#47743 [NEW]: apache segmentation fault upon communication with mysql through unix socket

[electro at vgr dot pl]

From:             electro at vgr dot pl
Operating system: Mandriva 2009 x64 cooker
PHP version:      5.3CVS-2009-03-21 (snap)
PHP Bug Type:     Reproducible crash
Bug description:  apache segmentation fault upon communication with mysql 
through unix socket

Description:
------------
apache 2.2.11 with php compiled as module crashes upon reading from unix
socket while communicating with mysql (5.1.32, pdo driver). It happens only
in some specific circumstances but I haven't been able to trace it so far.
What is important is that php crashes always in the same point in my
application which I confirmed by stracing apache.
Configure Command        './configure' '--prefix=/usr/local/php5'
'--with-libdir=lib64' '--with-apxs2=/usr/sbin/apxs' '--with-curl'
'--with-iconv' '--with-libxml-dir' '--with-mysql' '--with-openssl'
'--with-pdo-mysql' '--with-pear' '--with-pcre-regex' '--with-zlib'
'--disable-all' '--disable-cgi' '--disable-ipv6' '--enable-dom'
'--enable-embedded-mysqli' '--enable-libxml' '--enable-memory-limit 

Reproduce code:
---------------
haven't been able to trace the bug to some specific code yet, but watching
strace output I can see that php crashes always in the same moment. I will
try to extract specific code that makes php crash.

Actual result:
--------------
socket(PF_FILE, SOCK_STREAM, 0)         = 34
fcntl(34, F_SETFL, O_RDONLY)            = 0
fcntl(34, F_GETFL)                      = 0x2 (flags O_RDWR)
fcntl(34, F_GETFL)                      = 0x2 (flags O_RDWR)
fcntl(34, F_SETFL, O_RDWR|O_NONBLOCK)   = 0
connect(34, {sa_family=AF_FILE, path="/var/lib/mysql/mysql.sock"...}, 110)
= 0
fcntl(34, F_SETFL, O_RDWR)              = 0
setsockopt(34, SOL_SOCKET, SO_RCVTIMEO,
"\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0"..., 16) = 0
setsockopt(34, SOL_SOCKET, SO_SNDTIMEO,
"\2003\341\1\0\0\0\0\0\0\0\0\0\0\0\0"..., 16) = 0
setsockopt(34, SOL_IP, IP_TOS, [8], 4)  = -1 EOPNOTSUPP (Operation not
supported)
setsockopt(34, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
poll([{fd=34, events=POLLIN}], 1, 30000) = 1 ([{fd=34, revents=POLLIN}])
read(34, "4\0\0\0\n5.1.32\0\231)\0\0t7U&ZsT-\0\377\367\300\2\0\0\0\0"...,
16384) = 56
stat("/usr/share/mysql/charsets/Index.xml", {st_mode=S_IFREG|0644,
st_size=18261, ...}) = 0
open("/usr/share/mysql/charsets/Index.xml", O_RDONLY) = 35
read(35, "<?xml version='1.0' encoding=\"utf"..., 18261) = 18261
close(35)                               = 0
write(34,
"a\0\0\1\215\242\3\0\0\...@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
69) = 69
read(34, "\1\0\0\2\376"..., 16384)      = 5
write(34, "\t\0\0\3OUGUSPI]\0"..., 13)  = 13
read(34, "\7\0\0\4\0\0\0\2\0\0\0"..., 16384) = 11
poll([{fd=34, events=POLLIN|POLLPRI}], 1, 0) = 0 (Timeout)
write(34, "\17\0\0\0\3SET NAMES utf8"..., 19) = 19
read(34, "\7\0\0\1\0\0\0\2\0\0\0"..., 16384) = 11
poll([{fd=34, events=POLLIN|POLLPRI}], 1, 0) = 0 (Timeout)
write(34, "\224\0\0\0\3SELECT `id`,`name`,`comment`"..., 152) = 152
read(34, "\1\0\0\1\0071\0\0\2\3def\5Lazer\tRightType\tRig"..., 16384) =
480
--- SIGSEGV (Segmentation fault) @ 0 (0) ---


-- 
Edit bug report at http://bugs.php.net/?id=47743&edit=1
-- 
Try a CVS snapshot (PHP 5.2):        
http://bugs.php.net/fix.php?id=47743&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):        
http://bugs.php.net/fix.php?id=47743&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):        
http://bugs.php.net/fix.php?id=47743&r=trysnapshot60
Fixed in CVS:                        
http://bugs.php.net/fix.php?id=47743&r=fixedcvs
Fixed in CVS and need be documented: 
http://bugs.php.net/fix.php?id=47743&r=needdocs
Fixed in release:                    
http://bugs.php.net/fix.php?id=47743&r=alreadyfixed
Need backtrace:                      
http://bugs.php.net/fix.php?id=47743&r=needtrace
Need Reproduce Script:               
http://bugs.php.net/fix.php?id=47743&r=needscript
Try newer version:                   
http://bugs.php.net/fix.php?id=47743&r=oldversion
Not developer issue:                 
http://bugs.php.net/fix.php?id=47743&r=support
Expected behavior:                   
http://bugs.php.net/fix.php?id=47743&r=notwrong
Not enough info:                     
http://bugs.php.net/fix.php?id=47743&r=notenoughinfo
Submitted twice:                     
http://bugs.php.net/fix.php?id=47743&r=submittedtwice
register_globals:                    
http://bugs.php.net/fix.php?id=47743&r=globals
PHP 4 support discontinued:          http://bugs.php.net/fix.php?id=47743&r=php4
Daylight Savings:                    http://bugs.php.net/fix.php?id=47743&r=dst
IIS Stability:                       
http://bugs.php.net/fix.php?id=47743&r=isapi
Install GNU Sed:                     
http://bugs.php.net/fix.php?id=47743&r=gnused
Floating point limitations:          
http://bugs.php.net/fix.php?id=47743&r=float
No Zend Extensions:                  
http://bugs.php.net/fix.php?id=47743&r=nozend
MySQL Configuration Error:           
http://bugs.php.net/fix.php?id=47743&r=mysqlcfg