|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #75968 php-fpm restarts master process in a loop when using Program execution Function
Submitted: 2018-02-16 15:22 UTC Modified: 2018-02-23 16:54 UTC
Avg. Score:5.0 ± 0.2
Reproduced:21 of 21 (100.0%)
Same Version:14 (66.7%)
Same OS:10 (47.6%)
From: schnederle at futureweb dot at Assigned: bukka (profile)
Status: Duplicate Package: FPM related
PHP Version: 7.2.2 OS: Centos/RHEL 7.4
Private report: No CVE-ID: 2015-9253
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
11 + 33 = ?
Subscribe to this entry?

 [2018-02-16 15:22 UTC] schnederle at futureweb dot at
Follow-Up to already reported Bug #70185 (
Still a Problem with current PHP 7.2.2.

When using Program execution Functions (passthru(), exec(), shell_exec(), system(), ...) the php-fpm: master process reproduceable crashes with signal 15 (SIGTERM) which leads to crash-loop, 100% CPU usage and spamming of Logs (30GB within 1 day on my Dev-Server)

Test script:
exec('/usr/bin/postcss css_from.css --use autoprefixer --autoprefixer.remove "false" --output css_to.css');
echo 'Done';

Actual result:
Millions of:
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53778 exited on signal 15 (SIGTERM) after 0.046685 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53782 exited on signal 15 (SIGTERM) after 0.045416 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53785 exited on signal 15 (SIGTERM) after 0.045331 seconds from start
[16-Feb-2018 14:48:30] WARNING: [pool www] child 53787 exited on signal 15 (SIGTERM) after 0.044765 seconds from start


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2018-02-16 15:32 UTC] schnederle at futureweb dot at
correction - not the master process crashes but php-fpm continues to restart the process over and over again using 100% of the CPU on the php-fpm master process. (crash loop)
 [2018-02-16 15:38 UTC]
-Status: Open +Status: Feedback
 [2018-02-16 15:38 UTC]
Is it possible to provide a **self-contained** reproducer for this? That is, using something like "ls" rather than "postcss"?

If not, please provide detailed instructions on how to reproduce this, including any necessary input files and instructions for the installation of necessary programs.
 [2018-02-16 15:51 UTC] schnederle at futureweb dot at
was able to reproduce behaviour "self contained":

Script 1:
stream_set_blocking(STDIN, false);
echo "Blah";

Script 2:
passthru('/usr/bin/php /path/to/1.php');

Reproduceable on 2 Machines with php-fpm 7.2.2 and earlier.

As it can be used to DOS Shared Hosting Servers (i.e. all Plesk Servers use PHP-FPM) I think this got some Security implications too.
 [2018-02-16 15:54 UTC]
-Status: Feedback +Status: Open
 [2018-02-20 10:38 UTC] schnederle at futureweb dot at
someone with proper rights please assign CVE-2015-9253 to this Bug Report.

 [2018-02-20 23:07 UTC]
-Type: Bug +Type: Security -Private report: No +Private report: Yes -CVE-ID: +CVE-ID: 2015-9253
 [2018-02-20 23:11 UTC]
-Package: Reproducible crash +Package: FPM related
 [2018-02-20 23:11 UTC]
Could someone explain to me why this is a security issue? Which permission border is being crossed?
 [2018-02-20 23:12 UTC]
I mean, if you have process exec privileges, couldn't you just "kill -9" your parent  FPM process from shell and achieve the same effect?
 [2018-02-21 13:18 UTC]
> Could someone explain to me why this is a security issue?

Sorry, I can't.  I've merely switched to private, since a CVE had
been assigned.
 [2018-02-23 03:27 UTC]
-Assigned To: +Assigned To: bukka
 [2018-02-23 14:03 UTC]
This seems just like a duplicate of the that is public already so there is no reason to keep this as a security bug IMHO.
 [2018-02-23 16:54 UTC]
-Status: Assigned +Status: Duplicate -Type: Security +Type: Bug
 [2018-02-23 16:54 UTC]
Duplicate of bug #73342. Unassigning privacy status as this has been public for a long time already.

Bug #73342 also has a patch attached, though I haven't checked if it makes sense.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Apr 18 00:01:28 2024 UTC