Skip to content

fpm_get_status segfault #18595

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aurimasniekis opened this issue May 19, 2025 · 1 comment
Open

fpm_get_status segfault #18595

aurimasniekis opened this issue May 19, 2025 · 1 comment
Labels
Bug SAPI: fpm Status: Needs Triage

Comments

@aurimasniekis
Copy link

aurimasniekis commented May 19, 2025
edited
Loading

Description

The following code:

<?php
fpm_get_status();

Causes SegFault:

#0  0x00007f71b592ad04 in strlen (s=<optimized out>) at src/string/strlen.c:17
#1  0x000055c42448af96 in add_assoc_string_ex (arg=0x7fff1522fd90, key=0x55c4254b1a50 "state", key_len=5, str=0x0) at /usr/src/php/Zend/zend_API.c:1986
#2  0x000055c42464efc3 in add_assoc_string (arg=0x7fff1522fd90, key=0x55c4254b1a50 "state", str=0x0) at /usr/src/php/Zend/zend_API.h:581
#3  0x000055c42464f9d1 in fpm_status_export_to_zval (status=0x7f71b4817c70) at /usr/src/php/sapi/fpm/fpm/fpm_status.c:115
#4  0x000055c424647108 in zif_fpm_get_status (execute_data=0x7f71b4817cd0, return_value=0x7f71b4817c70) at /usr/src/php/sapi/fpm/fpm/fpm_main.c:1531
#5  0x000055c41eec8799 in ?? ()
#6  0x00007f71b49140f0 in ?? ()
#7  0x00007f7100000007 in ?? ()
#8  0x000000100000017a in ?? ()
#9  0x0000000000000308 in ?? ()
#10 0x00007f71b486b000 in ?? ()
#11 0x0000000000000080 in ?? ()
#12 0x0000000100000007 in ?? ()
#13 0x0000000100000308 in ?? ()
#14 0x0000000000000001 in ?? ()
#15 0x00007f71b4817f40 in ?? ()
#16 0x00007f71b4817e90 in ?? ()
#17 0x00007f71b4800040 in ?? ()
#18 0x00007f71b4817760 in ?? ()
#19 0x000055c42447d64e in zend_mm_set_next_free_slot (heap=0x1, bin_num=32767, slot=0x5302ffbcd5d100a9, next=0x7fff152300f0) at /usr/src/php/Zend/zend_alloc.c:1317
#20 0x000055c42458ab47 in zend_execute (op_array=0x7f71b486b000, return_value=0x0) at /usr/src/php/Zend/zend_vm_execute.h:64245
#21 0x000055c424633af8 in zend_execute_script (type=8, retval=0x0, file_handle=0x7fff15231560) at /usr/src/php/Zend/zend.c:1934
#22 0x000055c4243d32a5 in php_execute_script_ex (primary_file=0x7fff15231560, retval=0x0) at /usr/src/php/main/main.c:2575
#23 0x000055c4243d3454 in php_execute_script (primary_file=0x7fff15231560) at /usr/src/php/main/main.c:2615
#24 0x000055c424647eb6 in main (argc=1, argv=0x7fff15231938) at /usr/src/php/sapi/fpm/fpm/fpm_main.c:1932

From the source it looks like this method wasn't updated for long time and I don't really have a clue why it fails.

https://github.com/php/php-src/blame/PHP-8.4.7/sapi/fpm/fpm/fpm_status.c#L115

PHP Version

PHP 8.4.7 (cli) (built: May 19 2025 07:06:15) (NTS DEBUG)
Copyright (c) The PHP Group
Built by https://github.com/docker-library/php
Zend Engine v4.4.7, Copyright (c) Zend Technologies
    with Zend OPcache v8.4.7, Copyright (c), by Zend Technologies

---

PHP 8.4.7 (fpm-fcgi) (built: May 19 2025 07:06:15) (NTS DEBUG)
Copyright (c) The PHP Group
Built by https://github.com/docker-library/php
Zend Engine v4.4.7, Copyright (c) Zend Technologies
    with Zend OPcache v8.4.7, Copyright (c), by Zend Technologies

Operating System

Alpine 3.21
@iluuu1994
Copy link
Member

Seems this happens on line:

php-src/sapi/fpm/fpm/fpm_status.c

Line 115 in ecdb771

add_assoc_string(&fpm_proc_stat, "state", fpm_request_get_stage_name(procs[i].request_stage));

Potentially, procs[i].request_stage may not be valid? /cc @bukka

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug SAPI: fpm Status: Needs Triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aurimasniekis @iluuu1994 @nielsdos