php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #49009 Segmentation fault during mysql_fetch_assoc
Submitted: 2009-07-21 20:42 UTC Modified: 2009-07-31 01:00 UTC
From: vanessa at mobezeinc dot com Assigned:
Status: No Feedback Package: MySQL related
PHP Version: 5.2.10 OS: CentOS 5.3
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: vanessa at mobezeinc dot com
New email:
PHP Version: OS:

 

 [2009-07-21 20:42 UTC] vanessa at mobezeinc dot com 
Description:
------------
During mysql fetch the php script dies and segmentation fault appears in the appache logs.  The code will pull a few rows from the db and after ~10 rows the fault occurs. It happens on both apache 2.2.3 and apache 1.3. 

Reproduce code:
---------------
i've replaced actual values with place holders in some cases.
OBCReadDBConn is a wrapper class for mysql functions

$readConn = OBCReadDBConn::init();

$query = " select * from TABLENANE order by `table`, `column`, `sort_order`, `desc`, `value` ";

$result = $readConn->query($query);
$tableDetails = array();

if ($result) {
	while ($row = $result->getNextRow() ) {
            do something with the row
        }
}


[0xbf848e00] mysql_fetch_assoc() /var/homehtml/html/classes/database/DBResult.php:27
[0xbf84a0d0] getNextRow() /var/homehtml/html/classes/utility/Lookup.php:54
[0xbf84aae0] initLookup() /var/homehtml/html/classes/utility/Lookup.php:159
[0xbf84ac90] getArray() /var/homehtml/html/classes/utility/Lookup.php:244
[0xbf84ae00] getDesc() /var/homehtml/html/classes/utility/Lookup.php:287
[0xbf84d3d0] getLookupDesc() /var/homehtml/html/classes/utility/login_engine.php:717
[0xbf84d5a0] process_login() /var/homehtml/html/login.php:26


Expected result:
----------------
db row array
table description

"table"	"varchar(25)"	"NO"	"PRI"	""	""
"column"	"varchar(40)"	"NO"	"PRI"	""	""
"value"	"int(2)"	"NO"	"PRI"	""	""
"desc"	"varchar(100)"	"NO"	""	""	""
"misc"	"text"	"YES"	""	\N	""
"sort_order"	"smallint(2)"	"NO"	""	""	""

Actual result:
--------------
Last lines of xdebug out put

    0.1267    2330092     +316               -> DBResult->getNextRow() /home/www/html/classes/utility/Lookup.php:54
    0.1268    2330116      +24                 -> mysql_fetch_assoc(resource(44) of type (mysql result)) /home/www/html/classes/database/DBResult.php:27


gdb on apache core dump (xdebug not running during this core dump)
Core was generated by `/usr/sbin/httpd -k restart'.
Program terminated with signal 11, Segmentation fault.
[New process 15922]
#0  _zend_mm_alloc_int (heap=0x93dc798, size=16)
at /var/php-5.2.10/Zend/zend_alloc.c:1785
1785                            heap->cache[index] = best_fit->prev_free_block;



(gdb) bt full
#0  _zend_mm_alloc_int (heap=0x93dc798, size=16)
at /var/php-5.2.10/Zend/zend_alloc.c:1785
       index = 2
       bitmap = <value optimized out>
       best_fit = <value optimized out>
       true_size = 24
       block_size = <value optimized out>
       remaining_size = <value optimized out>
       segment_size = <value optimized out>
       segment = <value optimized out>
       keep_rest = <value optimized out>
#1  0x0124928f in php_mysql_fetch_hash (ht=<value optimized out>,
return_value=0x967e4f0, return_value_ptr=<value optimized out>,
this_ptr=0x0,
   return_value_used=1, result_type=1, expected_args=1, into_object=0)
at /var/php-5.2.10/ext/mysql/php_mysql.c:1964
       result = (zval **) 0x93e5404
       arg2 = (zval **) 0xb5d50ccc
       mysql_row = (MYSQL_ROW) 0x960e1b8
       mysql_field = (MYSQL_FIELD *) 0x960be08
       mysql_row_lengths = (long unsigned int *) 0x94c5784
       i = 1
       res = (zval *) 0x3f2ab784
       ctor_params = (zval *) 0x0
       ce = (zend_class_entry *) 0x0
#2  0x013f2bc8 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbf848e00) at /var/php-5.2.10/Zend/zend_vm_execute.h:200
       return_reference = 0 '\0'
       opline = (zend_op *) 0x9611ef8
       original_return_value = <value optimized out>
       current_scope = (zend_class_entry *) 0x0
       current_this = (zval *) 0x0
       should_change_scope = 0 '\0'

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-07-21 22:10 UTC] jani@php.net 
Did this crash using PHP 5.2.9 ?
 [2009-07-21 23:07 UTC] vanessa at mobezeinc dot com 
PHP Version 5.2.10

System 	Linux #1 SMP Tue Jul 14 07:15:01 EDT 2009 i686
Build Date 	Jul 20 2009 16:23:35
Configure Command 	'./configure' '--prefix=/usr/share' '--datadir=/usr/share/php' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--sysconfdir=/etc' '--disable-debug' '--with-config-file-path=/etc' '--with-exec-dir=/usr/lib/php/bin' '--with-mysql=/usr' '--enable-bcmath' '--enable-calendar' '--enable-ctype' '--enable-dbase' '--enable-discard-path' '--enable-exif' '--enable-ftp' '--enable-force-cgi-redirect' '--enable-shmop' '--enable-gd-native-ttf' '--enable-mbstring' '--enable-inline-optimization' '--with-bz2' '--enable-magic-quotes' '--enable-mbregex' '--enable-safe-mode' '--enable-sigchild' '--enable-sysvsem' '--with-gd=/usr' '--enable-sysvshm' '--enable-wddx' '--with-gettext' '--with-zlib' '--with-openssl' '--with-mm' '--with-curl=/usr' '--with-imap-ssl' '--with-iconv' '--with-apxs2=/usr/sbin/apxs' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-t1lib=/usr' '--with-ttf' '--with-pdo-mysql=/usr' '--with-gdbm' '--with-mcrypt=/usr' '--with-mhash=/usr')
 [2009-07-21 23:17 UTC] jani@php.net 
Let's try again: Did this same script crash with earlier PHP versions?
 [2009-07-21 23:42 UTC] vanessa at mobezeinc dot com 
sorry, missunderstood, it happend on 5.2.4 ( the previous version we were working with))
 [2009-07-22 20:12 UTC] jani@php.net 
What is the mysql version you've compiled PHP with? (check from 
phpinfo() output!)
 [2009-07-22 20:15 UTC] vanessa at mobezeinc dot com 
mysql
MySQL Support	enabled
Client API version 	5.0.45
MYSQL_MODULE_TYPE 	external
MYSQL_SOCKET 	/var/lib/mysql/mysql.sock
MYSQL_INCLUDE 	-I/usr/include/mysql
MYSQL_LIBS 	-L/usr/lib -lmysqlclient)
 [2009-07-22 20:21 UTC] jani@php.net 
I have same, and no crashes whatsoever. Now you need to come up with 
proper reproducing script and DB layout for us to test with. The script 
must be 10-20 lines at most without any external files required. DB 
schema as simple as possible as well.
 [2009-07-23 00:17 UTC] vanessa at mobezeinc dot com 
i'm working through the legacy code that's causing this.  I found that if I comment out the following line of code the script runs:

$_SESSION['SESSION'][$name]=$value

where $value=null and $name='BP:SignupProcess_serialized_process'

which makes me think the mysql part isn't the issue and SESSION is.  I'm working on a script to reproduce the error but I'm having difficulty.)
 [2009-07-31 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 18 23:01:27 2024 UTC