Segmentation fault in PHP?

Why does the following code cause a segmentation fault?


$CNX = new mysqli('localhost','dbuser', 'dbpass', 'dbtest');

class DAO
        var $stmt;

        function DAO()
                $this->stmt = $GLOBALS['CNX']->stmt_init();

        function listing()
                $this->stmt->prepare('SELECT * FROM any_table');

class Page
        function go()
                $d1 = new DAO();
                $d2 = new DAO();

$tpl = new Page();

Additional Notes

1) I ran this code on two different LAMP servers and they both generate errors like child pid somenumber exit signal Segmentation fault (11) in my error.log files. On one server, I am running Ubuntu 10.04, Apache 2, Mysql 5 and PHP 5.3.2-1ubuntu4.9, and on another server I'm running Ubuntu 11.10, Apache 2, mysql 5 and PHP 5.3.6-13ubuntu3.3.

2) It's weird, but when I comment out the line $d2 = new DAO(); or the line exit;, the segmentation fault goes away.

3) The segmentation fault occurs no matter which db table I select from in the prepared statement

What is going on? I am so frustrated. I have lost an entire day's worth of time because of this segmentation fault. Please...if anyone knows what's going on, let me know



Looks like you found a bug in the mysqli module!

Submit it to

Don't expect it to be fixed tomorrow, though. Find a way to work around the bug or try using different PHP/mysqli versions to see if you can get by.

For reference, I can reproduce it too, and here's a backtrace. Looks like things are exploding while trying to close the connection and clean things up:

jon@jonx:~/tmp$ gdb `which php`
Reading symbols from /usr/bin/php...(no debugging symbols found)...done.
(gdb) run tmp.php
Starting program: /usr/bin/php tmp.php
[Thread debugging using libthread_db enabled]
[New Thread 0x7ffff3cb7700 (LWP 1028)]
[Thread 0x7ffff3cb7700 (LWP 1028) exited]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff458ca25 in vio_peer_addr () from /usr/lib/
(gdb) bt
#0  0x00007ffff458ca25 in vio_peer_addr () from /usr/lib/
#1  0x00007ffff458d873 in net_real_write () from /usr/lib/
#2  0x00007ffff458dd5b in net_flush () from /usr/lib/
#3  0x00007ffff458df40 in net_write_command () from /usr/lib/
#4  0x00007ffff458aa84 in cli_advanced_command () from /usr/lib/
#5  0x00007ffff455c23c in mysql_stmt_close () from /usr/lib/
#6  0x00007ffff42f3815 in ?? () from /usr/lib/php5/20090626/
#7  0x00007ffff42f38ca in ?? () from /usr/lib/php5/20090626/
#8  0x00000000006b6ad1 in zend_objects_store_del_ref_by_handle_ex ()
#9  0x00000000006b6af3 in zend_objects_store_del_ref ()
#10 0x0000000000683662 in _zval_ptr_dtor ()
#11 0x000000000069f313 in zend_hash_destroy ()
#12 0x00000000006b2ae9 in zend_object_std_dtor ()
#13 0x00000000006b2b09 in zend_objects_free_object_storage ()
#14 0x00000000006b663f in zend_objects_store_free_object_storage ()
#15 0x0000000000683c84 in ?? ()
#16 0x0000000000691cd5 in ?? ()
#17 0x000000000063eccf in php_request_shutdown ()
#18 0x000000000072c76c in ?? ()
#19 0x00007ffff55f5eff in __libc_start_main () from /lib/x86_64-linux-gnu/
#20 0x0000000000428859 in _start ()

