|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2003-08-09 19:46 UTC] iliaa@php.net
[2003-08-09 20:40 UTC] cunha17 at uol dot com dot br
[2003-08-10 05:11 UTC] derick@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Jul 17 14:04:04 2025 UTC |
Description: ------------ Script recursively calls class b()'s constructor. Due to the use of alloca for execution of the constructor, the process Dies Horribly rather than issuing a valid error code (which would normally facilitate at least an error message.) when it runs out of stack. Reproduce code: --------------- <?php class a { var $y; } class b extends a { function b() { $this->{get_parent_class($this)}(); } } class c extends b { function c() { $this->{get_parent_class($this)}(); } } $f = new c(); ?> Expected result: ---------------- I'd like to see the zend engine throw an error when it runs out of stack, but I don't see how (without moving off of alloca and taking a performance hit) it can be implemented. I don't believe this is a security issue due to libc killing the process rather than returning an error which zend_execute.c doesn't catch. I've worked around the code in question by rearchitecting my class hierarchy. Looking forward to multiple inheritance in PHP5? Actual result: -------------- Backtrace Follows: Program received signal EXC_BAD_ACCESS, Could not access memory. 0x00172a94 in _zend_is_inconsistent (ht=0x180638, file=0x0, line=0) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_hash.c:83 83 { (gdb) bt #0 0x00172a94 in _zend_is_inconsistent (ht=0x180638, file=0x0, line=0) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_hash.c:83 #1 0x00180638 in zend_fetch_var_address (opline=0x4e8868, Ts=0xbff80140, type=0) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:581 #2 0x00182ea4 in execute (op_array=0x4e9fb8) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1248 #3 0x001853f0 in execute (op_array=0x4e9fb8) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1660 #4 0x001853f0 in execute (op_array=0x4e9fb8) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1660 ... snip ... #748 0x001853f0 in execute (op_array=0x4e9fb8) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1660 #749 0x001853f0 in execute (op_array=0x4eb488) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1660 #750 0x001853f0 in execute (op_array=0x4e6cf8) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend_execute.c:1660 #751 0x0016c8d4 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /Users/porwig/Development/php-4.3.3RC3/Zend/zend.c:885 #752 0x0011f298 in php_execute_script (primary_file=0xbffff740) at /Users/porwig/Development/php-4.3.3RC3/main/main.c:1720 #753 0x0018cb64 in main (argc=2, argv=0xbffffc90) at /Users/porwig/Development/php-4.3.3RC3/sapi/cli/php_cli.c:818 #754 0x00001e44 in _start (argc=2, argv=0xbffffc90, envp=0xbffffc9c) at /SourceCache/Csu/Csu-45/crt.c:267 #755 0x00001cc4 in start () (gdb)