php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70187 [Introduced in PHP 7] Notice: unserialize(): Unexpected end of serialized data
Submitted: 2015-08-03 07:22 UTC Modified: 2015-08-25 09:48 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: pagescene at gmail dot com Assigned: dmitry (profile)
Status: Closed Package: Unknown/Other Function
PHP Version: 7.0.0beta2 OS: Windows 7
Private report: No CVE-ID: None
 [2015-08-03 07:22 UTC] pagescene at gmail dot com
Description:
------------
Conf: Drupal site (version 7) latest release. Inside Drupal's Views display pages I get:

Notice: unserialize(): Unexpected end of serialized data in ctools_object_cache_get() (line 48 of C:\WWW\int\sites\all\modules\ctools\includes\object-cache.inc).
Notice: unserialize(): Error at offset 15910 of 74156 bytes in ctools_object_cache_get() (line 48 of C:\WWW\int\sites\all\modules\ctools\includes\object-cache.inc).

While editing Drupal's views displays, cTools stores modifications inside Drupal's cache tables before they are saved permanently inside the DB. This functionality is also affected: settings are never saved to the DB and they  revert always to the ones set up previously under PHP 5.6.

Related issue: trying to add a new page to an existing view returns unauthorized message (e.g. you are not authorized to access this page).

All this was working very fine under PHP 5.6 but got introduced in PHP 7.

Any idea what might be going on here? Thanks.

Test script:
---------------
http://www.drupalcontrib.org/api/drupal/contributions%21ctools%21includes%21object-cache.inc/function/ctools_object_cache_get/7


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-08-03 12:57 UTC] cmb@php.net
-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb
 [2015-08-03 12:57 UTC] cmb@php.net
Have you consulted a Drupal support channel? It is possible that
Drupal 7 is not supposed to be compatible with PHP 7.
 [2015-08-03 14:06 UTC] pagescene at gmail dot com
-Status: Feedback +Status: Assigned
 [2015-08-03 14:06 UTC] pagescene at gmail dot com
I did submit an issue to Views maintainers but no response yet. The strange thing is that PHP's 5.6 serialize() function manages to serialize the views object in a manner that allows successful unserialization, but the same function fails under PHP 7.
 [2015-08-03 17:16 UTC] cmb@php.net
-Assigned To: cmb +Assigned To:
 [2015-08-05 19:23 UTC] pagescene at gmail dot com
More information:

The error I get is this:

Notice: unserialize(): Error at offset 2101 of 3558 bytes in ***

Under HHVM I get:
Notice: Unable to unserialize: [{the string}]. Expected ':' but got 's'. in ***

The strange thing that there is no : in the specified position.

Allow me to attach the string to be unserialized and that causes the problem:

O:4:"view":55:{s:8:"db_table";s:10:"views_view";s:10:"base_table";s:4:"node";s:10:"base_field";s:3:"nid";s:4:"name";s:2:"fd";s:3:"vid";s:1:"1";s:11:"description";s:0:"";s:3:"tag";s:7:"default";s:10:"human_name";s:2:"fd";s:4:"core";s:1:"7";s:11:"api_version";N;s:8:"disabled";N;s:5:"built";b:0;s:8:"executed";b:0;s:7:"editing";b:1;s:4:"args";a:0:{}s:10:"build_info";a:0:{}s:8:"use_ajax";b:0;s:6:"result";a:0:{}s:12:"current_page";N;s:14:"items_per_page";N;s:6:"offset";N;s:10:"total_rows";N;s:17:"attachment_before";s:0:"";s:16:"attachment_after";s:0:"";s:17:"exposed_raw_input";a:0:{}s:8:"old_view";a:0:{}s:12:"parent_views";a:0:{}s:13:"is_attachment";N;s:5:"query";N;s:7:"display";a:2:{s:7:"default";O:13:"views_display":8:{s:15:"display_options";a:12:{s:5:"query";a:2:{s:4:"type";s:11:"views_query";s:7:"options";a:0:{}}s:6:"access";a:2:{s:4:"type";s:4:"perm";s:4:"perm";s:14:"access content";}s:5:"cache";a:1:{s:4:"type";s:4:"none";}s:12:"exposed_form";a:1:{s:4:"type";s:5:"basic";}s:5:"pager";a:2:{s:4:"type";s:4:"full";s:7:"options";a:1:{s:14:"items_per_page";s:2:"10";}}s:12:"style_plugin";s:7:"default";s:10:"row_plugin";s:4:"node";s:6:"fields";a:1:{s:5:"title";a:8:{s:2:"id";s:5:"title";s:5:"table";s:4:"node";s:5:"field";s:5:"title";s:5:"label";s:0:"";s:5:"alter";a:8:{s:10:"alter_text";i:0;s:9:"make_link";i:0;s:8:"absolute";i:0;s:4:"trim";i:0;s:13:"word_boundary";i:0;s:8:"ellipsis";i:0;s:10:"strip_tags";i:0;s:4:"html";i:0;}s:10:"hide_empty";i:0;s:10:"empty_zero";i:0;s:12:"link_to_node";i:1;}}s:7:"filters";a:1:{s:6:"status";a:6:{s:5:"value";i:1;s:5:"table";s:4:"node";s:5:"field";s:6:"status";s:2:"id";s:6:"status";s:6:"expose";a:1:{s:8:"operator";b:0;}s:5:"group";i:1;}}s:5:"sorts";a:1:{s:7:"created";a:4:{s:2:"id";s:7:"created";s:5:"table";s:4:"node";s:5:"field";s:7:"created";s:5:"order";s:4:"DESC";}}s:5:"title";s:2:"fd";s:11:"row_options";a:3:{s:10:"build_mode";s:6:"teaser";s:5:"links";b:1;s:8:"comments";b:0;}}s:8:"db_table";s:13:"views_display";s:3:"vid";s:1:"1";s:2:"id";s:7:"default";s:13:"display_title";s:6:"Master";s:14:"display_plugin";s:7:"default";s:8:"position";s:1:"1";}s:4:"page";O:13:"views_display":8:{s:15:"display_options";a:2:{s:5:"query";a:2:{s:4:"type";s:11:"views_query";s:7:"options";a:0:{}}s:4:"path";s:3:"ooo";}s:8:"db_table";s:13:"views_display";s:3:"vid";s:1:"1";s:2:"id";s:4:"page";s:13:"display_title";s:4:"Page";s:14:"display_plugin";s:4:"page";s:8:"position";s:1:"2";}}s:12:"style_plugin";N;s:13:"style_options";N;s:9:"row_index";N;s:12:"override_url";N;s:13:"override_path";N;s:13:"base_database";N;s:5:"field";N;s:8:"argument";N;s:4:"sort";N;s:6:"filter";N;s:12:"relationship";N;s:6:"header";N;s:6:"footer";N;s:5:"empty";N;s:5:"table";s:10:"views_view";s:4:"type";s:6:"Normal";s:11:"export_type";i:1;s:6:"locked";b:0;s:19:"localization_plugin";O:30:"views_plugin_localization_none":9:{s:9:"translate";b:0;s:14:"export_strings";a:0:{}s:4:"view";R:1;s:7:"display";N;s:11:"plugin_type";s:12:"localization";s:11:"plugin_name";s:4:"none";s:7:"options";a:0:{}s:10:"definition";a:11:{s:5:"title";s:4:"None";s:4:"help";s:42:"Do not pass admin strings for translation.";s:7:"handler";s:30:"views_plugin_localization_none";s:10:"help topic";s:17:"localization-none";s:6:"module";s:5:"views";s:10:"theme path";s:29:"sites/all/modules/views/theme";s:10:"theme file";s:9:"theme.inc";s:4:"path";s:31:"sites/all/modules/views/plugins";s:4:"file";s:34:"views_plugin_localization_none.inc";s:6:"parent";s:6:"parent";s:4:"name";s:4:"none";}s:9:"is_plugin";b:1;}s:7:"changed";b:1;s:15:"changed_display";a:1:{s:4:"page";b:1;}}
 [2015-08-23 15:56 UTC] jhdxr@php.net
-Status: Open +Status: Feedback
 [2015-08-23 15:56 UTC] jhdxr@php.net
I tried to unserialize your string <https://3v4l.org/EYtah>, but failed in all php version, including php5.6. Is there any invisible characters in your original string?
 [2015-08-23 16:43 UTC] cmb@php.net
For some reason the serialized string is corrupt. Both
view_display objects declare to have 8 properties, but they only
have 7. The views_display object declares to have 55 properties,
but it has only 51. Fixing these issues manually lets
unserialize() succeed, see <https://3v4l.org/Pvr91>.

So obviously, this is not an issue with unserialize(), but rather
with serialize(). It would be helpful to have a minimal reproduce
script.
 [2015-08-23 17:40 UTC] nikic@php.net
If I were to venture a guess, it's because there is an object with a dynamic properties HT, which contains and INDIRECT to and UNDEF. The hashtable count will then include the UNDEF, but it will not be actually present in the properties list.
 [2015-08-23 17:42 UTC] nikic@php.net
Here we go: https://3v4l.org/KiLqN

class A { public $b; }
$a = new A;
var_dump($a); // force properties HT
unset($a->b);
var_dump(serialize($a));

Results in "O:1:"A":1:{}" while it should be "O:1:"A":0:{}".
 [2015-08-23 19:57 UTC] cmb@php.net
-Status: Feedback +Status: Verified
 [2015-08-25 09:22 UTC] pagescene at gmail dot com
Thanks very much to you all for looking into this issue.

So do you think this is a PHP 7 bug or does the Drupal Views code need to be adjusted for PHP 7?

The error appears only under PHP 7.

@nikic@php.net, would you please explain this part from your comment:

"t's because there is an object with a dynamic properties HT, which contains and INDIRECT to and UNDEF" ..

The View's class definition is here (expand View source item in page):
https://api.drupal.org/api/views/includes%21view.inc/7

The ctools_object_cache code (where the view's object gets serialized):
http://www.drupalcontrib.org/api/drupal/contributions%21ctools%21includes%21object-cache.inc/7

Thanks.
 [2015-08-25 09:48 UTC] nikic@php.net
-Assigned To: +Assigned To: dmitry
 [2015-08-25 09:48 UTC] nikic@php.net
@pagescene: This is definitely a bug in PHP 7. You shouldn't change the Drupal code for this ;)

The problem is basically that in PHP 7 count($array) is no longer precise (i.e. does not match the actual number of elements in the array) in some very limited circumstances. One such case is doing something like count($object->getAllProperties()) if there exists some property that was declared on the class and later unset(). In this case the count() will be reported to be one larger than it really is.

@dmitry: Could you take a look at this? Is there some way to fix this short of doing a full table scan beforehand (or serializing the contents into a separate buffer first and counting elements while doing so)?
 [2015-08-26 00:27 UTC] dmitry@php.net
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=25f9e255264d8196f51a22707e797977e4cd3995
Log: Fixed bug #70187 (Notice: unserialize(): Unexpected end of serialized data)
 [2015-08-26 00:27 UTC] dmitry@php.net
-Status: Verified +Status: Closed
 [2015-08-26 06:47 UTC] pagescene at gmail dot com
Thanks very much @nikic & @dmitry. I can confirm that the latest commits to php-src fixed the issue. Drupal Views works flawlessly now. All the best :-)
 [2015-09-03 18:10 UTC] ab@php.net
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=25f9e255264d8196f51a22707e797977e4cd3995
Log: Fixed bug #70187 (Notice: unserialize(): Unexpected end of serialized data)
 [2016-07-20 11:36 UTC] davey@php.net
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=25f9e255264d8196f51a22707e797977e4cd3995
Log: Fixed bug #70187 (Notice: unserialize(): Unexpected end of serialized data)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Nov 22 00:01:30 2024 UTC