Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assertion failure Zend/zend_hash.c:1730 #17409

Closed
YuanchengJiang opened this issue Jan 9, 2025 · 0 comments
Closed

Assertion failure Zend/zend_hash.c:1730 #17409

YuanchengJiang opened this issue Jan 9, 2025 · 0 comments
Assignees
@nielsdos
Labels
Bug Extension: simplexml Status: Verified

Comments

@YuanchengJiang
Copy link

Description

The following code:

<?php
$root = simplexml_load_string('<?xml version="1.0"?>
<root xmlns:reserved="reserved-ns">
<child reserved:attribute="Sample" />
</root>
');
array_merge_recursive($GLOBALS, $GLOBALS);

Resulted in this output:

php: /home/phpfuzz/WorkSpace/flowfusion/php-src/Zend/zend_hash.c:1730: void zend_hash_destroy(HashTable *): Assertion `(zend_gc_refcount(&(ht)->gc) <= 1) || ((ht)->u.flags & (1<<6))' failed.
Aborted (core dumped)

PHP Version

nightly

Operating System

No response
@nielsdos nielsdos self-assigned this Jan 9, 2025
nielsdos added a commit to nielsdos/php-src that referenced this issue Jan 9, 2025
@nielsdos
Fix phpGH-17409: Assertion failure Zend/zend_hash.c:1730
e2d3a99 
The array merging function may still hold the properties array while the
object is already being destroyed. Therefore, we should take into
account the refcount in simplexml's destruction code.
It may be possible to trigger this in other ways too.
@nielsdos nielsdos linked a pull request Jan 9, 2025 that will close this issue
Fix GH-17409: Assertion failure Zend/zend_hash.c:1730 #17421
Closed
nielsdos added a commit that referenced this issue Jan 9, 2025
@nielsdos
Merge branch 'PHP-8.3' into PHP-8.4
3eb79e1 
* PHP-8.3:
  Fix GH-17409: Assertion failure Zend/zend_hash.c:1730
  NEWS
  Add comment
  Fix GH-16892: ini_parse_quantity() fails to parse inputs starting with 0x0b
  Fix GH-16886: ini_parse_quantity() fails to emit warning for 0x+0
  Merge duplicate code blocks
nielsdos added a commit that referenced this issue Jan 9, 2025
@nielsdos
Merge branch 'PHP-8.4'
5d4707e 
* PHP-8.4:
  Fix GH-17409: Assertion failure Zend/zend_hash.c:1730
  NEWS
  Add comment
  Fix GH-16892: ini_parse_quantity() fails to parse inputs starting with 0x0b
  Fix GH-16886: ini_parse_quantity() fails to emit warning for 0x+0
  Merge duplicate code blocks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nielsdos nielsdos

Labels
Bug Extension: simplexml Status: Verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix GH-17409: Assertion failure Zend/zend_hash.c:1730 nielsdos/php-src
3 participants
@devnexen @nielsdos @YuanchengJiang