|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80839 PHP problem with JIT
Submitted: 2021-03-06 00:21 UTC Modified: 2021-03-17 10:06 UTC
From: gfpuba+phpbug at gmail dot com Assigned: dmitry (profile)
Status: Closed Package: JIT
PHP Version: 8.0Git-2021-03-06 (Git) OS: Windows 10
Private report: No CVE-ID: None
 [2021-03-06 00:21 UTC] gfpuba+phpbug at gmail dot com
Running this program results in invalid data.
May also causes PHP to crash.
Works fine without JIT.

The problem has been narrowed as best as I can.
The original problem was a PHP crash using JIT in a much larger application.

Fails the same in Apache 2.4 or CLI (both 64bits)

Test script:
$a = null; // the problem only occurs when set to NULL
test($a, 'y');

function test($str, $pad) {
	$x = $str . str_repeat($pad, 15); // $x now contains "yyyyyyyyyyyyyyy"
	echo '<br/>'; 
 	$gft = new gft();
	// $x has been changed ????
	// $x contains what was echoed in the function 'info'
	echo '<br/>'; 
class gft{
	private $strVal = 'abcd ';	
	public function info($info, $prefix = ' Info:'){
		echo $this->strVal.$prefix.serialize($info).'aaaa';
		echo '<br/>'; 

Expected result:
string(15) "yyyyyyyyyyyyyyy"
xxxx Info:i:33;aaaa
string(15) "yyyyyyyyyyyyyyy"

Actual result:
string(15) "yyyyyyyyyyyyyyy"
xxxx Info:i:33;aaaa
string(19) "xxxx Info:i:33;aaaa"


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-03-17 10:06 UTC]
-Status: Open +Status: Verified -Assigned To: +Assigned To: dmitry
 [2021-03-17 10:06 UTC]
Asserts under -d opcache.jit=function:

php: /home/nikic/php/php-8.0/Zend/zend_variables.c:65: zend_string_destroy: Assertion `zend_gc_refcount(&(str)->gc) == 0' failed.
 [2021-03-17 13:55 UTC]
Automatic comment on behalf of
Log: Fixed bug #80839 (PHP problem with JIT)
 [2021-03-17 13:55 UTC]
-Status: Verified +Status: Closed
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Apr 18 07:01:27 2024 UTC