Skip to content

Crash when memory limit is exceeded during generator initialization #9801

New issue
New issue
Closed
#9802
Closed
Crash when memory limit is exceeded during generator initialization#9801
#9802
Assignees
arnaud-lb
Labels
BugCategory: EngineStatus: Verified
@arnaud-lb

Description

@arnaud-lb
arnaud-lb
opened on Oct 21, 2022

Description

The following code:

<?php
                                                           
function a() {
    yield from a();
}

foreach(a() as $v);

Resulted in this output:

Segmentation fault

But I expected this output instead:

Fatal error: Allowed memory size of 134217728 bytes exhausted [...]

Gdb:

(gdb) r
Program received signal SIGSEGV, Segmentation fault.
zend_get_executed_lineno () at Zend/zend_execute_API.c:647
647			return ex->opline->lineno;
(gdb) bt
#0  zend_get_executed_lineno () at Zend/zend_execute_API.c:647
#1  0x000055555599b3e8 in get_filename_lineno (type=1, filename=0x7fffffffa9e8, lineno=0x7fffffffa9e4) at Zend/zend.c:1513
#2  0x000055555599b8c3 in zend_error_noreturn (type=1, format=0x555555ce2278 "Allowed memory size of %zu bytes exhausted at %s:%d (tried to allocate %zu bytes)") at Zend/zend.c:1588
#3  0x00005555559556ff in zend_mm_safe_error (heap=0x7ffff7a00040, format=0x555555ce2278 "Allowed memory size of %zu bytes exhausted at %s:%d (tried to allocate %zu bytes)", limit=134217728, filename=0x555555cfdaa8 "Zend/zend_generators.c", lineno=408, 
    size=320) at Zend/zend_alloc.c:383
#4  0x0000555555956659 in zend_mm_alloc_pages (heap=0x7ffff7a00040, pages_count=5, size=320, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at Zend/zend_alloc.c:977
#5  0x0000555555956dbc in zend_mm_alloc_small_slow (heap=0x7ffff7a00040, bin_num=16, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0)
    at Zend/zend_alloc.c:1215
#6  0x000055555595709a in zend_mm_alloc_small (heap=0x7ffff7a00040, bin_num=16, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:1279
#7  0x0000555555957309 in zend_mm_alloc_heap (heap=0x7ffff7a00040, size=304, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:1347
#8  0x000055555595a13c in _emalloc (size=272, __zend_filename=0x555555cfdaa8 "Zend/zend_generators.c", __zend_lineno=408, __zend_orig_filename=0x0, __zend_orig_lineno=0) at Zend/zend_alloc.c:2561
#9  0x0000555555a7ec78 in zend_generator_create (class_type=0x5555562cafd0) at Zend/zend_generators.c:408
#10 0x00005555559a41ad in _object_and_properties_init (arg=0x7ffff39fb550, class_type=0x5555562cafd0, properties=0x0) at Zend/zend_API.c:1704
#11 0x00005555559a4223 in object_init_ex (arg=0x7ffff39fb550, class_type=0x5555562cafd0) at Zend/zend_API.c:1718
#12 0x00005555559e0819 in ZEND_GENERATOR_CREATE_SPEC_HANDLER () at Zend/zend_vm_execute.h:2117
#13 0x0000555555a5768c in execute_ex (ex=0x7ffff39fb500) at Zend/zend_vm_execute.h:56023
#14 0x0000555555a7fcf4 in zend_generator_resume (orig_generator=0x7ffff7a8f140) at Zend/zend_generators.c:766
#15 0x0000555555a7ffb9 in zend_generator_ensure_initialized (generator=0x7ffff7a8f140) at Zend/zend_generators.c:822
#16 0x0000555555a7fff0 in zend_generator_rewind (generator=0x7ffff7a8f140) at Zend/zend_generators.c:830
#17 0x0000555555a80e86 in zend_generator_iterator_rewind (iterator=0x7ffff7a70100) at Zend/zend_generators.c:1077
#18 0x00005555559da8ca in zend_fe_reset_iterator (array_ptr=0x7ffff7a19080, by_ref=0) at Zend/zend_execute.c:4645
#19 0x0000555555a11935 in ZEND_FE_RESET_R_SPEC_VAR_HANDLER () at Zend/zend_vm_execute.h:21889
#20 0x0000555555a5a378 in execute_ex (ex=0x7ffff7a19020) at Zend/zend_vm_execute.h:58200
#21 0x0000555555a5cdee in zend_execute (op_array=0x7ffff7a8f000, return_value=0x0) at Zend/zend_vm_execute.h:60343
#22 0x000055555599c3c9 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at Zend/zend.c:1780
#23 0x00005555558f42d1 in php_execute_script (primary_file=0x7fffffffca30) at main/main.c:2477
#24 0x0000555555b1c93b in do_cli (argc=2, argv=0x555556222810) at sapi/cli/php_cli.c:964
#25 0x0000555555b1d634 in main (argc=2, argv=0x555556222810) at sapi/cli/php_cli.c:1333
(gdb) list
642		if (ex) {
643			if (EG(exception) && ex->opline->opcode == ZEND_HANDLE_EXCEPTION &&
644			    ex->opline->lineno == 0 && EG(opline_before_exception)) {
645				return EG(opline_before_exception)->lineno;
646			}
647			return ex->opline->lineno;
648		} else {
649			return 0;
650		}
651	}
(gdb) p ex->opline
$1 = (const zend_op *) 0x0

PHP Version

PHP 8.0 f702f87

Operating System

No response

Metadata

Metadata

Assignees

Labels

BugCategory: EngineStatus: Verified

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions