PHP :: Bug #80181 :: Stack Overflow in Zend

Bug #80181	Stack Overflow in Zend_compile.c
Submitted:	2020-10-04 00:06 UTC	Modified:	2020-10-05 10:28 UTC
From:	m dot aldofirmansyah at gmail dot com	Assigned:	cmb (profile)
Status:	Duplicate	Package:	Scripting Engine problem
PHP Version:	8.0.0rc1	OS:	Ubuntu 16.04.1
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2020-10-04 00:06 UTC] m dot aldofirmansyah at gmail dot com

Description:
------------
When fuzzing I found many crashes in php (I'm using php 8 beta 4, not using rc1 or clone from git because in dropdown it's not exist and only test it on php 8 beta 4), here is one of them:

And I can confirm it's exploitable by using crashwalk and exploitable plugin. Here is the crash summary:

(1 of 1) - Hash: ae42ee8f2f472356cebed32184624e5a.6774ea9ee13f7f931d84f48ea97b1999
---CRASH SUMMARY---
Filename: /root/fuzzing-crash-file/php/fuzzing3/id:000053,sig:06,src:012664+008424,op:splice,rep:16
SHA1: d809ab3e51feedf4f3d18d2ebf330655634ee87c
Classification: EXPLOITABLE
Hash: ae42ee8f2f472356cebed32184624e5a.6774ea9ee13f7f931d84f48ea97b1999
Command: /root/php/src/build/bin/php /root/fuzzing-crash-file/php/fuzzing3/id:000053,sig:06,src:012664+008424,op:splice,rep:16
Faulting Frame:
   zend_stack_count @ 0x0000000001fbbc41: in /root/php/src/build/bin/php
Disassembly:
Stack Head (1000 entries):
   zend_stack_count          @ 0x0000000001fbbc41: in /root/php/src/build/bin/php
   zend_short_circuiting_che @ 0x0000000001ef650f: in /root/php/src/build/bin/php
   zend_compile_var          @ 0x0000000001e4f6e7: in /root/php/src/build/bin/php
   zend_compile_expr_inner   @ 0x0000000001ee4a22: in /root/php/src/build/bin/php
   zend_compile_expr         @ 0x0000000001e44c7c: in /root/php/src/build/bin/php
   zend_compile_simple_var_n @ 0x0000000001e4d700: in /root/php/src/build/bin/php
   zend_compile_simple_var   @ 0x0000000001ee7055: in /root/php/src/build/bin/php
   zend_compile_var_inner    @ 0x0000000001ee66c0: in /root/php/src/build/bin/php
   zend_compile_var          @ 0x0000000001e4f714: in /root/php/src/build/bin/php
   zend_compile_expr_inner   @ 0x0000000001ee4a22: in /root/php/src/build/bin/php
   zend_compile_expr         @ 0x0000000001e44c7c: in /root/php/src/build/bin/php
   zend_compile_simple_var_n @ 0x0000000001e4d700: in /root/php/src/build/bin/php
   zend_compile_simple_var   @ 0x0000000001ee7055: in /root/php/src/build/bin/php
   zend_compile_var_inner    @ 0x0000000001ee66c0: in /root/php/src/build/bin/php
   zend_compile_var          @ 0x0000000001e4f714: in /root/php/src/build/bin/php
   zend_compile_expr_inner   @ 0x0000000001ee4a22: in /root/php/src/build/bin/php
Registers:
rax=0x0000000000000000 rbx=0x0000000004970600 rcx=0x0000000004989023 rdx=0x000000000092d94c 
rsi=0x0000000004972c4c rdi=0x000000000000645e rbp=0x00007ffefc404050 rsp=0x00007ffefc404000 
 r8=0x00000000049706c0  r9=0x00000000049706c0 r10=0x0000000000000963 r11=0x0000000004972c4c 
r12=0x00000ff05d219600 r13=0x0000000000000018 r14=0x0000000000003678 r15=0x000000000497e0a0 
rip=0x0000000001fbbc41 efl=0x0000000000010202  cs=0x0000000000000033  ss=0x000000000000002b 
 ds=0x0000000000000000  es=0x0000000000000000  fs=0x0000000000000000  gs=0x0000000000000000 
 k0=0x0000000000000000  k1=0x0000000000000000  k2=0x0000000000000000  k3=0x0000000000000000 
 k4=0x0000000000000000  k5=0x0000000000000000  k6=0x0000000000000000  k7=0x0000000000000000 
Extra Data:
   Description: Access violation during branch instruction
   Short description: BranchAv (4/22)
   Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted.
---END SUMMARY---

Test script:
---------------
<?php
$str = ".";
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$str;
?>

Actual result:
--------------
root@26a2804f2327:/root/php/src/build/bin# php poc1.php
AddressSanitizer:DEADLYSIGNAL
=================================================================
==18374==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe621c0ff8 (pc 0x00000044ef18 bp 0x7ffe621c1078 sp 0x7ffe621c1000 T0)
    #0 0x44ef17 in FastPoisonShadow /tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_poisoning.h:55:5
    #1 0x44ef17 in __asan_alloca_poison /tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_fake_stack.cc:270
    #2 0x1e4d703 in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2631
    #3 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #4 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #5 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #6 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #7 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #8 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #9 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #10 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #11 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #12 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #13 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #14 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #15 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #16 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #17 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #18 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #19 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #20 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #21 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #22 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #23 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #24 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #25 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #26 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #27 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #28 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #29 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #30 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #31 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #32 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #33 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #34 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #35 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #36 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #37 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #38 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #39 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #40 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #41 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #42 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #43 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #44 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #45 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #46 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #47 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #48 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #49 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #50 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #51 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #52 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #53 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #54 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #55 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #56 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #57 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #58 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #59 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #60 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #61 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #62 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #63 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #64 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #65 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #66 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #67 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #68 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
        #69 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #70 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #71 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #72 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #73 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #74 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #75 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #76 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #77 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #78 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #79 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #80 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #81 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #82 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #83 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #84 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #85 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #86 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #87 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #88 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #89 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #90 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #91 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #92 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #93 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #94 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #95 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #96 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #97 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #98 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #99 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #100 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #101 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #102 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #103 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #104 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #105 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #106 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #107 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #108 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #109 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #110 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #111 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #112 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #113 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #114 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #115 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #116 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #117 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #118 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #119 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #120 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #121 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #122 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #123 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #124 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #125 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #126 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #127 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #128 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #129 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #130 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #131 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #132 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #133 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #134 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #135 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #136 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #137 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #138 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #139 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #140 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #141 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #142 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #143 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #144 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #145 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #146 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #147 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #148 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #149 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #150 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #151 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #152 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #153 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #154 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #155 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #156 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #157 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #158 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #159 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #160 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #161 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #162 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #163 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #164 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #165 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #166 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #167 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #168 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #169 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #170 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #171 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #172 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #173 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #174 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #175 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #176 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #177 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #178 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #179 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #180 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #181 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #182 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #183 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #184 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #185 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #186 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #187 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #188 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #189 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #190 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #191 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #192 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #193 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #194 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #195 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #196 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #197 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #198 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #199 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #200 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #201 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #202 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #203 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #204 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #205 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #206 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #207 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #208 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #209 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #210 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #211 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #212 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #213 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #214 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #215 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #216 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #217 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #218 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #219 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #220 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #221 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #222 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #223 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #224 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #225 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #226 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #227 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #228 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #229 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #230 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #231 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #232 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #233 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #234 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #235 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #236 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #237 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #238 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #239 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #240 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #241 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #242 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #243 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
    #244 0x1ee677f in zend_compile_var_inner /root/php/src/Zend/zend_compile.c:9635:11
    #245 0x1e4f7d3 in zend_compile_var /root/php/src/Zend/zend_compile.c:9670:20
    #246 0x1ee4ae1 in zend_compile_expr_inner /root/php/src/Zend/zend_compile.c:9505:4
    #247 0x1e44d3b in zend_compile_expr /root/php/src/Zend/zend_compile.c:9625:2
    #248 0x1e4d7bf in zend_compile_simple_var_no_cv /root/php/src/Zend/zend_compile.c:2636:2
    #249 0x1ee7114 in zend_compile_simple_var /root/php/src/Zend/zend_compile.c:2692:10
SUMMARY: AddressSanitizer: stack-overflow /tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_poisoning.h:55:5 in FastPoisonShadow
==18374==ABORTING

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2020-10-05 10:28 UTC] cmb@php.net

-Status: Open +Status: Duplicate -Type: Security +Type: Bug -Package: Unknown/Other Function +Package: Scripting Engine problem -Assigned To: +Assigned To: cmb

[2020-10-05 10:28 UTC] cmb@php.net

This is basically a duplicate of bug #80183.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 23 08:01:30 2024 UTC