Fixed bug #76205 (PHP-FPM sporadic crash when running Infinitewp).

NEWS

@@ -7,6 +7,8 @@ PHP                                                                        NEWS
     (mgorny)
 
 - Opcache:
+  . Fixed bug #76205 (PHP-FPM sporadic crash when running Infinitewp).
+    (Dmitry)
   . Fixed bug #76275 (Assertion failure in file cache when unserializing empty
     try_catch_array). (Nikita)
   . Fixed bug #76281 (Opcache causes incorrect "undefined variable" errors).

ext/opcache/zend_file_cache.c

@@ -101,11 +101,10 @@ static int zend_file_cache_flock(int fd, int type)
 #define IS_SERIALIZED(ptr) \
 	((char*)(ptr) <= (char*)script->size)
 #define IS_UNSERIALIZED(ptr) \
-	(((char*)(ptr) >= (char*)script->mem && (char*)(ptr) < (char*)script->mem + script->size) || \
-	 IS_ACCEL_INTERNED(ptr))
+	((char*)(ptr) >= (char*)script->mem && (char*)(ptr) < (char*)script->mem + script->size)
 #define SERIALIZE_PTR(ptr) do { \
 		if (ptr) { \
-			ZEND_ASSERT(IS_UNSERIALIZED(ptr)); \
+			ZEND_ASSERT(IS_UNSERIALIZED(ptr) || IS_ACCEL_INTERNED(ptr)); \
 			(ptr) = (void*)((char*)(ptr) - (char*)script->mem); \
 		} \
 	} while (0)
@@ -952,12 +951,12 @@ static void zend_file_cache_unserialize_zval(zval                    *zv,
 	switch (Z_TYPE_P(zv)) {
 		case IS_STRING:
 		case IS_CONSTANT:
-			if (!IS_UNSERIALIZED(Z_STR_P(zv))) {
+			if (IS_SERIALIZED(Z_STR_P(zv))) {
 				UNSERIALIZE_STR(Z_STR_P(zv));
 			}
 			break;
 		case IS_ARRAY:
-			if (!IS_UNSERIALIZED(Z_ARR_P(zv))) {
+			if (IS_SERIALIZED(Z_ARR_P(zv))) {
 				HashTable *ht;
 
 				UNSERIALIZE_PTR(Z_ARR_P(zv));
@@ -967,7 +966,7 @@ static void zend_file_cache_unserialize_zval(zval                    *zv,
 			}
 			break;
 		case IS_REFERENCE:
-			if (!IS_UNSERIALIZED(Z_REF_P(zv))) {
+			if (IS_SERIALIZED(Z_REF_P(zv))) {
 				zend_reference *ref;
 
 				UNSERIALIZE_PTR(Z_REF_P(zv));
@@ -976,12 +975,12 @@ static void zend_file_cache_unserialize_zval(zval                    *zv,
 			}
 			break;
 		case IS_CONSTANT_AST:
-			if (!IS_UNSERIALIZED(Z_AST_P(zv))) {
+			if (IS_SERIALIZED(Z_AST_P(zv))) {
 				zend_ast_ref *ast;
 
 				UNSERIALIZE_PTR(Z_AST_P(zv));
 				ast = Z_AST_P(zv);
-				if (!IS_UNSERIALIZED(ast->ast)) {
+				if (IS_SERIALIZED(ast->ast)) {
 					ast->ast = zend_file_cache_unserialize_ast(ast->ast, script, buf);
 				}
 			}
@@ -993,7 +992,7 @@ static void zend_file_cache_unserialize_op_array(zend_op_array           *op_arr
                                                  zend_persistent_script  *script,
                                                  void                    *buf)
 {
-	if (op_array->static_variables && !IS_UNSERIALIZED(op_array->static_variables)) {
+	if (op_array->static_variables && IS_SERIALIZED(op_array->static_variables)) {
 		HashTable *ht;
 
 		UNSERIALIZE_PTR(op_array->static_variables);
@@ -1018,7 +1017,7 @@ static void zend_file_cache_unserialize_op_array(zend_op_array           *op_arr
 		return;
 	}
 
-	if (op_array->literals && !IS_UNSERIALIZED(op_array->literals)) {
+	if (op_array->literals && IS_SERIALIZED(op_array->literals)) {
 		zval *p, *end;
 
 		UNSERIALIZE_PTR(op_array->literals);
@@ -1030,7 +1029,7 @@ static void zend_file_cache_unserialize_op_array(zend_op_array           *op_arr
 		}
 	}
 
-	if (!IS_UNSERIALIZED(op_array->opcodes)) {
+	if (IS_SERIALIZED(op_array->opcodes)) {
 		zend_op *opline, *end;
 
 		UNSERIALIZE_PTR(op_array->opcodes);
@@ -1089,10 +1088,10 @@ static void zend_file_cache_unserialize_op_array(zend_op_array           *op_arr
 				end++;
 			}
 			while (p < end) {
-				if (!IS_UNSERIALIZED(p->name)) {
+				if (IS_SERIALIZED(p->name)) {
 					UNSERIALIZE_STR(p->name);
 				}
-				if (!IS_UNSERIALIZED(p->class_name)) {
+				if (IS_SERIALIZED(p->class_name)) {
 					UNSERIALIZE_STR(p->class_name);
 				}
 				p++;
@@ -1106,7 +1105,7 @@ static void zend_file_cache_unserialize_op_array(zend_op_array           *op_arr
 			p = op_array->vars;
 			end = p + op_array->last_var;
 			while (p < end) {
-				if (!IS_UNSERIALIZED(*p)) {
+				if (IS_SERIALIZED(*p)) {
 					UNSERIALIZE_STR(*p);
 				}
 				p++;
@@ -1138,19 +1137,19 @@ static void zend_file_cache_unserialize_prop_info(zval                    *zv,
                                                   zend_persistent_script  *script,
                                                   void                    *buf)
 {
-	if (!IS_UNSERIALIZED(Z_PTR_P(zv))) {
+	if (IS_SERIALIZED(Z_PTR_P(zv))) {
 		zend_property_info *prop;
 
 		UNSERIALIZE_PTR(Z_PTR_P(zv));
 		prop = Z_PTR_P(zv);
 
-		if (prop->ce && !IS_UNSERIALIZED(prop->ce)) {
+		if (prop->ce && IS_SERIALIZED(prop->ce)) {
 			UNSERIALIZE_PTR(prop->ce);
 		}
-		if (prop->name && !IS_UNSERIALIZED(prop->name)) {
+		if (prop->name && IS_SERIALIZED(prop->name)) {
 			UNSERIALIZE_STR(prop->name);
 		}
-		if (prop->doc_comment && !IS_UNSERIALIZED(prop->doc_comment)) {
+		if (prop->doc_comment && IS_SERIALIZED(prop->doc_comment)) {
 			UNSERIALIZE_STR(prop->doc_comment);
 		}
 	}
@@ -1160,17 +1159,17 @@ static void zend_file_cache_unserialize_class_constant(zval                    *
                                                        zend_persistent_script  *script,
                                                        void                    *buf)
 {
-	if (!IS_UNSERIALIZED(Z_PTR_P(zv))) {
+	if (IS_SERIALIZED(Z_PTR_P(zv))) {
 		zend_class_constant *c;
 
 		UNSERIALIZE_PTR(Z_PTR_P(zv));
 		c = Z_PTR_P(zv);
 
 		zend_file_cache_unserialize_zval(&c->value, script, buf);
-		if (c->ce && !IS_UNSERIALIZED(c->ce)) {
+		if (c->ce && IS_SERIALIZED(c->ce)) {
 			UNSERIALIZE_PTR(c->ce);
 		}
-		if (c->doc_comment && !IS_UNSERIALIZED(c->doc_comment)) {
+		if (c->doc_comment && IS_SERIALIZED(c->doc_comment)) {
 			UNSERIALIZE_STR(c->doc_comment);
 		}
 	}