PHP :: Bug #68370 :: "unset($this)" can make the program crash

Bug #68370	"unset($this)" can make the program crash
Submitted:	2014-11-07 09:06 UTC	Modified:	2014-11-10 04:44 UTC
From:	drewparoski at gmail dot com	Assigned:	laruence (profile)
Status:	Closed	Package:	Reproducible crash
PHP Version:	5.6.2	OS:	CentOS Linux 6.3
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	drewparoski at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2014-11-07 09:06 UTC] drewparoski at gmail dot com

Description:
------------
Doing "unset($this);" inside a non-static method can make the program crash.

I provided an example that crashes on PHP 5.3.0 - 5.6.2.

Test script:
---------------
<?php
class C {
  public function test() {
    unset($this);
    return get_defined_vars();
  }
}
$c = new C();
$x = $c->test();
unset($c, $x);
echo "Done\n";

Expected result:
----------------
Done

Actual result:
--------------
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2014-11-07 13:18 UTC] aharvey@php.net

-Status: Open +Status: Feedback

[2014-11-07 13:18 UTC] aharvey@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

[2014-11-08 07:16 UTC] drewparoski at gmail dot com

-Status: Feedback +Status: Open

[2014-11-08 07:16 UTC] drewparoski at gmail dot com

Backtrace (PHP 5.5.8):

#0  0x00000000006dcc11 in gc_zval_possible_root (zv=0x7ffff7fd9b70)
    at /home/user/php-5.5.8/Zend/zend_gc.c:143
#1  0x00000000006ca03b in zend_hash_destroy (ht=0x7ffff7fdd288)
    at /home/user/php-5.5.8/Zend/zend_hash.c:560
#2  0x00000000006bbccb in _zval_dtor_func (zvalue=0x7ffff7fd9b10)
    at /home/user/php-5.5.8/Zend/zend_variables.c:45
#3  0x00000000006ae170 in _zval_dtor (zvalue=0x7ffff7fd9b10)
    at /home/user/php-5.5.8/Zend/zend_variables.h:35
#4  i_zval_ptr_dtor (zval_ptr=0x7ffff7fd9b10)
    at /home/user/php-5.5.8/Zend/zend_execute.h:81
#5  _zval_ptr_dtor (zval_ptr=<optimized out>)
    at /home/user/php-5.5.8/Zend/zend_execute_API.c:426
#6  0x00000000006cbe4c in zend_hash_del_key_or_index (
    ht=0xdd9d28 <executor_globals+360>, arKey=<optimized out>,
    nKeyLength=<optimized out>, h=<optimized out>, flag=<optimized out>)
    at /home/user/php-5.5.8/Zend/zend_hash.c:532
#7  0x00000000006ad9ae in zend_delete_variable (ex=0x0,
    ht=0xdd9d28 <executor_globals+360>, name=0x7ffff7ec91b8 "x", name_len=2,
    hash_value=5863869)
    at /home/user/php-5.5.8/Zend/zend_execute_API.c:1687
#8  0x000000000073d5ef in ZEND_UNSET_VAR_SPEC_CV_UNUSED_HANDLER (
    execute_data=0x7ffff7fa6160)
    at /home/user/php-5.5.8/Zend/zend_vm_execute.h:38539home/user
#9  0x000000000072ff50 in execute_ex (execute_data=0x7ffff7fa6160)
    at /home/user/php-5.5.8/Zend/zend_vm_execute.h:363
#10 0x00000000006bbff9 in zend_execute_scripts (type=8, retval=0x0,
    file_count=3) at /home/user/php-5.5.8/Zend/zend.c:1316
#11 0x000000000065dde9 in php_execute_script (primary_file=0x7fffffffddc0)
    at /home/user/php-5.5.8/main/main.c:2506
#12 0x000000000076c7ec in do_cli (argc=2, argv=0xddc090)
    at /home/user/php-5.5.8/sapi/cli/php_cli.c:994
#13 0x000000000076cf88 in main (argc=2, argv=0xddc090)
    at /home/user/php-5.5.8/sapi/cli/php_cli.c:1378

[2014-11-10 04:44 UTC] laruence@php.net

-Assigned To: +Assigned To: laruence

[2014-11-10 05:51 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ab849392549c41fd3fc3d6ed2a324688f2afe47d
Log: Fixed bug #68370 (&quot;unset($this)&quot; can make the program crash)

[2014-11-10 05:51 UTC] laruence@php.net

-Status: Assigned +Status: Closed

[2014-11-10 05:52 UTC] laruence@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ab849392549c41fd3fc3d6ed2a324688f2afe47d
Log: Fixed bug #68370 (&quot;unset($this)&quot; can make the program crash)

[2014-11-18 20:34 UTC] ab@php.net

Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ab849392549c41fd3fc3d6ed2a324688f2afe47d
Log: Fixed bug #68370 (&quot;unset($this)&quot; can make the program crash)

[2014-12-23 06:08 UTC] jaydeep dot ghosh at floretmedia dot org

unset($c, $x);
what this line means , i have no idea. can anyone help me out wid this.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Nov 23 03:01:32 2024 UTC