php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #63084 Segfault when __callStatic causes infinite function call loop
Submitted: 2012-09-13 21:37 UTC Modified: 2012-09-14 02:32 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: itsgoingd at luzer dot sk Assigned:
Status: Wont fix Package: Reproducible crash
PHP Version: 5.4.6 OS: FreeBSD
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-09-13 21:37 UTC] itsgoingd at luzer dot sk
Description:
------------
Calling non-existent or private static method in __callStatic magic method 
(infinite function call loop) causes segfault.

Also reproducible on older 5.3.x versions on all platforms.

Test script:
---------------
<?php

class Foo {
	public static function __callStatic($a, $b) {
		self::bar();
	}
}

Foo::bar();

Expected result:
----------------
Fatal error: Allowed memory size of xxx bytes exhausted

Actual result:
--------------
Segmentation fault.

Backtrace from cordeump:
#0  0x00000000006e46f6 in instanceof_function ()
#1  0x00000000006fbfae in zend_call_method ()
#2  0x00000000007081b4 in zend_std_callstatic_user_call ()
#3  0x00000000007538bd in zend_do_fcall_common_helper_SPEC ()
#4  0x000000000070bdd8 in execute ()
#5  0x00000000006db8b1 in zend_call_function ()
#6  0x00000000006fbfeb in zend_call_method ()
#7  0x00000000007081b4 in zend_std_callstatic_user_call ()
#8  0x00000000007538bd in zend_do_fcall_common_helper_SPEC ()
#9  0x000000000070bdd8 in execute ()
... last 5 lines repeat ...
#23750 0x00000000006db8b1 in zend_call_function ()
#23751 0x00000000006fbfeb in zend_call_method ()
#23752 0x00000000007081b4 in zend_std_callstatic_user_call ()
#23753 0x00000000007538bd in zend_do_fcall_common_helper_SPEC ()
#23754 0x000000000070bdd8 in execute ()
#23755 0x00000000006e82ed in zend_execute_scripts ()
#23756 0x000000000068dffc in php_execute_script ()
#23757 0x0000000000774012 in do_cli ()
#23758 0x000000000077302d in main ()

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-09-14 02:32 UTC] laruence@php.net
-Status: Open +Status: Wont fix
 [2012-09-14 02:32 UTC] laruence@php.net
this is because of stack overflow,  a knew issue.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Jan 23 15:01:23 2021 UTC