Created
June 5, 2013 11:01
-
-
Save anonymous/5713123 to your computer and use it in GitHub Desktop.
Segfault with gc_collect_cycles using unserialize on certain objects https://bugs.php.net/bug.php?id=64896
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Program received signal SIGSEGV, Segmentation fault. | |
| _zend_mm_free_int (heap=0xd93290, p=0x7ffff7fc3210) at /home/arjen/php-5.4.15/Zend/zend_alloc.c:2100 | |
| 2100 if (ZEND_MM_IS_FREE_BLOCK(next_block)) { | |
| (gdb) bt | |
| #0 _zend_mm_free_int (heap=0xd93290, p=0x7ffff7fc3210) at /home/arjen/php-5.4.15/Zend/zend_alloc.c:2100 | |
| #1 0x000000000066a2e2 in _zval_dtor (zvalue=<optimized out>) at /home/arjen/php-5.4.15/Zend/zend_variables.h:35 | |
| #2 _zval_ptr_dtor (zval_ptr=0x7ffff7fc6178) at /home/arjen/php-5.4.15/Zend/zend_execute_API.c:438 | |
| #3 0x0000000000685938 in zend_hash_destroy (ht=0x7ffff7fc60b8) at /home/arjen/php-5.4.15/Zend/zend_hash.c:560 | |
| #4 0x0000000000677aa2 in _zval_dtor_func (zvalue=0x7fffffffaa70) at /home/arjen/php-5.4.15/Zend/zend_variables.c:45 | |
| #5 0x00000000006e5a60 in zend_assign_to_variable (value=0x7ffff7fc5eb0, variable_ptr_ptr=0x7ffff7f8e410) at /home/arjen/php-5.4.15/Zend/zend_execute.c:937 | |
| #6 ZEND_ASSIGN_SPEC_CV_VAR_HANDLER (execute_data=0x7ffff7f8e378) at /home/arjen/php-5.4.15/Zend/zend_vm_execute.h:33084 | |
| #7 0x000000000069e3dc in execute (op_array=0x7ffff7fc5580) at /home/arjen/php-5.4.15/Zend/zend_vm_execute.h:410 | |
| #8 0x000000000066bf81 in zend_call_function (fci=fci@entry=0x7fffffffacd0, fci_cache=<optimized out>, fci_cache@entry=0x7fffffffaca0) at /home/arjen/php-5.4.15/Zend/zend_execute_API.c:958 | |
| #9 0x000000000068e965 in zend_call_method (object_pp=object_pp@entry=0x7fffffffad88, obj_ce=<optimized out>, fn_proxy=fn_proxy@entry=0x7fffffffad80, function_name=function_name@entry=0xa4b927 "__destruct", | |
| function_name_len=function_name_len@entry=10, retval_ptr_ptr=retval_ptr_ptr@entry=0x0, param_count=param_count@entry=0, arg1=arg1@entry=0x0, arg2=arg2@entry=0x0) at /home/arjen/php-5.4.15/Zend/zend_interfaces.c:97 | |
| #10 0x0000000000698135 in zend_objects_destroy_object (object=0x7ffff7fc5da8, handle=<optimized out>) at /home/arjen/php-5.4.15/Zend/zend_objects.c:123 | |
| #11 0x000000000069619d in gc_collect_cycles () at /home/arjen/php-5.4.15/Zend/zend_gc.c:816 | |
| #12 0x0000000000688669 in zif_gc_collect_cycles (ht=<optimized out>, return_value=0x7ffff7fc48d0, return_value_ptr=<optimized out>, this_ptr=<optimized out>, return_value_used=<optimized out>) | |
| at /home/arjen/php-5.4.15/Zend/zend_builtin_functions.c:361 | |
| #13 0x000000000071c790 in zend_do_fcall_common_helper_SPEC (execute_data=0x7ffff7f8e060) at /home/arjen/php-5.4.15/Zend/zend_vm_execute.h:643 | |
| #14 0x000000000069e3dc in execute (op_array=0x7ffff7fc4cc0) at /home/arjen/php-5.4.15/Zend/zend_vm_execute.h:410 | |
| #15 0x0000000000679fde in zend_execute_scripts (type=type@entry=8, retval=retval@entry=0x0, file_count=file_count@entry=3) at /home/arjen/php-5.4.15/Zend/zend.c:1315 | |
| #16 0x000000000061d499 in php_execute_script (primary_file=primary_file@entry=0x7fffffffd2a0) at /home/arjen/php-5.4.15/main/main.c:2492 | |
| #17 0x000000000071e574 in do_cli (argc=2, argv=0x7fffffffe668) at /home/arjen/php-5.4.15/sapi/cli/php_cli.c:988 | |
| #18 0x0000000000425597 in main (argc=2, argv=0x7fffffffe668) at /home/arjen/php-5.4.15/sapi/cli/php_cli.c:1364 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment