|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59171 constructor argument bug
Submitted: 2010-04-20 08:17 UTC Modified: 2017-01-10 08:01 UTC
From: mogui83 at gmail dot com Assigned:
Status: Suspended Package: spidermonkey (PECL)
PHP Version: 5.3.1 OS: ubuntu 9.10
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-04-20 08:17 UTC] mogui83 at gmail dot com
It seems that passing more than one argument to a constructor class cause an uncaught crash in the script, while call:

  var c = new Cow('Molly');

works as expected, calling:

  var c = new Cow('Molly','Bar');
cause a crash without any error

maybe it's my problem but I've tried anything reducing the problem to the default example.

thanks for the great work anyway

Reproduce code:
class Cow {

  private $_name;
  private $_milked;

  public function __construct($name, $name2) {
    $this->setName($name.' and '.$name2);
    $this->_milked = 0;

  // name setter/getter
  public function setName($name) {
    $this->_name = $name;

  public function getName() {
    return $this->_name;

  // milking status setter/getter
  public function milk() {
    $this->_milked = 1;

  public function getMilked() {
    return $this->_milked;

  public function output() {
    if ($this->getMilked() == 1) {
      return $this->getName() . ' has been milked today.';
    } else {
      return 'Time to milk ' . $this->getName();


$script = <<<END
  var c = new Cow('Molly','Bar');
  var d = new Date();
  var ch = d.getHours();
  if (ch > 8) {
echo $js->evaluateScript($script);


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-05-28 19:09 UTC] scottsteffens at gmail dot com
I'm also seeing this bug -- any constructor with more than one argument causes a segmentation fault.

It seems to be on the caller's side -- even if PHP constructor has one argument but JS caller has more than one argument I get a seg fault. 

The constructor will complete (logging to a logfile from the last line in constructor is recorded) but the seg fault evidently happens when control is being returned to JS.
 [2010-05-28 19:10 UTC] scottsteffens at gmail dot com
And for what it's worth, I'm seeing this on PHP 5.3.2, Linux.
 [2010-09-18 11:07 UTC] tianbin at cernet dot edu dot cn
in function generic_constructor()
        /* ready parameters */
        params = emalloc(argc * sizeof(zval**));
        for (i = 0; i < argc; i++)
            zval *val;
            jsval_to_zval(val, cx, &argv[i]);
            params[i] = &val; // !!!!bug is here!!! all params references to the stack variable `val`
 [2011-06-04 20:19 UTC] giorgio dot liscio at email dot it
 [2017-01-10 08:01 UTC]
-Status: Open +Status: Suspended
 [2017-01-10 08:01 UTC]
Suspending this report as the extension have not had a release for almost 5 years.  Please revive this if the extension once again shows life
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 08:01:43 2024 UTC