PHP :: Bug #77358 :: random Segmentation fault (core dumped)

Bug #77358

random Segmentation fault (core dumped)

Submitted:

2018-12-27 13:31 UTC

Modified:

2019-01-14 09:02 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	0 (0.0%)

From:

kinoute at gmail dot com

Assigned:

Status:

Duplicate

Package:

PDO MySQL

PHP Version:

7.3.0

OS:

Ubuntu 16.04.5

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	kinoute at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2018-12-27 13:31 UTC] kinoute at gmail dot com

Description:
------------
It happens on a VPN running Ubuntu 16.04.5 & PHP 7.3.0 (upgraded from 7.2.13). I'm getting at random intervals Segfault errors on some scripts. I was able to catch a segfault running my script through gdb. Here is the output backtrace:

(gdb) run checkwin.php
Starting program: /usr/bin/php checkwin.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00005555557c2d3a in _efree ()
(gdb) bt
#0  0x00005555557c2d3a in _efree ()
#1  0x00007ffff2d4fea7 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#2  0x00007ffff2d4af4f in ?? () from /usr/lib/php/20180731/mysqlnd.so
#3  0x00007ffff2d4f641 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#4  0x00007ffff2d4e0b9 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#5  0x00007ffff2d4be04 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#6  0x00007ffff2d4bf4e in ?? () from /usr/lib/php/20180731/mysqlnd.so
#7  0x00007fffed601ee4 in ?? () from /usr/lib/php/20180731/pdo_mysql.so
#8  0x00007ffff2b28d0c in ?? () from /usr/lib/php/20180731/pdo.so
#9  0x00007ffff2b2cbaa in ?? () from /usr/lib/php/20180731/pdo.so
#10 0x00005555557fc60e in ?? ()
#11 0x00005555557f92b1 in zend_hash_graceful_reverse_destroy ()
#12 0x00005555557e879e in ?? ()
#13 0x00005555557875e2 in php_module_shutdown ()
#14 0x00005555556427fa in ?? ()
#15 0x00007ffff5cf0830 in __libc_start_main (main=0x555555642370, argc=2, argv=0x7fffffffe5b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe5a8)
    at ../csu/libc-start.c:291
#16 0x0000555555642909 in _start ()
(gdb)


I can also see segfaults in /var/log/syslog:

Dec 27 12:05:15 vps12833 kernel: [ 1122.000275] php[1975]: segfault at 7f4d49000000 ip 000055a75bf88d3a sp 00007fff1fb200f0 error 4 in php7.3[55a75bd1a000+3eb000]

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-01-13 18:47 UTC] kinoute at gmail dot com

Some update. I was about to make a little script were I get the same backtrace on gdb every single time I run the php script.

Running MySQL  5.7.24, with a "test" table as followed, with a datetime(6) column. It seems to happen when using the "UPDATE" mysql function. No problem with a simple SELECT.

CREATE TABLE `test` (
  `id` int(11) NOT NULL,
  `date` datetime(6) NOT NULL,
  `poster_id` int(11) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;


INSERT INTO `test` (`id`, `date`, `poster_id`) VALUES
(1, '2019-01-17 01:40:35.123456', 3);


PHP Script:

<?php

$dbh = "";
$dsn = 'mysql:host=localhost;dbname=testphp73';

// Set options
$options = [
    PDO::ATTR_PERSISTENT    => true,
    PDO::ATTR_ERRMODE       => PDO::ERRMODE_EXCEPTION
];

// Create a new PDO instanace
try {
    $dbh = new PDO($dsn, "root", "password", $options);
} // Catch any errors
catch (PDOException $e) {
    $this->error = $e->getMessage();
}


$stmt = $dbh->prepare("UPDATE test SET poster_id = 4 WHERE id = 1");

// no problem
// $stmt = $dbh->prepare("SELECT * FROM test WHERE id = 1");

$stmt->execute();


gdb backtrace with the UPDATE function:

(gdb) run test.php
Starting program: /usr/bin/php test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Inferior 1 (process 6354) exited with code 01]
(gdb) b exit
Breakpoint 1 at 0x7ffff5d0a030: file exit.c, line 104.
(gdb) run test.php
Starting program: /usr/bin/php test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Breakpoint 1, __GI_exit (status=1) at exit.c:104
104	exit.c: No such file or directory.
(gdb) bt
#0  __GI_exit (status=1) at exit.c:104
#1  0x00005555556319ed in ?? ()
#2  0x00005555557c2e1d in _efree ()
#3  0x00007ffff2d4fea7 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#4  0x00007ffff2d4af4f in ?? () from /usr/lib/php/20180731/mysqlnd.so
#5  0x00007ffff2d4f641 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#6  0x00007ffff2d4e0b9 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#7  0x00007ffff2d4be04 in ?? () from /usr/lib/php/20180731/mysqlnd.so
#8  0x00007ffff2d4bf4e in ?? () from /usr/lib/php/20180731/mysqlnd.so
#9  0x00007fffed601ee4 in ?? () from /usr/lib/php/20180731/pdo_mysql.so
#10 0x00007ffff2b28d0c in ?? () from /usr/lib/php/20180731/pdo.so
#11 0x00007ffff2b2cbaa in ?? () from /usr/lib/php/20180731/pdo.so
#12 0x00005555557fc6ce in ?? ()
#13 0x00005555557f9371 in zend_hash_graceful_reverse_destroy ()
#14 0x00005555557e885e in ?? ()
#15 0x0000555555787662 in php_module_shutdown ()
#16 0x000055555564282a in ?? ()
#17 0x00007ffff5cf0830 in __libc_start_main (main=0x5555556423a0, argc=2, argv=0x7fffffffe5c8, init=<optimized out>,
    fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe5b8) at ../csu/libc-start.c:291
#18 0x0000555555642939 in _start ()
(gdb)

gdb backtrace when using SELECT function:

(gdb) run test.php
Starting program: /usr/bin/php test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Inferior 1 (process 6387) exited normally]
(gdb) b exit
Breakpoint 1 at 0x7ffff5d0a030: file exit.c, line 104.
(gdb) run test.php
Starting program: /usr/bin/php test.php
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Breakpoint 1, __GI_exit (status=0) at exit.c:104
104	exit.c: No such file or directory.
(gdb) bt
#0  __GI_exit (status=0) at exit.c:104
#1  0x000055555564252d in ?? ()
#2  0x00007ffff5cf0830 in __libc_start_main (main=0x5555556423a0, argc=2, argv=0x7fffffffe5c8, init=<optimized out>,
    fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe5b8) at ../csu/libc-start.c:291
#3  0x0000555555642939 in _start ()
(gdb)

[2019-01-14 09:02 UTC] nikic@php.net

-Status: Open +Status: Duplicate

[2019-01-14 09:02 UTC] nikic@php.net

Given the use of persistent PDO connections and the efree() segfault during shutdown, this is very likely a duplicate of bug #77289, which will be fixed in PHP 7.3.2.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Mon Nov 25 01:01:31 2024 UTC