PHP :: Bug #62826 :: mysqli_debug() failing due to mysqlnd trace

Bug #62826	mysqli_debug() failing due to mysqlnd trace_alloc being NULL
Submitted:	2012-08-15 12:29 UTC	Modified:	2013-08-03 14:56 UTC
From:	nikic@php.net	Assigned:	nikic (profile)
Status:	Closed	Package:	MySQLi related
PHP Version:	master-Git-2012-08-15 (Git)	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	nikic@php.net
New email:
PHP Version:		OS:

New Comment:

[2012-08-15 12:29 UTC] nikic@php.net

Description:
------------
The following tests for mysqli_debug() are failing:

mysqli_debug() [ext/mysqli/tests/mysqli_debug.phpt]
mysqli_debug() - append to trace file [ext/mysqli/tests/mysqli_debug_append.phpt]
mysqli_debug() - all control string options supported by both mysqlnd and libmysql except oOaA [ext/mysqli/tests/mysqli_debug_mysqlnd_control_string.phpt]
mysqli_debug() - mysqlnd only control strings [ext/mysqli/tests/mysqli_debug_mysqlnd_only.phpt]

The relevant valgrind output is:

$ USE_ZEND_ALLOC=0 valgrind sapi/cli/php ext/mysqli/tests/mysqli_debug_mysqlnd_only.php

==9350== Invalid read of size 4
==9350==    at 0x854A171: _mysqlnd_pecalloc (mysqlnd_alloc.c:199)
==9350==    by 0x856A0AD: php_mysqlnd_protocol_get_command_packet_pub (mysqlnd_wireprotocol.c:2261)
==9350==    by 0x8533C37: php_mysqlnd_conn_data_simple_command_send_request_pub (mysqlnd.c:337)
==9350==    by 0x85345FB: php_mysqlnd_conn_data_simple_command_pub (mysqlnd.c:376)
==9350==    by 0x853D0B2: php_mysqlnd_conn_data_send_query_pub (mysqlnd.c:1180)
==9350==    by 0x853CA98: php_mysqlnd_conn_data_query_pub (mysqlnd.c:1155)
==9350==    by 0x8317F17: zif_mysqli_query (mysqli_nonapi.c:598)
==9350==    by 0x869697E: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==9350==    by 0x869E5DE: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2298)
==9350==    by 0x8694C2B: execute (zend_vm_execute.h:411)
==9350==    by 0x86591B6: zend_execute_scripts (zend.c:1286)
==9350==    by 0x85BBD37: php_execute_script (main.c:2459)
==9350==  Address 0x88 is not stack'd, malloc'd or (recently) free'd
==9350== 
==9350== 
==9350== Process terminating with default action of signal 11 (SIGSEGV)
==9350==  Access not within mapped region at address 0x88
==9350==    at 0x854A171: _mysqlnd_pecalloc (mysqlnd_alloc.c:199)
==9350==    by 0x856A0AD: php_mysqlnd_protocol_get_command_packet_pub (mysqlnd_wireprotocol.c:2261)
==9350==    by 0x8533C37: php_mysqlnd_conn_data_simple_command_send_request_pub (mysqlnd.c:337)
==9350==    by 0x85345FB: php_mysqlnd_conn_data_simple_command_pub (mysqlnd.c:376)
==9350==    by 0x853D0B2: php_mysqlnd_conn_data_send_query_pub (mysqlnd.c:1180)
==9350==    by 0x853CA98: php_mysqlnd_conn_data_query_pub (mysqlnd.c:1155)
==9350==    by 0x8317F17: zif_mysqli_query (mysqli_nonapi.c:598)
==9350==    by 0x869697E: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:643)
==9350==    by 0x869E5DE: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2298)
==9350==    by 0x8694C2B: execute (zend_vm_execute.h:411)
==9350==    by 0x86591B6: zend_execute_scripts (zend.c:1286)
==9350==    by 0x85BBD37: php_execute_script (main.c:2459)

The issue seems to be that the trace_alloc mysqlnd global is NULL, so the dereference segfaults.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-08-03 14:56 UTC] nikic@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: nikic

[2013-08-03 14:56 UTC] nikic@php.net

I think this issue was already solved in the meantime :)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat May 03 15:01:28 2025 UTC