ID: 38168 Updated by: [EMAIL PROTECTED] Reported By: php at unfit dot org -Status: Open +Status: Assigned Bug Type: PDO related Operating System: Gentoo Linux PHP Version: 5.1.4 -Assigned To: +Assigned To: wez New Comment:
==21175== Invalid write of size 4 ==21175== at 0x80C50D3: pgsql_stmt_param_hook (pgsql_statement.c:305) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== Address 0x4D96418 is 4 bytes after a block of size 4 alloc'd ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x8180A93: _ecalloc (zend_alloc.c:1675) ==21175== by 0x80C4CE2: pgsql_stmt_param_hook (pgsql_statement.c:249) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== ==21175== Invalid write of size 4 ==21175== at 0x80C50F1: pgsql_stmt_param_hook (pgsql_statement.c:306) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== Address 0x4D96450 is 4 bytes after a block of size 4 alloc'd ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x8180A93: _ecalloc (zend_alloc.c:1675) ==21175== by 0x80C4D12: pgsql_stmt_param_hook (pgsql_statement.c:252) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== ==21175== Invalid write of size 4 ==21175== at 0x80C5106: pgsql_stmt_param_hook (pgsql_statement.c:307) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== Address 0x4D96488 is 4 bytes after a block of size 4 alloc'd ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x8180A93: _ecalloc (zend_alloc.c:1675) ==21175== by 0x80C4D42: pgsql_stmt_param_hook (pgsql_statement.c:255) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== ==21175== Invalid write of size 4 ==21175== at 0x80C515F: pgsql_stmt_param_hook (pgsql_statement.c:314) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== Address 0x4D964C0 is 4 bytes after a block of size 4 alloc'd ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x8180A93: _ecalloc (zend_alloc.c:1675) ==21175== by 0x80C4D72: pgsql_stmt_param_hook (pgsql_statement.c:258) ==21175== by 0x80BBD07: dispatch_param_event (pdo_stmt.c:149) ==21175== by 0x80BC690: zim_PDOStatement_execute (pdo_stmt.c:447) ==21175== by 0x81B79C1: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==21175== by 0x81B7F0D: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:322) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) you won't see this. ==21175== ==21175== Invalid free() / delete / delete[] ==21175== at 0x401CF78: free (vg_replace_malloc.c:235) ==21175== by 0x4ADF51B: free_mem (in /lib/tls/libc.so.6) ==21175== by 0x4ADEFA1: __libc_freeres (in /lib/tls/libc.so.6) ==21175== by 0x401835E: _vgw_freeres (vg_preloaded.c:62) ==21175== by 0x4A72C43: _Exit (in /lib/tls/libc.so.6) ==21175== by 0x81FF0FF: main (php_cli.c:1263) ==21175== Address 0x4C26620 is not stack'd, malloc'd or (recently) free'd ==21175== ==21175== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 43 from 1) ==21175== malloc/free: in use at exit: 20 bytes in 2 blocks. ==21175== malloc/free: 5,850 allocs, 5,849 frees, 481,868 bytes allocated. ==21175== For counts of detected errors, rerun with: -v ==21175== searching for pointers to 2 not-freed blocks. ==21175== checked 868,748 bytes. ==21175== ==21175== ==21175== 4 bytes in 1 blocks are indirectly lost in loss record 1 of 2 ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x8180B47: _estrndup (zend_alloc.c:1701) ==21175== by 0x81983A7: _zval_copy_ctor_func (zend_variables.c:120) ==21175== by 0x81FB0E0: _zval_copy_ctor (zend_variables.h:45) ==21175== by 0x81BAC38: ZEND_SEND_VAL_SPEC_CONST_HANDLER (zend_vm_execute.h:1771) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== ==21175== ==21175== 20 (16 direct, 4 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 2 ==21175== at 0x401C451: malloc (vg_replace_malloc.c:149) ==21175== by 0x81807AD: _emalloc (zend_alloc.c:1577) ==21175== by 0x81BABF0: ZEND_SEND_VAL_SPEC_CONST_HANDLER (zend_vm_execute.h:1768) ==21175== by 0x81B75D4: execute (zend_vm_execute.h:92) ==21175== by 0x819A09A: zend_execute_scripts (zend.c:1095) ==21175== by 0x8153984: php_execute_script (main.c:1759) ==21175== by 0x81FEA23: main (php_cli.c:1097) ==21175== ==21175== LEAK SUMMARY: ==21175== definitely lost: 16 bytes in 1 blocks. ==21175== indirectly lost: 4 bytes in 1 blocks. ==21175== possibly lost: 0 bytes in 0 blocks. ==21175== still reachable: 0 bytes in 0 blocks. ==21175== suppressed: 0 bytes in 0 blocks. Previous Comments: ------------------------------------------------------------------------ [2006-07-24 16:20:35] php at unfit dot org Wish I could help more, but I just recompiled php with debug enabled and PHP crashes on '$dbh = new PDO(...)'. I don't see any symbols in the backtrace. If I have more time later I will play with it some more. ------------------------------------------------------------------------ [2006-07-24 16:10:13] [EMAIL PROTECTED] Thank you for this bug report. To properly diagnose the problem, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php for *NIX and http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32 Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Thank you for helping us make PHP better. ------------------------------------------------------------------------ [2006-07-23 17:43:26] php at unfit dot org I tried the php version from cvs and it seems to fix the test I provided. However, if I remove '$err = $query->errorCode();' from the test case, it will core dump again, though the execution still appears to complete. ------------------------------------------------------------------------ [2006-07-23 17:42:54] php at unfit dot org I tried the php version from cvs and it seems to fix the test gave I provided. However, if I remove '$err = $query->errorCode();' from the test case, it will core dump again, though the execution still appears to complete. ------------------------------------------------------------------------ [2006-07-23 07:11:20] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://snaps.php.net/win32/php5.2-win32-latest.zip ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/38168 -- Edit this bug report at http://bugs.php.net/?id=38168&edit=1