php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78429 opcache_compile_file(__FILE__); segfaults
Submitted: 2019-08-20 09:59 UTC Modified: 2019-09-16 14:03 UTC
From: sjon@php.net Assigned: cmb (profile)
Status: Closed Package: opcache
PHP Version: 7.4.0beta2 OS:
Private report: No CVE-ID: None
 [2019-08-20 09:59 UTC] sjon@php.net
Description:
------------
See https://3v4l.org/sVBAg, runs with opcache module available but opcache.enable_cli disabled. opcache_compile_file triggers a segfault

Test script:
---------------
opcache_compile_file(__FILE__);

Expected result:
----------------
Notice: Zend OPcache seems to be disabled, can't compile file in /in/sVBAg on line 3

Actual result:
--------------
Process exited with code 139.

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-08-20 11:39 UTC] requinix@php.net
-Status: Open +Status: Analyzed
 [2019-08-20 11:39 UTC] requinix@php.net
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x00007ffff4904164 in persistent_compile_file (file_handle=0x7ffffffea720, type=2) at /root/php/src/ext/opcache/ZendAccelerator.c:1923
#2  0x00007ffff491067c in zif_opcache_compile_file (execute_data=0x7ffff5214080, return_value=0x7ffffffea870) at /root/php/src/ext/opcache/zend_accelerator_module.c:868
#3  0x00000000086e2823 in ZEND_DO_ICALL_SPEC_RETVAL_UNUSED_HANDLER () at /root/php/src/Zend/zend_vm_execute.h:1274
#4  0x000000000874714d in execute_ex (ex=0x7ffff5214020) at /root/php/src/Zend/zend_vm_execute.h:53449
#5  0x000000000874b269 in zend_execute (op_array=0x7ffff5280300, return_value=0x0) at /root/php/src/Zend/zend_vm_execute.h:57553
#6  0x00000000086705c7 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /root/php/src/Zend/zend.c:1663
#7  0x00000000085d2988 in php_execute_script (primary_file=0x7ffffffed010) at /root/php/src/main/main.c:2611
#8  0x000000000874de75 in do_cli (argc=8, argv=0x965b970) at /root/php/src/sapi/cli/php_cli.c:962
#9  0x000000000874efde in main (argc=8, argv=0x965b970) at /root/php/src/sapi/cli/php_cli.c:1352

(gdb) f 1
#1  0x00007ffff4904164 in persistent_compile_file (file_handle=0x7ffffffea720, type=2) at /root/php/src/ext/opcache/ZendAccelerator.c:1923
1923                    return accelerator_orig_compile_file(file_handle, type);

(gdb) p accelerator_orig_compile_file
$4 = (zend_op_array *(*)(zend_file_handle *, int)) 0x0
 [2019-08-20 12:38 UTC] cmb@php.net
Allowing to call opcache_compile_file() even if OPcache is
disabled has been a deliberate change:
<http://git.php.net/?p=php-src.git;a=commit;h=03fc3d85d8a0624c7a1171576db9cf44575763b0>
 [2019-08-20 12:44 UTC] sjon@php.net
interesting find. So probably this has never worked (compile on __FILE__ ) and removing that check exposed this bug
 [2019-08-20 12:57 UTC] cmb@php.net
We're calling accelator_orig_compile_file()[1], but the function
pointer is NULL in this case.

[1] <https://github.com/php/php-src/blob/ae923287cada2bb59877e806c8219b74f7d857d5/ext/opcache/ZendAccelerator.c#L1923>
 [2019-08-20 15:59 UTC] cmb@php.net
The following pull request has been associated:

Patch Name: Fix #78429: opcache_compile_file(__FILE__); segfaults
On GitHub:  https://github.com/php/php-src/pull/4570
Patch:      https://github.com/php/php-src/pull/4570.patch
 [2019-09-16 14:02 UTC] cmb@php.net
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=20f73d3d8f2f2664288d1e70930f047605bfb44f
Log: Fix #78429: opcache_compile_file(__FILE__); segfaults
 [2019-09-16 14:02 UTC] cmb@php.net
-Status: Analyzed +Status: Closed
 [2019-09-16 14:03 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Dec 09 04:01:25 2019 UTC