php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #79828 Segfault when trying to access non-existing variable
Submitted: 2020-07-10 23:04 UTC Modified: 2020-07-13 07:55 UTC
From: sam at rmcreative dot ru Assigned: nikic (profile)
Status: Closed Package: Reproducible crash
PHP Version: 8.0.0alpha2 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: sam at rmcreative dot ru
New email:
PHP Version: OS:

 

 [2020-07-10 23:04 UTC] sam at rmcreative dot ru 
Description:
------------
Executing test script under php:8.00-rc-cli-alpine segfaults.

Can also be seen at https://3v4l.org/VRAoq

Test script:
---------------
<?php
function getTime(): DateTimeInterface
{
    return $time;
}

echo __LINE__; // OK
getTime(); // Segfault
echo __LINE__; // We aren't getting here

Expected result:
----------------
Same output as PHP 7:

7
Notice: Undefined variable: time in /in/VRAoq on line 4

Fatal error: Uncaught TypeError: Return value of getTime() must implement interface DateTimeInterface, null returned in /in/VRAoq:4
Stack trace:
#0 /in/VRAoq(8): getTime()
#1 {main}
  thrown in /in/VRAoq on line 4

Process exited with code 255.

Actual result:
--------------
7
Process exited with code 139.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-10 23:53 UTC] requinix@php.net
-Status: Open +Status: Verified
 [2020-07-10 23:53 UTC] requinix@php.net 
Repro is returning an uninitialized variable inside a return-typed function.

function foo(): AnyType {
   return $uninitialized;
}
foo();

#0  0x0000000008696c3f in zend_get_executed_lineno () at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_execute_API.c:560
#1  0x00000000086adcfc in get_filename_lineno (type=2, filename=0x7ffffffea6e8, lineno=0x7ffffffea6e4)
    at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend.c:1447
#2  0x00000000086adedd in zend_error (type=2, format=0x8f58527 "Undefined variable $%s") at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend.c:1483
#3  0x00000000086d8a9a in zval_undefined_cv (var=80) at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_execute.c:269
#4  0x00000000086d8be6 in _get_zval_ptr_cv_BP_VAR_R (var=80) at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_execute.c:342
#5  0x00000000087450c3 in ZEND_VERIFY_RETURN_TYPE_SPEC_CV_UNUSED_HANDLER () at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_vm_execute.h:44554
#6  0x0000000008751842 in execute_ex (ex=0x7ffff4a13020) at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_vm_execute.h:55746
#7  0x0000000008751db7 in zend_execute (op_array=0x7ffff4a5c280, return_value=0x0)
    at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend_vm_execute.h:56094
#8  0x00000000086aea0e in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/ubuntu/php/php-8.0.0alpha2-src/Zend/zend.c:1667
#9  0x0000000008617bdc in php_execute_script (primary_file=0x7ffffffed020) at /home/ubuntu/php/php-8.0.0alpha2-src/main/main.c:2537
#10 0x000000000879068f in do_cli (argc=2, argv=0x962c870) at /home/ubuntu/php/php-8.0.0alpha2-src/sapi/cli/php_cli.c:955
#11 0x0000000008791771 in main (argc=2, argv=0x962c870) at /home/ubuntu/php/php-8.0.0alpha2-src/sapi/cli/php_cli.c:1353

valgrind reports use of initialized value followed by an invalid read.
 [2020-07-13 07:55 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2020-07-13 08:05 UTC] nikic@php.net 
Automatic comment on behalf of nikita.ppv@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=213852de782df32a4de2cfc56a3d112c74db4ccf
Log: Fixed bug #79828
 [2020-07-13 08:05 UTC] nikic@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC