From:
Operating system: Linux
PHP version: 5.2.17
Package: Reproducible crash
Bug Type: Bug
Bug description:Crash accessing global object itself returned from its __get()
handle
Description:
------------
PHP 5.2.17 crashes accessing object that is returned as $this from __get()
handle (see code snapshot). If object is not global this code works fine.
PHP 5.2.10 did not crash in such situation.
Test script:
---------------
class test_class
{
public function __get($name)
{
return $this;
}
public function b()
{
return;
}
}
global $test3;
$test3 = new test_class();
$test3->a->b();
Expected result:
----------------
Nothing output.
Actual result:
--------------
Segmentation fault. Backtrace:
#0 zend_object_store_get_object (zobject=0x8da185c) at
/home/alex/tmp/php-5.2.17/Zend/zend_objects_API.c:258
#1 0x082b08ac in zend_std_get_method (object_ptr=0xbfceb5a4,
method_name=0x8da37f0 "b", method_len=1) at
/home/alex/tmp/php-5.2.17/Zend/zend_object_handlers.c:801
#2 0x082bcf01 in ZEND_INIT_METHOD_CALL_SPEC_VAR_CONST_HANDLER
(execute_data=0xbfceb580) at
/home/alex/tmp/php-5.2.17/Zend/zend_vm_execute.h:9488
#3 0x082fea90 in execute (op_array=0x8da1d64) at
/home/alex/tmp/php-5.2.17/Zend/zend_vm_execute.h:92
#4 0x082974c7 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /home/alex/tmp/php-5.2.17/Zend/zend.c:1134
#5 0x08256a94 in php_execute_script (primary_file=0xbfced940) at
/home/alex/tmp/php-5.2.17/main/main.c:2036
#6 0x0830078c in main (argc=3, argv=0xbfceda74) at
/home/alex/tmp/php-5.2.17/sapi/cli/php_cli.c:1165
--
Edit bug report at http://bugs.php.net/bug.php?id=54372&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=54372&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=54372&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=54372&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=54372&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=54372&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=54372&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=54372&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=54372&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=54372&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=54372&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=54372&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=54372&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=54372&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=54372&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=54372&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=54372&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=54372&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=54372&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=54372&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=54372&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=54372&r=mysqlcfg
