Skip to content

Null pointer access of type 'zval' in phpdbg_frame #13827

New issue
New issue
Closed
Closed
Null pointer access of type 'zval' in phpdbg_frame#13827
Labels
BugSAPI: phpdbgStatus: Verified
@YuanchengJiang

Description

@YuanchengJiang
YuanchengJiang
opened on Mar 28, 2024

Description

Run the following test file (phpt):

--TEST--
UBSan phpdbg_frame member access within null pointer of type 'zval'
--FILE--
<?php

class C {
    public function __destruct() {
        echo __METHOD__, "\n";
    }
}

$fiber = new Fiber(function () {
    $c = new C();

    $fiber = Fiber::getCurrent();

    Fiber::suspend();
});

$fiber->start();
gc_collect_cycles();

$fiber = null;
gc_collect_cycles();

?>
--PHPDBG--
r
t
ev 1 + 2
c
q
--EXPECT--
C::__destruct

Resulted in this output:

[Successful compilation of /test.php]
prompt> [Uncaught GracefulExit in  on line 0: ]
>00014:     Fiber::suspend();
 00015: });
 00016:
prompt> frame #0: {closure}() at /test.php:14
//php-src/sapi/phpdbg/phpdbg_frame.c:295:2: runtime error: member access within null pointer of type 'zval' (aka 'struct _zval_struct')
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /php-src/sapi/phpdbg/phpdbg_frame.c:295:2 in

PHP Version

PHP 8.4.0-dev

Operating System

ubuntu 22.04

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugSAPI: phpdbgStatus: Verified

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions