This repository was archived by the owner on Aug 10, 2019. It is now read-only.
This repository was archived by the owner on Aug 10, 2019. It is now read-only.
php 5.6/mysqlnd segfault with stored procedures #145
Closed
Description
Debian Wheezy i686 (up to date as of 8/2016)
PHP 5.6.24-1~dotdeb+7.1 (cli) (built: Jul 22 2016 00:07:27)
php-cgi & php-cli
deb http://lug.mtu.edu/debian/ wheezy main
deb-src http://lug.mtu.edu/debian/ wheezy main
#deb http://debian.cse.msu.edu/debian/ wheezy main contrib non-free
#deb-src http://debian.cse.msu.edu/debian/ wheezy main contrib
deb http://security.debian.org/ wheezy/updates main contrib
deb-src http://security.debian.org/ wheezy/updates main contrib
# wheezy-updates, previously known as 'volatile'
deb http://lug.mtu.edu/debian/ wheezy-updates main
deb-src http://lug.mtu.edu/debian/ wheezy-updates main
# wheezy-updates, previously known as 'volatile'
#deb http://debian.cse.msu.edu/debian/ wheezy-updates main contrib
#deb-src http://debian.cse.msu.edu/debian/ wheezy-updates main contrib
# dotdeb
deb http://packages.dotdeb.org wheezy all
deb http://packages.dotdeb.org wheezy-php56 all
deb-src http://packages.dotdeb.org wheezy-php56 all
# deb-multimedia
deb http://www.deb-multimedia.org wheezy main non-free
/etc/apt/sources/list.d : nodesource.list
ii php-pear 5.6.24-1~dotdeb+7.1 all PEAR - PHP Extension and Application Repository
ii php5-cgi 5.6.24-1~dotdeb+7.1 i386 server-side, HTML-embedded scripting language (CGI binary)
ii php5-cli 5.6.24-1~dotdeb+7.1 i386 command-line interpreter for the php5 scripting language
ii php5-common 5.6.24-1~dotdeb+7.1 i386 Common files for packages built from the php5 source
ii php5-dbg 5.6.24-1~dotdeb+7.1 i386 Debug symbols for PHP5
ii php5-gd 5.6.24-1~dotdeb+7.1 i386 GD module for php5
ii php5-imagick 1:3.1.2-2~dotdeb+7.1 i386 Provides a wrapper to the ImageMagick library
ii php5-mysqlnd 5.6.24-1~dotdeb+7.1 i386 MySQL module for php5 (Native Driver)
ii php5-readline 5.6.24-1~dotdeb+7.1 i386 Readline module for php5
ii php5-sqlite 5.6.24-1~dotdeb+7.1 i386 SQLite module for php5
php seqfaults when fetching the result of prepared statement that invokes a stored procedure.
To reproduce:
db.sql:
drop database if exists test;
create database test;
use test;
create table test(foo int,bar varchar(36));
insert into test(foo,bar) values(1,"baz");
insert into test(foo,bar) values(2,"quux");
delimiter //
create procedure pppp(id int)
begin
declare result varchar(4) default 'fail';
declare message varchar(64) default 'hello, world';
declare datum varchar(36) default null;
declare cur cursor for select bar from test where id = id;
declare exit handler for 1329
begin
set message = 'got 1329';
select result,message,datum;
end;
open cur;
fetch cur into datum;
close cur;
select result,message,datum;
end
//
test.php:
<?php
$conn = new mysqli('localhost','root','password','test',3306);
$stmt = $conn->prepare('call pppp(?)');
$int = 1;
$stmt->bind_param('i',$int);
$stmt->execute();
do {
if ($res = $stmt->get_result()) {
printf("---\n");
var_dump($res->fetch_all());
$res->free();
} else {
printf("error: ");
if ($stmt->errno) printf("$stmt->error");
printf("\n");
}
} while($stmt->more_results() && $stmt->next_result());
$stmt->close();
$conn->close();
?>
test.gdb.log:
Starting program: /usr/bin/php test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
mysqlnd_fetch_stmt_row_cursor (result=0xb7621088, param=0xb7621a64, flags=2, fetched_anything=0xbfffba3f "\267\364/3\267\210\020b\267")
at /usr/src/builddir/ext/mysqlnd/mysqlnd_ps.c:1022
1022 /usr/src/builddir/ext/mysqlnd/mysqlnd_ps.c: No such file or directory.
#0 mysqlnd_fetch_stmt_row_cursor (result=0xb7621088, param=0xb7621a64, flags=2, fetched_anything=0xbfffba3f "\267\364/3\267\210\020b\267")
at /usr/src/builddir/ext/mysqlnd/mysqlnd_ps.c:1022
#1 0xb73148d5 in php_mysqlnd_res_fetch_row_pub (result=0xb7621088, param=0xb7621a64, flags=2, fetched_anything=0xbfffba3f "\267\364/3\267\210\020b\267")
at /usr/src/builddir/ext/mysqlnd/mysqlnd_result.c:1352
#2 0xb73173a6 in php_mysqlnd_res_fetch_into_pub (result=0xb7621088, flags=2, return_value=0xb7621a64, extension=MYSQLND_MYSQLI)
at /usr/src/builddir/ext/mysqlnd/mysqlnd_result.c:1823
#3 0xb73171c5 in php_mysqlnd_res_fetch_all_pub (result=0xb7621088, flags=2, return_value=0xb7621a48) at /usr/src/builddir/ext/mysqlnd/mysqlnd_result.c:1893
#4 0xb67c6132 in zif_mysqli_fetch_all (ht=0, return_value=0xb7621a48, return_value_ptr=0xb76041a0, this_ptr=0xb761edb0, return_value_used=1)
at /usr/src/builddir/ext/mysqli/mysqli_nonapi.c:385
#5 0x0842d376 in execute_internal (execute_data_ptr=execute_data_ptr@entry=0xb76042bc, fci=fci@entry=0x0, return_value_used=return_value_used@entry=1)
at /usr/src/builddir/Zend/zend_execute.c:1527
#6 0x08371493 in dtrace_execute_internal (execute_data_ptr=0xb76042bc, fci=0x0, return_value_used=1) at /usr/src/builddir/Zend/zend_dtrace.c:97
#7 0x0842f9e7 in zend_do_fcall_common_helper_SPEC (execute_data=<optimized out>) at /usr/src/builddir/Zend/zend_vm_execute.h:560
#8 0x083f15e7 in execute_ex (execute_data=execute_data@entry=0xb76042bc) at /usr/src/builddir/Zend/zend_vm_execute.h:363
#9 0x08371359 in dtrace_execute_ex (execute_data=0xb76042bc) at /usr/src/builddir/Zend/zend_dtrace.c:73
#10 0x0842f162 in zend_execute (op_array=0xb761e5a4) at /usr/src/builddir/Zend/zend_vm_execute.h:388
#11 zend_execute (op_array=0xb761e5a4) at /usr/src/builddir/Zend/zend_vm_execute.h:383
#12 0x08384906 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at /usr/src/builddir/Zend/zend.c:1341
#13 0x08319dae in php_execute_script (primary_file=primary_file@entry=0xbfffdf78) at /usr/src/builddir/main/main.c:2613
#14 0x08433379 in do_cli (argc=-1073750152, argc@entry=2, argv=0x7, argv@entry=0x89a0d88) at /usr/src/builddir/sapi/cli/php_cli.c:994
#15 0x080a5f43 in main (argc=2, argv=0x89a0d88) at /usr/src/builddir/sapi/cli/php_cli.c:1378
A debugging session is active.
Inferior 1 [process 4588] will be killed.
Quit anyway? (y or n)
This is issue was present in 5.4.45-0+deb7u4, I had upgraded to DotDeb hoping to fix this
issue. Should I report upstream?
Thanks for your time,
Steve
Metadata
Metadata
Assignees
Labels
No labels