diff --git a/Zend/tests/gh13931.phpt b/Zend/tests/gh13931.phpt new file mode 100644 index 0000000000000..5f2873b449f94 --- /dev/null +++ b/Zend/tests/gh13931.phpt @@ -0,0 +1,23 @@ +--TEST-- +GH-13931 (Applying zero offset to null pointer in Zend/zend_opcode.c) +--FILE-- + +--EXPECTF-- +Fatal error: 'break' not in the 'loop' or 'switch' context in %s on line %d +int(4) diff --git a/main/main.c b/main/main.c index 83f8829890e40..634b00936bc3e 100644 --- a/main/main.c +++ b/main/main.c @@ -1405,6 +1405,14 @@ static ZEND_COLD void php_error_cb(int orig_type, zend_string *error_filename, c /* restore memory limit */ zend_set_memory_limit(PG(memory_limit)); zend_objects_store_mark_destructed(&EG(objects_store)); + if (CG(in_compilation) && (type == E_COMPILE_ERROR || type == E_PARSE)) { + /* We bailout during compilation which may for example leave stale entries in CG(loop_var_stack). + * If code is compiled during shutdown, we need to make sure the compiler is reset to a clean state, + * otherwise this will lead to incorrect compilation during shutdown. + * We don't do a full re-initialization via init_compiler() because that will also reset streams and resources. */ + shutdown_compiler(); + zend_init_compiler_data_structures(); + } zend_bailout(); return; } diff --git a/sapi/phpdbg/tests/gh13931.phpt b/sapi/phpdbg/tests/gh13931.phpt new file mode 100644 index 0000000000000..25520435feb9b --- /dev/null +++ b/sapi/phpdbg/tests/gh13931.phpt @@ -0,0 +1,21 @@ +--TEST-- +Applying zero offset to null pointer in Zend/zend_opcode.c +--FILE-- + +--PHPDBG-- +ev 1 + 3 +ev 2 ** 3 +q +--EXPECTF-- +Fatal error: 'break' not in the 'loop' or 'switch' context in %s on line %d +prompt> 4 +prompt> 8 +prompt>