php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #65035 yield / exit segfault
Submitted: 2013-06-13 22:50 UTC Modified: 2013-06-29 20:01 UTC
From: ryan dot brothers at gmail dot com Assigned: nikic (profile)
Status: Closed Package: Reproducible crash
PHP Version: 5.5Git-2013-06-13 (snap) OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ryan dot brothers at gmail dot com
New email:
PHP Version: OS:

 

 [2013-06-13 22:50 UTC] ryan dot brothers at gmail dot com 
Description:
------------
The following script causes a segfault.  It is occurring when exit is called in a function that is called from a generator function.

Test script:
---------------
<?php
function f1()
{
    f2();

    $i = 0;

    yield $i;
}

function f2()
{
    exit;
}

$rows = f1();

foreach ($rows as $row)
{

}


Expected result:
----------------
Script exits with no output.

Actual result:
--------------
[Thu Jun 13 18:44:50 2013]  Script:  '/tmp/test.php'
---------------------------------------
/usr/local/src/php5.5-201306132030/Zend/zend_execute.h(196) : Block 0x7f7b17658d28 status:
Beginning:      Freed
    Start:      OK
      End:      Overflown (magic=0x0000005A instead of 0xEAF0B464)
                At least 4 bytes overflown
---------------------------------------

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-06-13 23:00 UTC] aharvey@php.net
-Status: Open +Status: Verified
 [2013-06-13 23:00 UTC] aharvey@php.net 
Confirmed on a current 5.5 build. Backtrace:

#0  0x0000000000a7d621 in zend_vm_stack_destroy ()
    at /home/adamh/trees/php-src/5.5/Zend/zend_execute.h:195
#1  0x0000000000a7e092 in shutdown_executor ()
    at /home/adamh/trees/php-src/5.5/Zend/zend_execute_API.c:295
#2  0x0000000000a92e4a in zend_deactivate () at /home/adamh/trees/php-
src/5.5/Zend/zend.c:939
#3  0x00000000009fb079 in php_request_shutdown (dummy=0x0)
    at /home/adamh/trees/php-src/5.5/main/main.c:1800
#4  0x0000000000b431d0 in do_cli (argc=2, argv=0x13ae240)
    at /home/adamh/trees/php-src/5.5/sapi/cli/php_cli.c:1176
#5  0x0000000000b43a65 in main (argc=2, argv=0x13ae240)
    at /home/adamh/trees/php-src/5.5/sapi/cli/php_cli.c:1377
 [2013-06-14 08:06 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2013-06-29 20:01 UTC] nikic@php.net
-Status: Verified +Status: Closed
 [2013-06-29 20:01 UTC] nikic@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Oct 25 18:00:02 2025 UTC