ID: 38173
User updated by: geoffwa at cs dot rmit dot edu dot au
Reported By: geoffwa at cs dot rmit dot edu dot au
Status: Open
Bug Type: OCI8 related
Operating System: Solaris 10
PHP Version: 5.1.4
Assigned To: tony2001
New Comment:
Using the 10.2.0.2 Solaris/sparc32 Oracle instant client, I get the
same error with the same backtrace.
Previous Comments:
------------------------------------------------------------------------
[2006-07-30 01:27:30] geoffwa at cs dot rmit dot edu dot au
I posted the backtrace several times because the script I was using, or
the php binary I was using changed.
If I don't call oci_free_statement($row['CURSOR']) I don't get a SEGV,
which I indicated. Executing the nested cursor or not has no effect.
The backtrace shows an error occurring inside or around
php_oci_statement_fetch().
Omitting the call to oci_free_statement() allows the program to finish
cleanly. There are times when I'd like to close nested cursors earlier,
so I don't hit the open cursor limit set by the DBA. Closing nested
cursors certainly shouldn't cause PHP to crash!
dbx's run-time checking seems to think it's a misaligned read:
<rtc> Misaligned read (mar) on thread 1:
Attempting to read 4 bytes at address 0x5a5a5aae
current thread: [EMAIL PROTECTED]
=>[1] kpcxc2r(0x11eb74c, 0x5a5a5a5a, 0x11e58a4, 0x0, 0x2b308,
0xf2184d90), at 0xcae08a00
[2] kpcxk2u(0x11e58a4, 0xffbfc904, 0xcb3266f8, 0x0, 0xffbfc8fc,
0x11ec044), at 0xcae0b814
[3] ttccDefineConvert(0x18, 0xffbfc904, 0xffbfc910, 0xffbfc8fc,
0x5a5a5a5a, 0x75), at 0xcae0715c
[4] ttccfpg(0x0, 0x11e7930, 0x5a5a5a5a, 0x0, 0x11ec080, 0x4), at
0xcae076d0
[5] ttcfour(0x11de644, 0x11e58a4, 0x0, 0x0, 0x11ec218, 0xffbfecf0),
at 0xcae06770
[6] kpufCopyPrefRows(0x11de644, 0x0, 0x0, 0x1a18, 0x2, 0xffbfecf0),
at 0xcab09d34
[7] kpufch0(0x0, 0x11ed878, 0xffbfedd4, 0x2, 0x0, 0x20000), at
0xcab0a654
[8] kpufch(0x0, 0x11ee400, 0x0, 0x161c, 0xcb304a48, 0x0), at
0xcab0c11c
[9] php_oci_statement_fetch(statement = 0x13171c0, nrows = 1U), line
147 in "oci8_statement.c"
[10] php_oci_fetch_row(ht = 1, return_value = 0x1316c10,
return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1, mode
= 5, expected_args = 1), line 1667 in "oci8.c"
I'm using Oracle client v9.2.0.1.0, I'll try a 10g client next and see
what happens.
------------------------------------------------------------------------
[2006-07-29 21:02:40] [EMAIL PROTECTED]
Sorry, I still don't get it.
First of all, why do you past the backtrace every time? Are there any
differencies or why do you do it?
And you said you get the segfault in oci_execute() ?
Why do you need the part of the code that comes AFTER the oci_execute()
call then?
Did you try to install a newer Oracle client?
------------------------------------------------------------------------
[2006-07-29 00:29:09] geoffwa at cs dot rmit dot edu dot au
oci_executing()ing the returned cursor still results in a crash
(slightly db query simpler):
Code:
<?php
oci_internal_debug(1);
$dbh = oci_connect('geoffwa', 'XXX', 'DB');
$query =<<<EOQUERY
SELECT CURSOR( SELECT 1 FROM all_tables t2 ) AS cursor
FROM all_tables t1
EOQUERY;
$sth = oci_parse($dbh, $query);
oci_execute($sth);
while ( $row = oci_fetch_assoc($sth) ) {
print "Got row \n";
oci_execute($row['CURSOR']);
oci_free_statement($row['CURSOR']);
}
oci_free_statement($sth);
oci_close($dbh);
?>
Output:
OCI8 DEBUG: OCINlsEnvironmentVariableGet at
(/php-5.2/ext/oci8/oci8.c:1000)
OCI8 DEBUG: OCIEnvNlsCreate at (/php-5.2/ext/oci8/oci8.c:1160)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8.c:1185)
OCI8 DEBUG: OCIServerAttach at (/php-5.2/ext/oci8/oci8.c:1194)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8.c:1204)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8.c:1213)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8.c:1222)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8.c:1232)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8.c:1243)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8.c:1253)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8.c:1262)
OCI8 DEBUG: OCISessionBegin at (/php-5.2/ext/oci8/oci8.c:1293)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8_statement.c:61)
OCI8 DEBUG: OCIStmtPrepare2 at (/php-5.2/ext/oci8/oci8_statement.c:65)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8_statement.c:119)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8_statement.c:128)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:297)
OCI8 DEBUG: OCIStmtExecute at (/php-5.2/ext/oci8/oci8_statement.c:321)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:350)
OCI8 DEBUG: OCIParamGet at (/php-5.2/ext/oci8/oci8_statement.c:372)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:381)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:391)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:404)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:414)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:424)
OCI8 DEBUG: OCIDescriptorFree at
(/php-5.2/ext/oci8/oci8_statement.c:432)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8_statement.c:55)
OCI8 DEBUG: OCIHandleAlloc at (/php-5.2/ext/oci8/oci8_statement.c:61)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8_statement.c:119)
OCI8 DEBUG: OCIAttrSet at (/php-5.2/ext/oci8/oci8_statement.c:128)
OCI8 DEBUG: OCIDefineByPos at (/php-5.2/ext/oci8/oci8_statement.c:557)
OCI8 DEBUG: OCIStmtFetch at (/php-5.2/ext/oci8/oci8_statement.c:147)
Got row
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:297)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:350)
OCI8 DEBUG: OCIParamGet at (/php-5.2/ext/oci8/oci8_statement.c:372)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:381)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:391)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:404)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:414)
OCI8 DEBUG: OCIAttrGet at (/php-5.2/ext/oci8/oci8_statement.c:424)
OCI8 DEBUG: OCIDescriptorFree at
(/php-5.2/ext/oci8/oci8_statement.c:432)
OCI8 DEBUG: OCIDefineByPos at (/php-5.2/ext/oci8/oci8_statement.c:557)
OCI8 DEBUG: OCIStmtFetch at (/php-5.2/ext/oci8/oci8_statement.c:147)
Got row
OCI8 DEBUG: OCIHandleFree at (/php-5.2/ext/oci8/oci8_statement.c:592)
OCI8 DEBUG: OCIHandleFree at (/php-5.2/ext/oci8/oci8_statement.c:601)
Segmentation fault (core dumped)
Backtrace:
[EMAIL PROTECTED] ([EMAIL PROTECTED]) program terminated by signal SEGV (no
mapping at the fault
address)
0xfe108a00: kpcxc2r+0x003c: ld [%i1 + 84], %g2
Current function is php_oci_statement_fetch
147 statement->errcode = PHP_OCI_CALL(OCIStmtFetch,
(statement->stmt, statement->err, nrows, OCI_FETCH_NEXT,
OCI_DEFAULT));
(dbx) where
current thread: [EMAIL PROTECTED]
[1] kpcxc2r(0xb6187c, 0x5a5a5a5a, 0xb5b9e4, 0x0, 0x1, 0x13), at
0xfe108a00
[2] kpcxk2u(0xb5b9e4, 0xffbfc36c, 0xfe6266f8, 0x0, 0xffbfc364,
0xb62174), at 0xfe10b814
[3] ttccDefineConvert(0x18, 0xffbfc36c, 0xffbfc378, 0xffbfc364,
0x5a5a5a5a, 0x75), at 0xfe10715c
[4] ttccfpg(0x0, 0xb5da70, 0x5a5a5a5a, 0x0, 0xb621b0, 0x4), at
0xfe1076d0
[5] ttcfour(0xb4de2c, 0xb5b9e4, 0x0, 0x0, 0xb62348, 0xffbfe758), at
0xfe106770
[6] kpufCopyPrefRows(0xb4de2c, 0x0, 0x0, 0x1a18, 0x2, 0xffbfe758), at
0xfde09d34
[7] kpufch0(0x0, 0xb639a8, 0xffbfe83c, 0x2, 0x0, 0x20000), at
0xfde0a654
[8] kpufch(0x0, 0xb64530, 0x0, 0x161c, 0xfe604a48, 0x0), at
0xfde0c11c
=>[9] php_oci_statement_fetch(statement = 0x9d78d0, nrows = 1U), line
147 in "oci8_statement.c"
[10] php_oci_fetch_row(ht = 1, return_value = 0x9d7388,
return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1, mode
= 5, expected_args = 1), line 1667 in "oci8.c"
[11] zif_oci_fetch_assoc(ht = 1, return_value = 0x9d7388,
return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1),
line 1462 in "oci8_interface.c"
[12] zend_do_fcall_common_helper_SPEC(execute_data = 0xffbfec78),
line 200 in "zend_vm_execute.h"
[13] ZEND_DO_FCALL_SPEC_CONST_HANDLER(execute_data = 0xffbfec78),
line 1642 in "zend_vm_execute.h"
[14] execute(op_array = 0x9d7050), line 92 in "zend_vm_execute.h"
[15] zend_execute_scripts(type = 8, retval = (nil), file_count = 3,
... = (nil), ...), line 1095 in "zend.c"
[16] php_execute_script(0xffbff420, 0x878a44, 0xff386bb5, 0xfffffffd,
0x80808080, 0x1010101), at 0x5def0c
[17] main(argc = 3, argv = 0xffbff4b4), line 1097 in "php_cli.c"
(dbx) dump
statement = 0x9d78d0
nrows = 1U
column = 0x13
i = 5
------------------------------------------------------------------------
[2006-07-28 20:18:43] [EMAIL PROTECTED]
I still can't reproduce it.
Please check that your reproduce code is correct, since it doesn't work
completely for me because as is no oci_execute() call.
------------------------------------------------------------------------
[2006-07-28 13:50:25] geoffwa at cs dot rmit dot edu dot au
Recompiling sans -O for a better backtrace yields:
[EMAIL PROTECTED] ([EMAIL PROTECTED]) program terminated by signal SEGV (no
mapping at the fault
address)
0xfe108a00: kpcxc2r+0x003c: ld [%i1 + 84], %g2
Current function is php_oci_statement_fetch
147 statement->errcode = PHP_OCI_CALL(OCIStmtFetch,
(statement->stmt, statement->err, nrows, OCI_FETCH_NEXT,
OCI_DEFAULT));
(dbx) where
current thread: [EMAIL PROTECTED]
[1] kpcxc2r(0xb6187c, 0x5a5a5a5a, 0xb5b9e4, 0x0, 0x1, 0x13), at
0xfe108a00
[2] kpcxk2u(0xb5b9e4, 0xffbfc3a4, 0xfe6266f8, 0x0, 0xffbfc39c,
0xc38c9c), at 0xfe10b814
[3] ttccDefineConvert(0x18, 0xffbfc3a4, 0xffbfc3b0, 0xffbfc39c,
0x5a5a5a5a, 0x75), at 0xfe10715c
[4] ttccfpg(0x0, 0xb5da70, 0x5a5a5a5a, 0x0, 0xc38cd8, 0x4), at
0xfe1076d0
[5] ttcfour(0xb4de2c, 0xb5b9e4, 0x0, 0x0, 0xb62348, 0xffbfe790), at
0xfe106770
[6] kpufCopyPrefRows(0xb4de2c, 0x0, 0x0, 0x1a18, 0x2, 0xffbfe790), at
0xfde09d34
[7] kpufch0(0x0, 0xb639a8, 0xffbfe874, 0x2, 0x0, 0x20000), at
0xfde0a654
[8] kpufch(0x0, 0xb64530, 0x0, 0x161c, 0xfe604a48, 0x0), at
0xfde0c11c
=>[9] php_oci_statement_fetch(statement = 0x9d7868, nrows = 1U), line
147 in "oci8_statement.c"
[10] php_oci_fetch_row(ht = 1, return_value = 0x9d7320,
return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1, mode
= 5, expected_args = 1), line 1667 in "oci8.c"
[11] zif_oci_fetch_assoc(ht = 1, return_value = 0x9d7320,
return_value_ptr = (nil), this_ptr = (nil), return_value_used = 1),
line 1462 in "oci8_interface.c"
[12] zend_do_fcall_common_helper_SPEC(execute_data = 0xffbfec80),
line 200 in "zend_vm_execute.h"
[13] ZEND_DO_FCALL_SPEC_CONST_HANDLER(execute_data = 0xffbfec80),
line 1642 in "zend_vm_execute.h"
[14] execute(op_array = 0x9d7050), line 92 in "zend_vm_execute.h"
[15] zend_execute_scripts(type = 8, retval = (nil), file_count = 3,
... = (nil), ...), line 1095 in "zend.c"
[16] php_execute_script(0xffbff428, 0x878a44, 0xff386bbd, 0xfffffffd,
0x80808080, 0x1010101), at 0x5def0c
[17] main(argc = 3, argv = 0xffbff4bc), line 1097 in "php_cli.c"
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/38173
--
Edit this bug report at http://bugs.php.net/?id=38173&edit=1
