php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79782 Segfault in cleanup_unfinished_calls
Submitted: 2020-07-04 00:44 UTC Modified: 2020-07-04 08:03 UTC
From: changochen1 at gmail dot com Assigned:
Status: Duplicate Package: Scripting Engine problem
PHP Version: 8.0Git-2020-07-04 (Git) OS:
Private report: No CVE-ID: None
 [2020-07-04 00:44 UTC] changochen1 at gmail dot com
Description:
------------
Cmdline: php -f poc

In debug build, it triggered assertion `(executor_globals.exception)' failed.

Stack dump:
---
MemorySanitizer:DEADLYSIGNAL
==229074==ERROR: MemorySanitizer: SEGV on unknown address 0x7fa0046c45dc (pc 0x0000013ea448 bp 0x000000000000 sp 0x7ffefbc8faf0 T229074)
==229074==The signal is caused by a READ memory access.
    #0 0x13ea447 in cleanup_unfinished_calls /home/yongheng/php_clean/Zend/zend_execute.c
    #1 0x158fe8a in ZEND_HANDLE_EXCEPTION_SPEC_HANDLER /home/yongheng/php_clean/Zend/zend_vm_execute.h:2572:2
    #2 0x13ec04f in execute_ex /home/yongheng/php_clean/Zend/zend_vm_execute.h:51852:7
    #3 0x13ec844 in zend_execute /home/yongheng/php_clean/Zend/zend_vm_execute.h:56146:2
    #4 0x1337c58 in zend_execute_scripts /home/yongheng/php_clean/Zend/zend.c:1667:4
    #5 0x10c1cd7 in php_execute_script /home/yongheng/php_clean/main/main.c:2579:14
    #6 0x171abf1 in do_cli /home/yongheng/php_clean/sapi/cli/php_cli.c:958:5
    #7 0x1716fcf in main /home/yongheng/php_clean/sapi/cli/php_cli.c:1357:18
    #8 0x7f9b4553ab96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #9 0x440309 in _start (/home/yongheng/php_clean/asan/sapi/cli/php+0x440309)

MemorySanitizer can not provide additional info.
SUMMARY: MemorySanitizer: SEGV /home/yongheng/php_clean/Zend/zend_execute.c in cleanup_unfinished_calls
---

Test script:
---------------
<?
vprintf(die(function(){}));


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-04 08:03 UTC] nikic@php.net
-Status: Open +Status: Duplicate
 [2020-07-04 08:03 UTC] nikic@php.net
Same root cause as bug #79777.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Sep 18 07:02:04 2020 UTC