From: Ew6jQ8tSJhf3 at dyweni dot com
Operating system: Linux x86_64 (CentOS 5.8 final)
PHP version: 5.4.6
Package: PDO related
Bug Type: Bug
Bug description:PHP Segfault in PDO ODBC Execute
Description:
------------
PHP 5.4.6
Microsoft SQL Server ODBC Driver V1.0 for Linux
PHP Segfaults while executing the call '$sth->execute()'
GDB Backtrace is:
Program received signal SIGSEGV, Segmentation fault.
zim_PDOStatement_execute (ht=<value optimized out>,
return_value=0x2aaaab284210,
return_value_ptr=<value optimized out>,
this_ptr=<value optimized out>, return_value_used=<value optimized out>)
at /usr/src/debug/php-5.4.6/ext/pdo/pdo_stmt.c:515
515 if (stmt->active_query_string && stmt-
>active_query_string != stmt->query_string) {
(gdb) bt
#0 zim_PDOStatement_execute (ht=<value optimized out>,
return_value=0x2aaaab284210, return_value_ptr=<value optimized out>,
this_ptr=<value optimized out>, return_value_used=<value optimized out>)
at /usr/src/debug/php-5.4.6/ext/pdo/pdo_stmt.c:515
#1 0x00000000006005e5 in zend_do_fcall_common_helper_SPEC
(execute_data=0x2aaaab250060) at /usr/src/debug/php-
5.4.6/Zend/zend_vm_execute.h:642
#2 0x000000000060643e in execute (op_array=0x2aaaab282fc8) at
/usr/src/debug/php-5.4.6/Zend/zend_vm_execute.h:410
#3 0x00000000005d1a8e in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /usr/src/debug/php-5.4.6/Zend/zend.c:1289
#4 0x0000000000576c38 in php_execute_script (primary_file=0x7fffffffc190)
at
/usr/src/debug/php-5.4.6/main/main.c:2473
#5 0x00000000006785ed in do_cli (argc=2, argv=0x7fffffffd4b8) at
/usr/src/debug/php-5.4.6/sapi/cli/php_cli.c:988
#6 0x0000000000678f6d in main (argc=2, argv=0x7fffffffd4b8) at
/usr/src/debug/php-5.4.6/sapi/cli/php_cli.c:1364
Valgrind Output is:
==9423== Memcheck, a memory error detector
==9423== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==9423== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info
==9423== Command: php test.php
==9423==
==9423== Invalid read of size 8
==9423== at 0xA7588B4: zim_PDOStatement_execute (pdo_stmt.c:515)
==9423== by 0x6005E4: zend_do_fcall_common_helper_SPEC
(zend_vm_execute.h:642)
==9423== by 0x60643D: execute (zend_vm_execute.h:410)
==9423== by 0x5D1A8D: zend_execute_scripts (zend.c:1289)
==9423== by 0x576C37: php_execute_script (main.c:2473)
==9423== by 0x6785EC: do_cli (php_cli.c:988)
==9423== by 0x678F6C: main (php_cli.c:1364)
==9423== Address 0x10000008f is not stack'd, malloc'd or (recently)
free'd
==9423==
==9423==
==9423== Process terminating with default action of signal 11 (SIGSEGV)
==9423== Access not within mapped region at address 0x10000008F
==9423== at 0xA7588B4: zim_PDOStatement_execute (pdo_stmt.c:515)
==9423== by 0x6005E4: zend_do_fcall_common_helper_SPEC
(zend_vm_execute.h:642)
==9423== by 0x60643D: execute (zend_vm_execute.h:410)
==9423== by 0x5D1A8D: zend_execute_scripts (zend.c:1289)
==9423== by 0x576C37: php_execute_script (main.c:2473)
==9423== by 0x6785EC: do_cli (php_cli.c:988)
==9423== by 0x678F6C: main (php_cli.c:1364)
==9423== If you believe this happened as a result of a stack
==9423== overflow in your program's main thread (unlikely but
==9423== possible), you can try to increase the size of the
==9423== main thread stack using the --main-stacksize= flag.
==9423== The main thread stack size used in this run was 10485760.
==9423==
==9423== HEAP SUMMARY:
==9423== in use at exit: 4,021,443 bytes in 19,132 blocks
==9423== total heap usage: 22,569 allocs, 3,437 frees, 5,755,940 bytes
allocated
Test script:
---------------
<?php
$pdo = new PDO('odbc:TestDB', "TestUser", "TestPassword");
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = 'SELECT fid, original_filename, dateUploaded, filesize, client FROM
upload ORDER BY dateUploaded DESC';
$sth = $pdo->prepare($stmt);
$sth->execute();
var_dump($sth->fetchAll());
Expected result:
----------------
The script should output the results from $sth->fetchAll.
Actual result:
--------------
The script crashes with a Segmentation Fault.
--
Edit bug report at https://bugs.php.net/bug.php?id=63075&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=63075&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=63075&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=63075&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=63075&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=63075&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=63075&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=63075&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=63075&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=63075&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=63075&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=63075&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=63075&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=63075&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=63075&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=63075&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=63075&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=63075&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=63075&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=63075&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=63075&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=63075&r=mysqlcfg
