PHP :: Bug #76477 :: Opcache causes empty return value
php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76477 Opcache causes empty return value
Submitted: 2018-06-14 13:16 UTC Modified: 2018-06-14 14:52 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: mark2011 at mayberg dot se Assigned:
Status: Closed Package: opcache
PHP Version: 7.2.6 OS: Linux
Private report: No CVE-ID: None
 [2018-06-14 13:16 UTC] mark2011 at mayberg dot se
Description:
------------
Running the test script without opcache works fine. But with opcache enabled it results in an unexpected behaviour (after second execution). The test script below is extracted from a bigger library, I isolated a small test case.

PHP 7.2.6 is not yet available for my distro. 

PHP 7.0, 7.1 does not show this error.

Test script:
---------------
<?php
	echo "PHP ".PHP_VERSION." ".PHP_SAPI."<br>\n";

	$token = "ABC";
	$lengthBytes = strlenb($token);
	echo "$token $lengthBytes ".($lengthBytes!=0 ? "ok" : "error")."<br>\n";

	testString();
	function testString()
	{
		$token = "ABC";
		$lengthBytes = strlenb($token);
		echo "$token $lengthBytes ".($lengthBytes!=0 ? "ok" : "error")."<br>\n";
	}
	
	function strlenb() { return call_user_func_array("strlen", func_get_args()); }
?>

Expected result:
----------------
PHP 7.2.5-0ubuntu0.18.04.1 apache2handler
ABC 3 ok
ABC 3 ok

Actual result:
--------------
PHP 7.2.5-0ubuntu0.18.04.1 apache2handler
ABC 3 ok
ABC error

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-06-14 14:21 UTC] sjon at hortensius dot net
I can reproduce this with a pretty vanilla 7.2.6 under Archlinux. It can be simplified somewhat; this is also unstable (sometimes it returns 3, sometimes NULL):

<?php

t();
function t()
{
    $l = strlenb("ABC");
    var_dump($l);
}

function strlenb() { return call_user_func_array("strlen", func_get_args()); }
 [2018-06-14 14:37 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2018-06-14 14:37 UTC] cmb@php.net
I can confirm that this issue affects PHP-7.2 and master, but not
PHP-7.1 (older version are not actively supported anymore).
 [2018-06-14 14:52 UTC] nikic@php.net
This is a type-inference bug:

strlenb: ; (lines=5, args=0, vars=0, tmps=1, ssa_vars=2, no_loops)
    ; (after dfa pass)
    ; /home/nikic/php-7.2/t001.php:10-10
    ; return  [null]
BB0: start exit lines=[0-4]
    ; level=0
            INIT_FCALL 0 80 string("strlen")
            #0.T0 [array [long] of [any]] = FUNC_GET_ARGS
            SEND_ARRAY 0 #0.T0 [array [long] of [any]]
            #1.V0 [null] = DO_FCALL
            RETURN #1.V0 [null]

The return value of strlen() is determined to be null, which is wrong. The type is determined by zend_strlen_info(), which doesn't take the SEND_ARRAY into account properly. The same issue might also affect other custom inference functions.

Btw, this particular one we can really just drop, because all useful cases are already handled by ZEND_STRLEN.
 [2018-06-15 08:32 UTC] laruence@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=f31ba7cb53271f6745c5efb1b15c53ffd5cb4b6e
Log: Fixed bug #76477 (Opcache causes empty return value)
 [2018-06-15 08:32 UTC] laruence@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Thu Aug 16 12:01:24 2018 UTC