Skip to content

Generator crashes when interrupted during a function call with extra named params #9752

New issue
New issue
Closed
#9753
Closed
Generator crashes when interrupted during a function call with extra named params#9752
#9753
Assignees
arnaud-lb
Labels
BugCategory: EngineStatus: Verified
@arnaud-lb

Description

@arnaud-lb
arnaud-lb
opened on Oct 14, 2022

Description

The following code:

<?php

function f(...$x) {
}

function g() {
    f(a: 1, b: yield);
};

$gen = g();

foreach ($gen as $value) {
    break;
}

Resulted in this output:

Program received signal SIGSEGV, Segmentation fault.

But I expected this output instead:

Gdb:

(gdb) r
Starting program: sapi/cli/php gen2.php

Program received signal SIGSEGV, Segmentation fault.
0x000055555631b481 in zend_array_release (array=0x0) at Zend/zend_hash.h:346
346		if (!(GC_FLAGS(array) & IS_ARRAY_IMMUTABLE)) {
(gdb) bt
#0  0x000055555631b481 in zend_array_release (array=0x0) at Zend/zend_hash.h:346
#1  0x000055555631b425 in zend_free_extra_named_params (extra_named_params=0x0) at Zend/zend_execute.c:4959
#2  0x00005555563176b2 in cleanup_unfinished_calls (execute_data=0x7ffff58621e0, op_num=3) at Zend/zend_execute.c:4230
#3  0x0000555556316d2e in zend_cleanup_unfinished_execution (execute_data=0x7ffff58621e0, op_num=3, catch_op_num=0) at Zend/zend_execute.c:4319
#4  0x00005555565bbead in zend_generator_cleanup_unfinished_execution (generator=0x7ffff584e640, execute_data=0x7ffff58621e0, catch_op_num=0) at Zend/zend_generators.c:128
#5  0x00005555565bba70 in zend_generator_close (generator=0x7ffff584e640, finished_execution=false) at Zend/zend_generators.c:166
#6  0x00005555565c3a67 in zend_generator_dtor_storage (object=0x7ffff584e640) at Zend/zend_generators.c:244
#7  0x00005555566022a8 in zend_objects_store_del (object=0x7ffff584e640) at Zend/zend_objects_API.c:184
#8  0x0000555556270717 in rc_dtor_func (p=0x7ffff584e640) at Zend/zend_variables.c:57
#9  0x0000555556270805 in i_zval_ptr_dtor (zval_ptr=0x7fffffffaee0) at Zend/zend_variables.h:44
#10 0x0000555556270755 in zval_ptr_dtor (zval_ptr=0x7fffffffaee0) at Zend/zend_variables.c:84
#11 0x00005555562cecc1 in _zend_hash_del_el_ex (ht=0x555557ae3530 <executor_globals+304>, idx=7, p=0x7ffff584b2e0, prev=0x0) at Zend/zend_hash.c:1355
#12 0x00005555562cda1e in _zend_hash_del_el (ht=0x555557ae3530 <executor_globals+304>, idx=7, p=0x7ffff584b2e0) at Zend/zend_hash.c:1378
#13 0x00005555562d5613 in zend_hash_reverse_apply (ht=0x555557ae3530 <executor_globals+304>, apply_func=0x555556222510 <zval_call_destructor>) at Zend/zend_hash.c:1949
#14 0x00005555562222f0 in shutdown_destructors () at Zend/zend_execute_API.c:252
#15 0x000055555627702d in zend_call_destructors () at Zend/zend.c:1256
#16 0x0000555556099a73 in php_request_shutdown (dummy=0x0) at main/main.c:1809
#17 0x00005555567eb9a8 in do_cli (argc=2, argv=0x603000000640) at sapi/cli/php_cli.c:1135
#18 0x00005555567e80f0 in main (argc=2, argv=0x603000000640) at sapi/cli/php_cli.c:1367
(gdb) frame 2
#2  0x00005555563176b2 in cleanup_unfinished_calls (execute_data=0x7ffff58621e0, op_num=3) at Zend/zend_execute.c:4230
4230					zend_free_extra_named_params(call->extra_named_params);
(gdb) p call->extra_named_params
$1 = (zend_array *) 0x0

PHP Version

PHP 8.1 24c2970

Operating System

No response

Metadata

Metadata

Assignees

Labels

BugCategory: EngineStatus: Verified

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions