Edit report at https://bugs.php.net/bug.php?id=61411&edit=1
ID: 61411
Updated by: u...@php.net
Reported by: julien at palard dot fr
Summary: PDO Segfaults with PERSISTENT == TRUE &&
EMULATE_PREPARES == FALSE
-Status: Open
+Status: Closed
Type: Bug
Package: PDO related
Operating System: Linux 2.6.32-5-amd64
PHP Version: 5.4.0
-Assigned To:
+Assigned To: uw
Block user comment: N
Private report: N
New Comment:
This bug has been fixed in SVN.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
For Windows:
http://windows.php.net/snapshots/
Thank you for the report, and for helping us make PHP better.
http://news.php.net/php.cvs/68917
Previous Comments:
------------------------------------------------------------------------
[2012-05-02 09:14:42] u...@php.net
Andrey,
do you think we should mnd_p*alloc(.., .., stmt->persistent) here?
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/ext/mysqlnd/mysqlnd_ps.c?annotate=321634
1624 if (!stmt->result_bind) {
1625 andrey 289028 stmt->result_bind = mnd_ecalloc(stmt->field_count,
sizeof(MYSQLND_RESULT_BIND));
1626 andrey 258383 } else {
1627 andrey 289028 stmt->result_bind = mnd_erealloc(stmt->result_bind,
stmt->field_count * sizeof(MYSQLND_RESULT_BIND));
1628 andrey 258383 }
------------------------------------------------------------------------
[2012-03-16 09:16:27] julien at palard dot fr
Description:
------------
PDO Segfaults or hangs when a statement is executed with both ATTR_PERSISTENT
=>
TRUE and ATTR_EMULATE_PREPARES => FALSE
The exact bug is actually :
*** glibc detected *** /usr/local/php-5.4.0/bin/php: free(): invalid pointer:
0x00007ff976ee84c8 ***
But from my tests yesterday I have seen a segfault and a double free, that I
can't reproduce today, only the invalid pointer.
Playing with PERSISTENT and EMULATE_PREPARE with the given test script give :
| ATTR_PERSISENT | ATTR_EMULATE_PREPARES | WORKS |
| FALSE | FALSE | YES |
| FALSE | TRUE | YES |
| TRUE | FALSE | free() invalid pointer |
| TRUE | TRUE | YES |
Configure command :
./configure' '--enable-fpm' '--prefix=/usr/local/php-5.4.0'
'--enable-mbstring'
'--enable-gd-native-ttf' '--enable-zip' '--with-mcrypt' '--with-openssl' '--
with-gd' '--with-jpeg-dir=/usr/lib' '--with-freetype-dir' '--with-curl' '--with-
pcre-regex' '--with-gettext' '--without-sqlite' '--without-sqlite3' '--with-pdo-
mysql=mysqlnd' '--disable-rpath' '--disable-debug' '--disable-fileinfo' '--
without-pdo-sqlite' '--disable-phar' '--disable-posix' '--disable-tokenizer' '--
disable-xmlreader' '--disable-xmlwriter' '--without-pear'
Same bug reproduced in php 5.3.8 and php 5.3.10
Test script:
---------------
<?php
$options = array(PDO::ATTR_PERSISTENT => TRUE,
PDO::ATTR_EMULATE_PREPARES => FALSE);
$pdo = new PDO('mysql:host=sql;dbname=??;charset=utf8',
'??', '??', $options);
$statement = $pdo->prepare("SELECT count(*) from a_table");
$statement->execute();
foreach ($statement as $line)
var_dump($line);
Expected result:
----------------
I expect PHP not to segfault
Actual result:
--------------
*** glibc detected *** /usr/local/php-5.4.0/bin/php: free(): invalid pointer:
0x00007ff976ee84c8 ***
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=61411&edit=1
