x0847ecc7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbd5f34) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:322 No locals. #18 0x0847dbe0 in execute (op_array=0xb3096670) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:92 execute_data = {opline = 0xb309d7f8, function_state = {function_symbol_table = 0xb32ab6f8, function = 0xb3215f08, reserved = {0xbfbd7274, 0xbfbd60d8, 0xbfbd5f78, 0xb6523748}}, fbc = 0xb3215f08, op_array = 0xb3096670, object = 0xb3021d94, Ts = 0xbfbd50f0, CVs = 0xbfbd50b0, original_in_execution = 1 '\001', symbol_table = 0xb32ab8fc, prev_execute_data = 0xbfbd61d4, old_error_reporting = 0x0} #19 0xb65253f7 in xdebug_execute (op_array=0xb3096670) at /tmp/pear/cache/xdebug-2.0.3/xdebug.c:1541 dummy = (zval **) 0x0 edata = (zend_execute_data *) 0xbfbd61d4 fse = (function_stack_entry *) 0x89c3760 xfse = (function_stack_entry *) 0x19 magic_cookie = 0x0 do_return = 1 function_nr = 8930 le = (xdebug_llist_element *) 0xbfbd6058 eval_id = 0 #20 0x0847e1f7 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfbd61d4) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:234 opline = (zend_op *) 0xb3105fa0 original_return_value = (zval **) 0xbfbd67b8 current_scope = (zend_class_entry *) 0xb310be10 current_this = (zval *) 0xb302b098 return_value_used = 0 should_change_scope = 1 '\001' ctor_opline = (zend_op *) 0xb654c19c #21 0x0847ecc7 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfbd61d4) at /root/src/php-5.2.5/Zend/zend_vm_execute.h:322 No locals. (goes on for a bit - it's not a stack overflow) The functions that I am calling just around it segfaulting: -> ezcQuerySelectOracle->prepare() /root/ezcomponents/trunk/WorkflowDatabaseTiein/src/definition_storage.php:94 -> ezcQuery->prepare() /root/ezcomponents/trunk/Database/src/sqlabstraction/implementations/query_select_oracle.php:176 -> ezcQuerySelectOracle->getQuery() /root/ezcomponents/trunk/Database/src/sqlabstraction/query.php:432 -> ezcQuerySelect->getQuery() /root/ezcomponents/trunk/Database/src/sqlabstraction/implementations/query_select_oracle.php:143 >=> 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' >=> 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' -> PDO->prepare('SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1') /root/ezcomponents/trunk/Database/src/sqlabstraction/query.php:432 >=> class PDOStatement { public $queryString = 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' } -> ezcQuery->doBind($stmt = class PDOStatement { public $queryString = 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' }) /root/ezcomponents/trunk/Database/src/sqlabstraction/query.php:433 -> PDOStatement->bindValue(':ezcValue1', 1, 2) /root/ezcomponents/trunk/Database/src/sqlabstraction/query.php:393 >=> TRUE >=> NULL >=> class PDOStatement { public $queryString = 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' } >=> class PDOStatement { public $queryString = 'SELECT "node_id", "node_class", "node_configuration" FROM "node" WHERE "workflow_id" = :ezcValue1' } -> PDOStatement->execute() /root/ezcomponents/trunk/WorkflowDatabaseTiein/src/definition_storage.php:95 valgrind: ==8810== ==8810== Invalid write of size 4 ==8810== at 0x4EC3574: kghualloc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E6465E: (within /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E63F4E: kohalc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E64901: kohalw (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4CFFB82: kollalfn (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x47BC1D2: kpugdesc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x488A5A5: OCIDescriptorAlloc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x8209984: oci_stmt_describe (oci_statement.c:553) ==8810== by 0x81F94BF: pdo_stmt_describe_columns (pdo_stmt.c:198) ==8810== by 0x81FA38B: zim_PDOStatement_execute (pdo_stmt.c:509) ==8810== by 0x847D9E5: execute_internal (zend_execute.c:1385) ==8810== by 0x5AB6764: xdebug_execute_internal (xdebug.c:1605) ==8810== Address 0x3D34 is not stack'd, malloc'd or (recently) free'd ==8810== ==8810== Process terminating with default action of signal 11 (SIGSEGV) ==8810== Access not within mapped region at address 0x3D34 ==8810== at 0x4EC3574: kghualloc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E6465E: (within /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E63F4E: kohalc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E64901: kohalw (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4CFFB82: kollalfn (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x47BC1D2: kpugdesc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x488A5A5: OCIDescriptorAlloc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x8209984: oci_stmt_describe (oci_statement.c:553) ==8810== by 0x81F94BF: pdo_stmt_describe_columns (pdo_stmt.c:198) ==8810== by 0x81FA38B: zim_PDOStatement_execute (pdo_stmt.c:509) ==8810== by 0x847D9E5: execute_internal (zend_execute.c:1385) ==8810== by 0x5AB6764: xdebug_execute_internal (xdebug.c:1605) ==8810== ==8810== Invalid free() / delete / delete[] ==8810== at 0x401CFA5: free (vg_replace_malloc.c:233) ==8810== by 0x560CE4D: (within /lib/tls/libc-2.3.6.so) ==8810== by 0x560C601: __libc_freeres (in /lib/tls/libc-2.3.6.so) ==8810== by 0x40191F6: _vgnU_freeres (vg_preloaded.c:60) ==8810== by 0x5393863: (within /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E6465E: (within /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E63F4E: kohalc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4E64901: kohalw (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x4CFFB82: kollalfn (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x47BC1D2: kpugdesc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x488A5A5: OCIDescriptorAlloc (in /usr/lib/oracle/xe/app/oracle/product/10.2.0/client/lib/libclntsh.so.10.1) ==8810== by 0x8209984: oci_stmt_describe (oci_statement.c:553) ==8810== Address 0x5722720 is not stack'd, malloc'd or (recently) free'd ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=44852&edit=1
