** Description changed:
[ Impact ]
Running fpm_get_status may result in a segmentation fault.
[ Test Plan ]
The following script is a reproducer for the described bug:
#!/bin/bash
set -eux
trap cleanup EXIT
- UBUNTU_SERIES=${UBUNTU_SERIIES:-mantic}
+ UBUNTU_SERIES=${UBUNTU_SERIES:-mantic}
PHP_VERSION=${PHP_VERSION:-8.2}
TEST_CONTAINER=php-fpm-segfault
PHP_TEST_FILE=$(mktemp)
cleanup() {
- rm -f ${PHP_TEST_FILE}
- lxc delete -f ${TEST_CONTAINER}
+ rm -f ${PHP_TEST_FILE}
+ lxc delete -f ${TEST_CONTAINER}
}
cat > ${PHP_TEST_FILE} <<EOF
testing...
<br/>
<?php
phpinfo();
fpm_get_status();
EOF
lxc launch ubuntu-daily:${UBUNTU_SERIES} ${TEST_CONTAINER}
lxc exec ${TEST_CONTAINER} -- apt update
lxc exec ${TEST_CONTAINER} -- apt install -y php php-fpm apache2-utils
apache2 libapache2-mod-fcgid
lxc exec ${TEST_CONTAINER} -- systemctl start php${PHP_VERSION}-fpm
lxc exec ${TEST_CONTAINER} -- a2dismod php${PHP_VERSION} mpm_prefork
lxc exec ${TEST_CONTAINER} -- a2enconf php8.2-fpm
lxc exec ${TEST_CONTAINER} -- a2enmod proxy_fcgi proxy mpm_event
lxc file push ${PHP_TEST_FILE} ${TEST_CONTAINER}/var/www/html/test.php --mode
0644
lxc exec ${TEST_CONTAINER} -- systemctl restart apache2.service
lxc exec ${TEST_CONTAINER} -- sh -c "curl -s localhost/test.php | grep -o
'FPM/FastCGI'"
lxc exec ${TEST_CONTAINER} -- ab -n 10000 -c 99 http://localhost/test.php
echo 'Number of SIGSEGV failures:'
lxc exec ${TEST_CONTAINER} -- sh -c "cat /var/log/php8.2-fpm.log | grep -c
SIGSEGV"
-
- Running the script above ensuring the php packages from proposed are
installed should be enough for SRU verification purposes.
+ Running the script above ensuring the php packages from proposed are
+ installed should be enough for SRU verification purposes.
[ Where problems could occur ]
The change in question is straightforward:
We are replacing a string interpolation for a string literal because the
variables being substituted could result in a null pointer dereference.
Unless some other software components are parsing the logs, which are
being changed (which would result in chained failures across
components), issues could occur due to unrelated issues with possible
new dependencies after a full PHP rebuild.
[ Other Info ]
This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence,
this should be fixed in noble, but needs fixing in mantic, jammy, and
focal.
[ Original report ]
Like the title says, we do run fpm_get_status a lot. We're trying to get
metrics about our systems performance this way.
lsb_release -rd:
Description: Ubuntu 20.04.6 LTS
Release: 20.04
apt-cache policy php-fpm
php-fpm:
Installed: 2:7.4+75
Candidate: 2:7.4+75
Version table:
*** 2:7.4+75 500
500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
100 /var/lib/dpkg/status
I expected it to return fpm status, instead it crashes and kills the
process.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2057576
Title:
php-fpm sometimes SIGSEGVs (signal 11) when running fpm_get_status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php7.4/+bug/2057576/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
