Segfault in igbinary_unserialize_object_enum_case with opcache protected memory #380
Description
Hi! While trying to reproduce php/php-src#11807 with opcache.protect_memory enabled, I've ran into a segfault caused by igbinary with the following backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x0000565163516a0c in zval_update_constant_ex (scope=<optimized out>, p=0x4339dd20) at ./Zend/zend_execute_API.c:704
704 ./Zend/zend_execute_API.c: No such file or directory.
(gdb) bt
#0 0x0000565163516a0c in zval_update_constant_ex (scope=<optimized out>, p=0x4339dd20) at ./Zend/zend_execute_API.c:704
#1 zval_update_constant_ex (p=p@entry=0x4339dd20, scope=<optimized out>) at ./Zend/zend_execute_API.c:671
#2 0x00007ff658f0e9bd in igbinary_unserialize_object_enum_case (ce=0x4339d1a0, z=0x7ff656403c48, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3050
#3 igbinary_unserialize_object (flags=0, z=0x7ff656403c48, t=igbinary_type_enum_case, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3261
#4 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7ff656403c48, flags=0) at ./build-8.1/src/php7/igbinary.c:3507
#5 0x00007ff658f0f195 in igbinary_unserialize_object_properties (ce=0x4626f760, z=0x7ff653509e80, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2900
#6 igbinary_unserialize_object (flags=<optimized out>, z=0x7ff653509e80, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3221
#7 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7ff653509e80, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3507
#8 0x00007ff658f0e007 in igbinary_unserialize_array (create_ref=true, flags=<optimized out>, z=0x7fff68beb9a0, t=<optimized out>, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2693
#9 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7fff68beb9a0, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3514
#10 0x00007ff658f0f195 in igbinary_unserialize_object_properties (ce=0x4624e360, z=0x7ff656309a58, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2900
#11 igbinary_unserialize_object (flags=<optimized out>, z=0x7ff656309a58, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3221
#12 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7ff656309a58, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3507
#13 0x00007ff658f0f195 in igbinary_unserialize_object_properties (ce=0x436c4cf0, z=0x7ff65350b9e8, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2900
#14 igbinary_unserialize_object (flags=<optimized out>, z=0x7ff65350b9e8, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3221
#15 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7ff65350b9e8, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3507
#16 0x00007ff658f0e007 in igbinary_unserialize_array (create_ref=true, flags=<optimized out>, z=0x7fff68bebc40, t=<optimized out>, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2693
#17 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7fff68bebc40, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3514
#18 0x00007ff658f0f195 in igbinary_unserialize_object_properties (ce=0x462ed1b0, z=0x7ff65c413d70, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:2900
#19 igbinary_unserialize_object (flags=<optimized out>, z=0x7ff65c413d70, t=igbinary_type_array8, igsd=0x7fff68bebd90) at ./build-8.1/src/php7/igbinary.c:3221
#20 igbinary_unserialize_zval (igsd=0x7fff68bebd90, z=0x7ff65c413d70, flags=<optimized out>) at ./build-8.1/src/php7/igbinary.c:3507
#21 0x00007ff658f169a0 in igbinary_unserialize (buf=0x7ff654ef7a18 "", buf_len=140734950718864, z=0x7ff65c413d70) at ./build-8.1/src/php7/igbinary.c:784
#22 0x00007ff658f16c2d in zif_igbinary_unserialize (execute_data=<optimized out>, return_value=0x7ff65c413d70) at ./build-8.1/src/php7/igbinary.c:830
#23 0x00005651633603b6 in ZEND_DO_FCALL_SPEC_OBSERVER_HANDLER () at ./Zend/zend_vm_execute.h:1981
#24 0x0000565163361243 in execute_ex (ex=0x7ff655ffddc0) at ./Zend/zend_vm_execute.h:55827
#25 0x000056516359437d in zend_execute (op_array=0x7ff65c477000, return_value=0x0) at ./Zend/zend_vm_execute.h:60163
#26 0x00005651635261ed in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at ./Zend/zend.c:1846
#27 0x00005651634c1a41 in php_execute_script (primary_file=primary_file@entry=0x7fff68bee540) at ./main/main.c:2542
#28 0x000056516336be0e in main (argc=<optimized out>, argv=<optimized out>) at ./sapi/fpm/fpm/fpm_main.c:1935
php/php-src#11807 (comment) suggests this is being caused by https://github.com/igbinary/igbinary/blob/3.2.14/src/php7/igbinary.c#L3034 which could need a change to using CE_CONSTANTS_TABLE(ce).