PHP Bugs  
php.net | support | documentation | report a bug | advanced search | search howto | statistics | login

go to bug id or search bugs for  

Bug #44094 SEGFAULT when using mysql_connect()
Submitted:10 Feb 2008 9:42pm UTC Modified: 12 Feb 2008 10:24am UTC
From:gmsoft at gentoo dot org Assigned to:
Status:Closed Category:Reproducible crash
Version:5.2CVS-2008-02-10 (snap) OS:Linux playa 2.6.23.12 #1 Fri Jan
View/Vote Developer Edit Submission

[10 Feb 2008 9:42pm UTC] gmsoft at gentoo dot org 
Description:
------------
php crash when running cacti poller. Most probably not related to cacti
only. Previous version like 5.2.5 used to work fine.

This doesn't seem to occur if build without -O2.

Reproduce code:
---------------
This occurs when using cacti poller.php or when browsing cacti trough
apache. Didn't identified the exact code.

Actual result:
--------------
(gdb) bt
#0  0x082db06a in zend_do_fcall_common_helper_SPEC
(execute_data=0xbff54dbc) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:205

#1  0x082cd37a in execute (op_array=0x892b9dc) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:92
#2  0x082dac2b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbff552ec) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:234

#3  0x082cd37a in execute (op_array=0x892066c) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:92
#4  0x082dac2b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbff5559c) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:234

#5  0x082cd37a in execute (op_array=0x87d0268) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:92
#6  0x082dac2b in zend_do_fcall_common_helper_SPEC
(execute_data=0xbff564cc) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:234

#7  0x082cd37a in execute (op_array=0x87a57fc) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:92
#8  0x082d16ef in ZEND_INCLUDE_OR_EVAL_SPEC_TMP_HANDLER
(execute_data=0xbff57a2c) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:461
4
#9  0x082cd37a in execute (op_array=0x879a910) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend_vm_execute.h:92
#10 0x082acb68 in zend_execute_scripts (type=8, retval=<value optimized
out>, file_count=3) at
/var/tmp/portage/php-test/php5.2-200802101930/Zend/zend.c:1134
#11 0x08265f0f in php_execute_script (primary_file=0xbff59e64) at
/var/tmp/portage/php-test/php5.2-200802101930/main/main.c:2006
#12 0x0833e1ef in main (argc=2, argv=0xbff59f84) at
/var/tmp/portage/php-test/php5.2-200802101930/sapi/cli/php_cli.c:1140

Full backtrace :
http://rafb.net/p/HRPbmV53.html
[10 Feb 2008 9:48pm UTC] gmsoft at gentoo dot org 
Configure Command =>  './configure'  '--prefix=/usr/lib/php5'
'--host=i686-pc-linux-gnu' '--mandir=/usr/lib/php5/man'
'--infodir=/usr/lib/php5/info' '--sysconfdir=/etc'
'--cache-file=./config.cache' '--enable-cli' '--disable-cgi'
'--with-config-file-path=/etc/php/cli-php5'
'--with-config-file-scan-dir=/etc/php/cli-php5/ext-active'
'--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar'
'--without-curl' '--without-curlwrappers' '--disable-dbase'
'--enable-exif' '--without-fbsql' '--without-fdftk' '--disable-filter'
'--enable-ftp' '--with-gettext' '--without-gmp' '--disable-hash'
'--disable-json' '--without-kerberos' '--enable-mbstring'
'--without-mcrypt' '--with-mhash' '--without-msql' '--without-mssql'
'--with-ncurses' '--with-openssl' '--with-openssl-dir=/usr'
'--disable-pcntl' '--disable-pdo' '--with-pgsql' '--disable-posix'
'--without-pspell' '--without-recode' '--disable-simplexml'
'--disable-shmop' '--with-snmp' '--disable-soap' '--enable-sockets'
'--without-sybase' '--without-sybase-ct' '--disable-sysvmsg'
'--disable-sysvsem' '--disable-sysvshm' '--without-tidy'
'--disable-tokenizer' '--disable-wddx' '--disable-xmlreader'
'--disable-xmlwriter' '--without-xmlrpc' '--without-xsl' '--enable-zip'
'--with-zlib' '--disable-debug' '--enable-dba' '--without-cdb'
'--with-db4' '--without-flatfile' '--with-gdbm' '--without-inifile'
'--without-qdbm' '--with-freetype-dir=/usr' '--with-t1lib=/usr'
'--disable-gd-jis-conv' '--with-jpeg-dir=/usr' '--with-png-dir=/usr'
'--without-xpm-dir' '--with-gd' '--with-imap' '--with-imap-ssl'
'--with-ldap' '--without-ldap-sasl' '--with-mysql=/usr'
'--with-mysql-sock=/var/run/mysqld/mysqld.sock' '--without-mysqli'
'--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'
'--with-pic'
[11 Feb 2008 2:24pm UTC] iliaa@php.net 
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.
[11 Feb 2008 4:16pm UTC] gmsoft at gentoo dot org 
Narrowed it down. This test triggers the segfault :

php -r 'echo mysql_connect('localhost', 'root', 'password', true, 128);'
[11 Feb 2008 10:22pm UTC] hoffie at gentoo dot org 
Ok, I narrowed it down further. The problem only occurs
  * on x86 machines (not reproducible on amd64)
  * when using gcc optimizations (-O2 for example)
  * --with-pic

So, reproduce case:
unpack a recent 5.2 snapshot (I used php5.2-200802112130)
(on x86):
export CFLAGS=-O2
./configure --disable-all --with-mysql --with-pic && make
./sapi/cli/php -r 'mysql_connect("host", "user", "pass", true);'

Omitting the forth parameter (`true') does not trigger the problem. The
values of the first three parameters doesn't matter, it segfaults even
if mysql fails to connect.

Backtrace for that concrete code snippet:
Starting program: /tmp/php5.2-200802112130/sapi/cli/php -r
mysql_connect\(\"host\",\ \"user\",\ \"pass\",\ true\)\;

Warning: mysql_connect(): Unknown MySQL server host 'host' (1) in
Command line code on line 1

Program received signal SIGSEGV, Segmentation fault.
zend_do_fcall_common_helper_SPEC (execute_data=0xbfd98bec)
    at /tmp/php5.2-200802112130/Zend/zend_vm_execute.h:205
205                     EG(current_execute_data) = execute_data;
(gdb) bt
#0  zend_do_fcall_common_helper_SPEC (execute_data=0xbfd98bec)
    at /tmp/php5.2-200802112130/Zend/zend_vm_execute.h:205
#1  0x0817fb48 in execute (op_array=0x82d3070) at
/tmp/php5.2-200802112130/Zend/zend_vm_execute.h:92
#2  0x081525b4 in zend_eval_string (
    str=0xbfd9a3d0 "mysql_connect(\"host\", \"user\", \"pass\", true);",
retval_ptr=0x0, 
    string_name=0x825a72f "Command line code")
    at /tmp/php5.2-200802112130/Zend/zend_execute_API.c:1171
#3  0x0815270b in zend_eval_string_ex (
    str=0xbfd9a3d0 "mysql_connect(\"host\", \"user\", \"pass\", true);",
retval_ptr=0x0, 
    string_name=0x825a72f "Command line code", handle_exceptions=1)
    at /tmp/php5.2-200802112130/Zend/zend_execute_API.c:1205
#4  0x081e7051 in main (argc=3, argv=0xbfd98fd4) at
/tmp/php5.2-200802112130/sapi/cli/php_cli.c:1179

Full backtrace: http://home.hoffie.info/php-5.2-snap-pic-segfault.txt

I suspect that mysql is not the cause of the problem here, it rather
seems like one way to trigger that bug. We have reports from
sparc/sparc64 users for whom recent php-5.2 snapshots simply crash,
independent of the code used. Might be the same bug in the background,
who knows.
[12 Feb 2008 10:24am UTC] felipe@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

RSS feed | show source 

PHP Copyright © 2001-2009 The PHP Group
All rights reserved.
 		Last updated: Sat Nov 21 10:30:49 2009 UTC