ID: 40855
User updated by: donauinsel at hotmail dot com
Reported By: donauinsel at hotmail dot com
-Status: Feedback
+Status: Open
Bug Type: Reproducible crash
Operating System: W2K
PHP Version: 5.2.1
New Comment:
OK i understand.
I wish i could give you more information but it's just this simple
configuration and this simple script. As long as i had the UNIQUE index
on the INT(15) field the php crashed with access violation within few
hours may dependig on load of webpage.
I tried to debug by using GFLAGS ON but i can see that the heap crahes
always on other adresses (but the debugger has never breaked on buffer
overflow).
Previous Comments:
------------------------------------------------------------------------
[2007-03-20 16:49:29] [EMAIL PROTECTED]
I just don't understand what does it have to do with PHP at all - PHP
doesn't care if your index is UNIQUE or whether you have an index at
all. PHP just passes the query to libmysql.
Therefore I suspect either the problem is actually caused by something
else or it has nothing to with PHP at all.
------------------------------------------------------------------------
[2007-03-20 16:39:36] donauinsel at hotmail dot com
It's reproduceable on windows (ISAPI) - that's all.
If you run it as CGI it may never happen ?! I have no linux at all here
to test neither than other OS'es. I reported to mysql because may the
result given back to php is wrong. Sorry for crossposting.
If you're sure that it's not bug but a feature then close this please
but i'm pretty sure that other people on the WWW have similar crashes
and if UNIQUE index is corrupting the heap under these circumstances may
i can help with this simple tip to check.
------------------------------------------------------------------------
[2007-03-20 16:02:57] [EMAIL PROTECTED]
Not reproducible on Linux.
Also, I don't undrestand - why did you report it BOTH to MySQL people
and here?
Are you able to replicate it on another machine? Another OS?
Linux and valgrind would most likely give some more information, not
just a random backtrace.
------------------------------------------------------------------------
[2007-03-20 07:48:08] donauinsel at hotmail dot com
Btw. The stacktrace does not help in this case because it always
happens on other adresses so the heap corruption is the error not the
error itself.
------------------------------------------------------------------------
[2007-03-19 19:07:27] donauinsel at hotmail dot com
I tried to debug but heap always crahes on other circumstances. The old
windbg reported eg.
Wed Nov 29 17:00:59.046 2006 (GMT+1): HEAP[ntserver.exe]:
Wed Nov 29 17:00:59.046 2006 (GMT+1): Invalid Address specified to
RtlFreeHeap( 930000, 9301b0 )
Wed Nov 29 17:00:59.046 2006 (GMT+1): (300.968): Break instruction
exception - code 80000003 (first chance)
eax=009301a8 ebx=009301a8 ecx=031ce2ec edx=031ce086 esi=00930000
edi=009301a8
eip=7789193c esp=031ce26c ebp=031ce270 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202
ntdll!RtlpProcessWaitCompletion+0x11a:
7789193c cc int 3
031ce270 778b1cff 009301a8 00930000 009301b0
ntdll!RtlpProcessWaitCompletion+0x11a
031ce284 778b0e88 00930000 009301a8 778b0d6c
ntdll!RtlTraceDatabaseEnumerate+0x1e
031ce3bc 778b0fd5 02190000 0219f448 0219f448
ntdll!RtlVerifyVersionInfo+0xab
031ce518 016ad786 00000000 1101bd23 00000001
ntdll!RtlVerifyVersionInfo+0x28b
WARNING: Stack unwind information not available. Following frames may
be wrong.
031ce538 015bdbef 11027e88 10bf88e0 11025ed8 php5ts!php_mail+0x926
031ce568 0151a541 05db6108 11020ed0 00000000
php5ts!compare_function+0x4df
031ce57c 015c20f7 11020ed0 1101feb0 01584514 php5ts!efree+0x21
00000000 00000000 00000000 00000000 00000000 php5ts!zval_dtor_func+0x27
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/40855
--
Edit this bug report at http://bugs.php.net/?id=40855&edit=1
