Bug #53626 [Ver]: SQLite3 - Segmentation Fault on shutdown

2013-05-23
This continues to haunt me

[2012-04-23 17:11:55]

I was having the same problem.  Apparently it is due to the sqlite3 extension 
being threaded, but php not being compiled with the pthread library.  I was 
to fix it in FreeBSD by recompiling php with the following option:

LINKTHRLink thread lib (for threaded extensions)

[2011-12-02 12:12:08]

Additional Info:  reducing extensions.ini to only sqlite3.so (no other modules 
loaded) also gave the Segmentation fault when executing /usr/local/bin/php-cgi 

[2011-12-02 08:33:23]

I get a segfault whenever php-cgi exits even without using sqlite functions.

FreeBSD.  Latest Ports as of 1/12/2011


# /usr/local/bin/php-cgi -v
PHP 5.3.8 with Suhosin-Patch (cgi-fcgi) (built: Dec  1 2011 22:33:51)
Copyright (c) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
Segmentation fault

Editing extensions.ini to comment out sqlite3.so *and* pdo_sqlite.so  
eliminates the Segmentation fault error.

With respect to: "This is due the destructor order."

I have tried many permutations of ordering in extensions.ini but found no case 
where enabling sqlite3.so or pdo_sqlite.so worked in any position.

Can not recompile with debug yet as this is a production machine... but will 
attempt to reproduce in test scenario and update.

[2011-09-23 04:55:13]

This bug is still reproducible, and in fact has regressed, since I no longer 
get a 
helpful console error message, but a generic crash report. What are the chances 
getting this fixed?

[2011-06-05 20:28:48]

This is due the destructor order.

[PHP-BUG] Bug #60546 [NEW]: using bad GD color in __destruct crashes

2011-12-16
Operating system: Mac OS X 10.7.2
PHP version:  5.4.0RC3
Package:  Reproducible crash
Bug Type: Bug
Bug description:using bad GD color in __destruct crashes


Allocating a color with imagecolorallocate using null for the image, and
die() causes a repeatable crash if the destructor attempts to use the bad
to render an image.

'./configure' '--prefix=/usr' '--mandir=/usr/share/man' '--
infodir=/usr/share/info' '--sysconfdir=/private/etc' '--with-
apxs2=/usr/sbin/apxs' '--enable-cli' '--with-config-file-path=/etc'
libxml-dir=/usr' '--with-openssl=/usr' '--with-kerberos=/usr'
'--enable-bcmath' '--with-bz2=/usr' '--enable-calendar' '--with-curl=/usr'
enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local'
png-dir=/usr/local' '--enable-gd-native-ttf' '--with-ldap=/usr'
sasl=/usr' '--enable-mbstring' '--enable-mbregex' '--with-mysql=mysqlnd'
with-mysqli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--with-mysql-
sock=/tmp/mysql.sock' '--with-iodbc=/usr' '--enable-shmop'
'--with-snmp=/usr' '-
-enable-soap' '--enable-sockets' '--enable-sysvmsg' '--enable-sysvsem' '--
enable-sysvshm' '--with-xmlrpc' '--with-iconv-dir=/usr' '--with-xsl=/usr'
enable-zip' '--with-pcre-regex' '--disable-cgi' '--enable-debug' '--with-
freetype-dir=/usr/local' '--with-mcrypt' '--with-libedit'

$ diff php.ini.default php.ini
< max_execution_time = 30
> max_execution_time = 420
< max_input_time = 60
> max_input_time = 120
< memory_limit = 128M
> memory_limit = 1024M
< display_errors = Off
> display_errors = On
< display_startup_errors = Off
> display_startup_errors = On
< html_errors = Off
> html_errors = On
< post_max_size = 8M
> post_max_size = 20M
< ;include_path = ".:/php/includes"
> include_path = ".:/usr/lib/php"
< upload_max_filesize = 2M
> upload_max_filesize = 20M
< ; The MIBS data available in the PHP distribution must be installed. 
< ; See http://www.php.net/manual/en/snmp.installation.php 
> ; The MIBS data available in the PHP distribution must be installed.
> ; See http://www.php.net/manual/en/snmp.installation.php
< ;date.timezone =
> date.timezone = "America/Chicago"
< session.entropy_length = 0
> session.entropy_length = 20
< ; On windows, setting the entropy_length setting will activate the 
> ; On windows, setting the entropy_length setting will activate the
< ;session.entropy_file = /dev/urandom
> session.entropy_file = /dev/random
< session.hash_function = 0
> session.hash_function = 1
< ;xdebug.idekey="macgdbp"
< ;xdebug.remote_enable=1
> xdebug.idekey="macgdbp"
> xdebug.remote_enable=On
> xdebug.default_enable=On

Test script:
background = imagecolorallocate(null, 255, 255, 255);

public function __destruct() {
$img = imagecreatetruecolor(50, 50);
imagefill($img, 0, 0, $this->background);
header('Content-type: image/png');

new Foo();

Expected result:

Expected an error message, warning, magical success, or some other

Actual result:
Program received signal SIGABRT, Aborted.
0x7fff900fe82a in __kill ()
(gdb) bt
#0  0x7fff900fe82a in __kill ()
#1  0x7fff8bc7aa9c in abort ()
#2  0x7fff8bcd984c in free ()
#3  0x00010172853f in php_request_shutdown (dummy=0x0) at main.c:1776
#4  0x0001019bb67e in php_apache_request_dtor (r=0x100994aa0) at 
#5  0x0001019bbf6f in php_handler (r=0x100994aa0) at
#6  0x00012551 in ap_run_handler ()
#7  0x000130f6 in ap_invoke_handler ()
#8  0x00010003daad in ap_process_request ()
#9  0x000100039723 in ap_process_http_connection ()
#10 0x000100019aa1 in ap_run_process_connection ()
#11 0x00010001a081 in ap_process_connection ()
#12 0x000100046f53 in child_main ()
#13 0x000100047076 in make_child ()
#14 0x0001000478b6 in ap_mpm_run ()
#15 0x0001d58d in main ()

Some relevant values from main.c around line 1776:
last_error_lineno = 0
last_error_message = -1031267392 = 
last_error_file = 6

2011-09-22
Bug #53626 [Ver]: SQLite3 - Segmentation Fault on shutdown

This bug is still reproducible, and in fact has regressed, since I no longer 
get a 
helpful console error message, but a generic crash report. What are the chances 
getting this fixed?

[2011-06-05 20:28:48]

This is due the destructor order.

[2011-03-08 20:15:05]

It's more helpful. I get the following messages in the Apache error log:
test/index.php(14) : Warning - SQLite3::query() [sqlite3.query]: table test already exists
test/index.php(3) : Catchable fatal error - Argument 1 passed to 
test::__construct() must be an array, boolean given, called in test/index.php 
on line 9 and defined
[Tue Mar 08 13:11:41 2011] [notice] child pid 26396 exit signal Segmentation 
fault (11)

Here's the stack trace:
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x
0x0001015d0831 in zend_llist_del_element (l=0x10071c0f0, 
element=0x10208c258, compare=0x10109f549 ) at 
97  next = current->next;

[2011-03-08 18:00:04]

Please try using this snapshot:

For Windows:


[2010-12-29 01:07:56]

query("SELECT * from test");
return new test($result->fetchArray(SQLITE3_ASSOC));

$db = new SQLite3("test.sqlite", SQLITE3_OPEN_READWRITE | 
$db->query("CREATE TABLE test (foo, bar)");

print "done";

[2010-12-29 00:02:51]

Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with ,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.

