|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2016-11-23 06:23 UTC] laruence@php.net
[2016-11-23 06:28 UTC] laruence@php.net
[2016-11-23 06:28 UTC] laruence@php.net
-Status: Open
+Status: Closed
[2016-11-30 23:14 UTC] davey@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Oct 30 22:00:01 2025 UTC |
Description: ------------ When a function and a class have the same name in a conditional section (such as 'if (!function_exists('a')) { function a() {} class a {} }' php (with opcache enabled) segfaults. It doesn't crash if the same code appears outside the condition. It doesn't crash when opcache is disabled. It doesn't crash when names differ. Test script: --------------- <?php if (true) { class A { } function A() { } } ?> Expected result: ---------------- No output, no segfaults Actual result: -------------- [root@stage30 current]# php -n -d zend_extension=opcache.so -d opcache.enable_cli=1 q.php Segmentation fault (core dumped) [root@stage30 current]# gdb `which php` /tmp/core-php.10991 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/php...Reading symbols from /usr/lib/debug/usr/bin/php.debug...done. done. [New LWP 10991] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `php -n -d zend_extension=opcache.so -d opcache.enable_cli=1 q.php'. Program terminated with signal 11, Segmentation fault. #0 0x00007fa9fe586558 in memcpy (__len=208, __src=0x0, __dest=0x7fa9f9e02620) at /usr/include/bits/string3.h:51 51 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); (gdb) bt #0 0x00007fa9fe586558 in memcpy (__len=208, __src=0x0, __dest=0x7fa9f9e02620) at /usr/include/bits/string3.h:51 #1 do_bind_function (op_array=<optimized out>, opline=<optimized out>, function_table=0x7fa9ffc4cf80, compile_time=compile_time@entry=0 '\000') at /usr/src/debug/php-7.1.0RC6/Zend/zend_compile.c:1073 #2 0x00007fa9fe600113 in ZEND_DECLARE_FUNCTION_SPEC_HANDLER () at /usr/src/debug/php-7.1.0RC6/Zend/zend_vm_execute.h:1620 #3 0x00007fa9fe5ef41b in execute_ex (ex=<optimized out>) at /usr/src/debug/php-7.1.0RC6/Zend/zend_vm_execute.h:429 #4 0x00007fa9fe597829 in dtrace_execute_ex (execute_data=<optimized out>) at /usr/src/debug/php-7.1.0RC6/Zend/zend_dtrace.c:83 #5 0x00007fa9fe642db4 in zend_execute (op_array=op_array@entry=0x7fa9f9e83000, return_value=return_value@entry=0x0) at /usr/src/debug/php-7.1.0RC6/Zend/zend_vm_execute.h:474 #6 0x00007fa9fe5a7eb3 in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at /usr/src/debug/php-7.1.0RC6/Zend/zend.c:1464 #7 0x00007fa9fe545fa8 in php_execute_script (primary_file=primary_file@entry=0x7fffcda609c0) at /usr/src/debug/php-7.1.0RC6/main/main.c:2533 #8 0x00007fa9fe645058 in do_cli (argc=7, argv=0x7fa9ffc4ce40) at /usr/src/debug/php-7.1.0RC6/sapi/cli/php_cli.c:990 #9 0x00007fa9fe42392f in main (argc=7, argv=0x7fa9ffc4ce40) at /usr/src/debug/php-7.1.0RC6/sapi/cli/php_cli.c:1378