php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81539 Segmentation fault in pdo_mysql
Submitted: 2021-10-18 19:13 UTC Modified: 2023-01-14 16:35 UTC
Votes:4
Avg. Score:4.8 ± 0.4
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:2 (50.0%)
From: mira at mirawaneko dot net Assigned:
Status: Open Package: PDO MySQL
PHP Version: 8.0.11 OS: Debian 10 (Buster)
Private report: No CVE-ID: None
 [2021-10-18 19:13 UTC] mira at mirawaneko dot net
Description:
------------
PHP installed via Sury
Version 8.0.11

I haven't been able to pinpoint the cause of the issue, therefore no test script, I am simply posting it here in hopes that the cause may be found.

It happened continuously randomly on requests.
This only happens on my live server and haven't been able to replicate it locally so I only have debug symbols on pdo_mysql.

I have downgraded the website to run on PHP 7.4.24 a few days ago and haven't been able to replicate the issue since.

------------------------------------------------------------
dmesg:

php-fpm8.0[29878]: segfault at 4 ip 00007f3c42776ee3 sp 00007fff18c9fd70 error 4 in pdo_mysql.so[7f3c42774000+4000]

------------------------------------------------------------
gdb:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  zend_string_copy (s=0x0) at ./Zend/zend_types.h:628
628     ./Zend/zend_types.h: No such file or directory.
(gdb) bt
#0  zend_string_copy (s=0x0) at ./Zend/zend_types.h:628
#1  pdo_mysql_stmt_describe (stmt=0x7f3c45a69980, colno=<optimized out>) at ./ext/pdo_mysql/mysql_statement.c:637
#2  0x00007f3c45c1d5c5 in pdo_stmt_describe_columns (stmt=stmt@entry=0x7f3c45a69980) at ./ext/pdo/pdo_stmt.c:135
#3  0x00007f3c45c1da96 in zim_PDOStatement_execute (execute_data=<optimized out>, return_value=0x7fff18c9fee0) at ./ext/pdo/pdo_stmt.c:473
#4  0x000055da99d14a44 in ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER () at ./Zend/zend_vm_execute.h:1755
#5  execute_ex (ex=0x7f3c45a69980) at ./Zend/zend_vm_execute.h:54180
#6  0x000055da99d1646c in zend_execute (op_array=0x7f3c45a6e000, return_value=0x0) at ./Zend/zend_vm_execute.h:58499
#7  0x000055da99cad44d in zend_execute_scripts (type=1168200976, type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at ./Zend/zend.c:1680
#8  0x000055da99c4a15b in php_execute_script (primary_file=<optimized out>) at ./main/main.c:2524
#9  0x000055da99b02fa9 in main (argc=<optimized out>, argv=<optimized out>) at ./sapi/fpm/fpm/fpm_main.c:1914


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-10-19 08:44 UTC] nikic@php.net
Based on the stack trace sname from the field metadata is NULL, but I don't immediately see how that could happen.
 [2023-01-14 16:35 UTC] dharman@php.net
I'd just like to say that I cannot reproduce this. I have absolutely no idea what kind of conditions led to this dump. Maybe some more information could help diagnose it. MySQL version? Source code that was executed at the time of this error.
 [2023-01-24 08:47 UTC] samira dot akhlaqi314 at gmail dot com
It is important to provide specific details and a clear reproduction steps when reporting a bug. A simpler test case can help others better understand the issue and assist in resolving it. Additionally, it can be helpful to know if the bug is specific to a particular platform or if it can be replicated on different systems. Saying "me too" does not add any additional information and can clutter the database, but it is important to vote on the bug to indicate its importance and help prioritize its resolution.

(https://www.marykayintouch.website/)php.net
 [2023-05-02 12:27 UTC] samsmith at aol dot com
(https://www.linkedin.com/pulse/augusta-precious-metals-review-best-gold-ira-company-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/goldco-review-gold-ira-rollover-precious-metal-company-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/how-apply-employee-retention-credit-erc-complete-guide-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/best-gold-ira-companies-investment-retirement-accounts-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/ira-allowable-precious-metals-best-ira-approved-metal-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/roth-gold-ira-account-best-companies-how-works-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/what-employee-retention-tax-credit-ertc-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/best-precious-metals-ira-2023-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/best-silver-ira-companies-2023-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/how-protect-your-401k-from-market-crash-recession-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/goldco-vs-augusta-precious-metals-which-best-gold-ira-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/how-move-401k-gold-ira-without-penalty-jeffrey-keever/)github.com 
(https://www.linkedin.com/pulse/how-buy-physical-gold-your-401k-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/noble-gold-investments-review-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/best-paying-jobs-precious-metals-jeffrey-keever/)github.com
(https://www.linkedin.com/pulse/how-buy-gold-ira-jeffrey-keever-1e/)github.com
 [2024-02-27 03:42 UTC] ahfas dot annahri+php at gmail dot com
I have the same exact issue. Happened on one of our customers application. It constantly crashing (segfaulted).

---------
coredumpctl debug

Reading symbols from /usr/sbin/php-fpm8.0...
Reading symbols from /usr/lib/debug/.build-id/08/9da7e5338bcab54ba9be4e31fd5c069bc3a308.debug...
[New LWP 1739784]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `php-fpm: pool www                                                            '.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  zend_string_copy (s=0x0) at ./Zend/zend_types.h:628
628     ./Zend/zend_types.h: No such file or directory.
(gdb) backtrace
#0  zend_string_copy (s=0x0) at ./Zend/zend_types.h:628
#1  pdo_mysql_stmt_describe (stmt=0x7f7dc0b96f00, colno=<optimized out>) at ./ext/pdo_mysql/mysql_statement.c:637
#2  0x00007f7dc4e9458d in ?? () from /usr/lib/php/20200930/pdo.so
#3  0x00007f7dc4e94a3a in ?? () from /usr/lib/php/20200930/pdo.so
#4  0x000055cf3ea5f9a5 in ZEND_DO_FCALL_SPEC_RETVAL_UNUSED_HANDLER () at ./Zend/zend_vm_execute.h:1755
#5  execute_ex (ex=0x7f7dc0b96f00) at ./Zend/zend_vm_execute.h:55191
#6  0x000055cf3ea6154d in zend_execute (op_array=0x7f7dc4c66000, return_value=0x0) at ./Zend/zend_vm_execute.h:59523
#7  0x000055cf3e9f5c7d in zend_execute_scripts (type=-993961904, type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at ./Zend/zend.c:1694
#8  0x000055cf3e992a0a in php_execute_script (primary_file=<optimized out>) at ./main/main.c:2546
#9  0x000055cf3e84675d in main (argc=<optimized out>, argv=<optimized out>) at ./sapi/fpm/fpm/fpm_main.c:1914
---------

---------
dmesg

php-fpm8.0[1739331]: segfault at 4 ip 00007f7dc20122d3 sp 00007ffc82aa0da0 error 4 in pdo_mysql.so[7f7dc200f000+4000]
Code: 00 00 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 85 d2 7e e3 45 31 ed 4c 8d 35 ba 13 00 00 eb 4a 48 8b 00 <f6> 40 04 40 75 03 83 00 01 48 89 03 48 8b 45 10 42 8b 84 20 80 00
---------


Stack we use:
- ProxySQL version 2.1.1-40-g1c2b7e4, codename Truls
- MariaDB 10.5.10-MariaDB-1:10.5.10+maria~focal-log
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Dec 10 05:01:26 2024 UTC