|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2007-07-23 12:12 UTC] jani@php.net
[2007-07-23 16:57 UTC] barry dot verdon at complinet dot com
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri May 09 19:01:28 2025 UTC |
Description: ------------ When assigning instances of PDO objects within the scope of a function to an array with global scope or scope outside that function it causes a seg fault when accessing a member of the PDO object on the second run of the function. It can also be within a class with the array being a member of the class and the function being the method of the class. It only happens when the persistent flag is set to true. On the second run of the function when the PDO instance is assigned to the array the symbol table seems to get corrupted, no seg fault occurs but object id's start getting recycled with new instances. Only when the member is accessed again after this corruption does a seg fault occur. Tested it on : 5.1.4 - CLI and Apache 2.0.54 - Windows XP SP2 5.2.0dev200605221830 - CLI - Windows XP SP2 5.0.5 - CLI - Debian 2.6.10 (Unstable) Reproduce code: --------------- <? global $instances; $instances = array(); function run() { global $instances; $dsn = 'mysql:host=localhost;port=3306;dbname=test;'; // Version 4.1.14, same with pgsql 8.1 $username = 'test.user'; $password = 'test'; $driverOptions = array(PDO::ATTR_PERSISTENT=>true); $instance = new PDO($dsn, $username, $password, $driverOptions); $instance->test = 'test'; $instances['test'] = $instance; // This is the line that causes the damage on the 2nd run var_dump($instance); $instance->test = 'test'; // This is the line that seg faults on 2nd run print_r('Test'); } run(); run(); ?> Expected result: ---------------- To see the var_dump of $instance with the member test with a value of 'test' in it and the print of 'Test' TWICE. Actual result: -------------- On second function call, var_dump of $instance no longer has the test member in it and 'Test' does not get printed out a second time. Starting program: /usr/local/bin/php test.php Test Program received signal SIGSEGV, Segmentation fault. 0x082065cd in zend_hash_quick_find (ht=0x0, arKey=0x84d469c "test", nKeyLength=5, h=275477765, pData=0xbfffcd74) at /share/php-5.0.5/Zend/zend_hash.c:879 879 p = ht->arBuckets[nIndex]; (gdb) backtrace #0 0x082065cd in zend_hash_quick_find (ht=0x0, arKey=0x84d469c "test", nKeyLength=5, h=275477765, pData=0xbfffcd74) at /share/php-5.0.5/Zend/zend_hash.c:879 #1 0x0821313d in zend_std_write_property (object=0x84d3e04, member=0x84d3a04, value=0x84d3d2c) at /share/php-5.0.5/Zend/zend_object_handlers.c:362 #2 0x0822b5eb in zend_assign_to_object (result=0x84d39d8, object_ptr=0x84d4250, op2=<value optimized out>, value_op=0x84d3a38, Ts=0xbfffce40, opcode=136) at /share/php-5.0.5/Zend/zend_execute.c:437 #3 0x0822b9a9 in zend_assign_obj_handler (execute_data=0xbfffd154, opline=0x84d39d4, op_array=0x84d3ba0) at /share/php-5.0.5/Zend/zend_execute.c:2239 #4 0x0821dd22 in execute (op_array=0x84d3ba0) at /share/php-5.0.5/Zend/zend_execute.c:1437 #5 0x0821fe45 in zend_do_fcall_common_helper (execute_data=0xbfffd304, opline=0x84d1dac, op_array=0x84cd9cc) at /share/php-5.0.5/Zend/zend_execute.c:2789 #6 0x0822e317 in zend_do_fcall_handler (execute_data=0xbfffd304, opline=0x84d1dac, op_array=0x84cd9cc) at /share/php-5.0.5/Zend/zend_execute.c:2894 #7 0x0821dd22 in execute (op_array=0x84cd9cc) at /share/php-5.0.5/Zend/zend_execute.c:1437 #8 0x08200253 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /share/php-5.0.5/Zend/zend.c:1064 #9 0x081cb1db in php_execute_script (primary_file=0xbffff6a0) at /share/php-5.0.5/main/main.c:1643 #10 0x08235efa in main (argc=2, argv=0xbffff774) at /share/php-5.0.5/sapi/cli/php_cli.c:946 #4 0x0821dd22 in execute (op_array=0x84d3ba0) at /share/php-5.0.5/Zend/zend_execute.c:1437 1437 if (EX(opline)->handler(&execute_data, EX(opline), op_array TSRMLS_CC)) {