From: selecter at gmail dot com
Operating system: Linux Gentoo 2006.0
PHP version: 5.1.5
PHP Bug Type: Reproducible crash
Bug description: vardump($einfo = $pdo->errorInfo()) causes php to crash
Description:
------------
By method of trial and error I've found the lines of code which cause php
process to crash.
It seems that PDO object's method returns kind of corrupted variable. It
might be related to memory issue.
I tryed to run apache2 -X inside gdb, but after that my php files weren't
processed by php so I could see only the code...
Reproduce code:
---------------
It's hard to paste here some lines that can cause crashing... I'll show
some:
public function save($username, $prefs){
$st = $this->db->prepare("UPDATE preferences SET show_email=?,
show_smiles=?, timezone_offset=?, messages_on_page=? WHERE uid=?");
$st->bindParam(1, $prefs['show_email'], PDO::PARAM_BOOL);
$st->bindParam(2, $prefs['show_smiles'], PDO::PARAM_BOOL);
$st->bindParam(3, $prefs['timezone_offset'], PDO::PARAM_INT);
$st->bindParam(4, $prefs['messages_on_page'], PDO::PARAM_INT);
$st->bindParam(5, Users::getUserId($this->db, $username),
PDO::PARAM_INT);
if(($num=$st->execute()) === FALSE){
SQL::errorHandler($this->db);
}else{
$this->session->cacheUserPrefs($prefs);
}
}
So... SQL::errorHandler($this->db); passes pdo object to another method:
public static function errorHandler($ptr){
$einfo = $ptr->errorInfo();
$einfo = $ptr->errorCode.': '.$einfo[2];
?><pre><?php
debug_print_backtrace();
?></pre><?php
vardump($einfo); //This causes a crash
trigger_error($einfo, E_USER_ERROR); //And this as well if we
comment the upper line
}
Actual result:
--------------
[Sun Aug 20 17:15:48 2006] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec2)
[Sun Aug 20 17:15:49 2006] [notice] Digest: generating secret for digest
authentication ...
[Sun Aug 20 17:15:49 2006] [notice] Digest: done
PHP Warning: PHP Startup: zip: Unable to initialize module\nModule
compiled with module API=20050922, debug=0, thread-safety=0\nPHP
compiled with module API=20050922, debug=1, thread-safety=0\nThese options
need to match\n in Unknown on line 0
[Sun Aug 20 17:15:49 2006] [warn] pid file /var/run/apache2.pid
overwritten -- Unclean shutdown of previous Apache run?
[Sun Aug 20 17:15:49 2006] [notice] Apache configured -- resuming normal
operations
[Sun Aug 20 17:16:07 2006] [notice] child pid 24211 exit signal
Segmentation fault (11)
[Sun Aug 20 17:16:08 2006] [notice] child pid 24212 exit signal
Segmentation fault (11)
--
Edit bug report at http://bugs.php.net/?id=38520&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=38520&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=38520&r=trysnapshot52
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=38520&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=38520&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=38520&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=38520&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=38520&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=38520&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=38520&r=support
Expected behavior: http://bugs.php.net/fix.php?id=38520&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=38520&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=38520&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=38520&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=38520&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=38520&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=38520&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=38520&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=38520&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=38520&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=38520&r=mysqlcfg
