Ubuntu
curl package

  1. Bug #880756
  2. Comment #10

Comment 10 for bug 880756

Revision history for this message
Laurent POLESE (laurent-polese) wrote : Re: [Bug 880756] Re: Segmentation fault using curl_exec (php5, apache2)

I'm getting an error when replying with apport-retrace crash file (over
7MB). Trying without it.
Below is my previous mail.

--------------------------------------

Ok, I joined what apport-retrace generates with the crash file.

Also, here's what I get with gdb :

*gdb backtrace :*
GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /usr/sbin/apache2...done.
[New LWP 10051]

warning: Can't read pathname for load map: Erreur d'entrée/sortie.
[Thread debugging using libthread_db enabled]
Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal 11, Segmentation fault.
#0 __GI_clock_gettime (clock_id=1, tp=0x7fffe245dbb0) at
../sysdeps/unix/clock_gettime.c:116
116 ../sysdeps/unix/clock_gettime.c: Aucun fichier ou dossier de ce
type.
         in ../sysdeps/unix/clock_gettime.c
(gdb) bt full
#0 __GI_clock_gettime (clock_id=1, tp=0x7fffe245dbb0) at
../sysdeps/unix/clock_gettime.c:116
         sc_ret = <optimized out>
         vdsop = <optimized out>
         retval = -1
#1 0x00007f54e437d7f3 in curlx_tvnow () from
/usr/lib/x86_64-linux-gnu/libcurl.so.4
No symbol table info available.
#2 0x00007f54e437ea93 in Curl_pgrsStartNow () from
/usr/lib/x86_64-linux-gnu/libcurl.so.4
No symbol table info available.
#3 0x00007f54e439de37 in Curl_pretransfer () from
/usr/lib/x86_64-linux-gnu/libcurl.so.4
No symbol table info available.
#4 0x00007f54e439e702 in Curl_do_perform () from
/usr/lib/x86_64-linux-gnu/libcurl.so.4
No symbol table info available.
#5 0x00007f54e45d4cb8 in zif_curl_exec (ht=1,
return_value=0x7f54ec965478, return_value_ptr=0x7f54ec993a80,
this_ptr=0x23e, return_value_used=40)
     at /build/buildd/php5-5.3.6/ext/curl/interface.c:2181
         error = CURLE_OK
         zid = 0x7f54ec964f38
         ch = 0x7f54ec964f88
#6 0x00007f54e4e2a083 in xdebug_execute_internal
(current_execute_data=0x7f54e5bd8068, return_value_used=1)
     at /home/*****/Téléchargements/xdebug-2.1.2/xdebug.c:1336
         edata = 0x7f54e5bd8068
         fse = 0x7f54ec98a740
         cur_opcode = 0x7f54e8599dc0
         do_return = 0
         function_nr = 6
#7 0x00007f54e7ed5c14 in zend_do_fcall_common_helper_SPEC
(execute_data=0x7f54e5bd8068) at
/build/buildd/php5-5.3.6/Zend/zend_vm_execute.h:318
         opline = 0x7f54ec964a30
         should_change_scope = 0 '\000'
#8 0x00007f54e7e86ceb in execute (op_array=0x7f54ec963198) at
/build/buildd/php5-5.3.6/Zend/zend_vm_execute.h:107
         ret = 0
         execute_data = 0x7f54e5bd8068
         nested = 0 '\000'
         original_in_execution = 0 '\000'
#9 0x00007f54e4e29d3c in xdebug_execute (op_array=0x7f54ec963198) at
/home/*****/Téléchargements/xdebug-2.1.2/xdebug.c:1274
         dummy = 0x7f54ec963680
         edata = 0x0
         fse = 0x7f54ec98a5a0
         xfse = 0x7f54ec963858
         magic_cookie = 0x0
         do_return = 0
         function_nr = 0
         le = 0x7fffe2460350
         eval_id = 0
#10 0x00007f54e7e62350 in zend_execute_scripts (type=0,
retval=0x8e245e0d0, file_count=3) at
/build/buildd/php5-5.3.6/Zend/zend.c:1266
         files = {{gp_offset = 3796230352, fp_offset = 32767,
overflow_arg_area = 0x7f5400000028, reg_save_area = 0x7fffe245e030}}
         i = 1
         file_handle = 0x7fffe2460350
         orig_op_array = 0x7f54e859a190
         orig_retval_ptr_ptr = 0x0
#11 0x00007f54e7e0f3f3 in php_execute_script (primary_file=0x0) at
/build/buildd/php5-5.3.6/main/main.c:2296
         __orig_bailout = 0x0
         __bailout = {{__jmpbuf = {0, 0, 0, 0, 0, 0, 0, 0},
__mask_was_saved = 0, __saved_mask = {__val = {0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 1802201344, 105, 0, 0,
                 0, 0}}}}
         prepend_file_p = 0x0
         append_file_p = 0x0
         prepend_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0,
opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0,
               isatty = 587202560, mmap = {len = 1953396066, pos =
1917198416, map = 0x353a343120372074,
                 buf = 0x4354552035323a36 <Address 0x4354552035323a36
out of bounds>, old_handle = 0x3131303220, old_closer = 0}, reader = 0,
               fsizer = 0x5f36387800000000, closer = 0x3436}},
free_filename = 0 '\000'}
         append_file = {type = ZEND_HANDLE_FILENAME, filename = 0x0,
opened_path = 0x0, handle = {fd = 0, fp = 0x0, stream = {handle = 0x0,
isatty = 0, mmap = {
                 len = 2712942, pos = 0, map = 0x0, buf = 0x0,
old_handle = 0x0, old_closer = 0}, reader = 0x7f54eaec2e56
<__GI_getenv+22>, fsizer = 0,
               closer = 0x7f54eb224a60 <_res>}}, free_filename = 112 'p'}
         retval = 0
#12 0x00007f54e7ef6b3d in php_handler (r=0x7f54e7ef6b3d) at
/build/buildd/php5-5.3.6/sapi/apache2handler/sapi_apache2.c:688
__bailout = {{__jmpbuf = {3956177032, 32596, 3854102688, 32596,
1525689190, 655386954, 3911086240, 32596}, __mask_was_saved = -1840108698,
             __saved_mask = {__val = {0, 32596, 3956540728, 32596, 40,
0, 3911086240, 32596, 32, 0, 3911086120, 32596, 3796239160, 32767,
3911072896, 32596}}}}
         ctx = 0x1
         conf = 0x7f54e91e70a0
         brigade = 0x7f54e91e3e30
         bucket = 0x0
         rv = 0
         parent_req = 0x7f54e91e4970
#13 0x00007f54ebd40228 in ap_run_handler (r=0x7f54e91e70a0) at
/build/buildd/apache2-2.2.20/server/config.c:159
         pHook = <optimized out>
         n = <optimized out>
         rv = <optimized out>
#14 0x00007f54ebd4069e in ap_invoke_handler (r=0x7f54e91e70a0) at
/build/buildd/apache2-2.2.20/server/config.c:377
         handler = <optimized out>
         p = <optimized out>
         result = <optimized out>
         old_handler = 0x7f54e531ce90 "application/x-httpd-php"
         ignore = <optimized out>
#15 0x00007f54ebd50210 in ap_process_request (r=0x7f54e91e70a0) at
/build/buildd/apache2-2.2.20/modules/http/http_request.c:282
         access_status = <optimized out>
#16 0x00007f54ebd4d088 in ap_process_http_connection (c=0x7f54e91ed290)
at /build/buildd/apache2-2.2.20/modules/http/http_core.c:190
         r = 0x7f54e91e70a0
         csd = 0x0
#17 0x00007f54ebd46cc8 in ap_run_process_connection (c=0x7f54e91ed290)
at /build/buildd/apache2-2.2.20/server/connection.c:43
         pHook = <optimized out>
         n = <optimized out>
         rv = <optimized out>
#18 0x00007f54ebd54db0 in child_main (child_num_arg=<optimized out>) at
/build/buildd/apache2-2.2.20/server/mpm/prefork/prefork.c:667
         current_conn = 0x7f54e91ed290
         csd = 0x7f54e91ed0a0
         ptrans = 0x7f54e91ed028
         allocator = 0x7f54ec989640
         status = <optimized out>
         i = <optimized out>
         lr = <optimized out>
         pollset = 0x7f54e91ef130
         sbh = 0x7f54e91ef128
         bucket_alloc = 0x7f54e91e9028
         last_poll_idx = 1
#19 0x00007f54ebd5551a in make_child (slot=0, s=0x7f54ebcec7f8) at
/build/buildd/apache2-2.2.20/server/mpm/prefork/prefork.c:768
         pid = 0
#20 make_child (s=0x7f54ebcec7f8, slot=0) at
/build/buildd/apache2-2.2.20/server/mpm/prefork/prefork.c:696
No locals.
#21 0x00007f54ebd555d7 in startup_children (number_to_start=5) at
/build/buildd/apache2-2.2.20/server/mpm/prefork/prefork.c:786
         i = <optimized out>
#22 0x00007f54ebd55f54 in ap_mpm_run (_pconf=<optimized out>,
plog=<optimized out>, s=<optimized out>)
     at /build/buildd/apache2-2.2.20/server/mpm/prefork/prefork.c:1007
         index = <optimized out>
         remaining_children_to_start = <optimized out>
         rv = <optimized out>
#23 0x00007f54ebd2b3ca in main (argc=3, argv=0x7fffe2460948) at
/build/buildd/apache2-2.2.20/server/main.c:741
         c = 0 '\000'
         configtestonly = <optimized out>
         confname = 0x7f54ebd57b4b "apache2.conf"
         def_server_root = 0x7f54ebd57b3e "/etc/apache2"
         temp_error_log = 0x0
         error = <optimized out>
         process = 0x7f54ebcf4118
         server_conf = 0x7f54ebcec7f8
         pglobal = <optimized out>
         pconf = 0x7f54ebcf2028
         plog = 0x7f54ebcb7028
         ptemp = 0x7f54ebcea028
         pcommands = 0x7f54ebcf0028
         opt = 0x7f54ebcf0118
         rv = 0
         mod = <optimized out>
         optarg = 0x2cb4304e <Address 0x2cb4304e out of bounds>
         signal_server = <optimized out>

On 31/10/2011 15:47, Haitao Li wrote:
> If apport is enabled (by "sudo service apport start force_start=1") and
> a program crashes with segfault (signal 11), a crash file should have
> been written to directory /var/crash.
>
> How to get a backtrace of apache2 is documented at
> /usr/share/doc/apache2.2-common/README.backtrace
>