ID: 46808
User updated by: wcshields at gmail dot com
Reported By: wcshields at gmail dot com
Status: Bogus
Bug Type: MySQLi related
Operating System: Ubuntu 8.04 LTS x86 32 bit
PHP Version: 5.2.8
New Comment:
I sure wish I could figure out why someone marked this bug as "Bogus"
rather than, you know, investigating it. Lo and behold it FINALLY is
verified. Sorry but the treatment this issue has got (going on for 2+
years through various bugs) is nothing short of ludicrous.
Previous Comments:
------------------------------------------------------------------------
[2009-04-19 14:13:16] j...@php.net
Finally could reproduce this, see bug #47928 (I'm closing this report
as
the other has short and easy reproduce script now.. :)
------------------------------------------------------------------------
[2009-01-11 00:10:22] wcshields at gmail dot com
Isn't the mysqlnd option for PHP 5.3+? If so, that's hardly a solution
since 5.3 isn't out yet.
------------------------------------------------------------------------
[2008-12-11 16:09:15] webmaster at ajeux dot com
Note: No bug when mysqlnd is used. (configure with
--with-mysqli=mysqlnd)
------------------------------------------------------------------------
[2008-12-11 11:18:32] webmaster at ajeux dot com
Bug confirmed here on PHP 5.3 with Mysql 5.0.51
SELECT query :
"SELECT id, UNCOMPRESS(myfield) FROM mytable ORDER BY id LIMIT 8"
myfield is BLOB.
How can we help to get it fixed ?
"Program received signal SIGSEGV, Segmentation fault."
Backtrace:
#0 0xb7aedb00 in mysqli_stmt_fetch_libmysql (ht=0,
return_value=0xb71cbe4c, return_value_ptr=0x0, this_ptr=0xb7265748,
return_value_used=1)
at /usr/src/php5.3-200812091530/ext/mysqli/mysqli_api.c:842
#1 0xb7aedf0d in zif_mysqli_stmt_fetch (ht=0, return_value=0xb71cbe4c,
return_value_ptr=0x0, this_ptr=0xb7265748, return_value_used=1)
at /usr/src/php5.3-200812091530/ext/mysqli/mysqli_api.c:984
#2 0x0827a4b9 in zend_do_fcall_common_helper_SPEC
(execute_data=0xb776af88) at
/usr/src/php5.3-200812091530/Zend/zend_vm_execute.h:313
#3 0x08279a32 in execute (op_array=0xb738bd94) at
/usr/src/php5.3-200812091530/Zend/zend_vm_execute.h:104
#4 0x08253c17 in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /usr/src/php5.3-200812091530/Zend/zend.c:1197
#5 0x081faf59 in php_execute_script (primary_file=0xbfb12090) at
/usr/src/php5.3-200812091530/main/main.c:2080
#6 0x082ec5a9 in main (argc=1, argv=0xbfb121e4) at
/usr/src/php5.3-200812091530/sapi/cgi/cgi_main.c:2000
------------------------------------------------------------------------
[2008-12-09 07:31:00] wcshields at gmail dot com
Description:
------------
Mysqli restores garbage from longtext columns in mysql 5.0.51a
connected over TCP (also happens with Unix domain sockets) and, after a
random number of rows, seg faults. The number of rows is unpredictable
but consistent. If you find something that crashes after 11 rows, it
will crash after 11 rows every time. Change the order by clause and it
might crash every time after 3 rows.
As per bugs #44867 and several others I've found, people have been
reporting this issue since as early as 2005 and it still hasn't been
addressed. Can someone PLEASE actually look into it?
Reproduce code:
---------------
<?
$conn = new mysqli('localhost', 'user', 'password', 'db');
$stmt = $conn->prepare("SELECT name, longtext1 FROM sampletable");
$stmt->execute();
$stmt->bind_result($name, $value);
$count = 1;
while ($stmt->fetch()) {
$size = sizeof($value);
echo "$name $size\n";
$count++;
}
$stmt->close();
?>
Expected result:
----------------
To retrieve the exact contents of all longtext values without crashing.
Actual result:
--------------
Segmentation fault.
$ gdb php core
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/tls/i686/cmov/libcrypt.so.1...done.
Loaded symbols for /lib/tls/i686/cmov/libcrypt.so.1
Reading symbols from /lib/tls/i686/cmov/librt.so.1...done.
Loaded symbols for /lib/tls/i686/cmov/librt.so.1
Reading symbols from /lib/tls/i686/cmov/libresolv.so.2...done.
Loaded symbols for /lib/tls/i686/cmov/libresolv.so.2
Reading symbols from /lib/tls/i686/cmov/libdl.so.2...done.
Loaded symbols for /lib/tls/i686/cmov/libdl.so.2
Reading symbols from /usr/lib/libmysqlclient.so.15...done.
Loaded symbols for /usr/lib/libmysqlclient.so.15
Reading symbols from /lib/tls/i686/cmov/libpthread.so.0...done.
Loaded symbols for /lib/tls/i686/cmov/libpthread.so.0
Reading symbols from /lib/tls/i686/cmov/libnsl.so.1...done.
Loaded symbols for /lib/tls/i686/cmov/libnsl.so.1
Reading symbols from /lib/tls/i686/cmov/libm.so.6...done.
Loaded symbols for /lib/tls/i686/cmov/libm.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/tls/i686/cmov/libc.so.6...done.
Loaded symbols for /lib/tls/i686/cmov/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/tls/i686/cmov/libnss_files.so.2...done.
Loaded symbols for /lib/tls/i686/cmov/libnss_files.so.2
Core was generated by `./php'.
Program terminated with signal 11, Segmentation fault.
[New process 5006]
#0 0x08130eda in zif_mysqli_stmt_fetch (ht=0, return_value=0x856e20c,
return_value_ptr=0x0, this_ptr=0x856e0b8, return_value_used=1)
at /home/wshields/php-5.2.8/ext/mysqli/mysqli_api.c:665
665 if (Z_TYPE_P(stmt->result.vars[i]) ==
IS_STRING) {
(gdb) bt
#0 0x08130eda in zif_mysqli_stmt_fetch (ht=0, return_value=0x856e20c,
return_value_ptr=0x0, this_ptr=0x856e0b8, return_value_used=1)
at /home/wshields/php-5.2.8/ext/mysqli/mysqli_api.c:665
#1 0x083515e5 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbfb073e4)
at /home/wshields/php-5.2.8/Zend/zend_vm_execute.h:200
#2 0x08352239 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(execute_data=0xbfb073e4)
at /home/wshields/php-5.2.8/Zend/zend_vm_execute.h:322
#3 0x08351138 in execute (op_array=0x856d144)
at /home/wshields/php-5.2.8/Zend/zend_vm_execute.h:92
#4 0x0832c76c in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /home/wshields/php-5.2.8/Zend/zend.c:1134
#5 0x082d91d9 in php_execute_script (primary_file=0xbfb0972c)
at /home/wshields/php-5.2.8/main/main.c:2023
#6 0x083a8de5 in main (argc=1, argv=0xbfb09884)
at /home/wshields/php-5.2.8/sapi/cli/php_cli.c:1133
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=46808&edit=1
