php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68356 segfault with opcache and concatenating constant scalar expression twice
Submitted: 2014-11-05 19:16 UTC Modified: 2014-11-07 08:59 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: bigwebguy at gmail dot com Assigned: dmitry (profile)
Status: Closed Package: opcache
PHP Version: 5.6.2 OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: bigwebguy at gmail dot com
New email:
PHP Version: OS:

 

 [2014-11-05 19:16 UTC] bigwebguy at gmail dot com
Description:
------------
when a dynamic constant string is concatenated with another string anywhere in a class definition, php will segfault if opcache is enabled.

simply including the class is enough to trigger the segfault.

php does not segfault with opcache disabled or if using integers as the dynamic constant values.

Test script:
---------------
<?php
class Foo {
    const FOO = 'Foo';
    const FOOBAR = self::FOO.'Bar';
  
    function baz() {
    	$segfault = self::FOOBAR.'Baz';
    }
}

Expected result:
----------------
Expected result: No segfault

$ php --info | grep opcache.enable_cli
opcache.enable_cli => Off => Off
$ php foo.php
$


Actual result:
--------------
Actual result: PHP Segfaults

$ php --info | grep opcache.enable_cli
opcache.enable_cli => On => On
$ php foo.php
Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-11-06 06:57 UTC] mike@php.net
-Summary: dynamic constants segfault when opcache enabled +Summary: segfault with opcache and concatenating constant scalar expression twice -Assigned To: +Assigned To: dmitry
 [2014-11-06 09:36 UTC] mike@php.net
-Status: Assigned +Status: Feedback
 [2014-11-06 09:36 UTC] mike@php.net
Could you try PHP-5.6 HEAD? Looks like it's been fixed already.
 [2014-11-07 07:43 UTC] dmitry@php.net
I didn't fix anything related on November, but I can't reproduce it as well.
May be it was false alarm?
 [2014-11-07 07:54 UTC] mike@php.net
It's definitely reproducible with 5.6.2 non-debug.
 [2014-11-07 08:01 UTC] dmitry@php.net
Not reproducible with current 5.6.4-dev. So it must be fixed some time ago.
 [2014-11-07 08:12 UTC] mike@php.net
I'll church if it's also fixed in upcoming 5.6.3
 [2014-11-07 08:59 UTC] dmitry@php.net
-Status: Feedback +Status: Closed
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Dec 02 13:03:33 2021 UTC