Last Updated: February 25, 2016
· raphaelstolt

Serialization of 'Closure' is not allowed and SessionServiceProvider

I just stumbled upon an embarrassing case where a set on the Silex\Provider\SessionServiceProvider kept emitting the following fatal PHP error:

[14-Mar-2014 09:40:50 UTC] PHP Fatal error:  Uncaught exception 'Exception' with message 'Serialization of 'Closure' is not allowed' in [no active file]:0
Stack trace:
#0 [internal function]: session_write_close()
#1 {main}

Depending on the PHP Version (i.e. 5.4.*) it even brought a specific route of the application to an halt or slowed it massively down, while with another PHP Version (i.e. 5.3.*) it just left an entry in the PHP error log but otherwise kept working. After some initial googling it had me convinced that it was an PHP and APC issue. Ohhhhhh boy was I wrong.

The real issue here was a session storage attempt of an object which held a reference (injected via constructor injection) to a Silex\Application instance, which in turn referenced several Closures causing the above stated fatal error. As the object causing this ruckus only needed some configuration values stored in the Silex\Application instance, the fix was to only inject these instead of the whole enchilada.

Another strong advise against injecting a whole Service Container (i.e. Silex\Application) into your models (especially if they need to be session persistable), and against being a lazy chap. — Lesson learned.