diff --git a/ext/sysvshm/sysvshm.c b/ext/sysvshm/sysvshm.c
index 717c75337bb66..2339a85476c15 100644
--- a/ext/sysvshm/sysvshm.c
+++ b/ext/sysvshm/sysvshm.c
@@ -257,6 +257,12 @@ PHP_FUNCTION(shm_put_var)
 	php_var_serialize(&shm_var, arg_var, &var_hash);
 	PHP_VAR_SERIALIZE_DESTROY(var_hash);
 
+	if (UNEXPECTED(!shm_list_ptr->ptr)) {
+		smart_str_free(&shm_var);
+		zend_throw_error(NULL, "Shared memory block has been destroyed by the serialization function");
+		RETURN_THROWS();
+	}
+
 	/* insert serialized variable into shared memory */
 	ret = php_put_shm_data(shm_list_ptr->ptr, shm_key, shm_var.s? ZSTR_VAL(shm_var.s) : NULL, shm_var.s? ZSTR_LEN(shm_var.s) : 0);
 
diff --git a/ext/sysvshm/tests/gh16591.phpt b/ext/sysvshm/tests/gh16591.phpt
new file mode 100644
index 0000000000000..d3ece7cd796aa
--- /dev/null
+++ b/ext/sysvshm/tests/gh16591.phpt
@@ -0,0 +1,25 @@
+--TEST--
+GH-16591 (Assertion error in shm_put_var)
+--EXTENSIONS--
+sysvshm
+--FILE--
+<?php
+
+class C {
+    function __serialize(): array {
+        global $mem;
+        shm_detach($mem);
+        return ['a' => 'b'];
+    }
+}
+
+$mem = shm_attach(1);
+try {
+    shm_put_var($mem, 1, new C);
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+Shared memory block has been destroyed by the serialization function