|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34953 Segfault when doing weird MySQL query
Submitted: 2005-10-22 03:01 UTC Modified: 2005-10-23 17:22 UTC
From: juraj dot nospam at bednar dot sk Assigned:
Status: Not a bug Package: MySQL related
PHP Version: 5CVS-2005-10-22 (snap) OS: Debian Sarge
Private report: No CVE-ID: None
 [2005-10-22 03:01 UTC] juraj dot nospam at bednar dot sk
When doing an SQL query (which had errors), I get segfault 
with apache 2.0.55 prefork, mysql 5.0.5 from debian testing 
(ldd shows it's linked with correct library) using legacy code 
(old version of drupal). While legacy code does not have to 
work, segfault when running it is not expected

Reproduce code:
INSERT INTO watchdog (uid, type, message, location, hostname, timestamp) VALUES (\'\', \'error\', \'warning: array_merge() [<a href=\\\'function.array-merge\\\'>function.array-merge</a>]: Argument #1 is not an array in /home/juraj/www/includes/ on line 710.\', \'?\', \'\', \'1129942132\')

causes php child to segfault

Expected result:
i did not expect it to actually execute, but the segfault is 
wrong behaviour.

Actual result:
This is a part of strace, which shows the problem. 28 is 
mysql socket.

Another queries work well.

[pid  3442] time(NULL)                  = 1129942132
[pid  3442] fcntl64(28, F_SETFL, O_RDWR|O_NONBLOCK) = 0
[pid  3442] read(28, 0x83b47c8, 8192)   = -1 EAGAIN 
(Resource temporarily unavailable)
[pid  3442] fcntl64(28, F_SETFL, O_RDWR) = 0
[pid  3442] write(28, ":\1\0\0\3INSERT INTO watchdog (uid, 
type, message, location, hostname, timestamp) VALUES (\'\', 
\'error\', \'warning: array_merge() [<a href=\\
Argument #1 is not an array in /home/juraj/www/includes/ on line 710.\', \'?\', \'\', 
\'1129942132\')", 318) = 318
[pid  3442] read(28, "\7\0\0\1\0\1\33\2\0\1\0", 16384) = 11
[pid  3442] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
[pid  3442] chdir("/usr/local/apache2") = 0
[pid  3442] rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 
[pid  3442] getpid()                    = 3442
[pid  3442] getpid()                    = 3442
[pid  3442] kill(3442, SIGSEGV)         = 0
[pid  3442] sigreturn()                 = ? (mask now 
[pid  3442] --- SIGSEGV (Segmentation fault) @ 0 (0) ---


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-22 11:48 UTC]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc.

If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.

 [2005-10-23 17:20 UTC] juraj dot nospam at bednar dot sk
related to Zend Optimizer, please close.
 [2005-10-23 17:22 UTC]
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

related to Zend Optimizer
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Wed Mar 29 20:03:46 2023 UTC