From: misc at sopic dot com
Operating system: Suse Linux 9.0
PHP version: 5.0.1
PHP Bug Type: Reproducible crash
Bug description: $mysqli->num_rows causes segfault
Description:
------------
Execution of the code below causes Apache 2.0.49 (Prefork) to exit with a
segfault.
Apache error_log:
[Fri Aug 13 17:03:35 2004] [notice] child pid 7022 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:07 2004] [notice] child pid 7023 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7024 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7026 exit signal
Segmentation fault (11)
[Fri Aug 13 17:10:08 2004] [notice] child pid 7168 exit signal
Segmentation fault (11)
'./configure' '--with-apxs2=/usr/local/apache2-php5/bin/apxs'
'--without-mysql' '--with-mysqli=/usr/local/mysql-4.1/bin/mysql_config'
'--with-zlib' '--with-xml' '--with-gd' '--with-ttf=/usr'
'--with-jpeg-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf'
'--with-mcrypt=/usr' '--enable-calendar' '--enable-bcmath' '--with-dom'
'--with-xmlrpc' '--with-gettext' '--with-ftp' '--enable-shared'
'--enable-memory-limit' '--with-freetype-dir=/usr' '--with-ldap=/usr'
'--disable-short-tags' '--with-dom=/usr' '--enable-debug'
MySQL is self compiled MySQL 4.1.3-beta.
Reproduce code:
---------------
<?php
echo date('r')."<hr>";
$mysqli = new mysqli("localhost", "root", "", "test", '3307',
'/tmp/mysql-4.1.sock');
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
print_r($mysqli);
if ($result = $mysqli->query("SELECT * FROM test")) {
$row_cnt = $result->num_rows;
printf("Result set has %d rows.\n", $row_cnt);
$result->close();
}
$mysqli->close();
?>
Expected result:
----------------
Int with number of affected rows.
Actual result:
--------------
[New Thread 16384 (LWP 7410)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 7410)]
0x403162fc in mysqli_read_property (object=0x820895c, member=0x820d7ec,
type=0) at /usr/local/src/php-5.0.1/ext/mysqli/mysqli.c:204
204 if (!obj->ptr ||
(gdb) bt
#0 0x403162fc in mysqli_read_property (object=0x820895c,
member=0x820d7ec, type=0) at
/usr/local/src/php-5.0.1/ext/mysqli/mysqli.c:204
#1 0x40496db2 in zend_fetch_property_address_read (result=0x820d7c0,
op1=0x820d7d4, op2=0x820d7e8, Ts=0xbfffcc90, type=0)
at /usr/local/src/php-5.0.1/Zend/zend_execute.c:1158
#2 0x40499700 in zend_fetch_obj_r_handler (execute_data=0xbfffcf50,
opline=0x820d7bc, op_array=0x8208804)
at /usr/local/src/php-5.0.1/Zend/zend_execute.c:2129
#3 0x4049776e in execute (op_array=0x8208804) at
/usr/local/src/php-5.0.1/Zend/zend_execute.c:1400
#4 0x40473fcd in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /usr/local/src/php-5.0.1/Zend/zend.c:1061
#5 0x4042c967 in php_execute_script (primary_file=0xbffff200) at
/usr/local/src/php-5.0.1/main/main.c:1627
#6 0x404a46ee in php_handler (r=0x81f7888) at
/usr/local/src/php-5.0.1/sapi/apache2handler/sapi_apache2.c:535
#7 0x0807d83b in ap_run_handler (r=0x81f7888) at config.c:152
#8 0x0807ddbe in ap_invoke_handler (r=0x81f7888) at config.c:358
#9 0x0806c98b in ap_process_request (r=0x81f7888) at http_request.c:246
#10 0x080686ac in ap_process_http_connection (c=0x81f3098) at
http_core.c:250
#11 0x080874db in ap_run_process_connection (c=0x81f3098) at
connection.c:42
#12 0x0807c31d in child_main (child_num_arg=2) at prefork.c:609
#13 0x0807c42d in make_child (s=0x80dbf18, slot=0) at prefork.c:649
#14 0x0807c4f4 in startup_children (number_to_start=5) at prefork.c:721
#15 0x0807cb5d in ap_mpm_run (_pconf=0x80d97e8, plog=0x81118c8, s=0x0) at
prefork.c:940
#16 0x08081f7a in main (argc=2, argv=0xbffff584) at main.c:617
--
Edit bug report at http://bugs.php.net/?id=29656&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29656&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29656&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=29656&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=29656&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=29656&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=29656&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=29656&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=29656&r=support
Expected behavior: http://bugs.php.net/fix.php?id=29656&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=29656&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=29656&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=29656&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29656&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=29656&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=29656&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=29656&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29656&r=float
