From: apha at apha dot com dot br Operating system: SUSE 10.3 (S390x) PHP version: 5.4.4 Package: DBX related Bug Type: Bug Bug description:Segmentation Fault inside module ibm_db2
Description: ------------ I've changed my PHP version from 5.3.10 to 5.4.4 with ibm_db2 1.9.3. Compilation and Installation works perfect, but when I use the function db2_execute to insert data (such as test script posted), I received Segmentation Fault. I've tried to compile ibm_db2 with PHP and as module and in both case I have the same error. System/PHP/etc OS version / HW information: $ cat /etc/SuSE-release SUSE Linux Enterprise Server 10 (s390x) VERSION = 10 PATCHLEVEL = 3 $ uname -a Linux hows004gcc 2.6.16.60-0.83.2-default #1 SMP Fri Sep 2 13:49:16 UTC 2011 s390x s390x s390x GNU/Linux PHP version / Compile line: $ /usr/local/php/bin/php -v PHP 5.4.4 (cli) (built: Jul 11 2012 12:01:18) (DEBUG) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies Configure Command => './configure' '--prefix=/usr/local/php5.4.4' '--enable-debug' '--with-apxs2=/usr/local/apache2lab/bin/apxs' '--with-libxml-dir=/usr/local/libxml/' '--enable-calendar' '--with-ldap' '--with-pdo-ibm=/opt/ibm/db2/V9.5/' '--with-pdo-odbc=ibm-db2,/home/db2inst3/sqllib/' '--with-gd' '--with-jpeg-dir=/usr/lib' How I've installed ibm_db2 1.9.3 as module: $ /usr/local/php/bin/phpize $ ./configure --with-php-config=/usr/local/php/bin/php-config --with-IBM_DB2=/opt/ibm/db2/V9.5/ $ make To bypass the problem reported, I commeted out (with //) the instruction efree inside ibm_db2.c on line 4253, and just set NULL to the pointer; /* Free Values */ if (prev_ptr->value != NULL) { if ( Z_TYPE_P(prev_ptr->value) == IS_STRING ) { if((prev_ptr->value)->value.str.val != NULL || (prev_ptr->value)->value.str.len != 0) { //efree((prev_ptr->value)->value.str.val); (prev_ptr->value)->value.str.val = NULL; } } After that, insert data into Db2 start to work as expected. It's just a workaround to test. So I'd like to know if exist any patch for it. Thanks in advance, Raphael Gallo Test script: --------------- The code I'm using to test: cat /tmp/tst.php <?php require_once("/tmp/db.inc.php"); $conn = db2_connect(DB,USER,PASS); $sqlInsert = "INSERT INTO ROADMAP.ROADMAP (TITLE, DESCRIPTION, PLATFORM, POOL, POD, DELETED, PUBLISHED) VALUES (?,?,?,?,?, 'N' , 'N' )"; $arg = array('Roadmap','Roadmap','GR2','POOL2','POD2'); print_r($arg); $stmt = db2_prepare($conn,$sqlInsert); if ($stmt) { print_r("BEFORE DB2_EXECUTE\r\n"); echo db2_execute($stmt,$arg); print_r("AFTER DB2_EXECUTE\r\n"); echo db2_stmt_errormsg($stmt); } echo "END\r\n"; ?> Expected result: ---------------- $ /usr/local/php/bin/php /tmp/tst.php Array ( [0] => Roadmap [1] => Roadmap [2] => GR2 [3] => POOL2 [4] => POD2 ) BEFORE DB2_EXECUTE 1AFTER DB2_EXECUTE END Actual result: -------------- $ /usr/local/php/bin/php /tmp/tst.php Array ( [0] => Roadmap [1] => Roadmap [2] => GR2 [3] => POOL2 [4] => POD2 ) BEFORE DB2_EXECUTE Segmentation fault With backtrace (FULL): $ gdb /usr/local/php/bin/php GNU gdb (GDB) SUSE (6.8.50.20090302-1.5.18) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "s390x-suse-linux". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... (gdb) run /tmp/tst.php Starting program: /usr/local/php5.4.4/bin/php /tmp/tst.php Missing separate debuginfo for /lib/ld64.so.1 Missing separate debuginfo for /lib64/libcrypt.so.1 Missing separate debuginfo for /lib64/librt.so.1 Missing separate debuginfo for /usr/lib64/libldap-2.3.so.0 Missing separate debuginfo for /usr/lib64/libpng.so.3 Missing separate debuginfo for /lib64/libz.so.1 Missing separate debuginfo for /usr/lib64/libjpeg.so.62 Missing separate debuginfo for /lib64/libm.so.6 Missing separate debuginfo for /lib64/libnsl.so.1 Missing separate debuginfo for /usr/lib64/libxml2.so.2 Missing separate debuginfo for /lib64/libdl.so.2 Missing separate debuginfo for /lib64/libc.so.6 Missing separate debuginfo for /usr/lib64/liblber-2.3.so.0 Missing separate debuginfo for /lib64/libresolv.so.2 Missing separate debuginfo for /lib64/libpthread.so.0 [Thread debugging using libthread_db enabled] Missing separate debuginfo for /usr/lib64/libsasl2.so.2 Missing separate debuginfo for /usr/lib64/libssl.so.0.9.8 Missing separate debuginfo for /usr/lib64/libcrypto.so.0.9.8 Missing separate debuginfo for /lib64/libpam.so.0 Missing separate debuginfo for /usr/lib64/libstdc++.so.5 Missing separate debuginfo for /lib64/libgcc_s.so.1 Missing separate debuginfo for /lib64/libaudit.so.0 Missing separate debuginfo for /lib64/libnss_files.so.2 Array ( [0] => Roadmap [1] => Roadmap [2] => GR2 [3] => POOL2 [4] => POD2 ) BEFORE DB2_EXECUTE Program received signal SIGSEGV, Segmentation fault. 0x00000000805293ca in zend_mm_check_ptr (heap=0x80ba0710, ptr=0x20002887f18, silent=1, __zend_filename=0x200029fddfe "/tmp/php-5.4.4/ext/ibm_db2/ibm_db2.c", __zend_lineno=4253, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /tmp/php-5.4.4/Zend/zend_alloc.c:1380 1380 if (p->info._size != ZEND_MM_NEXT_BLOCK(p)->info._prev) { (gdb) bt full #0 0x00000000805293ca in zend_mm_check_ptr (heap=0x80ba0710, ptr=0x20002887f18, silent=1, __zend_filename=0x200029fddfe "/tmp/php-5.4.4/ext/ibm_db2/ibm_db2.c", __zend_lineno=4253, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /tmp/php-5.4.4/Zend/zend_alloc.c:1380 p = 0x20002887ec8 no_cache_notice = 0 had_problems = 0 valid_beginning = 1 #1 0x000000008052b918 in _zend_mm_free_int (heap=0x80ba0710, p=0x20002887f18, __zend_filename=0x200029fddfe "/tmp/php-5.4.4/ext/ibm_db2/ibm_db2.c", __zend_lineno=4253, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /tmp/php-5.4.4/Zend/zend_alloc.c:2064 mm_block = 0x2000193d000 next_block = 0x200029fea40 size = 2199023312822 #2 0x000000008052d5fe in _efree (ptr=0x20002887f18, __zend_filename=0x200029fddfe "/tmp/php-5.4.4/ext/ibm_db2/ibm_db2.c", __zend_lineno=4253, __zend_orig_filename=0x0, __zend_orig_lineno=0) at /tmp/php-5.4.4/Zend/zend_alloc.c:2436 No locals. #3 0x00000200029f2672 in zif_db2_execute (ht=2, return_value=0x2000285d948, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /tmp/php-5.4.4/ext/ibm_db2/ibm_db2.c:4253 argc = 2 stmt_id = -1 stmt = 0x2000285d790 parameters_array = 0x2000285d718 stmt_res = 0x2000285bba0 rc = 0 numOpts = 5 i = 5 bind_params = 1 num = 5 valuePtr = 0x2000285d948 tmp_curr = 0x0 prev_ptr = 0x20005316070 curr_ptr = 0x20005316108 data = 0x2000285d5f0 #4 0x00000000805cf864 in zend_do_fcall_common_helper_SPEC (execute_data=0x200028200e8) at /tmp/php-5.4.4/Zend/zend_vm_execute.h:642 ret = 0x20002820338 opline = 0x2000285b240 should_change_scope = 0 '\0' fbc = 0x80c0d690 #5 0x00000000805d9b50 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x200028200e8) at /tmp/php-5.4.4/Zend/zend_vm_execute.h:2219 opline = 0x2000285b240 fname = 0x2000285cb08 #6 0x00000000805cdaea in execute (op_array=0x2000285b690) at /tmp/php-5.4.4/Zend/zend_vm_execute.h:410 ret = 0 execute_data = 0x200028200e8 nested = 1 '\1' original_in_execution = 0 '\0' #7 0x000000008057961c in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /tmp/php-5.4.4/Zend/zend.c:1279 files = {{__gpr = 5, __fpr = 0, __overflow_arg_area = 0x3ffffaaa4b0, __reg_save_area = 0x3ffffaaa410}} i = 1 file_handle = 0x3ffffaada20 orig_op_array = 0x0 orig_retval_ptr_ptr = 0x0 ---Type <return> to continue, or q <return> to quit--- #8 0x00000000804ab97e in php_execute_script (primary_file=0x3ffffaada20) at /tmp/php-5.4.4/main/main.c:2473 realfile = "/tmp/tst.php\0\205\201\220\0\0\0\0\200\272\a\20\0\0\0\0\0\0^0\0\0\0\0\0\0\0\16\0\0\3\377\377\252\264\300\0\0\2\0\1\223\320\0\0\0\0\0\200\245\275H\0\0\0\0\200R}Z\0\0\3\377\377\252\264\300\0\0\0\0\200\246,\212\0\0\0\0\0\0\0\1\0\0\2\0\2\205IH\0\0\0\0\200\272\a\20\0\0\2\0\2\205H\370\0\0\0\0\200\272\a\20\0\0\0\0\0\0\2X\0\0\0\0\0\0\0\t\0\0\0\0\200\272\r\360\0\0\3\377\377\252\245\200\0\0\3\377\0\0\0\0\0\0\0\fhows\0\0\3\377\377\252\265H\0\0\2\0\1\223\320\0\0\0\0\0\200\245\303 \0\0\0\0\200R\265\352\0\0\0\0\0\0\0\0\0\0\3\377\0\0\0\17\0\0\0\0\200\2\264\234\0\0\3\377\377\252\265\200\0\0\0\0\0\0\1\302\0\0\3\377\377\252\340\200\0\0\0\0\200\2\264\234", '\0' <repeats 12 times>"\200"... __orig_bailout = 0x3ffffaad8b8 __bailout = {{__jmpbuf = {{__gregs = {4398040930828, 4398040932480, 2147660956, 0, 2199023381648, 4398040921112, 2199049719808, 2158263200, 2152382281, 4398040919791}, __fpregs = {0, 0, 0, 0, 0, 608, 2158412208, 2199065565792}}}, __mask_was_saved = 0, __saved_mask = {__val = {2199065530032, 2158414984, 2199065529720, 2199065528904, 2199065530176, 0, 4398040932480, 2147660956, 0, 2199023381648, 4398040925568, 2199049719808, 2158416472, 2154889516, 4398040925568, 2159775216}}}} prepend_file_p = 0x0 append_file_p = 0x0 prepend_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\0'} append_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0, opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0, isatty = 0, mmap = {len = 0, pos = 0, map = 0x0, buf = 0x0, old_handle = 0x0, old_closer = 0}, reader = 0, fsizer = 0, closer = 0}}, free_filename = 0 '\0'} old_cwd = 0x3ffffaaa4d0 "" use_heap = 0 '\0' retval = 0 #9 0x00000000807113cc in do_cli (argc=2, argv=0x3ffffaae098) at /tmp/php-5.4.4/sapi/cli/php_cli.c:988 __orig_bailout = 0x3ffffaadcf8 __bailout = {{__jmpbuf = {{__gregs = {4398040931860, 4398040932480, 2147660956, 0, 2199023381648, 4398040926008, 2199049719808, 2158416472, 2154892869, 4398040927687}, __fpregs = {0, 0, 0, 0, 2158263176, 2152381225, 4398040931383, 0}}}, __mask_was_saved = 0, __saved_mask = {__val = {0, 0, 1, 0, 4398040930584, 2199049719808, 2158416968, 2152478570, 4398040930584, 0, 4393751543813, 2159669352, 0, 0, 2199026131551, 2199023381648}}}} c = -1 file_handle = {type = ZEND_HANDLE_MAPPED, filename = 0x3ffffaae400 "/tmp/tst.php", opened_path = 0x0, handle = {fd = 512, fp = 0x2000285aa68, stream = { handle = 0x2000285aa68, isatty = 0, mmap = {len = 615, pos = 0, map = 0x2000002b000, buf = 0x2000002b000 <Address 0x2000002b000 out of bounds>, old_handle = 0x80d365a0, old_closer = 0x805a4b60 <zend_stream_stdio_closer>}, reader = 0x805a4b08 <zend_stream_stdio_reader>, fsizer = 0x805a4bc0 <zend_stream_stdio_fsizer>, closer = 0x805a4d5c <zend_stream_mmap_closer>}}, free_filename = 0 '\0'} behavior = 1 reflection_what = 0x0 request_started = 1 exit_status = 0 php_optarg = 0x0 orig_optarg = 0x0 php_optind = 2 orig_optind = 1 exec_direct = 0x0 exec_run = 0x0 exec_begin = 0x0 exec_end = 0x0 arg_free = 0x3ffffaae400 "/tmp/tst.php" arg_excp = 0x3ffffaae0a0 script_file = 0x3ffffaae400 "/tmp/tst.php" translated_path = 0x80d367e0 "/tmp/tst.php" interactive = 0 lineno = 1 param_error = 0x0 hide_argv = 0 #10 0x0000000080712c24 in main (argc=2, argv=0x3ffffaae098) at /tmp/php-5.4.4/sapi/cli/php_cli.c:1361 ---Type <return> to continue, or q <return> to quit--- __orig_bailout = 0x0 __bailout = {{__jmpbuf = {{__gregs = {4398040931860, 4398040932480, 2147660956, 0, 2199023381648, 4398040931184, 2199049719808, 2158416968, 2154897679, 4398040928655}, __fpregs = {0, 0, 0, 0, 1, 2199023386816, 4398040931616, 2199023382528}}}, __mask_was_saved = 0, __saved_mask = {__val = {2159494392, 2199049444032, 2147640428, 4398040931632, 0, 4398040932504, 0, 2199065009424, 1, 0, 1, 8388608, 24641422, 2199023382656, 2154966628, 4398040932504}}}} c = -1 exit_status = 0 module_started = 1 sapi_started = 1 php_optarg = 0x0 php_optind = 1 use_extended_info = 0 ini_path_override = 0x0 ini_entries = 0x80ba0690 "html_errors=0\nregister_argc_argv=1\nimplicit_flush=1\noutput_buffering=0\nmax_execution_time=0\nmax_input_time=-1\n" ini_entries_len = 110 ini_ignore = 0 sapi_module = 0x80b7fa00 (gdb) quit -- Edit bug report at https://bugs.php.net/bug.php?id=62534&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=62534&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=62534&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=62534&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=62534&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=62534&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=62534&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=62534&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=62534&r=needscript Try newer version: https://bugs.php.net/fix.php?id=62534&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=62534&r=support Expected behavior: https://bugs.php.net/fix.php?id=62534&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=62534&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=62534&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=62534&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=62534&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=62534&r=dst IIS Stability: https://bugs.php.net/fix.php?id=62534&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=62534&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=62534&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=62534&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=62534&r=mysqlcfg