OPcache PHP autoloader crashes on PHP8 < 8.1.6
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php8.1 (Ubuntu) |
Fix Released
|
Undecided
|
Athos Ribeiro | ||
Jammy |
Fix Released
|
Undecided
|
Athos Ribeiro | ||
Kinetic |
Fix Released
|
Undecided
|
Athos Ribeiro |
Bug Description
[Impact]
This is a known OPcache regression in 8.1 versions below 8.1.6 upstream release which has been fixed upstream. The bug manifests itself through PHP autoloader crashes.
Known affected use cases include Drupal, which returns 500 errores on such PHP crashes. New Drupal versions warn it does not supporting PHP < 8.1.6 due to this issue, which has been reported and fixed in https:/
[Test Plan]
While there is no minimal known test case to fully reproduce the issue and its side-effects, the upstream patch proposed includes unit-tests for the proposed fix. These tests are aimed at a different bug fixed through the same patch, and cannot confirm this fix, but should confirm no regressions are introduced. Finally, we should rely on affected users to test the patched package and verify there are no manifestations of the bug in a few days interval.
[Where problems could occur]
* Regression are potentially isolated to the OPcache area of PHP;
* Such changes usually tend to affect FPM instead of the CLI but this depends on user configuration;
* An SRU would cause FPM to restart (if in use) and hence wipe previous OPcache data (this should be expected by the user for every PHP SRU);
* The patch in question was introduced in php 8.1.6, therefore, the backport could trigger unexpected codepaths not predicted during our verification steps. If we get to this point, we will need a new regression bug report and SRU.
[Other Info]
* The Drupal community is starting to deny-list Ubuntu's PHP due to this issue:
https:/
* SRU with the backport is a minimum to actually fix the breakage
* PHP developers argue against SRU backports and demand 8.1.6
Related branches
- Kraut.Hosting (community): Approve
- Canonical Server packageset reviewers: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 494 lines (+469/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/0048-Clear-recorded-errors-before-executing-shutdown-func.patch (+461/-0)
debian/patches/series (+1/-0)
CVE References
tags: | removed: server-todo |
Changed in php8.1 (Ubuntu Jammy): | |
status: | Triaged → In Progress |
summary: |
- Import >= 8.1.6 to fix OPcache bug + OPcache PHP autoloader crashes on PHP8 < 8.1.6 |
description: | updated |
@Marc @Athos Hey there, seems you got some work on 8.1.5 floating in ubuntu/devel :D
Would you mind giving it a push to 8.1.6 and push to ubuntu/jammy-devel for testing?