From: mark dot chong at acquireap dot com Operating system: ubuntu PHP version: 5.4.15 Package: Reproducible crash Bug Type: Bug Bug description:Segfault with gc_collect_cycles using unserialize on certain objects
Description: ------------ There are a few open bugs this may duplicate, but I have a reproducible case under very specific circumstances: Having an object that has a. circular reference b. changes global variable on destructor If this object is unserialize()'d then gc_collect_cycles will cause a segfault Test script: --------------- <?php class bad { private $_private = array(); public function __construct() { $this->_private[] = 'oh noes'; } public function __destruct() { //echo "bad::destructor\n"; global $bar; $bar = $this->_private; } } $foo = new stdclass; $foo->foo = $foo; $foo->bad = new bad; print_r($foo); gc_disable(); for ($i=0; true; $i++) { $deep_clone = unserialize(serialize($foo)); gc_collect_cycles(); var_dump($i); } Expected result: ---------------- Script should run indefinitely. Actual result: -------------- int(0) int(1) Segmentation fault (core dumped) -- Edit bug report at https://bugs.php.net/bug.php?id=64896&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=64896&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=64896&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=64896&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=64896&r=fixed Fixed in release: https://bugs.php.net/fix.php?id=64896&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=64896&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=64896&r=needscript Try newer version: https://bugs.php.net/fix.php?id=64896&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=64896&r=support Expected behavior: https://bugs.php.net/fix.php?id=64896&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=64896&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=64896&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=64896&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=64896&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=64896&r=dst IIS Stability: https://bugs.php.net/fix.php?id=64896&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=64896&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=64896&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=64896&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=64896&r=mysqlcfg