php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77092 array_diff_key() - segmentation fault
Submitted: 2018-11-01 22:21 UTC Modified: 2018-11-02 13:24 UTC
From: root4root at gmail dot com Assigned: nikic (profile)
Status: Closed Package: opcache
PHP Version: 7.2.11 OS: Linux/Windows
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: root4root at gmail dot com
New email:
PHP Version: OS:

 

 [2018-11-01 22:21 UTC] root4root at gmail dot com
Description:
------------
Since PHP 7.2.0, fpm/mod_php environment. Appears only if Opcache is enabled.

When we use function array_diff_key() or array_diff_assoc() inside a class method. Including or direct running file with code below leads segmentation fault.

require/include mentioned code inside some user function, we have error described here: https://bugs.php.net/bug.php?id=77070 instead of segfault.



Test script:
---------------
<?php
class AnyClassName
{
    public function anyMethodName()
    {
        $anyArrayOne = ['foo' => 'bar', 'bar' => 'baz'];
        $anyArrayTwo = ['foo' => null];
        
        //Output or variable assignment:
        print_r(array_diff_key($anyArrayOne, $anyArrayTwo));
        //$result = [];
        //$result[] = array_diff_key($anyArrayOne, $anyArrayTwo);
    }
}
//EOF

Actual result:
--------------
#0  0xb6411bf5 in zend_parse_va_args (num_args=2, type_spec=0xb6c0cc34 "+", va=0xbfc0aee0, flags=0) at /php7.2.11/Zend/zend_API.c:920
#1  0xb6411df2 in zend_parse_parameters (num_args=2, type_spec=0xb6c0cc34 "+") at /php7.2.11/Zend/zend_API.c:990
#2  0xb6229728 in php_array_diff_key (execute_data=0xb547d000, return_value=0xbfc0b0f0, data_compare_type=-1) at /php7.2.11/ext/standard/array.c:5082
#3  0xb622ab0b in zif_array_diff_key (execute_data=0xb547d000, return_value=0xbfc0b0f0) at /php7.2.11/ext/standard/array.c:5409
#4  0xb51a4144 in ct_eval_func_call (result=0xbfc0b0f0, name=0xb546a0e0, num_args=2, args=0xbfc0b100) at /php7.2.11/ext/opcache/Optimizer/sccp.c:848
#5  0xb51a5c68 in sccp_visit_instr (scdf=0xbfc0b1b0, opline=0xb546f1e8, ssa_op=0xb548e320) at /php7.2.11/ext/opcache/Optimizer/sccp.c:1283
#6  0xb51a789a in scdf_solve (scdf=0xbfc0b1b0, name=0xb51bf95f "SCCP") at /php7.2.11/ext/opcache/Optimizer/scdf.c:167
#7  0xb51a6e9a in sccp_optimize_op_array (ctx=0xbfc0b3c8, op_array=0xb540b148, ssa=0xb548e094, call_map=0xb548e158) at /php7.2.11/ext/opcache/Optimizer/sccp.c:1673
#8  0xb517ab57 in zend_dfa_optimize_op_array (op_array=0xb540b148, ctx=0xbfc0b3c8, ssa=0xb548e094, call_map=0xb548e158) at /php7.2.11/ext/opcache/Optimizer/dfa_pass.c:567
#9  0xb5162267 in zend_optimize_script (script=0xb546f000, optimization_level=2147467263, debug_level=0) at /php7.2.11/ext/opcache/Optimizer/zend_optimizer.c:1263
#10 0xb5141b68 in cache_script_in_shared_memory (new_persistent_script=0xb546f000, key=0xb7d9bb70 "/home/pavel/bitbucket/zhostovo2/www/test.php", key_length=44, from_shared_memory=0xbfc0b47c)
    at /php7.2.11/ext/opcache/ZendAccelerator.c:1333
#11 0xb5143756 in persistent_compile_file (file_handle=0xbfc0d7e8, type=8) at /php7.2.11/ext/opcache/ZendAccelerator.c:1947
#12 0xb640e0b7 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /php7.2.11/Zend/zend.c:1490
#13 0xb6382fd1 in php_execute_script (primary_file=0xbfc0d7e8) at /php7.2.11/main/main.c:2590
#14 0xb64e7f7e in php_handler (r=0xb7d9a7a8) at /php7.2.11/sapi/apache2handler/sapi_apache2.c:701
#15 0xb771d364 in ap_run_handler ()
#16 0xb771d986 in ap_invoke_handler ()
#17 0xb7738572 in ap_process_async_request ()
#18 0xb773875b in ap_process_request ()
#19 0xb7733ef6 in ?? ()
#20 0xb7729014 in ap_run_process_connection ()
#21 0xb773fdb8 in ?? ()
#22 0xb774005b in ?? ()
#23 0xb77400bd in ?? ()
#24 0xb7740969 in ?? ()
#25 0xb76fb074 in ap_run_mpm ()
#26 0xb76f2900 in main ()


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-11-02 13:24 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2018-11-02 13:37 UTC] nikic@php.net
Automatic comment on behalf of nikita.ppv@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4daa413898948dad90bc797ccab200115326efc7
Log: Fixed bug #77092
 [2018-11-02 13:37 UTC] nikic@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 17:01:58 2024 UTC