Stanislav Malyshev wrote:
I think you are right, it should be fixed in zend_post_incdec_property. Do you have reproducing code example so it can be tested?
No it cannot be tested. In the default configuration Zend_MM is activated. This will catch double frees. No violation will happen when it is activated. This is why valgrind etc... do not catch it.
And I think there is another bug with simple classes on termination of a request.
class xy
{
function a()
{
}
}$y = new xy();
crashes over here with Hardened-PHP applied AND maintainer-zts activated. It crashs in a llist destruction from within
zend_deactivate. The reason for the crash seems that the memory
pointed to by TRMS_ls is already freed.
Stefan
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
