Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 518964 - dev-lang/php-5.5* - src_configure(): segmentation faults in conftest
Summary: dev-lang/php-5.5* - src_configure(): segmentation faults in conftest
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: PHP Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-03 18:47 UTC by Thomas Deutschmann
Modified: 2016-03-04 00:40 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
build.log.gz (build.log.gz,49.79 KB, application/gzip)
2014-08-03 18:48 UTC, Thomas Deutschmann
Details
cli config.log (showing segmentation faults for PID 67878 & 67901) (cli-config.log,788.28 KB, text/plain)
2015-11-09 13:41 UTC, Thomas Deutschmann
Details
fpm config.log (showing segmentation faults for PID 79461 & 79484) (fpm-config.log,867.47 KB, text/plain)
2015-11-09 13:42 UTC, Thomas Deutschmann
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev Security 2014-08-03 18:47:17 UTC
Hi,

sounds like a dupe bug 376735 just with the current dev-lang/php-5.5.15 version, but because I am seeing this in a non-hardened environment I am creating a new bug.

build.log will be attached.

Do you need a copy of the core dumps?

Reproducible: Always

Steps to Reproduce:
1. # emerge -a1 dev-lang/php
Actual Results:  
After emerging dev-lang/php-5.5.15 "/var/tmp/coredumps" contains 4 core dumps:

# ls -l /var/tmp/coredumps/
total 1392
-rw------- 1 portage portage 491520 Aug  3 20:30 conftest.18848.1407090651
-rw------- 1 portage portage 491520 Aug  3 20:30 conftest.18871.1407090651
-rw------- 1 portage portage 491520 Aug  3 20:30 conftest.7590.1407090628
-rw------- 1 portage portage 491520 Aug  3 20:30 conftest.7613.1407090628


Expected Results:  
No core dumps.

# emerge --info =dev-lang/php-5.5.15
Portage 2.2.10 (default/linux/amd64/13.0, gcc-4.8.3, glibc-2.19-r1, 3.15.8-gentoo x86_64)
=================================================================
                         System Settings
=================================================================
System uname: Linux-3.15.8-gentoo-x86_64-Intel-R-_Core-TM-_i7-3770K_CPU_@_3.50GHz-with-gentoo-2.2
KiB Mem:     4043224 total,   2773736 free
KiB Swap:    1048572 total,   1048572 free
Timestamp of tree: Sat, 02 Aug 2014 18:15:01 +0000
ld GNU ld (GNU Binutils) 2.24
app-shells/bash:          4.2_p47
dev-lang/python:          2.7.8, 3.3.5-r1, 3.4.1
dev-util/cmake:           2.8.12.2-r1
dev-util/pkgconfig:       0.28-r2
sys-apps/baselayout:      2.2
sys-apps/openrc:          0.12.4
sys-apps/sandbox:         2.6-r1
sys-devel/autoconf:       2.69
sys-devel/automake:       1.14.1
sys-devel/binutils:       2.24-r3
sys-devel/gcc:            4.8.3
sys-devel/gcc-config:     1.8
sys-devel/libtool:        2.4.2-r1
sys-devel/make:           4.0-r1
sys-kernel/linux-headers: 3.15 (virtual/os-headers)
sys-libs/glibc:           2.19-r1

ABI="amd64"
ABI_X86="64"
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA"
ACCEPT_PROPERTIES="*"
ACCEPT_RESTRICT="*"
ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-int
el intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci"
APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm aut
hn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid
 dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config log
io mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias"
ARCH="amd64"
AUTOCLEAN="yes"
BOOTSTRAP_USE="cxx unicode internal-glib python_targets_python3_3 python_targets_python2_7 multilib"
CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author"
CAMERAS="ptp2"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=core-avx-i -mno-movbe -mno-abm -mno-lwp -mno-fma -mno-fma4 -mno-xop -mno-bmi -mno-bmi2 -mno-tbm
 -mno-avx2 -mno-lzcnt --param l1-cache-size=32 --param l1-cache-line-size=64 --param l2-cache-size=8192 -mtune=generic"
CFLAGS_amd64="-m64"
CFLAGS_x32="-mx32"
CFLAGS_x86="-m32"
CHOST="x86_64-pc-linux-gnu"
CHOST_amd64="x86_64-pc-linux-gnu"
CHOST_x32="x86_64-pc-linux-gnux32"
CHOST_x86="i686-pc-linux-gnu"
CLEAN_DELAY="5"
COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog"
COLLISION_IGNORE="/lib/modules/* *.py[co] *$py.class */dropin.cache"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.5/ext-act
ive/ /etc/php/cgi-php5.5/ext-active/ /etc/php/cli-php5.5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe -march=core-avx-i -mno-movbe -mno-abm -mno-lwp -mno-fma -mno-fma4 -mno-xop -mno-bmi -mno-bmi2 -mno-t
bm -mno-avx2 -mno-lzcnt --param l1-cache-size=32 --param l1-cache-line-size=64 --param l2-cache-size=8192 -mtune=generic
"
DEFAULT_ABI="amd64"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs cgroup config-protect-if-modified distlocks downgrade-backup ebuild-locks fixlafile
s ipc-sandbox merge-sync network-sandbox news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-
features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync"
FFLAGS="-O2 -pipe"
GCC_SPECS=""
IUSE_IMPLICIT="abi_x86_64 prefix"
KERNEL="linux"
LANG="en_US.UTF-8"
MAKEOPTS="--jobs 6"
MULTILIB_ABIS="amd64 x86"
PHP_TARGETS="php5-5"



=================================================================
                        Package Settings
=================================================================

dev-lang/php-5.5.15 was built with the following:
USE="bcmath cli crypt ctype curl exif fileinfo filter fpm gd hash iconv inifile ipv6 json mysql mysqli nls opcache pdo readline session simplexml ssl tokenizer truetype unicode xml zlib -apache2 -berkdb -bzip2 -calendar -cdb -cgi -cjk -debug -embed -enchant (-firebird) -flatfile (-frontbase) -ftp -gdbm -gmp -imap -intl -iodbc -kerberos -ldap -ldap-sasl -libedit -libmysqlclient -mhash -mssql -oci8-instant-client -odbc -pcntl -phar -posix -postgres -qdbm -recode (-selinux) -sharedmem -snmp -soap -sockets -spell -sqlite (-sybase-ct) -systemd -sysvipc -threads -tidy -wddx -xmlreader -xmlrpc -xmlwriter -xpm -xslt -zip" ABI_X86="64"
Comment 1 Thomas Deutschmann gentoo-dev Security 2014-08-03 18:48:22 UTC
Created attachment 382166 [details]
build.log.gz
Comment 2 Thomas Deutschmann gentoo-dev Security 2014-08-29 22:40:51 UTC
Still happening with dev-lang/php-5.6.0.

From dmesg:
[29723.678569] conftest[43264]: segfault at 0 ip 0000000000400590 sp 00007fffb9664e70 error 4 in conftest[400000+1000]
[29723.762081] conftest[43287]: segfault at 0 ip 00007f26cda084d6 sp 00007fff10a71278 error 4 in libc-2.19.so[7f26cd8e0000+1a0000]


# emerge --info =dev-lang/php-5.6.0
Portage 2.2.12 (python 3.3.5-final-0, default/linux/amd64/13.0, gcc-4.8.3, glibc-2.19-r1, 3.15.10-gentoo x86_64)
=================================================================
                         System Settings
=================================================================
System uname: Linux-3.15.10-gentoo-x86_64-Intel-R-_Core-TM-_i7-3770K_CPU_@_3.50GHz-with-gentoo-2.2
KiB Mem:     4043224 total,   2671372 free
KiB Swap:    1048572 total,   1048572 free
Timestamp of tree: Fri, 29 Aug 2014 21:45:01 +0000
ld GNU ld (GNU Binutils) 2.24
app-shells/bash:          4.2_p47
dev-lang/python:          2.7.8, 3.3.5-r1, 3.4.1
dev-util/cmake:           2.8.12.2-r2
dev-util/pkgconfig:       0.28-r2
sys-apps/baselayout:      2.2
sys-apps/openrc:          0.13.1
sys-apps/sandbox:         2.6-r1
sys-devel/autoconf:       2.69
sys-devel/automake:       1.14.1
sys-devel/binutils:       2.24-r3
sys-devel/gcc:            4.8.3
sys-devel/gcc-config:     1.8
sys-devel/libtool:        2.4.2-r1
sys-devel/make:           4.0-r1
sys-kernel/linux-headers: 3.15 (virtual/os-headers)
sys-libs/glibc:           2.19-r1

[...]

dev-lang/php-5.6.0 was built with the following:
USE="cli -apache2 -bcmath -berkdb -bzip2 -calendar -cdb -cgi -cjk -crypt -ctype -curl -debug -embed -enchant -exif -fileinfo -filter (-firebird) -flatfile -fpm (-frontbase) -ftp -gd -gdbm -gmp -hash -iconv -imap -inifile -intl -iodbc -ipv6 -json -kerberos -ldap -ldap-sasl -libedit -libmysqlclient -mhash -mssql -mysql -mysqli -nls -oci8-instant-client -odbc -opcache -pcntl -pdo -phar -posix -postgres -qdbm -readline -recode (-selinux) -session -sharedmem -simplexml -snmp -soap -sockets -spell -sqlite -ssl (-sybase-ct) -systemd -sysvipc -threads -tidy -tokenizer -truetype -unicode -vpx -wddx -xml -xmlreader -xmlrpc -xmlwriter -xpm -xslt -zip -zlib" ABI_X86="64"
Comment 3 Michael Orlitzky gentoo-dev 2015-11-07 01:01:22 UTC
Is this still a problem for you? If this is a problem in PHP, what we really need (in order to report it upstream) is a backtrace of the crash. You can get a backtrace out of a core dump, but there's a catch: the backtrace isn't very useful unless you compile the thing that crashed with some special flags.

The Quality Assurance project has an awesome page here that gives all of the details:

https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces

If you're still having the problem, let's try to get a backtrace and figure out where it's crashing.
Comment 4 Thomas Deutschmann gentoo-dev Security 2015-11-09 13:41:12 UTC
Created attachment 416382 [details]
cli config.log (showing segmentation faults for PID 67878 & 67901)

(In reply to Michael Orlitzky from comment #3)
> Is this still a problem for you?

I cannot judge if it is a _problem_ but I still have multiple segmentation faults by conftest in latest PHP versions.

Creating a backtrace for conftest is not that easy. I hope that the attached config.log shows enough information.

Segfaulting pids:

- 67878
- 67901
- 79461
- 79484

Looks like a problem with the crypt checks.
Comment 5 Thomas Deutschmann gentoo-dev Security 2015-11-09 13:42:18 UTC
Created attachment 416384 [details]
fpm config.log (showing segmentation faults for PID 79461 & 79484)
Comment 6 Michael Orlitzky gentoo-dev 2015-11-09 15:53:47 UTC
Thanks, I've confirmed this and am able to reproduce it. It's been reported a few other places too but never noticed upstream (I don't think):

http://grokbase.com/t/php/php-install/143afs746a/5-5-10-segmentation-fault-at-extended-des-and-blowfish

http://www.linuxquestions.org/questions/slackware-14/php-configure-segfaults-after-glibc-upgrade-4175536308/

The problem is that with >=glibc-2.17, the crypt() function can return NULL. When conftest.c tries to pass NULL to strcmp(), we get a segfault.
Comment 7 Michael Orlitzky gentoo-dev 2015-11-09 16:08:45 UTC
https://github.com/php/php-src/pull/1626
Comment 8 Thomas Deutschmann gentoo-dev Security 2015-11-09 17:10:44 UTC
Thanks for the patch. I no longer see the segmentation faults when building PHP!
Comment 9 Michael Orlitzky gentoo-dev 2016-03-04 00:40:42 UTC
This was just merged upstream as:

https://github.com/php/php-src/commit/08fce8e2c5de358b9552adf94302f0f798a48d89

If we're lucky this will land in the next round of bugfix releases (5.6.20, 7.0.5), but it may only show up in 7.1.0 whenever that hits.