From:
Operating system:
PHP version: 5.4SVN-2011-09-09 (SVN)
Package: MySQLi related
Bug Type: Bug
Bug description:PS crash with libmysql when binding same variable as param and
out
Description:
------------
This will crash, if using mysqli with libmysql.
sapi/cli/php -r '$link = new mysqli("192.168.2.27", "root", "", "test");
$stmt = $link->stmt_init(); $in = "a"; $stmt->prepare("SELECT ?");
$stmt->bind_param("s", $in); $stmt->execute(); $stmt->bind_result($in);
$stmt->fetch(); var_dump($in);'
/home/nixnutz/php-src/branches/PHP_5_4/ext/mysqli/mysqli_api.c(890) : Block
0x071e5870 status:
Invalid pointer: ((size=0x005976c6) != (next.prev=0x00000000))
==12847== Conditional jump or move depends on uninitialised value(s)
==12847== at 0x81C242: zend_mm_check_ptr (zend_alloc.c:1388)
==12847== by 0x81C230: zend_mm_check_ptr (zend_alloc.c:1385)
==12847== by 0x81DDA6: _zend_mm_free_int (zend_alloc.c:2064)
==12847== by 0x81F350: _efree (zend_alloc.c:2436)
==12847== by 0x5F412E: mysqli_stmt_fetch_libmysql (mysqli_api.c:890)
Box 1:
mysqli
MysqlI Support => enabled
Client API library version => 5.6.2-m5
Active Persistent Links => 0
Inactive Persistent Links => 0
Active Links => 0
Client API header version => 5.6.2-m5
MYSQLI_SOCKET => /tmp/mysql.sock
Box 2:
mysqli
MysqlI Support => enabled
Client API library version => 5.1.45
Active Persistent Links => 0
Inactive Persistent Links => 0
Active Links => 0
Client API header version => 5.1.45
MYSQLI_SOCKET => /tmp/mysql.sock
Test script:
---------------
sapi/cli/php -r '$link = new mysqli("192.168.2.27", "root", "", "test");
$stmt = $link->stmt_init(); $in = "a"; $stmt->prepare("SELECT ?");
$stmt->bind_param("s", $in); $stmt->execute(); $stmt->bind_result($in);
$stmt->fetch(); var_dump($in);'
--
Edit bug report at https://bugs.php.net/bug.php?id=55653&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55653&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55653&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=55653&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55653&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=55653&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55653&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=55653&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=55653&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=55653&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=55653&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=55653&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=55653&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=55653&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55653&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=55653&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=55653&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=55653&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=55653&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=55653&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=55653&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=55653&r=mysqlcfg
