[Bug 62983] New: apache latest version cause segmentation fault when enable php5 and php7 in the same time

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 62983] New: apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

            Bug ID: 62983
           Summary: apache latest version cause segmentation fault when
                    enable php5 and php7 in the same time
           Product: Apache httpd-2
           Version: 2.4.37
          Hardware: All
                OS: All
            Status: NEW
          Severity: trivial
          Priority: P2
         Component: All
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ---

Created attachment 36294
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36294&action=edit
poc in apache 2.4.37

all info please download the vagrant box:
https://drive.google.com/file/d/1uQELpsiBaXOAZpXtcHDdciZ_waXHShi8/view?usp=sharing

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62983] apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

Eric Covener <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO

--- Comment #1 from Eric Covener <[hidden email]> ---
Please share backtraces and loaded libraries from the resulting core, as text
in the bug.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62983] apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

--- Comment #2 from 0xd0ff9 <[hidden email]> ---
(In reply to Eric Covener from comment #1)
> Please share backtraces and loaded libraries from the resulting core, as
> text in the bug.

enmod php7.2 first, then enmod php5

Core dump file:
https://drive.google.com/file/d/1a-POH6PWldsyAZiGMcqfxctfW7H_bA1B/view?usp=sharing

Backtrace:

vagrant@vagrant-ubuntu-trusty-64:~$ sudo apachectl debug
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.3) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/apache2...(no debugging symbols found)...done.
warning: File "/home/vagrant/.gdbinit" auto-loading has been declined by your
`auto-load safe-path' set to "$debugdir:$datadir/auto-load".
To enable execution of this file add
        add-auto-load-safe-path /home/vagrant/.gdbinit
line to your configuration file "$HOME/.gdbinit".
To completely disable this security protection add
        set auto-load safe-path /
line to your configuration file "$HOME/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
        info "(gdb)Auto-loading safe path"
(gdb) source /home/vagrant/peda
/home/vagrant/peda: Success.
(gdb) source /home/vagrant/peda/peda.py
gdb-peda$ bt
No stack.
gdb-peda$ run -k start
Starting program: /usr/sbin/apache2 -k start
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
AH00558: apache2: Could not reliably determine the server's fully qualified
domain name, using 10.0.2.15. Set the 'ServerName' directive globally to
suppress this message

Program received signal SIGSEGV, Segmentation fault.

[----------------------------------registers-----------------------------------]
RAX: 0x7ffff3e96a50 (<gc_collect_cycles>:       push   r15)
RBX: 0x7fffffffd180 --> 0x7ffff1e8debe (push   r15)
RCX: 0x5f ('_')
RDX: 0x7ffff2058cc0 (<zend_gc_collect_cycles>:  push   r15)
RSI: 0x7ffff212b6d7 ("E_ZEND_DTRACE")
RDI: 0x7fffffffee86 ("ERNAME=root")
RBP: 0x1
RSP: 0x7fffffffd120 --> 0x0
RIP: 0x7ffff2030d60 (mov    QWORD PTR [rax],rdx)
R8 : 0xffff
R9 : 0x1
R10: 0x7ffff71b6440 (<__strncmp_sse2+4608>:     pxor   xmm0,xmm0)
R11: 0xc ('\x0c')
R12: 0x7ffff4654260 --> 0x7ffff2132003 ("apache2handler")
R13: 0x7ffff241a280 --> 0x7ffff2132003 ("apache2handler")
R14: 0x7ffff7fba028 --> 0x7ffff7ff2028 --> 0x7ffff7ff4028 --> 0x7ffff7ff8028
--> 0x0
R15: 0x7ffff241a3a0 --> 0x133c7de000000a8
EFLAGS: 0x10246 (carry PARITY adjust ZERO sign trap INTERRUPT direction
overflow)
[-------------------------------------code-------------------------------------]
   0x7ffff2030d4b:      lea    rdx,[rip+0x27f6e]        # 0x7ffff2058cc0
<zend_gc_collect_cycles>
   0x7ffff2030d52:      mov    QWORD PTR [rax],0x0
   0x7ffff2030d59:      mov    rax,QWORD PTR [rip+0x3d2f90]        #
0x7ffff2403cf0
=> 0x7ffff2030d60:      mov    QWORD PTR [rax],rdx
   0x7ffff2030d63:      call   0x7ffff20d6d10
   0x7ffff2030d68:      mov    edi,0x3f
   0x7ffff2030d6d:      call   0x7ffff1e8c260 <malloc@plt>
   0x7ffff2030d72:      test   rax,rax
[------------------------------------stack-------------------------------------]
0000| 0x7fffffffd120 --> 0x0
0008| 0x7fffffffd128 --> 0x1
0016| 0x7fffffffd130 --> 0x7ffff4654260 --> 0x7ffff2132003 ("apache2handler")
0024| 0x7fffffffd138 --> 0x7ffff1fcf34b (<php_module_startup+379>:      lea  
rsi,[rip+0x1132a6]        # 0x7ffff20e25f8)
0032| 0x7fffffffd140 --> 0x1558092c0
0040| 0x7fffffffd148 --> 0x555555809160 --> 0x5555558097c0 --> 0x7ffff72aee73
("gethostbyaddr_r")
0048| 0x7fffffffd150 --> 0x2d746e610000007c ('|')
0056| 0x7fffffffd158 ("ubuntu-trusty-64")
[------------------------------------------------------------------------------]
Legend: code, data, rodata, value
Stopped reason: SIGSEGV
0x00007ffff2030d60 in ?? () from /usr/lib/apache2/modules/libphp7.2.so
gdb-peda$ bt
#0  0x00007ffff2030d60 in ?? () from /usr/lib/apache2/modules/libphp7.2.so
#1  0x00007ffff1fcf34b in php_module_startup () from
/usr/lib/apache2/modules/libphp7.2.so
#2  0x00007ffff20d81e5 in ?? () from /usr/lib/apache2/modules/libphp7.2.so
#3  0x00007ffff20d8dd5 in ?? () from /usr/lib/apache2/modules/libphp7.2.so
#4  0x00005555555ad259 in ap_run_post_config ()
#5  0x000055555558b398 in main ()
#6  0x00007ffff714df45 in __libc_start_main (main=0x55555558aaf0 <main>,
argc=0x3,
    argv=0x7fffffffe688, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>,
    stack_end=0x7fffffffe678) at libc-start.c:287
#7  0x000055555558b6af in _start ()
gdb-peda$

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62983] apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

Joe Orton <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |RESOLVED
         Resolution|---                         |INVALID

--- Comment #3 from Joe Orton <[hidden email]> ---
You'll get symbol conflicts trying to load two PHP .so files into the same
httpd.  It's not supported, don't do it.  Use php-fpm & fastcgi and you can run
any number of PHPs simultaneously from a single httpd instance.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62983] apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

0xd0ff9 <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|INVALID                     |WONTFIX

--- Comment #4 from 0xd0ff9 <[hidden email]> ---
But, If users miss handle do this action, apache2 will crash always and
difficult to fix

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62983] apache latest version cause segmentation fault when enable php5 and php7 in the same time

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62983

Eric Covener <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|WONTFIX                     |INVALID

--- Comment #5 from Eric Covener <[hidden email]> ---
These modules aren't even from the ASF.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]