php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60613 Segmentation fault with $cls->{expr}() syntax
Submitted: 2011-12-28 04:22 UTC Modified: 2012-01-04 07:00 UTC
From: do dot hiroaki at gmail dot com Assigned: laruence
Status: Closed Package: Scripting Engine problem
PHP Version: 5.4SVN-2011-12-28 (snap) OS: CentOS5.6
Private report: No CVE-ID:
 [2011-12-28 04:22 UTC] do dot hiroaki at gmail dot com
Description:
------------
I reported Bug #60611 and this bug was fixed.

Bat segmentation fault occurred yet when using $cls->{expr}() syntax only.


Test script:
---------------
class Cls {
    function __call($name, $arg) {
    }
}

$cls = new Cls();
$cls->{0}();
$cls->{1.0}();
$cls->{true}();
$cls->{false}();
$cls->{null}();

echo 'done';


Expected result:
----------------
done

Actual result:
--------------
Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-12-28 06:14 UTC] laruence@php.net
-Assigned To: +Assigned To: dmitry
 [2011-12-28 06:14 UTC] laruence@php.net
dmitry,  I have a quick look at this, since due to cache mechanism, I have not 
gat  familiar with this area.

it is better if you can have a look at this. I will keep troubleshooting anyway 
:).

backtrace:
#0  0x0000000000998aa5 in ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER 
(execute_data=0x2a95dac0e8) at /home/huixc/opensource/php-
src/trunk/Zend/zend_vm_execute.h:28982
28982			if (IS_CONST != IS_CONST ||
(gdb) bt
#0  0x0000000000998aa5 in ZEND_INIT_METHOD_CALL_SPEC_CV_CONST_HANDLER 
(execute_data=0x2a95dac0e8) at /home/huixc/opensource/php-
src/trunk/Zend/zend_vm_execute.h:28982
#1  0x00000000008dbc57 in execute (op_array=0x2a95de3708) at 
/home/huixc/opensource/php-src/trunk/Zend/zend_vm_execute.h:410
#2  0x00000000008a3f0b in zend_execute_scripts (type=8, retval=0x0, 
file_count=3) at /home/huixc/opensource/php-src/trunk/Zend/zend.c:1272
#3  0x00000000008235c3 in php_execute_script (primary_file=0x7fbffff280) at 
/home/huixc/opensource/php-src/trunk/main/main.c:2476
#4  0x00000000009c5981 in do_cli (argc=2, argv=0x7fbffff568) at 
/home/huixc/opensource/php-src/trunk/sapi/cli/php_cli.c:983
#5  0x00000000009c6822 in main (argc=2, argv=0x7fbffff568) at 
/home/huixc/opensource/php-src/trunk/sapi/cli/php_cli.c:1356
 [2011-12-28 06:45 UTC] laruence@php.net
Automatic comment from SVN on behalf of laruence
Revision: http://svn.php.net/viewvc/?view=revision&revision=321458
Log: Fix #60613 (Segmentation fault with $cls->{expr}() syntax)
#now the behavior is like 5.3, a COMPILER_ERROR will be triggered
 [2011-12-28 06:46 UTC] laruence@php.net
-Status: Assigned +Status: Closed -Assigned To: dmitry +Assigned To: laruence
 [2011-12-28 06:46 UTC] laruence@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

hmm, I will trigger a E_COMPILER_ERROR while in this situation, since it doesn't 
make sense for a no-string method name.
Dmitry, you maybe want to review this fix. thanks :)
 [2011-12-28 09:59 UTC] dmitry@php.net
Automatic comment from SVN on behalf of dmitry
Revision: http://svn.php.net/viewvc/?view=revision&revision=321463
Log: Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax)
 [2012-01-04 04:58 UTC] do dot hiroaki at gmail dot com
I confirmed fix. thank you.
 [2012-04-18 09:46 UTC] laruence@php.net
Automatic comment on behalf of dmitry
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a68e858d6908f8dc3f88a409d4a9740330ad219f
Log: Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax)
 [2012-04-18 09:46 UTC] laruence@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=113c0a8cc7a90639beeaf24052a0d0873de90660
Log: Fix #60613 (Segmentation fault with $cls->{expr}() syntax) #now the behavior is like 5.3, a COMPILER_ERROR will be triggered
 [2012-07-24 23:37 UTC] rasmus@php.net
Automatic comment on behalf of dmitry
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a68e858d6908f8dc3f88a409d4a9740330ad219f
Log: Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax)
 [2012-07-24 23:37 UTC] rasmus@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=113c0a8cc7a90639beeaf24052a0d0873de90660
Log: Fix #60613 (Segmentation fault with $cls->{expr}() syntax) #now the behavior is like 5.3, a COMPILER_ERROR will be triggered
 [2013-11-17 09:34 UTC] laruence@php.net
Automatic comment on behalf of dmitry
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a68e858d6908f8dc3f88a409d4a9740330ad219f
Log: Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax)
 [2013-11-17 09:34 UTC] laruence@php.net
Automatic comment on behalf of laruence
Revision: http://git.php.net/?p=php-src.git;a=commit;h=113c0a8cc7a90639beeaf24052a0d0873de90660
Log: Fix #60613 (Segmentation fault with $cls->{expr}() syntax) #now the behavior is like 5.3, a COMPILER_ERROR will be triggered
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 03:02:42 2014 UTC