[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash when memory limit is exceeded during generator initialization #9801

Closed
arnaud-lb opened this issue Oct 21, 2022 · 1 comment · Fixed by #9802
Closed

Crash when memory limit is exceeded during generator initialization #9801

arnaud-lb opened this issue Oct 21, 2022 · 1 comment · Fixed by #9802
Assignees
@arnaud-lb
Labels
Bug Category: Engine Status: Verified

Comments

@arnaud-lb
Copy link
Member

Description

The following code:

<?php
                                                           
function a() {
    yield from a();
}

foreach(a() as $v);

Resulted in this output:

Segmentation fault

But I expected this output instead:

Fatal error: Allowed memory size of 134217728 bytes exhausted [...]

Gdb:

(gdb) r
Program received signal SIGSEGV, Segmentation fault.
zend_get_executed_lineno () at Zend/zend_execute_API.c:647
647			return ex->opline->lineno;
(gdb) bt
#0  zend_get_executed_lineno () at Zend/zend_execute_API.c:647
#1  0x000055555599b3e8 in get_filename_lineno (type=1, filename=0x7fffffffa9e8, lineno=0x7fffffffa9e4) at Zend/zend.c:1513
#2  0x000055555599b8c3 in zend_error_noreturn (type=1, format=0x555555ce2278 "Allowed memory size of %zu bytes exhausted at %s:%d (tried to allocate %zu bytes)") at Zend/zend.c:1588
#3  0x00005555559556ff in zend_mm_safe_error (heap=0x7ffff7a00040, format=0x555555ce2278 "Allowed memory size of %zu bytes exhausted at %s:%d (tried to allocate %zu bytes)", limit=134217728, filename=0x555555cfdaa8 "Zend/zend_generators.c", lineno=408, 
    size=320) at Zend/zend_alloc.c:383
#4  0x0000555555956659 in zend_mm_alloc_pages (heap=0x7ffff7a00040, pages_count=5, size=320, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at Zend/zend_alloc.c:977
#5  0x0000555555956dbc in zend_mm_alloc_small_slow (heap=0x7ffff7a00040, bin_num=16, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at Zend/zend_alloc.c:1215
#6  0x000055555595709a in zend_mm_alloc_small (heap=0x7ffff7a00040, bin_num=16, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:1279
#7  0x0000555555957309 in zend_mm_alloc_heap (heap=0x7ffff7a00040, size=304, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:1347
#8  0x000055555595a13c in _emalloc (size=272, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:2561
#9  0x0000555555a7ec78 in zend_generator_create (class_type=0x5555562cafd0) at Zend/zend_generators.c:408
#10 0x00005555559a41ad in _object_and_properties_init (arg=0x7ffff39fb550, class_type=0x5555562cafd0, properties=0x0) at Zend/zend_API.c:1704
#11 0x00005555559a4223 in object_init_ex (arg=0x7ffff39fb550, class_type=0x5555562cafd0) at Zend/zend_API.c:1718
#12 0x00005555559e0819 in ZEND_GENERATOR_CREATE_SPEC_HANDLER () at Zend/zend_vm_execute.h:2117
#13 0x0000555555a5768c in execute_ex (ex=0x7ffff39fb500) at Zend/zend_vm_execute.h:56023
#14 0x0000555555a7fcf4 in zend_generator_resume (orig_generator=0x7ffff7a8f140) at Zend/zend_generators.c:766
#15 0x0000555555a7ffb9 in zend_generator_ensure_initialized (generator=0x7ffff7a8f140) at Zend/zend_generators.c:822
#16 0x0000555555a7fff0 in zend_generator_rewind (generator=0x7ffff7a8f140) at Zend/zend_generators.c:830
#17 0x0000555555a80e86 in zend_generator_iterator_rewind (iterator=0x7ffff7a70100) at Zend/zend_generators.c:1077
#18 0x00005555559da8ca in zend_fe_reset_iterator (array_ptr=0x7ffff7a19080, by_ref=0) at Zend/zend_execute.c:4645
#19 0x0000555555a11935 in ZEND_FE_RESET_R_SPEC_VAR_HANDLER () at Zend/zend_vm_execute.h:21889
#20 0x0000555555a5a378 in execute_ex (ex=0x7ffff7a19020) at Zend/zend_vm_execute.h:58200
#21 0x0000555555a5cdee in zend_execute (op_array=0x7ffff7a8f000, return_value=0x0) at Zend/zend_vm_execute.h:60343
#22 0x000055555599c3c9 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at Zend/zend.c:1780
#23 0x00005555558f42d1 in php_execute_script (primary_file=0x7fffffffca30) at main/main.c:2477
#24 0x0000555555b1c93b in do_cli (argc=2, argv=0x555556222810) at sapi/cli/php_cli.c:964
#25 0x0000555555b1d634 in main (argc=2, argv=0x555556222810) at sapi/cli/php_cli.c:1333
(gdb) list
642		if (ex) {
643			if (EG(exception) && ex->opline->opcode == ZEND_HANDLE_EXCEPTION &&
644			    ex->opline->lineno == 0 && EG(opline_before_exception)) {
645				return EG(opline_before_exception)->lineno;
646			}
647			return ex->opline->lineno;
648		} else {
649			return 0;
650		}
651	}
(gdb) p ex->opline
$1 = (const zend_op *) 0x0

PHP Version

PHP 8.0 f702f87

Operating System

No response
@arnaud-lb arnaud-lb self-assigned this Oct 21, 2022
@arnaud-lb arnaud-lb mentioned this issue Oct 21, 2022
Merged
@cmb69
Copy link
Member
cmb69 commented Oct 22, 2022

Fixed with 26c7c82.

@cmb69 cmb69 closed this as completed Oct 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arnaud-lb arnaud-lb

Labels
Bug Category: Engine Status: Verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix crash when memory limit is exceeded during generator initialization arnaud-lb/php-src
3 participants
@arnaud-lb @cmb69 and others