ID: 37559
Updated by: [EMAIL PROTECTED]
Reported By: barry dot verdon at complinet dot com
-Status: Open
+Status: Assigned
Bug Type: PDO related
Operating System: Win XP SP2 & Debian 2.6.10
PHP Version: 5.1.4
-Assigned To:
+Assigned To: wez
Previous Comments:
------------------------------------------------------------------------
[2006-05-23 10:32:07] barry dot verdon at complinet dot com
Description:
------------
When assigning instances of PDO objects within the scope of a function
to an array with global scope or scope outside that function it causes
a seg fault when accessing a member of the PDO object on the second run
of the function.
It can also be within a class with the array being a member of the
class and the function being the method of the class.
It only happens when the persistent flag is set to true.
On the second run of the function when the PDO instance is assigned to
the array the symbol table seems to get corrupted, no seg fault occurs
but object id's start getting recycled with new instances. Only when
the member is accessed again after this corruption does a seg fault
occur.
Tested it on :
5.1.4 - CLI and Apache 2.0.54 - Windows XP SP2
5.2.0dev200605221830 - CLI - Windows XP SP2
5.0.5 - CLI - Debian 2.6.10 (Unstable)
Reproduce code:
---------------
<?
global $instances; $instances = array();
function run()
{
global $instances;
$dsn = 'mysql:host=localhost;port=3306;dbname=test;'; // Version
4.1.14, same with pgsql 8.1
$username = 'test.user'; $password = 'test';
$driverOptions = array(PDO::ATTR_PERSISTENT=>true);
$instance = new PDO($dsn, $username, $password, $driverOptions);
$instance->test = 'test';
$instances['test'] = $instance; // This is the line that causes the
damage on the 2nd run
var_dump($instance);
$instance->test = 'test'; // This is the line that seg faults on
2nd run
print_r('Test');
}
run(); run();
?>
Expected result:
----------------
To see the var_dump of $instance with the member test with a value of
'test' in it and the print of 'Test' TWICE.
Actual result:
--------------
On second function call, var_dump of $instance no longer has the test
member in it and 'Test' does not get printed out a second time.
Starting program: /usr/local/bin/php test.php
Test
Program received signal SIGSEGV, Segmentation fault.
0x082065cd in zend_hash_quick_find (ht=0x0, arKey=0x84d469c "test",
nKeyLength=5, h=275477765, pData=0xbfffcd74) at
/share/php-5.0.5/Zend/zend_hash.c:879
879 p = ht->arBuckets[nIndex];
(gdb) backtrace
#0 0x082065cd in zend_hash_quick_find (ht=0x0, arKey=0x84d469c "test",
nKeyLength=5, h=275477765, pData=0xbfffcd74) at
/share/php-5.0.5/Zend/zend_hash.c:879
#1 0x0821313d in zend_std_write_property (object=0x84d3e04,
member=0x84d3a04, value=0x84d3d2c) at
/share/php-5.0.5/Zend/zend_object_handlers.c:362
#2 0x0822b5eb in zend_assign_to_object (result=0x84d39d8,
object_ptr=0x84d4250, op2=<value optimized out>, value_op=0x84d3a38,
Ts=0xbfffce40, opcode=136)
at /share/php-5.0.5/Zend/zend_execute.c:437
#3 0x0822b9a9 in zend_assign_obj_handler (execute_data=0xbfffd154,
opline=0x84d39d4, op_array=0x84d3ba0) at
/share/php-5.0.5/Zend/zend_execute.c:2239
#4 0x0821dd22 in execute (op_array=0x84d3ba0) at
/share/php-5.0.5/Zend/zend_execute.c:1437
#5 0x0821fe45 in zend_do_fcall_common_helper (execute_data=0xbfffd304,
opline=0x84d1dac, op_array=0x84cd9cc) at
/share/php-5.0.5/Zend/zend_execute.c:2789
#6 0x0822e317 in zend_do_fcall_handler (execute_data=0xbfffd304,
opline=0x84d1dac, op_array=0x84cd9cc) at
/share/php-5.0.5/Zend/zend_execute.c:2894
#7 0x0821dd22 in execute (op_array=0x84cd9cc) at
/share/php-5.0.5/Zend/zend_execute.c:1437
#8 0x08200253 in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /share/php-5.0.5/Zend/zend.c:1064
#9 0x081cb1db in php_execute_script (primary_file=0xbffff6a0) at
/share/php-5.0.5/main/main.c:1643
#10 0x08235efa in main (argc=2, argv=0xbffff774) at
/share/php-5.0.5/sapi/cli/php_cli.c:946
#4 0x0821dd22 in execute (op_array=0x84d3ba0) at
/share/php-5.0.5/Zend/zend_execute.c:1437
1437 if (EX(opline)->handler(&execute_data,
EX(opline), op_array TSRMLS_CC)) {
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=37559&edit=1
