php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #58883 segmentation fault when referencing previously instantiated objects
Submitted: 2009-10-08 01:37 UTC Modified: 2010-02-22 13:00 UTC
From: scottsteffens at gmail dot com Assigned:
Status: Closed Package: spidermonkey (PECL)
PHP Version: 5.3.0 OS: Ubuntu/Hardy
Private report: No CVE-ID: None
 [2009-10-08 01:37 UTC] scottsteffens at gmail dot com
Description:
------------
If a method in class registered by Spidermonkey references a previously initiated class, a segmentation fault occurs.This is a common case in my app, where the JavaScript classes need to reference that data in previously-instantiated objects.

Software:
Ubuntu Linux 2.6.24-23
Apache 2.2.8
Spidermonkey 0.1.3
PHP 5.3

Loaded modules: core mod_log_config mod_logio prefork http_core mod_so mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_deflate mod_dir mod_env mod_expires mod_headers mod_mime mod_rewrite mod_ssl mod_status mod_vhost_alias mod_php5

PHP configure line: ./configure -with-apxs2=/usr/bin/apxs2 -with-mysql=/usr -with-mysqli=/usr/bin/mysql_config -with-tidy=/usr -with-curl=/usr/bin -with-curlwrappers -with-openssl-dir=/usr -with-zlib-dir=/usr -enable-mbstring  -with-xpm-dir=/usr -with-pdo-mysql=/usr -with-xsl=/usr -with-ldap -with-xmlrpc -with-iconv-dir=/usr -with-snmp=/usr -enable-exif -enable-calendar -with-bz2=/usr -with-mcrypt=/usr -with-gd -with-jpeg-dir=/usr -with-png-dir=/usr -with-freetype-dir=/usr -enable-mbstring -enable-zip --disable-short-tags --enable-exif --enable-mbstring --enable-mbregex --enable-sockets --with-openssl  --with-xmlrpc --with-xsl=/usr --with-pear --enable-zip --enable-safe-mode --enable-bcmath --with-gd --without-sqlite -prefix=/usr 



Reproduce code:
---------------
<?php
$app = new App();
$app->run();

class App {
	public $stored_object; 
	public function __construct () {
		$this->stored_object = new SampleObject();
	}
	public function run () {
		$context = new JSContext();
		$context->registerClass( 'TimeObject' );
		$script = 'var t = new TimeObject(); t.getTime();';
		echo "result: " . $context->evaluateScript( $script );
	}
	static public function get_stored_object() {
		# segmentation fault here, when referencing the previously-stored object.
		return $this->stored_object;
	}
}

class SampleObject {}

# A class registered in the JavaScript context
class TimeObject {
	public function getTime () {
		$something = App::get_stored_object();
		return time();
	}
}
?>


Expected result:
----------------
TimeObject.getTime() returns the time.

Actual result:
--------------
Apache's error_log:
[Wed Oct 07 22:22:55 2009] [notice] child pid 7601 exit signal Segmentation fault (11)



Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-10-08 02:11 UTC] scottsteffens at gmail dot com
Oops, I guess the problem in the sample code is that the $stored_object isn't referenced in a static way as it should be. The bug still stands, but not the severity I thought -- the expected result should be a PHP error, not a segmentation fault.
 [2009-10-08 02:48 UTC] scottsteffens at gmail dot com
Ok, here's a better example of the original problem -- it's not just the referencing of the stored object that triggers the segmentation fault, it's when a method is called on the stored object:

<?php
$app = new App();
$app->run();

class App {	
	static public $stored_object; 
	
	public function __construct () {
		$this->stored_object = new SampleObject();
	}
	public function run () {
		$context = new JSContext();
		$context->registerClass( 'TimeObject' );
		echo $context->evaluateScript( 'var t = new TimeObject(); t.getTime();' );
	}
	static public function getStoredObj() {
		return self::$stored_object;
	}
}

class SampleObject {
	public function getTime() {
		return time();
	}
}

class TimeObject {
	public function getTime () {
		$storedObj = App::getStoredObj();
		# seg fault here, when the method on the stored obj is called
		return $storedObj->getTime();
	}

}
?>
 [2010-02-22 12:11 UTC] c dot robin at smartphp dot org
The examples are both wrong ( use self::$var ). I cannot 
reproduce the issue. Please provide better examples and a 
backtrace if possible.
 [2010-02-22 13:00 UTC] scottsteffens at gmail dot com
Yes, this example is invalid.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 22:01:27 2024 UTC