PHP :: Bug #16272 :: SegFault in MySQL

Bug #16272

SegFault in MySQL

Submitted:

2002-03-25 19:48 UTC

Modified:

2011-06-02 13:18 UTC

Votes:	25
Avg. Score:	4.9 ± 0.3
Reproduced:	23 of 23 (100.0%)
Same Version:	18 (78.3%)
Same OS:	21 (91.3%)

From:

jweiss at greyzone dot com

Assigned:

felipe (profile)

Status:

Closed

Package:

MySQL related

PHP Version:

4.1.2

OS:

Linux 2.4.x

Private report:

CVE-ID:

None

View Developer Edit

[2002-03-25 19:48 UTC] jweiss at greyzone dot com

maybe related to BUG #14860; here's the backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x813a1e5 in zend_fetch_resource (passed_id=0x829ca50, default_id=-1,
    resource_type_name=0x819174e "MySQL-Link", found_resource_type=0x0, num_resource_types=2)
    at zend_list.c:123
123                     } else if ((*passed_id)->type != IS_RESOURCE) {
(gdb) bt
#0  0x813a1e5 in zend_fetch_resource (passed_id=0x829ca50, default_id=-1,
    resource_type_name=0x819174e "MySQL-Link", found_resource_type=0x0, num_resource_types=2)
    at zend_list.c:123
#1  0x809363c in php_mysql_do_query_general (query=0x829ca4c, mysql_link=0x829ca50,
    link_id=-1, db=0x829ca48, use_store=1, return_value=0x8633cf4) at php_mysql.c:981
#2  0x8093bc2 in zif_mysql_db_query (ht=3, return_value=0x8633cf4, this_ptr=0x0,
    return_value_used=1) at php_mysql.c:1113
#3  0x8156da1 in execute (op_array=0x8622a44) at ./zend_execute.c:1590
#4  0x8156f79 in execute (op_array=0x844e7bc) at ./zend_execute.c:1630
#5  0x8156f79 in execute (op_array=0x859930c) at ./zend_execute.c:1630
#6  0x8156f79 in execute (op_array=0x86092a8) at ./zend_execute.c:1630
#7  0x8156f79 in execute (op_array=0x8530668) at ./zend_execute.c:1630
#8  0x8156f79 in execute (op_array=0x8617eec) at ./zend_execute.c:1630
#9  0x8158c96 in execute (op_array=0x82c8a8c) at ./zend_execute.c:2133
#10 0x813395c in zend_execute_scripts (type=8, retval=0x0, file_count=3) at zend.c:814
#11 0x8080dee in php_execute_script (primary_file=0xbffff938) at main.c:1307
#12 0x813e8f9 in apache_php_module_main (r=0x82344ac, display_source_mode=0)
    at sapi_apache.c:90
#13 0x807d876 in send_php ()
#14 0x807d8cf in send_parsed_php ()
#15 0x8160d93 in ap_invoke_handler ()
#16 0x8174d19 in process_request_internal ()
#17 0x8174d7c in ap_process_request ()
#18 0x816c30e in child_main ()
#19 0x816c4a0 in make_child ()
#20 0x816c5f9 in startup_children ()
#21 0x816cc56 in standalone_main ()
#22 0x816d413 in main ()
#23 0x40140e29 in __libc_start_main () from /lib/libc.so.6

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-03-26 07:59 UTC] sander@php.net

When does this segfault occur? Can you provide a sample script?
Also, can you try 4.2.0RC1 (see www.php.net/~derick) and see if it has been fixed?

[2002-03-26 13:41 UTC] jweiss at greyzone dot com

The segfault occurs in the following code snippet (a db wrapper that we wrote for MySQL). What is odd is that this only happens on occasion: this method is called exceptionally often in our code and only breaks (in 4.1.x, not 4.0.x) once in a while and not on exceptional queries--we have, for instance, seen it break on a query that returns only one row. Anyway, here's the code:

	/** 
	* send a query to the DBMS using the dbLinkID
	* @param $dbLink - the link connection ID [INT]
	* @param $query [STRING]
	* @return the query in ORACLE format $result[FIELDNAME][ROWNUM]=value [2D HASH]
	* @access public
	*/
	function db_query($dbLink, $query){
		$res=mysql_db_query($this->dbase,$query,$dbLink);
		while($row=@mysql_fetch_array($res,MYSQL_ASSOC)){
			while(list($key,$val)=@each($row)){
				$result[$key][]=$val;
			}
			$x++;
		}
		if(!is_array($result)) $result=array();	
		return $result;
	}

Thanks for looking into this.

--jonathan

[2002-03-26 13:42 UTC] jweiss at greyzone dot com

The bug still shows up in 4.2.0RC1

[2002-04-03 14:24 UTC] ronen at greyzone dot com

I just set up a separate box to test if this bug has anything to do with what version of glibc is used.

The bug is still there in the following setup:

glibc-2.2.4-19.3 (RedHat Linux 7.2)
MySQL-3.23.42-1
PHP v4.1.2 compiled as a static module for Apache 1.3.22

[2002-04-11 07:20 UTC] fcaprioli at inwind dot it

I was affected by the same bug, but I've found a workaround.
On linux 2.4.18, glibc 2.2.3 and MySQL 3.23.49, apache 1.3.24 with php 4.1.2 statically compiled (mysql external driver, --with-mysql=mysql_install_dir)

by explicitly indicating the link id, mysql seems to work fine. So

$conn = mysql_pconnect("host","username","pass");
mysql_select_db("db1");
$query = mysql_query("SELECT * FROM xxx")
while ($row = mysql_fetch_array($query)) do_stuff();

would randomly segfault apache, while

$conn = mysql_pconnect("host","username","pass");
mysql_select_db("db1",$conn);
$query = mysql_query("SELECT * FROM xxx",$conn)
while ($row = mysql_fetch_array($query)) do_stuff();

works without problem.

[2002-04-18 15:23 UTC] jweiss at greyzone dot com

I would like to thank fcaprioli for the additional input; unfortunately, it does not resolve our problem. If you look at the code snippet that I submitted earlier, you can see that we already include the link ID in our query: i.e., "$res=mysql_db_query($this->dbase,$query,$dbLink)", where $dbLink is the link ID. So basically, we're where we were before: stuck with intermittent failures.

[2002-06-25 08:27 UTC] b0nfire at fdns dot net

We are experiencing similar problems on our slack 8.0 box:

apache 1.3.26
php 4.1.2
mysql 3.23.49a

We initially saw the follow apache logs:

[Tue Jun 25 05:44:31 2002] [notice] child pid 4503 exit signal Segmentation fault (11)
[Tue Jun 25 06:11:08 2002] [notice] child pid 17668 exit signal Segmentation fault (11)

Which similar logs are generated with a pre 1.3.26 apache DOS attack script...  but since 1.3.26 is apparently patched this should not be a factor..

We also have a small built in wrapper that reports any connection failure attempts.. We have not seen any in months and since upgrading php we have started to see them more frequently... 

One note though is that all of our crashes thusfar have all occurred on 1 peticular script that processes file uploads.  This script has worked flawlessly for many months..

Sorry no backtrace so far.. I'll try and grab one..

[2002-06-25 13:27 UTC] sniper@php.net

Please try this snapshot:

http://snaps.php.net/php4-latest.tar.gz

[2002-07-26 01:00 UTC] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

[2002-08-07 13:42 UTC] db at dbinteractive dot com

I don't know if my uneducated comment will really contribute to the understanding of this bug, but I'll offer it up anyway:

I encountered the same problem with the exact same Apache/PHP/MySQL setup as b0nfire@fdns.net. When I changed the connection type from persistent (using mysql_pconnect) to a regular MySQL connection (using mysql_connect), the problem went away--the script worked fine and no further segfaults appeared in the http error log.

If others find the same results, then it may be safe to assume the problem is limited to persistent connections only.

[2002-08-12 06:37 UTC] bartvb at iae dot nl

Please change the status of this bug..

This bug is really bothering me, all my users are affected by this bug because it gives them empty pages :\

Here's a snippet from my errorlog:

[Mon Aug 12 12:01:16 2002] [notice] child pid 20887 exit signal Segmentation fault (11)
[Mon Aug 12 12:03:09 2002] [notice] child pid 20929 exit signal Segmentation fault (11)
[Mon Aug 12 12:03:28 2002] [notice] child pid 20938 exit signal Segmentation fault (11)
[Mon Aug 12 12:05:09 2002] [notice] child pid 20562 exit signal Segmentation fault (11)
[Mon Aug 12 12:05:18 2002] [notice] child pid 21044 exit signal Segmentation fault (11)
[Mon Aug 12 12:06:30 2002] [notice] child pid 20925 exit signal Segmentation fault (11)
[Mon Aug 12 12:07:07 2002] [notice] child pid 21078 exit signal Segmentation fault (11)
[Mon Aug 12 12:07:13 2002] [notice] child pid 21086 exit signal Segmentation fault (11)
[Mon Aug 12 12:07:17 2002] [notice] child pid 20559 exit signal Segmentation fault (11)
[Mon Aug 12 12:07:29 2002] [notice] child pid 21091 exit signal Segmentation fault (11)
[Mon Aug 12 12:07:37 2002] [notice] child pid 21094 exit signal Segmentation fault (11)
[Mon Aug 12 12:10:19 2002] [notice] child pid 21237 exit signal Segmentation fault (11)
[Mon Aug 12 12:10:26 2002] [notice] child pid 21240 exit signal Segmentation fault (11)
[Mon Aug 12 12:10:57 2002] [notice] child pid 21249 exit signal Segmentation fault (11)


Mainly using phpBB 2.0.1 on that site. Furthermore I'm using PHP version 4.2.2 on Linux 2.4.18-5, Apache/1.3.26 with MySQL 3.23.47.
See http://www.bokt.nl/klad/info.php for phpinfo().

[2002-10-02 01:12 UTC] odysseus at soa dot co dot nz

Getting the same problems as the last poster - lots of SIGSEGVs then the apache processes seem to hang - can't get any data out of them.

[2002-10-20 17:59 UTC] shanti at mojo dot cc

hi people,

i cant get a rest .. this issue just took me weeks for now .. is there some new knowledge around about this BUG? well ist it one .. is it just bad php-code .. i am totally lost in this issue .. plz anybody gives more info and a status about this .. i touched this problem using latest version am xams(.sourgeforge.net) .. its annoying

[2002-11-15 12:52 UTC] matteo at albatravel dot it

Same problem:
PHP 4.2.3 compiled from php.net sources
Distro Red Hat 7.3
Dual Intel XEON 1.8GHz
...tons of Segmentation Faults SIG(11)... :(

Any news?
Please, contact me if you have!!!
Everyone of you!

Thank you!

[2002-11-15 12:56 UTC] rasmus@php.net

This is fixed in 4.3

[2003-03-20 10:58 UTC] rcarvalho at clix dot pt

Hi!

I was having the same problem using MySQL 4.0.12 and PHP 4.2.2.

I figured out I should never made a symlink from /usr/lib/libmysql.so.10 to the actual file /usr/lib/libmysql.so.12 (the package required .10 but I only had .12 and I assumed the lib was pretty much stable and had similar functions than .10).

In fact, after deleting the link and downgrading the MySQL-shared-4.0.12 to MySQL-shared-3.23 as this package adds the correct libmysql.so.10, the segmentation faults stopped.

Finnaly, after a few days of zero sized reply, blank pages and apache slowness, my problem is solved...

Hope this tip helps someone.

Regards,
Raul

[2003-03-20 11:00 UTC] rcarvalho at clix dot pt

Sorry, I meant "libmysqlclient" instead of "libmysql" in the previous post.

[2003-08-04 07:54 UTC] prog at programmeurs dot fr

Hi
The last contrib is the good one. 
Only our machines with MySQL-shared not at the same version as MySQL-client show the segmentation fault. After the upgrades, all become fine again.
Many Thanks
( apache 1.3.28 , php 4.3.2 , mysql 4.1 )

[2011-06-02 13:17 UTC] felipe@php.net

-Assigned To: +Assigned To: felipe

[2011-06-02 13:18 UTC] felipe@php.net

-Status: Closed +Status: Re-Opened -Assigned To: felipe +Assigned To:

[2011-06-02 13:18 UTC] felipe@php.net

-Status: Re-Opened +Status: Closed -Assigned To: +Assigned To: felipe

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun May 04 22:01:31 2025 UTC