php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74546 SIGILL in ZEND_FETCH_CLASS_CONSTANT_SPEC_CONST_CONST_HANDLER()
Submitted: 2017-05-05 09:46 UTC Modified: -
From: brian dot carpenter at gmail dot com Assigned:
Status: Closed Package: Reproducible crash
PHP Version: 7.1Git-2017-05-05 (Git) OS: Debian 8 x64
Private report: No CVE-ID:
 [2017-05-05 09:46 UTC] brian dot carpenter at gmail dot com
Description:
------------
Triggered in commit 1466a0f, compiled with afl-gcc on Debian 8 x64.

Test script:
---------------
https://drive.google.com/file/d/0B3Tl4QiWJUt8dnpucXlpUXlDWWM/view?usp=sharing

Expected result:
----------------
No crash.

Actual result:
--------------
Program received signal SIGILL, Illegal instruction.
0x0000000001eff115 in ZEND_FETCH_CLASS_CONSTANT_SPEC_CONST_CONST_HANDLER ()
    at /home/geeknik/php-src/Zend/zend_vm_execute.h:5721
5721		SAVE_OPLINE();
(gdb) bt
#0  0x0000000001eff115 in ZEND_FETCH_CLASS_CONSTANT_SPEC_CONST_CONST_HANDLER ()
    at /home/geeknik/php-src/Zend/zend_vm_execute.h:5721
#1  0x0000000001ec3903 in execute_ex (ex=<optimized out>)
    at /home/geeknik/php-src/Zend/zend_vm_execute.h:429
#2  0x0000000002394d3a in zend_execute (op_array=op_array@entry=0x7ffff2889000, 
    return_value=return_value@entry=0x0)
    at /home/geeknik/php-src/Zend/zend_vm_execute.h:474
#3  0x0000000001c35c5d in zend_execute_scripts (type=type@entry=8, 
    retval=retval@entry=0x0, file_count=file_count@entry=3)
    at /home/geeknik/php-src/Zend/zend.c:1537
#4  0x0000000001946830 in php_execute_script (primary_file=<optimized out>)
    at /home/geeknik/php-src/main/main.c:2548
#5  0x00000000023a2c6c in do_cli (argc=-225931263, argv=0x2f678c1 <executor_globals+1>)
    at /home/geeknik/php-src/sapi/cli/php_cli.c:997
#6  0x00000000004730c2 in main (argc=-225931263, argv=0x2f2bf40 <cli_sapi_module>)
    at /home/geeknik/php-src/sapi/cli/php_cli.c:1390

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-05-08 03:33 UTC] laruence@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=87d56a3d07a337269be2e80b67766b4e94120dd8
Log: Fixed bug #74546 (SIGILL in ZEND_FETCH_CLASS_CONSTANT_SPEC_CONST_CONST_HANDLER())
 [2017-05-08 03:33 UTC] laruence@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC