Hi!
in zend_vm_execute.h:701 PHP free's the function struct in case of ZEND_OVERLOADED_FUNCTION. the problem is that in PHP 5.4, the opline calling the function hast a pointer to the very same struct in it's cache_slot. when this opcode is called againg, the cache is used and it crashes.
How this can be reproduced?
my suggested fix is not to cache ZEND_OVERLOADED_FUNCTION, it does solve the problem and makes sense to me logically. it is also possible to not free it and let it be re-used from cache_slot. my pacth is attached.
The patch should be to zend_vm_def.h since vm_execute is generated. Dmitry, what do you think about this?
-- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php