Open
Description
Description
The following code:
test.php:
<?php
Foo::test();
?>preload.inc:
<?php
class Foo {
public static function test() {
static $i = 0;
var_dump(++$i);
}
}
Foo::test();
eval("class Bar extends Foo {}"); // Avoid early binding.
Foo::test();
Bar::test();Resulted in this output:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1568876==ERROR: AddressSanitizer: SEGV on unknown address 0x600000000018 (pc 0x7fd3be7a109d bp 0x7ffd1346c4d0 sp 0x7ffd1346c360 T0)
==1568876==The signal is caused by a READ memory access.
#0 0x7fd3be7a109d in zend_jit_cleanup_func_info /php-src/ext/opcache/jit/zend_jit.c:2751:8
#1 0x7fd3be7a0f34 in zend_jit_cleanup_func_info /php-src/ext/opcache/jit/zend_jit.c:2746:5
#2 0x7fd3be70c744 in zend_real_jit_func /php-src/ext/opcache/jit/zend_jit.c:2799:2
#3 0x7fd3be70d273 in zend_jit_hot_func /php-src/ext/opcache/jit/zend_jit.c:2908:4
#4 0x7fd3bebe725f in zend_jit_func_counter_helper /php-src/ext/opcache/jit/zend_jit_vm_helpers.c:256:3
#5 0x5607f3146b87 in execute_ex /php-src/Zend/zend_vm_execute.h:57144:7
#6 0x5607f3147f52 in zend_execute /php-src/Zend/zend_vm_execute.h:62776:2
#7 0x5607f2f93bc8 in zend_execute_script /php-src/Zend/zend.c:1899:3
#8 0x5607f2afcf86 in php_execute_script_ex /php-src/main/main.c:2507:13
#9 0x5607f2afd828 in php_execute_script /php-src/main/main.c:2547:9
#10 0x5607f3ec66c3 in do_cli /php-src/sapi/cli/php_cli.c:966:5
#11 0x5607f3ec2c52 in main /php-src/sapi/cli/php_cli.c:1340:18
#12 0x7fd3c478bd8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#13 0x7fd3c478be3f in __libc_start_main csu/../csu/libc-start.c:392:3
#14 0x5607f0e031f4 in _start (/php-src/sapi/cli/php+0x1c031f4) (BuildId: efef4313e9b3f9c29ffacbb2357a940caebf48b7)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /php-src/ext/opcache/jit/zend_jit.c:2751:8 in zend_jit_cleanup_func_info
==1568876==ABORTING
To reproduce:
/php-src/sapi/cli/php -n -c '/php-src/tmp-php.ini' -d "opcache.cache_id=worker19" -d "output_handler=" -d "open_basedir=" -d "disable_functions=" -d "output_buffering=Off" -d "error_reporting=32767" -d "display_errors=1" -d "display_startup_errors=1" -d "log_errors=0" -d "html_errors=0" -d "track_errors=0" -d "report_memleaks=1" -d "report_zend_debug=0" -d "docref_root=" -d "docref_ext=.html" -d "error_prepend_string=" -d "error_append_string=" -d "auto_prepend_file=" -d "auto_append_file=" -d "ignore_repeated_errors=0" -d "precision=14" -d "serialize_precision=-1" -d "memory_limit=128M" -d "opcache.fast_shutdown=0" -d "opcache.file_update_protection=0" -d "opcache.revalidate_freq=0" -d "opcache.jit_hot_loop=1" -d "opcache.jit_hot_func=1" -d "opcache.jit_hot_return=1" -d "opcache.jit_hot_side_exit=1" -d "opcache.jit_max_root_traces=100000" -d "opcache.jit_max_side_traces=100000" -d "opcache.jit_max_exit_counters=100000" -d "opcache.protect_memory=1" -d "zend.assertions=1" -d "zend.exception_ignore_args=0" -d "zend.exception_string_param_max_len=15" -d "short_open_tag=0" -d "extension_dir=/php-src/modules/" -d "zend_extension=/php-src/modules/opcache.so" -d "session.auto_start=0" -d "opcache.enable=1" -d "opcache.enable_cli=1" -d "opcache.optimization_level=-1" -d "opcache.preload=/tmp/preload.inc" -d "opcache.jit=1235" -d "session.save_path=\"123;:/really\\\\completely:::/invalid;;,23123;213\"" -d "opcache.record_warnings=0" -f ./test.php
PHP Version
PHP 8.4.0-dev
Operating System
ubuntu 22.04