[PHP-BUG] Bug #63596 [NEW]: finally in generators segfaults since the new finally implementation

ni...@php.net Sat, 24 Nov 2012 08:58:25 -0800

From:             nikic
Operating system: 
PHP version:      master-Git-2012-11-24 (Git)
Package:          Scripting Engine problem
Bug Type:         Bug
Bug description:finally in generators segfaults since the new finally 
implementation


Description:
------------
Since
https://github.com/php/php-src/commit/eb4825b50b1f4d20b574d8f66acf26e35180e7e6
the test Zend/tests/generators/finally_ran_on_close.phpt segfaults.

Output:

before yield
finally run
Segmentation fault (core dumped)

Backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x086c6e21 in execute_ex (execute_data=0xb7fb868c, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_vm_execute.h:435
435                     if ((ret = OPLINE->handler(execute_data TSRMLS_CC)) > 
0) {
(gdb) bt
#0  0x086c6e21 in execute_ex (execute_data=0xb7fb868c, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_vm_execute.h:435
#1  0x086b43d7 in zend_generator_resume (generator=0xb7fb7f20, 
    tsrm_ls=0x8d4a070) at
/home/nikic/dev/php-src/Zend/zend_generators.c:535
#2  0x086b2bf6 in zend_generator_close (generator=0xb7fb7f20, 
    finished_execution=0 '\000', tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_generators.c:64
#3  0x086b30b1 in zend_generator_free_storage (generator=0xb7fb7f20, 
    tsrm_ls=0x8d4a070) at
/home/nikic/dev/php-src/Zend/zend_generators.c:195
#4  0x086bfb8e in zend_objects_store_del_ref_by_handle_ex (handle=1, 
    handlers=0x8d47700, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_objects_API.c:220
#5  0x086bf7fd in zend_objects_store_del_ref (zobject=0xb7fb6214, 
    tsrm_ls=0x8d4a070) at
/home/nikic/dev/php-src/Zend/zend_objects_API.c:172
#6  0x08684659 in _zval_dtor_func (zvalue=0xb7fb6214, 
    __zend_filename=0x8c87e44
"/home/nikic/dev/php-src/Zend/zend_execute_API.c", __zend_lineno=439) at
/home/nikic/dev/php-src/Zend/zend_variables.c:54
#7  0x08672b43 in _zval_dtor (__zend_lineno=<optimized out>, 
    __zend_filename=0x8c87e44
"/home/nikic/dev/php-src/Zend/zend_execute_API.c", zvalue=0xb7fb6214) at
/home/nikic/dev/php-src/Zend/zend_variables.h:35
#8  _zval_ptr_dtor (zval_ptr=0xb7fb7bc0, 
    __zend_filename=0x8c89164
"/home/nikic/dev/php-src/Zend/zend_variables.c", 
    __zend_lineno=182) at
/home/nikic/dev/php-src/Zend/zend_execute_API.c:439
#9  0x08684a5e in _zval_ptr_dtor_wrapper (zval_ptr=0xb7fb7bc0)
    at /home/nikic/dev/php-src/Zend/zend_variables.c:182
#10 0x08698ac5 in zend_hash_del_key_or_index (ht=0x8d4bb88, 
    arKey=0xb7fb7da4 "gen", nKeyLength=4, h=2090288735, flag=2)
    at /home/nikic/dev/php-src/Zend/zend_hash.c:531
#11 0x08677af9 in zend_delete_variable (ex=0x0, ht=0x8d4bb88, 
    name=0xb7fb7da4 "gen", name_len=4, hash_value=2090288735, 
    tsrm_ls=0x8d4a070) at
/home/nikic/dev/php-src/Zend/zend_execute_API.c:1703
#12 0x087d8ec9 in ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER (
    execute_data=0xb7f9a07c, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_vm_execute.h:38546
#13 0x086c6e2d in execute_ex (execute_data=0xb7f9a07c, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_vm_execute.h:435
#14 0x086c6f18 in execute (op_array=0xb7fb6acc, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/Zend/zend_vm_execute.h:460
#15 0x08688d5d in zend_execute_scripts (type=8, tsrm_ls=0x8d4a070,
retval=0x0, 
    file_count=3) at /home/nikic/dev/php-src/Zend/zend.c:1309
#16 0x085ea548 in php_execute_script (primary_file=0xbfffe0d0, 
    tsrm_ls=0x8d4a070) at /home/nikic/dev/php-src/main/main.c:2468
#17 0x087e75b1 in do_cli (argc=2, argv=0xbffff374, tsrm_ls=0x8d4a070)
    at /home/nikic/dev/php-src/sapi/cli/php_cli.c:988
#18 0x087e8aec in main (argc=2, argv=0xbffff374)
    at /home/nikic/dev/php-src/sapi/cli/php_cli.c:1364


The relevant code in the generator storage free handler:
http://lxr.php.net/xref/PHP_TRUNK/Zend/zend_generators.c#36.



-- 
Edit bug report at https://bugs.php.net/bug.php?id=63596&edit=1
-- 
Try a snapshot (PHP 5.4):   
https://bugs.php.net/fix.php?id=63596&r=trysnapshot54
Try a snapshot (PHP 5.3):   
https://bugs.php.net/fix.php?id=63596&r=trysnapshot53
Try a snapshot (trunk):     
https://bugs.php.net/fix.php?id=63596&r=trysnapshottrunk
Fixed in SVN:               https://bugs.php.net/fix.php?id=63596&r=fixed
Fixed in release:           https://bugs.php.net/fix.php?id=63596&r=alreadyfixed
Need backtrace:             https://bugs.php.net/fix.php?id=63596&r=needtrace
Need Reproduce Script:      https://bugs.php.net/fix.php?id=63596&r=needscript
Try newer version:          https://bugs.php.net/fix.php?id=63596&r=oldversion
Not developer issue:        https://bugs.php.net/fix.php?id=63596&r=support
Expected behavior:          https://bugs.php.net/fix.php?id=63596&r=notwrong
Not enough info:            
https://bugs.php.net/fix.php?id=63596&r=notenoughinfo
Submitted twice:            
https://bugs.php.net/fix.php?id=63596&r=submittedtwice
register_globals:           https://bugs.php.net/fix.php?id=63596&r=globals
PHP 4 support discontinued: https://bugs.php.net/fix.php?id=63596&r=php4
Daylight Savings:           https://bugs.php.net/fix.php?id=63596&r=dst
IIS Stability:              https://bugs.php.net/fix.php?id=63596&r=isapi
Install GNU Sed:            https://bugs.php.net/fix.php?id=63596&r=gnused
Floating point limitations: https://bugs.php.net/fix.php?id=63596&r=float
No Zend Extensions:         https://bugs.php.net/fix.php?id=63596&r=nozend
MySQL Configuration Error:  https://bugs.php.net/fix.php?id=63596&r=mysqlcfg

[PHP-BUG] Bug #63596 [NEW]: finally in generators segfaults since the new finally implementation

Reply via email to