From:
Operating system: Debian 5.0.8 (lenny)
PHP version: 5.3.6
Package: PDO related
Bug Type: Bug
Bug description:PDOStatement->execute using libmysql segfaults
Description:
------------
When using pdo_mysql compiled against libmysql, calling
PDOStatement->execute in
the given context results in a segmentation fault.
Strangely, it's only when both columns `a` and `c` are selected that the
segfault occurs, not when they are fetched independently.
~$ uname -a
Linux karin 2.6.26-2-686 #1 SMP Thu Jan 27 00:28:05 UTC 2011 i686
GNU/Linux
~$ ldd /usr/local/lib/php/extensions/no-debug-zts-20090626/pdo_mysql.so
linux-gate.so.1 => (0xb7712000)
libmysqlclient_r.so.16 =>
/usr/local/mysql/lib/mysql/libmysqlclient_r.so.16 (0xb7696000)
libz.so.1 => /usr/lib/libz.so.1 (0xb767b000)
libcrypt.so.1 => /lib/i686/cmov/libcrypt.so.1 (0xb7648000)
libnsl.so.1 => /lib/i686/cmov/libnsl.so.1 (0xb762f000)
libm.so.6 => /lib/i686/cmov/libm.so.6 (0xb7609000)
libpthread.so.0 => /lib/i686/cmov/libpthread.so.0 (0xb75f0000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7495000)
/lib/ld-linux.so.2 (0xb7713000)
Please let me know if you require my `php --info`.
Test script:
---------------
<?php
$connection = new PDO('mysql:host=localhost;port=3306;dbname=foo', 'foo',
'');
$connection->exec("DROP TABLE IF EXISTS `system`");
$connection->exec("
CREATE TABLE `t` (
`a` varchar(255),
`b` varchar(255),
`c` varchar(255)
) ENGINE=InnoDB DEFAULT CHARSET=utf8
");
$statement = $connection->prepare("SELECT a, c FROM t WHERE b = :b");
// segfault
$statement->execute(array(':b' => 'blah'));
?>
Expected result:
----------------
Test script should return 0.
Actual result:
--------------
~$ gdb --args php pdo_mysql_segfault.php
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(gdb) run
Starting program: /usr/local/bin/php pdo_mysql_segfault.php
[Thread debugging using libthread_db enabled]
[New Thread 0xb718d6d0 (LWP 4010)]
[New Thread 0xb6561b90 (LWP 4013)]
[Thread 0xb6561b90 (LWP 4013) exited]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb718d6d0 (LWP 4010)]
0xb72244f3 in strlen () from /lib/i686/cmov/libc.so.6
(gdb) bt
#0 0xb72244f3 in strlen () from /lib/i686/cmov/libc.so.6
#1 0xb6572764 in pdo_mysql_stmt_describe (stmt=0x996c83c, colno=0,
tsrm_ls=0x97b4050)
at /usr/local/src/php-5.3.6/ext/pdo_mysql/mysql_statement.c:700
#2 0xb6583032 in pdo_stmt_describe_columns (stmt=0x996c83c,
tsrm_ls=0x97b4050)
at /usr/local/src/php-5.3.6/ext/pdo/pdo_stmt.c:209
#3 0xb65856fe in zim_PDOStatement_execute (ht=1, return_value=0x996cad0,
return_value_ptr=0x0, this_ptr=0x996b804, return_value_used=0,
tsrm_ls=0x97b4050) at /usr/local/src/php-5.3.6/ext/pdo/pdo_stmt.c:519
#4 0x08348758 in zend_do_fcall_common_helper_SPEC (execute_data=0x999e798,
tsrm_ls=0x97b4050) at
/usr/local/src/php-5.3.6/Zend/zend_vm_execute.h:316
#5 0x08344089 in execute (op_array=0x996bcac, tsrm_ls=0x97b4050)
at /usr/local/src/php-5.3.6/Zend/zend_vm_execute.h:107
#6 0x082f28c6 in zend_execute_scripts (type=8, tsrm_ls=0x97b4050,
retval=0x0,
file_count=3) at /usr/local/src/php-5.3.6/Zend/zend.c:1194
#7 0x08292890 in php_execute_script (primary_file=0xbfa7a708,
tsrm_ls=0x97b4050) at /usr/local/src/php-5.3.6/main/main.c:2268
#8 0x08387c1a in main (argc=2, argv=0xbfa7a864)
at /usr/local/src/php-5.3.6/sapi/cli/php_cli.c:1193
--
Edit bug report at http://bugs.php.net/bug.php?id=54733&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=54733&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=54733&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=54733&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=54733&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=54733&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=54733&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=54733&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=54733&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=54733&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=54733&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=54733&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=54733&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=54733&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=54733&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=54733&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=54733&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=54733&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=54733&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=54733&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=54733&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=54733&r=mysqlcfg
