Comments (2)
nielsdos
commented on May 28, 2024
Can confirm:
==208366== Invalid read of size 8
==208366== at 0x7888BB4: zend_jit_cleanup_func_info (zend_jit.c:2745)
==208366== by 0x7888DC8: zend_real_jit_func (zend_jit.c:2799)
==208366== by 0x788944A: zend_jit_hot_func (zend_jit.c:2908)
==208366== by 0xFE00283: ???
==208366== by 0x8F32E0: zend_execute (zend_vm_execute.h:62776)
==208366== by 0x82B332: zend_execute_script (zend.c:1899)
==208366== by 0x778520: php_execute_script_ex (main.c:2507)
==208366== by 0x77869E: php_execute_script (main.c:2547)
==208366== by 0x9B8EAC: do_cli (php_cli.c:966)
==208366== by 0x9B9C04: main (php_cli.c:1340)
==208366== Address 0x7c58298 is 36,568 bytes inside a block of size 65,536 free'd
==208366== at 0x48468CF: free (vg_replace_malloc.c:985)
==208366== by 0x7E7D6B: __zend_free (zend_alloc.c:3115)
==208366== by 0x7E6958: _efree (zend_alloc.c:2596)
==208366== by 0x772E76: zend_arena_destroy (zend_arena.h:48)
==208366== by 0x777827: php_request_shutdown (main.c:1920)
==208366== by 0x7804F68: accel_finish_startup_preload (ZendAccelerator.c:4645)
==208366== by 0x78053C5: accel_finish_startup (ZendAccelerator.c:4778)
==208366== by 0x7800016: accel_post_startup (ZendAccelerator.c:3335)
==208366== by 0x829046: zend_post_startup (zend.c:1081)
==208366== by 0x777E6A: php_module_startup (main.c:2256)
==208366== by 0x9B7DB2: php_cli_startup (php_cli.c:410)
==208366== by 0x9B9B68: main (php_cli.c:1307)
==208366== Block was alloc'd at
==208366== at 0x4843788: malloc (vg_replace_malloc.c:442)
==208366== by 0x7E7C39: __zend_malloc (zend_alloc.c:3087)
==208366== by 0x7E68D2: _emalloc (zend_alloc.c:2586)
==208366== by 0x7E9806: zend_arena_create (zend_arena.h:36)
==208366== by 0x7EA6AB: init_compiler (zend_compile.c:434)
==208366== by 0x829430: zend_activate (zend.c:1282)
==208366== by 0x777301: php_request_startup (main.c:1778)
==208366== by 0x7804E72: accel_finish_startup_preload (ZendAccelerator.c:4610)
==208366== by 0x78053C5: accel_finish_startup (ZendAccelerator.c:4778)
==208366== by 0x7800016: accel_post_startup (ZendAccelerator.c:3335)
==208366== by 0x829046: zend_post_startup (zend.c:1081)
==208366== by 0x777E6A: php_module_startup (main.c:2256)
Simplified command line: valgrind ./sapi/cli/php -c . -d "opcache.jit_hot_loop=1" -d "opcache.jit_hot_func=1" -d "opcache.jit_hot_return=1" -d "opcache.jit_hot_side_exit=1" -d "opcache.enable=1" -d "opcache.enable_cli=1" -d "opcache.preload=./preload.inc" -d "opcache.jit=1235" -f ./test.php
EDIT: preload.inc can be simplified to:
<?php
class Foo {
public static function test() {
static $i = 0;
var_dump(++$i);
}
}
Foo::test();from php-src.
nielsdos
commented on May 28, 2024
The problem seems to be that the caller_info, callee_info and possibly call_map is allocated on the arena but not reset before being used by the next request? So we should probably set that to NULL somewhere although I'm not sure where.
from php-src.
Related Issues (20)
- ZEND_MOD_CONFLICTS doesn't work
- Scalar Type Casting Magic Methods HOT 2
- openssl_dh_compute_key() silently fails for ECDH HOT 2
- Signed Integer Overflow in ext/date/lib/parse_posix.c
- Heap hardening HOT 7
- mail() breaks quoted_printable_encode()d subject
- Extend Reflection to expose import statements HOT 3
- For iterate over letters strange behavior HOT 6
- Regression - php.ini spelling mistake HOT 2
- curl segfault HOT 9
- heap-buffer-overflow with opcache when extending an internal class with class constant having attributes HOT 1
- Add SO_LINGER option for streams HOT 1
- pcntl_fork children are utilizing just a single core on FreeBSD 13.3+ HOT 5
- Set declare(strict_types=1) as Default Behavior
- Segmentation fault on unknown address 0x0001ffff8041 with XML extension under certain memory limit HOT 2
- Unpacking via list() produces NULLs in foreach HOT 1
- Floating point bug in range operation on Apple Silicon hardware HOT 12
- Phar timestamp is 32-bit
- DateTime with Timezone have different timestamps for End of Year. Only on certain years and time zones HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from php-src.