PHP :: Bug #28933 :: segfault using mysqli_fetch

Bug #28933	segfault using mysqli_fetch_array
Submitted:	2004-06-26 12:58 UTC	Modified:	2004-07-18 07:14 UTC
From:	francesco at pnpitalia dot it	Assigned:
Status:	Closed	Package:	Reproducible crash
PHP Version:	5CVS-2004-06-26 (dev)	OS:	linux gentoo 2q2004
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	francesco at pnpitalia dot it
New email:
PHP Version:		OS:

New Comment:

[2004-06-26 12:58 UTC] francesco at pnpitalia dot it

Description:
------------
Using mysqli_fetch_array with *all* parameter (result and type) crashes php

php -e test_mysqli.php

gdb php core

(gdb) bt
#0  zend_object_store_get_object (zobject=0x2a00000000) at /INSTALL/php/php-src/Zend/zend_objects_API.c:192
#1  0x000000000051ad48 in php_mysqli_fetch_into_hash (ht=2, return_value=0x2a957b0dd0, this_ptr=0x0, return_value_used=-1073757328, override_flags=0,
    into_object=0) at /INSTALL/php/php-src/ext/mysqli/mysqli.c:602
#2  0x0000000000522b1f in zif_mysqli_fetch_array (ht=0, return_value=0x7fbfffc3b0, this_ptr=0x2, return_value_used=-1073757328)
    at /INSTALL/php/php-src/ext/mysqli/mysqli_nonapi.c:183
#3  0x000000000069fa3b in zend_do_fcall_common_helper (execute_data=0x7fbfffcac0, opline=0x2a957b6360, op_array=0x2a957b1a10)
    at /INSTALL/php/php-src/Zend/zend_execute.c:2699
#4  0x000000000069fb8a in zend_do_fcall_handler (execute_data=0x7fbfffcac0, opline=0x2a957b6360, op_array=0x2a957b1a10)
    at /INSTALL/php/php-src/Zend/zend_execute.c:2828
#5  0x000000000069c350 in execute (op_array=0x2a957b1a10) at /INSTALL/php/php-src/Zend/zend_execute.c:1391
#6  0x000000000067cba9 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /INSTALL/php/php-src/Zend/zend.c:1061
#7  0x0000000000641f4f in php_execute_script (primary_file=0x7fbffff100) at /INSTALL/php/php-src/main/main.c:1627
#8  0x00000000006aa3d5 in main (argc=3, argv=0x7fbffff268) at /INSTALL/php/php-src/sapi/cli/php_cli.c:943

other info:

#uname -a
Linux db 2.6.7-mm1 #2 SMP Mon Jun 21 11:36:21 CEST 2004 x86_64 5  GNU/Linux

#cat /proc/cpuinfo
processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 246
stepping        : 8
cpu MHz         : 1992.117
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext lm 3dnowext 3dnow
bogomips        : 3915.77
TLB size        : 1088 4K pages
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

processor       : 1
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 5
model name      : AMD Opteron(tm) Processor 246
stepping        : 8
cpu MHz         : 1992.117
cache size      : 1024 KB
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext lm 3dnowext 3dnow
bogomips        : 3981.31
TLB size        : 1088 4K pages
clflush size    : 64
cache_alignment : 64
address sizes   : 40 bits physical, 48 bits virtual
power management: ts ttp

gcc --version
gcc (GCC) 3.3.3 20040412 (Gentoo Linux 3.3.3-r6, ssp-3.3.2-2, pie-8.7.6)
Copyright (C) 2003 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

gcc --version
gcc (GCC) 3.4.0 20040601 (Gentoo Linux 3.4.0-r6, ssp-3.4-2, pie-8.7.6.3)
Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

mysql --version
mysql  Ver 14.5 Distrib 5.0.1-alpha, for unknown-linux (x86_64)

(also with 4.1.2)

system is gentoo linux ~amd64


#making php

./configure \
\
--enable-debug \
\
--prefix=/usr \
--with-apxs2=/usr/local/apache/bin/apxs \
--with-readline --disable-cgi \
--enable-cli --enable-embed \
--with-ndbm=/usr --with-db4=/usr \
--with-mcrypt=/usr --with-mhash=/usr \
--with-ming=/usr --with-gdbm=/usr \
--with-java=/opt/blackdown-jdk-1.4.2_rc1 \
--without-pgsql --with-xpm-dir=/usr/X11R6 \
--with-pdflib=/usr --with-gd \
--enable-gd-native-ttf --with-png \
--with-png-dir=/usr --with-jpeg \
--with-jpeg-dir=/usr --enable-exif \
--with-tiff --with-tiff-dir=/usr \
--with-freetype-dir=/usr --with-ttf=/usr \
--with-t1lib=/usr --with-gettext \
--with-qtdom=/usr/qt/3 --with-pspell=/usr \
--with-openssl=/usr --without-imap \
--without-ldap --with-dom=/usr \
--with-dom-xslt=/usr --with-dom-exslt=/usr \
--without-kerberos --with-pam \
--disable-memory-limit --enable-ipv6 \
--with-curlwrappers --with-curl=/usr \
--enable-dbx --with-zlib \
--with-zlib-dir=/usr --with-sablot=/usr \
--enable-xslt --with-xslt-sablot \
--with-xmlrpc --enable-wddx \
--with-xml --enable-mbstring=all \

#making mysql
export WANT_AUTOCONF="2.5"
export WANT_AUTOMAKE="1.8"
export CFLAGS="-O2 -march=k8 -ffast-math -DHAVE_ERRNO_AS_DEFINE=1 -DUSE_OLD_FUNCTIONS"
export CHOST="x86_64-pc-linux-gnu"
export CXXFLAGS="${CFLAGS} -felide-constructors -fno-exceptions -fno-rtti"

bk clone bk://mysql.bkbits.net/mysql-5.0 mysql-5.0
cd mysql-5.0
bk -r edit

aclocal; autoheader; autoconf; automake
cd innobase; aclocal; autoheader; autoconf; automake
cd ..
cd bdb/dist; sh s_all
cd ../..


./configure \
--prefix=/usr/local/mysql \
--without-docs \
--enable-thread-safe-client \
--enable-assembler \
--enable-local-infile \
--with-unix-socket-path=/var/run/mysqld/mysqld5.sock \
--without-debug \
--with-mysqld-user=mysql \
--with-charset=latin1 \
--with-collation=latin1_swedish_ci \
--with-extra-charsets=all \
--with-client-ldflags=-lstdc++ \
--with-embedded-server \
--with-embedded-server \
--without-innodb \
&& make -j 4

--enable-mbregex --with-bz2=/usr \
--with-crack=/usr --with-cdb \
--enable-pcntl --enable-bcmath \
--enable-calendar --enable-dbase \
--enable-filepro --enable-ftp \
--with-mime-magic --enable-sockets \
--enable-sysvsem --enable-sysvshm \
--enable-sysvipc --with-iconv \
--enable-shmop --enable-dio \
--enable-inline-optimization \
--enable-track-vars --enable-trans-sid \
--enable-versioning --with-config-file-path=/etc/php/cli-php5 \
--with-tiff-lib --enable-mime-magic \
--enable-sysvmsg --with-gmp \
--enable-soap --with-xsl \
--with-pic --x-includes=/usr/X11/include/X11 \
--x-libraries=/usr/X11/lib \
--with-mysqli=/usr/local/mysql/bin/mysql_config \
--without-mysql \
--enable-shared --enable-static \
&& make -j 8


Reproduce code:
---------------
<?php

$link = mysqli_connect("localhost", "root", "password","test_db",3306,"/path/to/mysqld.sock") or die(mysqli_error($conn));

mysqli_select_db($link, "test_db") or die(mysqli_error());

// this one will execute cleanly
$result = mysqli_query($link, "SELECT * FROM tabella") or die(mysqli_error());
while ($row = mysqli_fetch_array($result)) {
        print_r($row);
}
mysqli_free_result($result);


// this one will SEGFAULT php
$result = mysqli_query($link, "SELECT * FROM tabella") or die(mysqli_error());
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
        print_r($row);
}
mysqli_free_result($result);

?>


Expected result:
----------------
query executed cleanly

Actual result:
--------------
50% ok ;)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-07-17 21:16 UTC] steve at rueb dot com

I am seeing the same behavior with mysqli_fetch_assoc() on i386.

MySQL 4.1.3beta
PHP 5.0.0 final

--with-mysqli --with-zlib --with-dom --with-gdbm

[2004-07-18 00:55 UTC] steve at rueb dot com

This seems to be fixed in CVS.

[2004-07-18 07:14 UTC] georg@php.net

changing status to closed

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 13:01:29 2024 UTC