php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #44554 *** glibc detected *** double free or corruption when using sqlite handler
Submitted: 2008-03-27 21:16 UTC Modified: 2010-01-26 01:00 UTC
Votes:5
Avg. Score:4.6 ± 0.8
Reproduced:5 of 5 (100.0%)
Same Version:2 (40.0%)
Same OS:1 (20.0%)
From: vlada at mysh dot cz Assigned:
Status: No Feedback Package: Session related
PHP Version: 5.2.12 OS: Debian etch or lenny
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2008-03-27 21:16 UTC] vlada at mysh dot cz
Description:
------------
I've compiled latest PHP 5.2.5 on newly installed Debian Etch with libc6 version 2.3.6.ds1-13etch5
Problem is, that almost randomly serves blank page. Mostly this problem occurs while using phpmyadmin (tested different versions with same result)

In error_log of apache is:
*** glibc detected *** double free or corruption (out): 0x084471f0 ***
[Thu Mar 27 21:45:34 2008] [notice] child pid 29274 exit signal Aborted (6)

I also tried to run backtrace, i put it here. Strace gives loads of data. I could also put it here.

When i tried downgrade to php 5.1.6, same error is in error_log, but on the other hand, blank page never occured.


Reproduce code:
---------------
problem occures on random phpmyadmin page, mostly with mysql connection.

Actual result:
--------------
Starting program: /usr/local/apache/bin/httpd -X
[Thread debugging using libthread_db enabled]
[New Thread -1211000608 (LWP 29696)]

*** glibc detected *** double free or corruption (out): 0x08439bf0 ***

Program received signal SIGABRT, Aborted.
[Switching to Thread -1211000608 (LWP 29696)]
0xb7d42947 in raise () from /lib/tls/libc.so.6
(gdb) bt
#0  0xb7d42947 in raise () from /lib/tls/libc.so.6
#1  0xb7d440c9 in abort () from /lib/tls/libc.so.6
#2  0xb7d786ba in __fsetlocking () from /lib/tls/libc.so.6
#3  0xb7d7ff7f in mallopt () from /lib/tls/libc.so.6
#4  0xb7d80022 in free () from /lib/tls/libc.so.6
#5  0xb7787e3b in zend_hash_apply_deleter (ht=0x8302420, p=0x841b0f0)
    at /install/php-5.2.5/Zend/zend_hash.c:614
#6  0xb7788341 in zend_hash_reverse_apply (ht=0x8302420,
    apply_func=0xb776bb28 <clean_non_persistent_function>)
    at /install/php-5.2.5/Zend/zend_hash.c:760
#7  0xb776c257 in shutdown_executor ()
    at /install/php-5.2.5/Zend/zend_execute_API.c:290
#8  0xb777b43a in zend_deactivate () at /install/php-5.2.5/Zend/zend.c:860
#9  0xb77299d4 in php_request_shutdown (dummy=0x0)
    at /install/php-5.2.5/main/main.c:1485
#10 0xb77f4821 in php_apache_request_dtor (r=0x83fd1f8)
    at /install/php-5.2.5/sapi/apache2handler/sapi_apache2.c:471
#11 0xb77f510f in php_handler (r=0x83fd1f8)
    at /install/php-5.2.5/sapi/apache2handler/sapi_apache2.c:643
#12 0x08074547 in ap_run_handler (r=0x83fd1f8) at config.c:157
#13 0x08077637 in ap_invoke_handler (r=0x83fd1f8) at config.c:372
#14 0x080824e8 in ap_process_request (r=0x83fd1f8) at http_request.c:258
#15 0x0807f74e in ap_process_http_connection (c=0x83f31b0) at http_core.c:190
#16 0x0807b4d7 in ap_run_process_connection (c=0x83f31b0) at connection.c:43
#17 0x080868d4 in child_main (child_num_arg=<value optimized out>)
    at prefork.c:640
#18 0x08086b34 in make_child (s=0x80a9f98, slot=0) at prefork.c:680
#19 0x080878dc in ap_mpm_run (_pconf=0x80a80a8, plog=0x80d6160, s=0x80a9f98)
    at prefork.c:956
#20 0x08061f8f in main (argc=134897824, argv=0x83f0fd8) at main.c:730
(gdb)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-03-28 12:55 UTC] vlada at mysh dot cz
Same problem with latest version. Should be problem in incompatibility with libc library in newer Debian? 

On other Debian servers (with older libc package) I am needed to upgrade libc to same version on, but i am worried about compatibility.
 [2008-03-29 17:49 UTC] jani@php.net
What was the configure line you used?
 [2008-03-29 19:37 UTC] vlada at mysh dot cz
This configuration. I've added --enable-debug because of dbg.

./configure --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql  --with-mysql-sock=/tmp/mysql.sock --with-sqlite --with-zlib --with-zlib-dir  --with-bz2  --with-gd  --enable-gd-native-ttf  --with-jpeg-dir --with-png-dir --with-ttf --with-freetype-dir=/usr/local --with-iconv=/usr/local  --with-curl=/usr/local --with-gettext --with-config-file-path=/etc/apache --enable-ftp --enable-mbstring  --with-openssl --with-openssl-dir=/usr/include/openssl --enable-calendar  --enable-exif --enable-sockets  --with-mcrypt --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-debug
 [2008-03-31 08:03 UTC] jani@php.net
One more question: What glibc version does this happen with and with what it doesn't happen with? I mean, does 5.2.5 work fine with older glibc? And what Apache MPM are you using there?
 [2008-03-31 15:46 UTC] vlada at mysh dot cz
On both servers is installed Debian Etch.
First, where it works without this error is older instalation with package libc6 version 2.3.6.ds1-13etch2.
The other, newer installation, where this error occours is libc6 2.3.6.ds1-13etch5.

I was warned before downgrading libc library, but i'll try it and than give a feedback if it works. But many other applications relay on this newer version of libc.

And I am using default MPM, prefork, on both.
 [2008-04-02 09:31 UTC] jani@php.net
Please let us know if downgrading glibc worked. 
 [2008-04-02 10:13 UTC] vlada at mysh dot cz
So.. I've sucessfully downgraded to same glibc version as on other server is. Than recompiled apache and php again with this older libc, but this errors appears in log again.
Sometimes it causes 
exit signal Segmentation fault(11) and sometimes "only" exit signal Aborted (6).

*** glibc detected *** double free or corruption (out): 0x08408b78 ***
*** glibc detected *** double free or corruption (!prev): 0x0840d220 ***

I am sorry for bothering but I going to be quite desperate about this problem, because I still don't know why it happens.
 [2008-04-02 10:20 UTC] jani@php.net
If you have 2 servers and on one you don't have such problems and on the other one you have, just check what the differences are in those systems. php.ini, configure lines, compiler versions, etc.
 [2008-04-03 18:40 UTC] vlada at mysh dot cz
So.. I have checked configuration of PHP. Default php.ini-dist worked, so I make diff between mine and default. Main difference was in method of saving sessions. We were using sqlite. When I changed it to default, files type, everything is now OK. I leave this, files session configuration run for a longer period, but I think, problem was i sqlite.
 [2008-04-03 21:06 UTC] jani@php.net
If you can reliably prove it's sqlite session handler that causes it, please reclassify this report as "Session related" and update the summary.
 [2010-01-17 15:22 UTC] vlada at mysh dot cz
After a year, I came to same problem on newer server.. There were a lot of warnings in apache's error_log 

*** glibc detected *** /usr/local/apache/bin/httpd: double free or corruption (out): 0x08b11590 ***
*** glibc detected *** /usr/local/apache/bin/httpd: double free or corruption (out): 0x08b12a78 ***
*** glibc detected *** /usr/local/apache/bin/httpd: double free or corruption (out): 0x08b1aa30 ***
*** glibc detected *** /usr/local/apache/bin/httpd: double free or corruption (out): 0x0a399120 ***
*** glibc detected *** /usr/local/apache/bin/httpd: double free or corruption (!prev): 0x0a3eab68 ***


etc..

Mainly while using DokuWiki or phpMyAdmin

After I changed session handler from sqlite to files, problem dissapeared. Now it's a week with files session handler and no new entry in log saying something about glibc error. So I am sure, it's caused by sqlite session handler.
 [2010-01-18 10:27 UTC] jani@php.net
Just to clarify: you are using your own compile and not any debian package? And no 3rd party patches are applied?
 [2010-01-18 10:29 UTC] jani@php.net
Also, this is kinda hard to reproduce so could you try and get a GDB bactrace of this? Instructions can be found here how to do it:

  http://bugs.php.net/bugs-generating-backtrace.php
 [2010-01-26 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Nov 28 08:05:53 2022 UTC