Posted by & filed under PHP.

On july 19th 2012, the PHP group has released PHP 5.4.5 and PHP 5.3.15, that bring over 30 bug fixes, including a fix for a security related overflow issue in the stream implementation.

The corresponding packages are now available on Dotdeb for Debian 6.0 “Squeeze” on both amd64 and i386 architectures (see the installation instructions). Please also note that the php5-xhprof package is now available for PHP 5.4.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

64 Responses to “PHP 5.4.5 and PHP 5.3.15”

  1. Maltris

    Thanks,

    worked very well.

    Still no information about suhosin? What to you think about running PHP without suhosin? Is it very insecure?

    Reply
  2. dpdt1

    after upgrade, restarting php5-fpm daemon gives the following error :
    /etc/init.d/php5-fpm: line 56: 9565 Segmentation fault start-stop-daemon –start –quiet –pidfile $PIDFILE –exec $DAEMON — $DAEMON_ARGS 2> /dev/null

    any ideas? something we’re missing perhaps?

    thanks,
    dpdt1

    Reply
  3. Rancor

    Same here with the segmentation fault after updating the php5 packages from 5.3.14 to 5.3.15. And it’s not only on restart, using php5-fpm starts got this error too.

    Reply
    • Guillaume Plessis

      I’ll need some more information to help you : which distribution? which architecture? Are all your PHP-related packages coming from Dotdeb? Sources.list? Which PHP extensions did you install?
      A trace from the process launch would be great.

      Reply
  4. Basti

    PHP 5.4.5 works great on Debian but why is
    no php5-suhosin available at moment?

    thx for answer

    Reply
  5. dpdt1

    debian stable, amd64, with official, security, volatile, backports & dotdeb repos. all php5 packages come from dotdeb as far as i can see. dmesg : php5-fpm[6992]: segfault at 7f676969f3a0 ip 00007f677131d2b3 sp 00007fff4ba00bc0 error 4 in ld-2.11.3.so[7f677130f000+1e000]

    Reply
    • Guillaume Plessis

      @dpt1 : same config here, no problem. I’ll take a further look at it. Any special tweaking on your libc6 installation? What is the result of

      • dpkg -l ‘libc6*’|grep ‘^.i’
      • dpkg -l ‘*php5*’|grep ‘^.i’

      ?

      Reply
  6. Guillaume Plessis

    @dpt1 : ok, could you please deactivate the sasl, ming, suhosin and apc extensions and see it the segfaults still occurs? If it doesn’t please reactivate them one by one until you find the guilty one.

    Reply
  7. dpdt1

    thx. i tried to deactivate one by one, and it seems php5-sasl was causing it. i only checked with ming before that and had no effect, so not sure about the other extensions. will try later when i have some more time. thanks again :-)

    Reply
    • Kaveh Minooie

      Hi
      so I have been having the same problem as well.
      Sep 7 11:51:56 srv3 kernel: [603259.906084] php5-fpm[2166]: segfault at 7fff26262001 ip 000000000076e02c sp 00007fff262591b0 error 6 in php5-fpm[400000+762000]

      of all the extension that was mentioned here I am only using APC.

      this is by the way on a debian 6.0.5 (squeeze) and here is the result for dpkg

      ii libc6 2.11.3-3 Embedded GNU C Library: Shared libraries
      ii libc6-dev 2.11.3-3 Embedded GNU C Library: Development Libraries and Header Files
      ii libc6-i386 2.11.3-3 Embedded GNU C Library: 32-bit shared libraries for AMD64

      ii php5-apc 5.4.6-1~dotdeb.0 apc module for php5
      ii php5-cli 5.4.6-1~dotdeb.0 command-line interpreter for the php5 scripting language
      ii php5-common 5.4.6-1~dotdeb.0 Common files for packages built from the php5 source
      ii php5-curl 5.4.6-1~dotdeb.0 CURL module for php5
      ii php5-dev 5.4.6-1~dotdeb.0 Files for PHP5 module development
      ii php5-fpm 5.4.6-1~dotdeb.0 server-side, HTML-embedded scripting language (FPM-CGI binary)
      ii php5-gd 5.4.6-1~dotdeb.0 GD module for php5
      ii php5-mysql 5.4.6-1~dotdeb.0 MySQL module for php5
      ii php5-pgsql 5.4.6-1~dotdeb.0 PostgreSQL module for php5
      ii php5-redis 5.4.6-1~dotdeb.0 redis module for php5

      I am also using memcache and igbinary from pecl

      Reply
  8. Rancor

    Hi,

    same config here as dpdt1 except the backports repos.

    That’s my output of the installed libc6 and php5 packages:

    http://pastebin.com/ivZLHd6U

    After disabling php5-xcache the error is gone. But now, after enabling the php5-xcache again the error is still gone.

    Reply
  9. cpl

    same problems here.

    sometimes restart/start works, sometimes not.
    not always the second or the third try…
    sometimes the 10s or 30s earlier or later.
    so its hard to say if an extensions produces the error and when which..

    on debian squeeze 32bit and 64bit.

    Reply
  10. voro1984

    libgv-php5 is not available for 5.4 (depends on phpapi-20090626).
    any chance of getting this package from dotdeb?

    Reply
  11. Guillaume Plessis

    @voro : no plan for this sorry. But you can build your own libgv-php5 packages by trying “apt-get source -b libg-php5″ after installing php5-dev version 5.4. It may be a difficult job.

    Reply
  12. voro1984

    @Guillaume : thanks for the quick reply. I think I’ll call grapviz directly.

    Reply
  13. cpl

    @Guillaume Plessis

    1)
    suhosin is a must have for our customers.
    at the moment no way around this.

    2)
    do you mean apc an xdebug?
    it’s not running on all server at the same time. one some theres only apc. for example.

    3)
    but all this configuration was running well on all our system for a long time until the update yesterday. on the other hand there is no explanation why restart with apc enabled produces an error at the second try. and the other time there are 100 restarts without a problem. tested all extensions this way. (example of 50 restarts with only mysql enabled: https://pad.riseup.net/p/XxydwduHy2NY )

    Reply
  14. cpl

    mae a new test:
    500 restarts in a row with a sleep after each.
    error rate increases by the number of activated extensions (up to 9 of 10)

    Reply
  15. skp

    Don’t know if it’s useful but after the latest upgrade of php (Linode standard Debian with PHP installed/updated via dotdeb) I got the following two lines after restart:

    php5-fpm[18109]: segfault at b5b02064 ip b77a255f sp bfc91210 error 4 in ld-2.11.3.so[b7794000+1b000]
    php5-fpm[18110]: segfault at b6a2f22c ip b775155f sp bfff7510 error 4 in ld-2.11.3.so[b7743000+1b000]

    anywway php seems stable.

    bye

    Reply
  16. Josef

    Is it possible to get a Ubuntu 12.04 repo?
    I hate my company… all servers ubuntu and no current php5 deb -.-

    Reply
  17. Reza

    my server got error too

    on dmesg

    [ 819.731267] php5-fpm[7587]: segfault at b69881d4 ip b770355f sp bfb98440 error 4 in ld-2.11.3.so[b76f5000+1b000]

    use tcp socket

    packages.dotdeb.org

    Reply
  18. Daniel Caillibaud

    The init script doesn’t exit.

    I upgraded php5-fpm to 5.3.15 on debian squeeze 32 last monday without pb.
    This morning, my desktop stop its boot during rc2 init. After a while looking for the pb, it’s /etc/init.d/php5-fpm that start fpm but never end. I have my usual ps tree,

    \_ /bin/sh /etc/init.d/php5-fpm start
    \_ /usr/sbin/php5-fpm –fpm-config /etc/php5/fpm/php-fpm.conf
    \_ php-fpm: master process (/etc/php5/fpm/php-fpm.conf)
    \_ php-fpm: pool drupal
    \_ php-fpm: pool www
    [...]

    fpm seems to run fine (on all the sockets I configure), but init script doesn’t exit and lock the boot :-/

    When launching /etc/init.d/php5-fpm start manually, same thing, ctrl+c neither exits (kill neither do, only kill -9 can stop it).

    After each kill -9, I grep ps output to check that no more php process is running, and remove pidfile and socket. I tried to launch each command of /etc/init.d/php5-fpm one by one by hand, and “start-stop-daemon –start –quiet –pidfile $PIDFILE –exec $DAEMON — $DAEMON_ARGS” never exit. I tried VERBOSE=yes in /etc/default/rcS and then “/etc/init.d/php5-fpm start” ends normally !! I put back VERBOSE=no in /etc/default/rcS and the script still ends normally !!!!

    I’m sure that /etc/ is exactly the same as each day of last week (I check against /etc snapshots I have), so I really don’t understand what’s happened.

    Reply
    • Guillaume Plessis

      @Daniel Caillibaud : Thanks for this report. I’m succeeding in reproducing this freeze in a (Xen-based) virtualized environment. I’ll take a look at it. I wonder if it’s related to the above segfault issue. Something seems to be messed up with the PHP-FPM launch.

      Reply
  19. Guillaume Plessis

    Hi all. I keep on investigating this issue by analyzing backtraces (https://bugs.php.net/bugs-generating-backtrace.php). Here it is :

    Core was generated by `/usr/sbin/php5-fpm --fpm-config /etc/php5/fpm/php-fpm.conf'.
    Program terminated with signal 11, Segmentation fault.
    #0 0x000060d8ee9b82b3 in ?? () from /lib64/ld-linux-x86-64.so.2
    (gdb) bt
    #0 0x000060d8ee9b82b3 in ?? () from /lib64/ld-linux-x86-64.so.2
    #1 0x000060d8ebcdd612 in ?? () from /lib/libc.so.6
    #2 0x000060d8ebcdd665 in exit () from /lib/libc.so.6
    #3 0x0000000000760c0b in fpm_signals_sighandler_exit_ok (pid=-378444608)
    at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm_signals.c:254
    #4
    #5 0x000060d8ee9c0007 in ?? () from /lib64/ld-linux-x86-64.so.2
    #6 0x000060d8ee9bf3f3 in ?? () from /lib64/ld-linux-x86-64.so.2
    #7 0x000060d8ee9bce9a in ?? () from /lib64/ld-linux-x86-64.so.2
    #8 0x000060d8ee9bd59e in ?? () from /lib64/ld-linux-x86-64.so.2
    #9 0x000060d8ee9b7906 in ?? () from /lib64/ld-linux-x86-64.so.2
    #10 0x000060d8ece992ec in ?? () from /lib/libdl.so.2
    #11 0x000060d8ece9900f in dlclose () from /lib/libdl.so.2
    #12 0x00000000006cdaa4 in module_destructor (module=0x3ec9c50) at /usr/src/php5/source/php5-5.3.15/Zend/zend_API.c:2141
    #13 0x00000000006d4342 in zend_hash_apply_deleter (ht=0xeb7920, p=0x3ec9bf0) at /usr/src/php5/source/php5-5.3.15/Zend/zend_hash.c:814
    #14 0x00000000006d45c8 in zend_hash_graceful_reverse_destroy (ht=0xeb7920) at /usr/src/php5/source/php5-5.3.15/Zend/zend_hash.c:850
    #15 0x00000000006c86a5 in zend_shutdown () at /usr/src/php5/source/php5-5.3.15/Zend/zend.c:831
    #16 0x0000000000671f5d in php_module_shutdown () at /usr/src/php5/source/php5-5.3.15/main/main.c:2201
    #17 0x000000000075dee9 in fpm_php_cleanup (which=-434307072, arg=0x313018) at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm_php.c:199
    #18 0x000000000075547e in fpm_cleanups_run (type=2) at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm_cleanup.c:45
    #19 0x0000000000763de2 in fpm_unix_init_main () at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm_unix.c:312
    #20 0x000000000075482f in fpm_init (argc=-434307072, argv=0x313018, config=0x60d8eebb7a88 "",
    prefix=0xffffffffffffffff

    , pid=0x3
    , test_conf=0,
    run_as_root=7717091) at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm.c:59
    #21 0x000000000075c0e3 in main (argc=3, argv=0x7042d6fea938) at /usr/src/php5/source/php5-5.3.15/sapi/fpm/fpm/fpm_main.c:1805


    The same problem seems to occur on other systems, such as FreeBSD.

    Reply
  20. Aleksandr

    Hi Guillaume!

    I decided to go for 5.4 package while 5.3 crashes on my debian stable amd64 development machine … but apparently php5-ffmpeg only works with 5.3.15.
    So my question is: will it be supported on 5.4 ?

    Thanks in advance.

    Reply
  21. Guillaume Plessis

    If you encounter segfaults, could you please try to set and to export the ZEND_DONT_UNLOAD_MODULES environment variable before launching php5-fpm :
    export ZEND_DONT_UNLOAD_MODULES=1

    Tell me if it works. Thanks in advance.

    Reply
  22. Rancor

    Hi,

    yes exporting this environment variable at my system did the trick and the segfault is gone.

    Thanks for this hint!!!

    Reply
  23. cpl

    @Guillaume

    Workaround seems to work on our servers,too.

    Maybe you could release a new version e.g. 5.3.15-1~dotdeb.1 with a customized init.d script to get things work by update …

    Reply
  24. nelmaster_vc

    I have this problems yet in dmesg
    php5-fpm[13755]: segfault at 1d7e8 ip 0001d7e8 sp bfd3acfc error 4 in php5-fpm[8048000+80a000]

    :(

    Reply
  25. nelmaster_vc

    @Guillaume Plessis yep I´m export ZEND_DONT_UNLOAD_MODULES=1 but php5-fpm[13755]: segfault at 1d7e8 ip 0001d7e8 sp bfd3acfc error 4 in php5-fpm[8048000+80a000] in dmesg , in debian squeeze

    Note: php5-fpm work, but problems when restart

    Reply
  26. EM

    Just some short comments (debian squeeze, 32 bit):
    – the restart issue exists. The supposed export fixes this issue

    Some additional things with the current release and the SEGAULT issues:
    – having xhprof installed using php5-xhprof leads to several segfaults without a debugtrace. Use the PECL Version for now
    – using slowlog with stacktrace, you can end up with segfaults because the stacktrace is to long or similar. In that case, your script dies after the slowlog timeout

    General FastCGI hints ( not an dotdeb issue)
    – for all being newer to FPM, be aware you set idle-timeout in the FastCgiExtern derictive to something higher then you php max-exectution time / the FPM process timeout. Otherwise you get a apache/nginx/webserver timeout (500 Internal server error) while the process continues to run

    And, last but not lest, thank you for your outstanding work here!!

    Reply
  27. EM

    well, that export did not really fix my issue, but i think https://bugs.php.net/bug.php?id=62216 is very related here.

    i modified his fix:
    PIDFILE=/var/run/php5-fpm.pid
    DAEMON_ARGS=”–fpm-config /etc/php5/fpm/php-fpm.conf –pid $PIDFILE”

    (be aware, you change the order of PIDFILE and DEAMON_ARGS)

    I also changed the TIMEOUT to 5 seconds, which is used below to wait between sigterms QUIT and TERM

    Still, that way, you can get stop/start working, but still restart wont work:
    An another FPM instance seems to already listen on /var/run/php-fpm/pools/www/www.sock

    More or less, i think this is all dedicated to
    start-stop-daemon –stop –quiet –oknodo –retry=0/30/TERM/5/KILL/5 –exec $DAEMON

    since the init.d script trys to let the forks complete properly before finally killing it. But killing takes longer and e.g. the socket does not get deleted in time, therefore the start script fails.

    so we first send TERM, check instanly, then we wait for 30 seconds, before we send another the TERM signal (soft/good kill), wait another 5s and kill the process hard, then wait for 5 seconds once again.

    Still, starting and stoping fail randomly and i dont know why.

    Some help would be awesome here

    Reply
  28. EM

    Sorry from tripple-posting, but i just had another suggestion:

    Could it be, that the script is trying to kill the forks, which then are instantly restarted and therefor the fork-kill script gets into a loop? so basically, it kills fork 1, goes on to 2, trys to kill that, fork1 is restarted, it goes to 1…and so forth. That would explain why the script goes on forever, because the timeouts are never hit, as there is a reaction on the kill.

    Does that sound any clueless? :)

    Reply
  29. zsero

    Hi,

    The restart is broken for me too! The export ZEND_DONT_UNLOAD_MODULES=1 fix works! Where should I put it? In .bashrc? Or it will be fixed with the next release? Thanks!

    Reply
  30. Robbe

    We had the same problem with php version 5.3.16 and 5.4.6 but as soon as we got the imap.ini in /etc/php5/conf.d/ removed, php5-fpm was restarting like a charm again..

    Could anyone else verify this?

    Reply
  31. EM

    We are not using IMAP at all, so i dont think this is related. I have better results with 5.3.16 currently, it stuckes rare, but it still does from time to time

    Reply

Leave a Reply

  • (will not be published)


seven − 1 =