XF 2.0 MariaDB 10.3.26-1 Breaks PHP < 7.2


Well-known member
Just wanting to post this here, as I've spent the last 2 hours fault finding an issue on my servers this morning.

cPanel servers, all the latest updates. MariaDB automatically updated to 10.3.26-1 over night as part of the cPanel yum update.

As soon as this happened, any XenForo site running on PHP7.2 or below broke!

[04-Nov-2020 08:24:41 UTC] PHP Fatal error:  Uncaught XF\Db\Exception: MySQL query error [1835]: Malformed communication packet in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php:212
Stack trace:
#0 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(196): XF\Db\AbstractStatement->getException('MySQL query err...', 1835, 'HY000')
#1 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(77): XF\Db\Mysqli\Statement->getException('MySQL query err...', 1835, 'HY000')
#2 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(79): XF\Db\Mysqli\Statement->execute()
#3 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(116): XF\Db\AbstractAdapter->query('\n\t\t\tSELECT data...', Array)
#4 /home/XXX/public_html/community/src/XF/DataRegistry.php(137): XF\Db\AbstractAdapter->fetchPairs('\n\t\t\tSELECT data...')
#5 /home/XXX/public_html/community/src/XF/DataRegistry.php(82): XF\DataRegistry->readFromDb(Array, Array)
#6 /home/XXX/public_html/community/src/XF/DataRegistry.php(225): XF\DataRegistry- in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php on line 212

Swapping to 7.3 or 7.4 works.

I've had to downgrade MariaDB back to the previous version:

# yum history info 264
Loaded plugins: fastestmirror, universal-hooks
Transaction ID : 264
Begin time     : Wed Nov  4 05:35:28 2020
Begin rpmdb    : 1964:269d3e2a5fc59faed15b162386618da46afe3e28
End time       :            05:36:05 2020 (37 seconds)
End rpmdb      : 1964:7aac4ca2ee1e5c81b04babc4f774126e1254d10d
User           : root <root>
Return-Code    : Success
Command Line   : --assumeyes --color=never --config /etc/yum.conf update --disablerepo=epel
Transaction performed with:
    Installed     rpm-4.11.3-43.el7.x86_64                        @base
    Installed     yum-3.4.3-167.el7.centos.noarch                 @base
    Installed     yum-metadata-parser-1.1.4-10.el7.x86_64         @anaconda
    Installed     yum-plugin-fastestmirror-1.1.31-54.el7_8.noarch @updates
Packages Altered:
    Updated MariaDB-client-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-common-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-compat-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-devel-10.3.25-1.el7.centos.x86_64  @MariaDB103
    Update                10.3.26-1.el7.centos.x86_64  @MariaDB103
    Updated MariaDB-server-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-shared-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated galera-25.3.30-1.el7.centos.x86_64         @MariaDB103
    Update         25.3.31-1.el7.centos.x86_64         @MariaDB103
history info

And this fixes the issue. So, I don't know if it's a PHP issue, a MariaDB issue, or something combining everything! I've excluded MariaDB and Galera now from automatic updates on my servers.
how to do that please

That thread has links in with specific information provided by cPanel.
Currently having the same issue and seeing this error:

Fatal error: Uncaught XF\Db\Exception: No such file or directory in /sitepath/forum/src/XF/Db/Mysqli/Adapter.php:165 Stack trace: #0 /homepages/34/d769032082/sitepath/forum/src/XF/Db/Mysqli/Adapter.php(28): XF\Db\Mysqli\Adapter->makeConnection(Array) #1 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(60): XF\Db\Mysqli\Adapter->getConnection() #2 /homepages/34/d769032082/sitepath/src/XF/Db/Mysqli/Adapter.php(113): XF\Db\AbstractAdapter->connect() #3 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(516): XF\Db\Mysqli\Adapter->escapeString('options') #4 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(494): XF\Db\AbstractAdapter->quote('options') #5 /homepages/34/d769032082/sitepath/src/XF/DataRegistry.php(138): XF\Db\AbstractAdapter->quote(Array) #6 /homepages/34/d769032082/htdocs/clickan in /homepages/34/d769032082/htdocs/sitepath/src/XF/Db/Mysqli/Adapter.php on line 165

I replaced the actual path with sitepath in the error just for purposes of sharing it here. I updated the PHP version to 7.4, and even created a new database to upgrade the MYSQL version from 5.5 to 5.7 then moved the db over and am still getting the error. If I ctrl+F5 the forum shows as normal and I can click on threads and go back and forth no problem, but clicking on the forum root brings the same error again.
This was a bug in mysqlnd as in PHP 7.2: https://github.com/php/php-src/blob/PHP-7.2/ext/mysqlnd/mysqlnd_ps_codec.c#L938
Fixed in PHP 7.3: https://github.com/php/php-src/blob/PHP-7.3/ext/mysqlnd/mysqlnd_ps_codec.c#L965
by the commit https://github.com/php/php-src/commit/05a884f6393b1a19f103c2b358e736b20c0f7d46

Old code generated invalid "execute" packets, they were violating both our (https://mariadb.com/kb/en/com_stmt_execute/) and MySQL (https://dev.mysql.com/doc/internals/en/com-stmt-execute.html) description of the protocol.

Latest MariaDB releases have stricter packet validation as a security measure and these broken packets are now rejected.

Your best option would be to use PHP 7.3+ that does not violate the protocol. Although we're currently discussing whether to relax the packet validation to allow these invalid packets as a special exception.

From the JIRA bug report for MariaDB
From the JIRA bug report for MariaDB
I have one site still on PHP 7.1.x. Fortunately, I don't think that server has been auto-upgraded but upgrading isn't an option for vBulletin 4.2.5. My hope would be that they relax the insistence on strict packet validation.
Top Bottom