Merge branch 'phpng' into call-frame

* phpng: (73 commits) refcount in phpng has different meanings Suppress warning "cast from pointer to integer of different size" Fixed possible crash because of race conditions on modifying constants in shared memory remove the NEWS entry for the reverted fpm fix remove the NEWS entry for the reverted fpm fix remove the NEWS entry for the reverted fpm fix Revert "Fix Bug #67530 error_log=syslog ignored" Fixed compilation problems Refactored parameter passing mechanism. --enable-fpm for the travis build Fixed segfault while info printing fix the last fpm NEWS entry, the other bug is related, but not the same what we fixed here NEWS NEWS Fix bug #67091: make install fails to install libphp5.so on FreeBSD 10.0 adding NEWS entry for the fix for bug #65641 Updated NEWS file for recent phpdbg fixes Fixed issue krakjoe/phpdbg#94 - List behavior is inconsistent Fix issue krakjoe/phpdbg#97 - list now appends a newline if there is none The prompt should always ensure it is on a newline Fixed test ...
php · Jul 1, 2014 · 0b1cfdf · 0b1cfdf
2 parents b4a7a1b + 96e3fd4
commit 0b1cfdf
Show file tree

Hide file tree

Showing 37 changed files with 887 additions and 589 deletions.
diff --git a/Zend/tests/67468.phpt b/Zend/tests/67468.phpt
@@ -0,0 +1,11 @@
+--TEST--
+Bug #67468 (Segfault in highlight_file()/highlight_string())
+--SKIPIF--
+<?php if(!function_exists("leak")) print "skip only for debug builds"; ?>
+--FILE--
+<?php
+highlight_string("<?php __CLASS__;", true);
+echo "done";
+?>
+--EXPECT--
+done
diff --git a/Zend/tests/bug67368.phpt b/Zend/tests/bug67368.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Bug #67368 (Memory leak with immediately dereferenced array in class constant)
+--INI--
+report_memleaks=1
+--FILE--
+<?php
+class FooBar {
+		const bar = ["bar" => 3]["bar"];
+}
+echo "okey";
+--EXPECTF--
+okey
diff --git a/Zend/zend_ast.c b/Zend/zend_ast.c
@@ -350,6 +350,20 @@ ZEND_API void zend_ast_evaluate(zval *result, zend_ast *ast, zend_class_entry *s
 				}
 			}
 			break;
+//???
+#if 0
+		case ZEND_FETCH_DIM_R:
+			zend_ast_evaluate(&op1, (&ast->u.child)[0], scope TSRMLS_CC);
+			zend_ast_evaluate(&op2, (&ast->u.child)[1], scope TSRMLS_CC);
+			{
+				zval *tmp;
+				zend_fetch_dimension_by_zval(&tmp, &op1, &op2 TSRMLS_CC);
+				ZVAL_ZVAL(result, tmp, 1, 1);
+			}
+			zval_dtor(&op1);
+			zval_dtor(&op2);
+			break;
+#endif
 		default:
 			zend_error(E_ERROR, "Unsupported constant expression");
 	}

diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c
@@ -308,7 +308,7 @@ static int lookup_cv(zend_op_array *op_array, zend_string* name TSRMLS_DC) /* {{
 		     op_array->vars[i]->len == name->len &&
 		     memcmp(op_array->vars[i]->val, name->val, name->len) == 0)) {
 			STR_RELEASE(name);
-			return (int)EX_VAR_NUM_2(NULL, i);
+			return (int)(zend_intptr_t)EX_VAR_NUM_2(NULL, i);
 		}
 		i++;
 	}
@@ -320,7 +320,7 @@ static int lookup_cv(zend_op_array *op_array, zend_string* name TSRMLS_DC) /* {{
 	}
 
 	op_array->vars[i] = zend_new_interned_string(name TSRMLS_CC);
-	return (int)EX_VAR_NUM_2(NULL, i);
+	return (int)(zend_intptr_t)EX_VAR_NUM_2(NULL, i);
 }
 /* }}} */
 

diff --git a/Zend/zend_opcode.c b/Zend/zend_opcode.c
@@ -659,20 +659,20 @@ ZEND_API int pass_two(zend_op_array *op_array TSRMLS_DC)
 		if (opline->op1_type == IS_CONST) {
 			opline->op1.zv = &op_array->literals[opline->op1.constant];
 		} else if (opline->op1_type & (IS_VAR|IS_TMP_VAR)) {
-			opline->op1.var = (zend_uint)EX_VAR_NUM_2(NULL, op_array->last_var + opline->op1.var);
+			opline->op1.var = (zend_uint)(zend_intptr_t)EX_VAR_NUM_2(NULL, op_array->last_var + opline->op1.var);
 		}
 		if (opline->op2_type == IS_CONST) {
 			opline->op2.zv = &op_array->literals[opline->op2.constant];
 		} else if (opline->op2_type & (IS_VAR|IS_TMP_VAR)) {
-			opline->op2.var = (zend_uint)EX_VAR_NUM_2(NULL, op_array->last_var + opline->op2.var);
+			opline->op2.var = (zend_uint)(zend_intptr_t)EX_VAR_NUM_2(NULL, op_array->last_var + opline->op2.var);
 		}
 		if (opline->result_type & (IS_VAR|IS_TMP_VAR)) {
-			opline->result.var = (zend_uint)EX_VAR_NUM_2(NULL, op_array->last_var + opline->result.var);
+			opline->result.var = (zend_uint)(zend_intptr_t)EX_VAR_NUM_2(NULL, op_array->last_var + opline->result.var);
 		}
 		switch (opline->opcode) {
 			case ZEND_DECLARE_INHERITED_CLASS:
 			case ZEND_DECLARE_INHERITED_CLASS_DELAYED:
-				opline->extended_value = (zend_uint)EX_VAR_NUM_2(NULL, op_array->last_var + opline->extended_value);
+				opline->extended_value = (zend_uint)(zend_intptr_t)EX_VAR_NUM_2(NULL, op_array->last_var + opline->extended_value);
 				break;
 			case ZEND_GOTO:
 				if (Z_TYPE_P(opline->op2.zv) != IS_LONG) {

diff --git a/build/libtool.m4 b/build/libtool.m4
@@ -1532,10 +1532,6 @@ dgux*)
   shlibpath_var=LD_LIBRARY_PATH
   ;;
 
-freebsd1*)
-  dynamic_linker=no
-  ;;
-
 freebsd* | dragonfly*)
   # DragonFly does not have aout.  When/if they implement a new
   # versioning mechanism, adjust this.
@@ -5843,10 +5839,6 @@ _LT_EOF
       _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no
       ;;
 
-    freebsd1*)
-      _LT_AC_TAGVAR(ld_shlibs, $1)=no
-      ;;
-
     # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
     # support.  Future versions do this automatically, but an explicit c++rt0.o
     # does not break anything, and helps significantly (at the cost of a little

diff --git a/ext/intl/breakiterator/rulebasedbreakiterator_methods.cpp b/ext/intl/breakiterator/rulebasedbreakiterator_methods.cpp
@@ -217,10 +217,10 @@ U_CFUNC PHP_FUNCTION(rbbi_get_binary_rules)
 		RETURN_FALSE;
 	}
 
-	char *ret_rules = static_cast<char*>(emalloc(rules_len + 1));
-	memcpy(ret_rules, rules, rules_len);
-	ret_rules[rules_len] = '\0';
+	zend_string *ret_rules = STR_ALLOC(rules_len, 0);
+	memcpy(ret_rules->val, rules, rules_len);
+	ret_rules->val[rules_len] = '\0';
 
-	RETURN_STRINGL(ret_rules, rules_len, 0);
+	RETURN_STR(ret_rules);
 }
 #endif
diff --git a/ext/intl/idn/idn.c b/ext/intl/idn/idn.c
@@ -140,38 +140,39 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 	UIDNA		  *uts46;
 	int32_t		  len;
 	int32_t		  buffer_capac = 255; /* no domain name may exceed this */
-	char		  *buffer = emalloc(buffer_capac);
+	zend_string	  *buffer = STR_ALLOC(buffer_capac, 0);
 	UIDNAInfo	  info = UIDNA_INFO_INITIALIZER;
 	int			  buffer_used = 0;
 
 	uts46 = uidna_openUTS46(option, &status);
 	if (php_intl_idn_check_status(status, "failed to open UIDNA instance",
 			mode TSRMLS_CC) == FAILURE) {
-		efree(buffer);
+		STR_FREE(buffer);
 		RETURN_FALSE;
 	}
 
 	if (mode == INTL_IDN_TO_ASCII) {
 		len = uidna_nameToASCII_UTF8(uts46, domain, (int32_t)domain_len,
-				buffer, buffer_capac, &info, &status);
+				buffer->val, buffer_capac, &info, &status);
 	} else {
 		len = uidna_nameToUnicodeUTF8(uts46, domain, (int32_t)domain_len,
-				buffer, buffer_capac, &info, &status);
+				buffer->val, buffer_capac, &info, &status);
 	}
 	if (php_intl_idn_check_status(status, "failed to convert name",
 			mode TSRMLS_CC) == FAILURE) {
 		uidna_close(uts46);
-		efree(buffer);
+		STR_FREE(buffer);
 		RETURN_FALSE;
 	}
 	if (len >= 255) {
 		php_error_docref(NULL TSRMLS_CC, E_ERROR, "ICU returned an unexpected length");
 	}
 
-	buffer[len] = '\0';
+	buffer->val[len] = '\0';
+	buffer->len = len;
 
 	if (info.errors == 0) {
-		RETVAL_STRINGL(buffer, len, 0);
+		RETVAL_STR(buffer);
 		buffer_used = 1;
 	} else {
 		RETVAL_FALSE;
@@ -180,21 +181,20 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 	if (idna_info) {
 		if (buffer_used) { /* used in return_value then */
 			zval_addref_p(return_value);
-			add_assoc_zval_ex(idna_info, "result", sizeof("result"), return_value);
+			add_assoc_zval_ex(idna_info, "result", sizeof("result")-1, return_value);
 		} else {
-			zval *zv;
-			ALLOC_INIT_ZVAL(zv);
-			ZVAL_STRINGL(zv, buffer, len, 0);
+			zval zv;
+			ZVAL_STR(&zv, buffer);
 			buffer_used = 1;
-			add_assoc_zval_ex(idna_info, "result", sizeof("result"), zv);
+			add_assoc_zval_ex(idna_info, "result", sizeof("result")-1, &zv);
 		}
 		add_assoc_bool_ex(idna_info, "isTransitionalDifferent",
-				sizeof("isTransitionalDifferent"), info.isTransitionalDifferent);
-		add_assoc_long_ex(idna_info, "errors", sizeof("errors"), (long)info.errors);
+				sizeof("isTransitionalDifferent")-1, info.isTransitionalDifferent);
+		add_assoc_long_ex(idna_info, "errors", sizeof("errors")-1, (long)info.errors);
 	}
 
 	if (!buffer_used) {
-		efree(buffer);
+		STR_FREE(buffer);
 	}
 
 	uidna_close(uts46);

diff --git a/ext/intl/locale/locale_methods.c b/ext/intl/locale/locale_methods.c
@@ -272,8 +272,7 @@ static char* get_icu_value_internal( const char* loc_name , char* tag_name, int*
 		grOffset =  findOffset( LOC_GRANDFATHERED , loc_name );
 		if( grOffset >= 0 ){
 			if( strcmp(tag_name , LOC_LANG_TAG)==0 ){
-				tag_value = estrdup(loc_name);
-				return tag_value;
+				return estrdup(loc_name);
 			} else {
 				/* Since Grandfathered , no value , do nothing , retutn NULL */
 				return NULL;
@@ -283,8 +282,8 @@ static char* get_icu_value_internal( const char* loc_name , char* tag_name, int*
 	if( fromParseLocale==1 ){
 		/* Handle singletons */
 		if( strcmp(tag_name , LOC_LANG_TAG)==0 ){
-			if( strlen(loc_name)>1 && (isIDPrefix(loc_name) ==1 ) ){
-				return (char *)loc_name;
+			if( strlen(loc_name)>1 && (isIDPrefix(loc_name) == 1) ){
+				return estrdup(loc_name);
 			}
 		}
 
@@ -504,6 +503,14 @@ static void get_icu_disp_value_src_php( char* tag_name, INTERNAL_FUNCTION_PARAME
 		RETURN_FALSE;
 	}
 
+    if(loc_name_len > ULOC_FULLNAME_CAPACITY) {
+        /* See bug 67397: overlong locale names cause trouble in uloc_getDisplayName */
+		spprintf(&msg , 0, "locale_get_display_%s : name too long", tag_name );
+		intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR,  msg , 1 TSRMLS_CC );
+		efree(msg);
+		RETURN_FALSE;
+    }
+
 	if(loc_name_len == 0) {
 		loc_name = intl_locale_get_default(TSRMLS_C);
 	}

diff --git a/ext/intl/msgformat/msgformat_helpers.cpp b/ext/intl/msgformat/msgformat_helpers.cpp
@@ -183,10 +183,10 @@ static HashTable *umsg_parse_format(MessageFormatter_object *mfo,
 
 		if (name_part.getType() == UMSGPAT_PART_TYPE_ARG_NAME) {
 			UnicodeString argName = mp.getSubstring(name_part);
-			if ((storedType = zend_hash_str_find_ptr(ret, (char*)argName.getBuffer(), argName.length())) == NULL) {
+			if ((storedType = (Formattable::Type*)zend_hash_str_find_ptr(ret, (char*)argName.getBuffer(), argName.length())) == NULL) {
 				/* not found already; create new entry in HT */
 				Formattable::Type bogusType = Formattable::kObject;
-				if ((storedType = zend_hash_str_update_mem(ret, (char*)argName.getBuffer(), argName.length(),
+				if ((storedType = (Formattable::Type*)zend_hash_str_update_mem(ret, (char*)argName.getBuffer(), argName.length(),
 						(void*)&bogusType, sizeof(bogusType))) == NULL) {
 					intl_errors_set(&err, U_MEMORY_ALLOCATION_ERROR,
 						"Write to argument types hash table failed", 0 TSRMLS_CC);
@@ -200,10 +200,10 @@ static HashTable *umsg_parse_format(MessageFormatter_object *mfo,
 					"Found part with negative number", 0 TSRMLS_CC);
 				continue;
 			}
-			if ((storedType = zend_hash_index_find_ptr(ret, (ulong)argNumber)) == NULL) {
+			if ((storedType = (Formattable::Type*)zend_hash_index_find_ptr(ret, (ulong)argNumber)) == NULL) {
 				/* not found already; create new entry in HT */
 				Formattable::Type bogusType = Formattable::kObject;
-				if ((storedType = zend_hash_index_update_mem(ret, (ulong)argNumber, (void*)&bogusType, sizeof(bogusType))) == NULL) {
+				if ((storedType = (Formattable::Type*)zend_hash_index_update_mem(ret, (ulong)argNumber, (void*)&bogusType, sizeof(bogusType))) == NULL) {
 					intl_errors_set(&err, U_MEMORY_ALLOCATION_ERROR,
 						"Write to argument types hash table failed", 0 TSRMLS_CC);
 					continue;

diff --git a/ext/intl/tests/bug62082.phpt b/ext/intl/tests/bug62082.phpt
@@ -10,6 +10,7 @@ var_dump(locale_get_display_name(str_repeat("a", 300), null));
 var_dump(locale_get_display_name(str_repeat("a", 512), null));
 var_dump(locale_get_display_name(str_repeat("a", 600), null));
 --EXPECT--
-string(300) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-string(512) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-string(600) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+bool(false)
+bool(false)
+bool(false)
+
diff --git a/ext/intl/tests/bug67397.phpt b/ext/intl/tests/bug67397.phpt
@@ -0,0 +1,21 @@
+--TEST--
+Bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
+--SKIPIF--
+<?php if( !extension_loaded( 'intl' ) ) print 'skip'; ?>
+--FILE--
+<?php
+
+function ut_main()
+{
+    $ret = var_export(ut_loc_get_display_name(str_repeat('*', 256), 'en_us'), true);
+    $ret .= "\n";
+    $ret .= var_export(intl_get_error_message(), true);
+    return $ret;
+}
+
+include_once( 'ut_common.inc' );
+ut_run();
+?>
+--EXPECTF--
+false
+'locale_get_display_name : name too long: U_ILLEGAL_ARGUMENT_ERROR'
diff --git a/ext/intl/tests/locale_parse_locale2.phpt b/ext/intl/tests/locale_parse_locale2.phpt
@@ -63,7 +63,8 @@ function ut_main()
 //Some Invalid Tags:
         'de-419-DE',
         'a-DE',
-        'ar-a-aaa-b-bbb-a-ccc'
+        'ar-a-aaa-b-bbb-a-ccc',
+	'x-AAAAAA',
     );
 
 
@@ -201,3 +202,6 @@ No values found from Locale parsing.
 ---------------------
 ar-a-aaa-b-bbb-a-ccc:
 language : 'ar' ,
+---------------------
+x-AAAAAA:
+private0 : 'AAAAAA' ,
diff --git a/ext/intl/timezone/timezone_methods.cpp b/ext/intl/timezone/timezone_methods.cpp
@@ -245,9 +245,9 @@ U_CFUNC PHP_FUNCTION(intltz_create_time_zone_id_enumeration)
 
 	/* must come before zpp because zpp would convert the arg in the stack to 0 */
 	if (ZEND_NUM_ARGS() == 3) {
-		zval **dummy, **zvoffset;
+		zval *dummy, *zvoffset;
 		arg3isnull = zend_get_parameters_ex(3, &dummy, &dummy, &zvoffset)
-				!= FAILURE && Z_TYPE_PP(zvoffset) == IS_NULL;
+				!= FAILURE && Z_TYPE_P(zvoffset) == IS_NULL;
 	}
 
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|s!l",

diff --git a/ext/mysqlnd/php_mysqlnd.c b/ext/mysqlnd/php_mysqlnd.c
@@ -154,12 +154,12 @@ PHP_MINFO_FUNCTION(mysqlnd)
 		smart_str tmp_str = {0};
 		mysqlnd_plugin_apply_with_argument(mysqlnd_minfo_dump_loaded_plugins, &tmp_str);
 		smart_str_0(&tmp_str);
-		php_info_print_table_row(2, "Loaded plugins", tmp_str.s->val);
+		php_info_print_table_row(2, "Loaded plugins", tmp_str.s? tmp_str.s->val : "");
 		smart_str_free(&tmp_str);
 
 		mysqlnd_minfo_dump_api_plugins(&tmp_str TSRMLS_CC);
 		smart_str_0(&tmp_str);
-		php_info_print_table_row(2, "API Extensions", tmp_str.s->val);
+		php_info_print_table_row(2, "API Extensions", tmp_str.s? tmp_str.s->val : "");
 		smart_str_free(&tmp_str);
 	}
 

diff --git a/ext/spl/spl_array.c b/ext/spl/spl_array.c
@@ -1831,7 +1831,9 @@ SPL_METHOD(Array, unserialize)
 	}
 	++p;
 
-	if (!php_var_unserialize(&members, &p, s + buf_len, &var_hash TSRMLS_CC)) {
+	ZVAL_UNDEF(&members);
+	if (!php_var_unserialize(&members, &p, s + buf_len, &var_hash TSRMLS_CC) || Z_TYPE(members) != IS_ARRAY) {
+		zval_ptr_dtor(&members);
 		goto outexcept;
 	}
 

diff --git a/ext/spl/spl_observer.c b/ext/spl/spl_observer.c
@@ -891,7 +891,9 @@ SPL_METHOD(SplObjectStorage, unserialize)
 	}
 	++p;
 
-	if (!php_var_unserialize(&pmembers, &p, s + buf_len, &var_hash TSRMLS_CC)) {
+	ZVAL_UNDEF(&pmembers);
+	if (!php_var_unserialize(&pmembers, &p, s + buf_len, &var_hash TSRMLS_CC) || Z_TYPE(pmembers) != IS_ARRAY) {
+		zval_ptr_dtor(&pmembers);
 		goto outexcept;
 	}
 

diff --git a/ext/spl/tests/SplObjectStorage_unserialize_bad.phpt b/ext/spl/tests/SplObjectStorage_unserialize_bad.phpt
@@ -7,6 +7,7 @@ $badblobs = array(
 'x:i:2;i:0;,i:1;;i:0;,i:2;;m:a:0:{}',
 'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};R:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
 'x:i:3;O:8:"stdClass":0:{},O:8:"stdClass":0:{};r:2;,i:1;;O:8:"stdClass":0:{},r:2;;m:a:0:{}',
+'x:i:1;O:8:"stdClass":0:{},N;;m:s:40:"1234567890123456789012345678901234567890"',
 );
 foreach($badblobs as $blob) {
 try {
@@ -17,6 +18,7 @@ try {
 	echo $e->getMessage()."\n";
 }
 }
+echo "DONE\n";
 --EXPECTF--
 Error at offset 6 of 34 bytes
 Error at offset 46 of 89 bytes
@@ -42,4 +44,5 @@ object(SplObjectStorage)#2 (1) {
     }
   }
 }
-
+Error at offset 79 of 78 bytes
+DONE