|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67265 Segmentation fault on json_encode with json_serializable
Submitted: 2014-05-13 14:09 UTC Modified: 2014-05-14 14:44 UTC
From: edu at offerum dot com Assigned:
Status: Not a bug Package: JSON related
PHP Version: 5.5.12 OS: Linux (Ubuntu 14.04)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: edu at offerum dot com
New email:
PHP Version: OS:


 [2014-05-13 14:09 UTC] edu at offerum dot com
php-cgi segfaults when trying to encode a class which extends json_serializable.
At least this happens when the json_serialize method unsets a variable declared in the class.

Example in:

From manual page:

Test script:
class C implements JsonSerializable {
    var $a = 'lol';
    var $b = 'fa';
    public function jsonSerialize() { 
	$aux = clone($this);
        return $aux; 
echo json_encode(new C()); //Ka-boom!!

Expected result:
The object json-encoded only with var $b.

Actual result:
Segmentation fault.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2014-05-13 15:12 UTC]
Glancing at the backtrace on my local machine this has to do with clone call.
 [2014-05-13 15:14 UTC]
Additionally, the code is recursively calling jsonSerialize; you need to return an array.
 [2014-05-13 15:18 UTC]
My $0.02; find some way to protect against recursion and then fail nicely.
 [2014-05-13 15:19 UTC]
-Status: Open +Status: Not a bug
 [2014-05-13 15:19 UTC]
Yep. This is not a bug but infinite recursion.
 [2014-05-13 15:21 UTC] edu at offerum dot com
-Status: Not a bug +Status: Open
 [2014-05-13 15:21 UTC] edu at offerum dot com
Yep, I was wrong thinking it has something to do with deleting object variables.
Indeed, the behaviour can be seen pretty clear here:

class C implements JsonSerializable {
    public function jsonSerialize() { 
	$a = clone($this);
        echo 1;
       	return $a;
echo json_encode(new C());

 [2014-05-13 15:22 UTC]
-Status: Open +Status: Not a bug
 [2014-05-13 15:22 UTC]
Still, not a bug.
 [2014-05-13 15:29 UTC]
-Status: Not a bug +Status: Open
 [2014-05-13 15:29 UTC]

Generally we do not consider segfaults as acceptable behavior. Instead we need to fail nicely. This *is* a bug.
 [2014-05-13 19:44 UTC]
-Status: Open +Status: Not a bug
 [2014-05-13 19:44 UTC]
while I agree that this isn't nice, but we have a bunch of other cases when infinite recursion will result in a segfault (for example, and mike is right about that we close these kind of reports as not a bug/won't fix, for example or

We even had a pull request which could have fixed some of those cases ( but it was declined as something we don't need in the core.

If you think it is worth your time, please bring this up on the internals mailing list so maybe we can make a different agreement this time.
 [2014-05-14 14:44 UTC] edu at offerum dot com
Just to clarify, It wasn't my intention to reopen the bug yesterday; it happend that Mike closed the bug while I was writing my comment, so I reopened it without knowing it :)
Once I know why this happens, it's not a problem for me. But initially it wasn't so obvious that returning an instance of the object itself wasn't a good idea. Maybe a warning note in documentation about potential recursivity problems would be a good idea.
Anyway, at least here is this bug so other people can find it if they're facing the same problem.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sat Dec 09 12:01:26 2023 UTC