PHP :: Bug #60715 :: Segfault

Bug #60715

Segfault

Submitted:

2012-01-11 15:44 UTC

Modified:

2012-01-28 00:44 UTC

Votes:	8
Avg. Score:	4.6 ± 0.7
Reproduced:	8 of 8 (100.0%)
Same Version:	8 (100.0%)
Same OS:	5 (62.5%)

From:

martin at martins-creations dot co dot uk

Assigned:

Status:

Not a bug

Package:

Reproducible crash

PHP Version:

5.4.0RC5

OS:

Debian

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	martin at martins-creations dot co dot uk
New email:
PHP Version:		OS:

New Comment:

[2012-01-11 15:44 UTC] martin at martins-creations dot co dot uk

Description:
------------
I can fix this segfault by either removing the ATTR_PERSISTENT option, or by 
assigning parent::prepare to a local variable (i.e. $stmt = 
parent::prepare('...'))

Also worth nothing I had to compile PHP as shared due to a bug when trying to 
compile the extension with mysqlnd which is filed in a separate report.

Linux localdev 3.1.0-1-amd64 #1 SMP Fri Dec 23 16:37:11 UTC 2011 x86_64 GNU/Linux

$ php -v
PHP 5.4.0RC5 (cli) (built: Jan 10 2012 19:42:22) 
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies

$ phpize -v
Configuring for:
PHP Api Version:         20100412
Zend Module Api No:      20100525
Zend Extension Api No:   220100525

$ cat /etc/issue
Debian GNU/Linux wheezy/sid \n \l

$ mysql --version
mysql  Ver 14.14 Distrib 5.1.58, for debian-linux-gnu (x86_64) using readline 6.2



Test script:
---------------
<?php

class BuggedPDO extends PDO {

  protected $stmt = null;

  public function __construct() {
    $options = array(
      \PDO::ATTR_PERSISTENT => true, 
      \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION,
    );

    try {
      parent::__construct('mysql:dbname=testdb;host=localhost', 'testuser', 'testpass', $options);
      $this->stmt = parent::prepare('select * from table');
    } catch (\Exception $ex) {
      var_dump($ex);
    }
  }
}

$test = new BuggedPDO();

Expected result:
----------------
A proper resource in $this->stmt

Actual result:
--------------
Jan 11 10:26:00 kernel: [  956.330577] php-fpm[2255]: segfault at 0 ip 
0000000000729beb sp 00007fffad56c8e0 error 4 in php-fpm[400000+76d000]

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-01-11 15:57 UTC] pajoye@php.net

-Package: Reproducible crash +Package: MySQL related

[2012-01-11 16:04 UTC] martin at martins-creations dot co dot uk

I meant I had to compile pdo-mysql as shared


./configure --with-pdo-mysql=shared --enable-fpm --enable-inline-optimization

[2012-01-13 17:37 UTC] martin at martins-creations dot co dot uk

-Package: MySQL related +Package: Reproducible crash

[2012-01-13 17:37 UTC] martin at martins-creations dot co dot uk

Incorrectly diagnosed as a MySQL fault with no comment, so I changed it back.

[2012-01-19 22:18 UTC] martin at martins-creations dot co dot uk

Program received signal SIGSEGV, Segmentation fault.
0x000000000072893b in zend_std_write_property (object=0x7ffff7fd6070, 
member=0x7ffff7fda308, value=0x7ffff7fd7cf8, key=<optimized out>)
    at /usr/local/src/php-5.4.0RC5/Zend/zend_object_handlers.c:526
526                ((variable_ptr = (zval**)zobj->properties_table[property_info-
>offset]) != NULL) :
(gdb) bt
#0  0x000000000072893b in zend_std_write_property (object=0x7ffff7fd6070, 
member=0x7ffff7fda308, value=0x7ffff7fd7cf8, key=<optimized out>)
    at /usr/local/src/php-5.4.0RC5/Zend/zend_object_handlers.c:526
#1  0x0000000000775f07 in zend_assign_to_object (retval=0x0, object_ptr=0xe257c0, 
property_name=0x7ffff7fda308, value_type=4, value_op=<optimized out>, Ts=
<optimized out>, 
    opcode=136, key=0x7ffff7fda308) at /usr/local/src/php-
5.4.0RC5/Zend/zend_execute.c:738
#2  0x0000000000776934 in ZEND_ASSIGN_OBJ_SPEC_UNUSED_CONST_HANDLER 
(execute_data=0x7ffff7fa41c0) at /usr/local/src/php-
5.4.0RC5/Zend/zend_vm_execute.h:22003
#3  0x00000000007642df in execute (op_array=0x7ffff7fd8d60) at 
/usr/local/src/php-5.4.0RC5/Zend/zend_vm_execute.h:410
#4  0x0000000000704db9 in zend_execute_scripts (type=8, retval=0x0, file_count=3) 
at /usr/local/src/php-5.4.0RC5/Zend/zend.c:1272
#5  0x00000000006a557c in php_execute_script (primary_file=0x7fffffffe890) at 
/usr/local/src/php-5.4.0RC5/main/main.c:2476
#6  0x00000000007ac401 in do_cli (argc=2, argv=0x7fffffffec68) at 
/usr/local/src/php-5.4.0RC5/sapi/cli/php_cli.c:983
#7  0x000000000042ed5c in main (argc=2, argv=0x7fffffffec68) at 
/usr/local/src/php-5.4.0RC5/sapi/cli/php_cli.c:1356

[2012-01-28 00:44 UTC] rasmus@php.net

I am not able to reproduce this. Your test script works fine from php cli for me. 
but I also don't have any issues compiling on my Debian box, so I am not sure 
what you are doing wrong. I think you need to take a few steps back and try again 
with a fresh checkout.

[2012-01-28 00:44 UTC] rasmus@php.net

-Status: Open +Status: Not a bug

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jul 16 16:01:34 2025 UTC