php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79088 Segmentation fault when instatiating a class
Submitted: 2020-01-09 12:43 UTC Modified: 2020-01-09 12:46 UTC
From: jakub at tuenti dot com Assigned:
Status: Duplicate Package: opcache
PHP Version: 7.4.1 OS: Linux
Private report: No CVE-ID: None
 [2020-01-09 12:43 UTC] jakub at tuenti dot com
Description:
------------
When executing the attached script with opcache enabled, I get segmentation faults. It can be reproduced by running it with the php docker images:

$ docker run -v $PWD/test.php:/test.php -ti php:7.4.1 sh -c "php -dzend_extension=opcache -dopcache.enable_cli=1 /test.php; php -dzend_extension=opcache -dopcache.enable_cli=1 /test.php"
Segmentation fault (core dumped)
Segmentation fault (core dumped)

The script runs fine on 7.3.13, but segfaults on all the 7.4 tags I tested (7.4.0alpha1, 7.4.0 and 7.4.1).

The backtrace I attach is from a custom php image (based on debian buster and using the packages from deb.sury.org).

Test script:
---------------
<?php

class A {
    const B = 'c';
}

class D
{
    public function __construct()
    {
    }
}

class E extends D
{
    static $A = A::B;
}

new E();


Actual result:
--------------
(gdb) bt
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
#1  0x000055d097fe28f5 in xbuf_format_converter (xbuf=0x7ffc2a75f2a0, is_char=1 '\001', fmt=0x55d098128a4c "s::%s() from invalid context", ap=0x7ffc2a75f2f0) at ./main/spprintf.c:596
#2  0x000055d09803f005 in zend_vspprintf (pbuf=0x7ffc2a75f2e8, max_len=0, format=<optimized out>, ap=<optimized out>) at ./Zend/zend.c:190
#3  0x000055d097e8ec81 in zend_throw_error (exception_ce=0x55d0999a1d40, format=0x55d098128a40 "Call to %s %s::%s() from invalid context") at ./Zend/zend.c:1535
#4  0x000055d097e97a29 in zend_std_get_constructor (zobj=<optimized out>) at ./Zend/zend_object_handlers.c:1588
#5  0x000055d0980a40a6 in ZEND_NEW_SPEC_CONST_UNUSED_HANDLER () at ./Zend/zend_vm_execute.h:9226
#6  0x000055d0980bed0a in execute_ex (ex=0x18) at ./Zend/zend_vm_execute.h:54334
#7  0x000055d0980c6271 in zend_execute (op_array=0x7f89566702a0, return_value=<optimized out>) at ./Zend/zend_vm_execute.h:57664
#8  0x000055d0980402c3 in zend_execute_scripts (type=type@entry=8, retval=0x7f8956614020, retval@entry=0x0, file_count=file_count@entry=3) at ./Zend/zend.c:1663
#9  0x000055d097fdfd50 in php_execute_script (primary_file=<optimized out>) at ./main/main.c:2619
#10 0x000055d0980c8316 in do_cli (argc=5, argv=0x55d099944360) at ./sapi/cli/php_cli.c:961
#11 0x000055d097ea77cf in main (argc=5, argv=0x55d099944360) at ./sapi/cli/php_cli.c:1352

(gdb) dump_bt executor_globals.current_execute_data
[0x7f8956614020] (main) /source/test.php:19 



Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-01-09 12:46 UTC] nikic@php.net
-Status: Open +Status: Duplicate
 [2020-01-09 12:46 UTC] nikic@php.net
This is the same issue as bug #78986, which will be fixed in the upcoming PHP 7.4.2 version.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 15:01:29 2024 UTC