#33201 [Fbk->Opn]: segfault in _emalloc called from php_mssql_get_column_content_with_type

skissane at iips dot mq dot edu dot au Tue, 31 May 2005 20:05:35 -0700

 ID:               33201
 User updated by:  skissane at iips dot mq dot edu dot au
 Reported By:      skissane at iips dot mq dot edu dot au
-Status:           Feedback
+Status:           Open
 Bug Type:         MSSQL related
 Operating System: Linux
 PHP Version:      5.0.4
 New Comment:


I have tried with latest snapshot.

When PHP is complied with --enable-debug, it works fine, although it
complains with messages like the following:

---------------------------------------
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/ext/mssql/php_mssql.c(193)
: Block 0x08304430 status:
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/Zend/zend_variables.c(45)
: Actual location (location was relayed)
Beginning:      OK (allocated on
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/ext/mssql/php_mssql.c:881,
19 bytes)
      End:      Overflown (magic=0x2A8FCC00 instead of 0x2A8FCC84)
                1 byte(s) overflown


However, when PHP is not compiled with --enable-debug, I get a SEGV
again, with the following backtrace:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 31750)]
0x40283bef in _int_malloc () from /lib/i686/libc.so.6
(gdb) bt
#0  0x40283bef in _int_malloc () from /lib/i686/libc.so.6
#1  0x402852ac in malloc () from /lib/i686/libc.so.6
#2  0x0814fe48 in _emalloc (size=1077090752) at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/Zend/zend_alloc.c:182
#3  0x08085e76 in php_mssql_get_column_content_with_type
(mssql_ptr=0x8274cc4, offset=1077090752, result=0x82876dc,
column_type=1077088260)
    at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/ext/mssql/php_mssql.c:881
#4  0x08086707 in _mssql_fetch_batch (mssql_ptr=0x8274cc4,
result=0x826fa7c, retvalue=-1)
    at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/ext/mssql/php_mssql.c:1108
#5  0x08086b86 in zif_mssql_query (ht=33, return_value=0x8274f34,
this_ptr=0x0, return_value_used=1)
    at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/ext/mssql/php_mssql.c:1229
#6  0x0817daae in zend_do_fcall_common_helper (execute_data=0xbfffd4b0,
opline=0x8273e60, op_array=0x826f9ec)
    at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/Zend/zend_execute.c:2747
#7  0x0817b036 in execute (op_array=0x826f9ec) at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/Zend/zend_execute.c:1417
#8  0x08160c1b in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/Zend/zend.c:1084
#9  0x08133a2b in php_execute_script (primary_file=0xbffff870) at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/main/main.c:1646
#10 0x081844d8 in main (argc=2, argv=0xbffff8f4) at
/mnt/golum-c/LinuxOverflow/php5-STABLE-200506010035/sapi/cli/php_cli.c:946
#11 0x40236912 in __libc_start_main () from /lib/i686/libc.so.6


Previous Comments:
------------------------------------------------------------------------

[2005-05-31 14:17:28] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php5-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.0-win32-latest.zip



------------------------------------------------------------------------

[2005-05-31 13:53:08] skissane at iips dot mq dot edu dot au

Description:
------------
Segmentation fault.



Reproduce code:
---------------
<?
$q = mssql_connect("<server>","<username>","<password>");
$i = mssql_query("SELECT * FROM MSSQLTrace_99",$q);
while (mssql_fetch_row($i) !== FALSE);

Where the  MSSQLTrace_99 table is created by the following MSSQL script
(a bit too big for a bug database):
http://www.iips.mq.edu.au/php_mssql_bug.txt

Expected result:
----------------
No output.

Actual result:
--------------
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 29878)]
0x40440bef in _int_malloc () from /lib/i686/libc.so.6
(gdb) bt
#0  0x40440bef in _int_malloc () from /lib/i686/libc.so.6
#1  0x404422ac in malloc () from /lib/i686/libc.so.6
#2  0x0815ac58 in _emalloc (size=1078913472) at
/home/skissane/php-5.0.4/Zend/zend_alloc.c:182
#3  0x0809151e in php_mssql_get_column_content_with_type
(mssql_ptr=0x827079c, offset=1078913472, result=0x828319c,
column_type=1078910980)
    at /home/skissane/php-5.0.4/ext/mssql/php_mssql.c:877
#4  0x08091daf in _mssql_fetch_batch (mssql_ptr=0x827079c,
result=0x826b5cc, retvalue=-1) at
/home/skissane/php-5.0.4/ext/mssql/php_mssql.c:1104
#5  0x0809222e in zif_mssql_query (ht=33, return_value=0x8270a54,
this_ptr=0x0, return_value_used=1) at
/home/skissane/php-5.0.4/ext/mssql/php_mssql.c:1225
#6  0x081882ce in zend_do_fcall_common_helper (execute_data=0xbfffd510,
opline=0x826f980, op_array=0x826b53c)
    at /home/skissane/php-5.0.4/Zend/zend_execute.c:2727
#7  0x081858ca in execute (op_array=0x826b53c) at
/home/skissane/php-5.0.4/Zend/zend_execute.c:1406
#8  0x0816b79f in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /home/skissane/php-5.0.4/Zend/zend.c:1069
#9  0x0813eb73 in php_execute_script (primary_file=0xbffff8d0) at
/home/skissane/php-5.0.4/main/main.c:1632
#10 0x0818ebe8 in main (argc=2, argv=0xbffff954) at
/home/skissane/php-5.0.4/sapi/cli/php_cli.c:946
#11 0x403f3912 in __libc_start_main () from /lib/i686/libc.so.6


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=33201&edit=1

#33201 [Fbk->Opn]: segfault in _emalloc called from php_mssql_get_column_content_with_type

Reply via email to