ID: 49098
Updated by: t...@php.net
Reported By: bugs at timj dot co dot uk
Status: Open
Bug Type: Session related
Operating System: Linux
PHP Version: 5.2.10
New Comment:
Stepping through the code though, that patch wouldn't have made any
difference. On the final incantation of php_mysqli_set_error before
crash, estrdup() still gets called:
Breakpoint 1, php_mysqli_set_error (mysql_errno=0, mysql_err=0x10325a7
"") at /path/to/php5.3-200911111930/ext/mysqli/mysqli_nonapi.c:44
44 {
(gdb) step
45 MyG(error_no) = mysql_errno;
(gdb) step
44 {
(gdb) step
45 MyG(error_no) = mysql_errno;
(gdb) step
46 if (MyG(error_msg)) {
(gdb) step
47 efree(MyG(error_msg));
(gdb) next
49 if(mysql_err) {
(gdb) step
50 MyG(error_msg) = estrdup(mysql_err);
Previous Comments:
------------------------------------------------------------------------
[2009-11-11 23:48:50] t...@php.net
Nope, still the same result. (back on the 5.3 snapshot now)
------------------------------------------------------------------------
[2009-11-11 23:38:53] ras...@php.net
Could you try this patch and see if it changes anything?
Index: mysqli_nonapi.c
===================================================================
--- mysqli_nonapi.c (revision 290565)
+++ mysqli_nonapi.c (working copy)
@@ -46,7 +46,11 @@
if (MyG(error_msg)) {
efree(MyG(error_msg));
}
- MyG(error_msg) = estrdup(mysql_err);
+ if(mysql_err) {
+ MyG(error_msg) = estrdup(mysql_err);
+ } else {
+ MyG(error_msg) = NULL;
+ }
}
/* }}} */
------------------------------------------------------------------------
[2009-11-11 23:38:36] t...@php.net
To be more specific, php_mysqli_set_error gets called twice before
crashing with the same params:
Starting program: /usr/local/bin/php -c /usr/local/etc
php-bug49098.php
[Thread debugging using libthread_db enabled]
Breakpoint 1, php_mysqli_set_error (mysql_errno=0, mysql_err=0xbd1f77
"")
at /path/to/php5.2-200911070930/ext/mysqli/mysqli.c:1001
1001 {
(gdb) c
Continuing.
ok <-- *** this is program output to stdout, everything is OK here
Breakpoint 1, php_mysqli_set_error (mysql_errno=0, mysql_err=0xbd1f77
"")
at /path/to/php5.2-200911070930/ext/mysqli/mysqli.c:1001
1001 {
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
_zend_mm_alloc_int (heap=0x9e02b0, size=12)
at /path/to/php5.2-200911070930/Zend/zend_alloc.c:1785
1785 heap->cache[index] = best_fit->prev_free_block;
------------------------------------------------------------------------
[2009-11-11 23:30:33] t...@php.net
Breakpoint 1, php_mysqli_set_error (mysql_errno=0, mysql_err=0xbd1f77
"")
at /path/to/php5.2-200911070930/ext/mysqli/mysqli.c:1001
------------------------------------------------------------------------
[2009-11-11 23:14:25] ras...@php.net
Could you set a gdb breakpoint on the php_mysqli_set_error call and
show the arguments passed to it?
I still don't see anything in the code around that part that would
cause this though. It feels like something else is stepping on global
memory here, but it is too consistent to be random memory corruption.
Would be nice if someone else could reproduce it.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/49098
--
Edit this bug report at http://bugs.php.net/?id=49098&edit=1
