PHP  
 PHP_5_6
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

Valgrind Report for Zend/tests/bug64896.phpt ('Bug #64896 (Segfault with gc_collect_cycles using unserialize on certain objects)')

Script

1: <?php
2: $bar 
NULL;
3: class 
bad
4:
{
5:     private 
$_private = array();
6:
7:     public function 
__construct()
8:     {
9:         
$this->_private[] = 'php';
10:     }
11:
12:     public function 
__destruct()
13:     {
14:         global 
$bar;
15:         
$bar $this;
16:     }
17: }
18:
19:
$foo = new stdclass;
20:
$foo->foo $foo;
21:
$foo->bad = new bad;
22:
23:
gc_disable();
24:
25:
unserialize(serialize($foo));
26:
gc_collect_cycles();
27:
var_dump($bar); 
28:
/*  will output:
29: object(bad)#4 (1) {
30:   ["_private":"bad":private]=>
31:   &UNKNOWN:0
32: }
33: */
34:
?>
35:

Report

==29781== Invalid read of size 1
==29781==    at 0xCB9CD1: php_var_dump (var.c:99)
==29781==    by 0xCB9C41: php_object_property_dump (var.c:82)
==29781==    by 0xEF76DD: zend_hash_apply_with_arguments (zend_hash.c:701)
==29781==    by 0xCBA5BE: php_var_dump (var.c:146)
==29781==    by 0xCBA8D0: zif_var_dump (var.c:183)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==  Address 0x153e9254 is 20 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 1
==29781==    at 0xCB9DC4: zval_isref_p (zend.h:415)
==29781==    by 0xCB9DC4: php_var_dump (var.c:104)
==29781==    by 0xCB9C41: php_object_property_dump (var.c:82)
==29781==    by 0xEF76DD: zend_hash_apply_with_arguments (zend_hash.c:701)
==29781==    by 0xCBA5BE: php_var_dump (var.c:146)
==29781==    by 0xCBA8D0: zif_var_dump (var.c:183)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==  Address 0x153e9255 is 21 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 4
==29781==    at 0xEB71D3: zval_delref_p (zend.h:411)
==29781==    by 0xEB71D3: i_zval_ptr_dtor (zend_execute.h:76)
==29781==    by 0xEB71D3: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9250 is 16 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid write of size 4
==29781==    at 0xEB71DD: zval_delref_p (zend.h:411)
==29781==    by 0xEB71DD: i_zval_ptr_dtor (zend_execute.h:76)
==29781==    by 0xEB71DD: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9250 is 16 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 4
==29781==    at 0xEB71E4: zval_delref_p (zend.h:411)
==29781==    by 0xEB71E4: i_zval_ptr_dtor (zend_execute.h:76)
==29781==    by 0xEB71E4: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9250 is 16 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 4
==29781==    at 0xEB72C9: zval_refcount_p (zend.h:399)
==29781==    by 0xEB72C9: i_zval_ptr_dtor (zend_execute.h:82)
==29781==    by 0xEB72C9: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9250 is 16 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid write of size 1
==29781==    at 0xEB72DD: zval_unset_isref_p (zend.h:423)
==29781==    by 0xEB72DD: i_zval_ptr_dtor (zend_execute.h:83)
==29781==    by 0xEB72DD: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9255 is 21 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 1
==29781==    at 0xEB72FF: gc_zval_check_possible_root (zend_gc.h:182)
==29781==    by 0xEB72FF: i_zval_ptr_dtor (zend_execute.h:86)
==29781==    by 0xEB72FF: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9254 is 20 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 
==29781== Invalid read of size 1
==29781==    at 0xEB731D: gc_zval_check_possible_root (zend_gc.h:182)
==29781==    by 0xEB731D: i_zval_ptr_dtor (zend_execute.h:86)
==29781==    by 0xEB731D: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF6CF1: zend_hash_destroy (zend_hash.c:548)
==29781==    by 0xF2C524: zend_object_std_dtor (zend_objects.c:44)
==29781==    by 0xF2CC88: zend_objects_free_object_storage (zend_objects.c:137)
==29781==    by 0xF3C1A6: zend_objects_store_del_ref_by_handle_ex (zend_objects_API.c:226)
==29781==    by 0xF3BD40: zend_objects_store_del_ref (zend_objects_API.c:178)
==29781==    by 0xED6EFF: _zval_dtor_func (zend_variables.c:57)
==29781==    by 0xEB7275: _zval_dtor (zend_variables.h:35)
==29781==    by 0xEB7275: i_zval_ptr_dtor (zend_execute.h:79)
==29781==    by 0xEB7275: _zval_ptr_dtor (zend_execute_API.c:424)
==29781==    by 0xEF4550: i_zend_hash_bucket_delete (zend_hash.c:182)
==29781==    by 0xEF4550: zend_hash_bucket_delete (zend_hash.c:192)
==29781==    by 0xEF7910: zend_hash_reverse_apply (zend_hash.c:733)
==29781==    by 0xEB636C: shutdown_destructors (zend_execute_API.c:214)
==29781==    by 0xEDA7C2: zend_call_destructors (zend.c:944)
==29781==  Address 0x153e9254 is 20 bytes inside a block of size 32 free'd
==29781==    at 0x4C27CA4: free (vg_replace_malloc.c:530)
==29781==    by 0xE86044: _efree (zend_alloc.c:2437)
==29781==    by 0xF1EFDB: gc_collect_cycles (zend_gc.c:846)
==29781==    by 0xEFCB76: zif_gc_collect_cycles (zend_builtin_functions.c:361)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781==    by 0xF4865D: zend_execute (zend_vm_execute.h:388)
==29781==    by 0xEDC493: zend_execute_scripts (zend.c:1341)
==29781==    by 0xDF985D: php_execute_script (main.c:2613)
==29781==    by 0x1096302: do_cli (php_cli.c:994)
==29781==    by 0x1097AAF: main (php_cli.c:1378)
==29781==  Block was alloc'd at
==29781==    at 0x4C282CA: malloc (vg_replace_malloc.c:299)
==29781==    by 0xE85FAC: _emalloc (zend_alloc.c:2427)
==29781==    by 0xCE7739: process_nested_data (var_unserializer.re:328)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCE7797: process_nested_data (var_unserializer.re:330)
==29781==    by 0xCE8018: object_common2 (var_unserializer.re:440)
==29781==    by 0xCE9521: php_var_unserialize (var_unserializer.re:842)
==29781==    by 0xCC9E29: zif_unserialize (var.c:964)
==29781==    by 0xF4A034: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:558)
==29781==    by 0xF55BCA: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:2602)
==29781==    by 0xF47ABA: execute_ex (zend_vm_execute.h:363)
==29781== 

 

Generated at Sun, 24 Jul 2016 07:28:44 +0000 (2 days ago)

Copyright © 2005-2016 The PHP Group
All rights reserved.