php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77340 autoload class named with unicode in loop is crashed
Submitted: 2018-12-23 04:24 UTC Modified: 2018-12-28 11:59 UTC
From: happycock at 163 dot com Assigned:
Status: Duplicate Package: SPL related
PHP Version: 7.3.0 OS: MacOS Mojave 10.14.2
Private report: No CVE-ID: None
 [2018-12-23 04:24 UTC] happycock at 163 dot com
Description:
------------
When autoload class named with unicode in loop, the second load is crashed.
Class named with ASCII is ok.
Autoload not in loop is ok.

Test script:
---------------
https://pan.baidu.com/s/1QWAdF7bloa8ZCkuviHmFjQ

类1.php:
<?php class 类1{}
类2.php:
<?php class 类2{}
t1_crash.php:
<?php
spl_autoload_register();
$array = ["类1", "类2"];
function test($name)
{
    echo $name . "\n";
    return new $name;
}
foreach ($array as $key => $value) {
    test($value);
}

Expected result:
----------------
类1
类2

Actual result:
--------------
类1
类2
Segmentation fault: 11

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-12-23 05:19 UTC] laruence@php.net
-Status: Open +Status: Feedback
 [2018-12-23 05:19 UTC] laruence@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

I can not reproduce this...
 [2018-12-25 13:17 UTC] happycock at 163 dot com
-Status: Feedback +Status: Open
 [2018-12-25 13:17 UTC] happycock at 163 dot com
* thread #1, stop reason = signal SIGSTOP
  * frame #0: 0x000000010ae6860a php`_emalloc at zend_alloc.c:1287 [opt]
    frame #1: 0x000000010ae685dc php`_emalloc [inlined] zend_mm_alloc_heap(heap=0x000000010b800040, size=<unavailable>) at zend_alloc.c:1358 [opt]
    frame #2: 0x000000010ae685a3 php`_emalloc(size=<unavailable>) at zend_alloc.c:2498 [opt]
    frame #3: 0x000000010aec353c php`zend_new_interned_string_request [inlined] zend_string_alloc(len=4, persistent=0) at zend_string.h:133 [opt]
    frame #4: 0x000000010aec352e php`zend_new_interned_string_request [inlined] zend_string_init(str=<unavailable>, len=4, persistent=0) at zend_string.h:155 [opt]
    frame #5: 0x000000010aec352e php`zend_new_interned_string_request(str=<unavailable>) at zend_string.c:241 [opt]
    frame #6: 0x000000010ae760e9 php`zend_compile_class_decl(ast=0x000000010b87f090) at zend_compile.c:6337 [opt]
    frame #7: 0x000000010ae78956 php`zend_compile_stmt(ast=0x000000010b87f090) at zend_compile.c:8236 [opt]
    frame #8: 0x000000010ae80180 php`zend_compile_top_stmt(ast=0x000000010b87f090) at zend_compile.c:8142 [opt]
    frame #9: 0x000000010ae8016a php`zend_compile_top_stmt(ast=0x000000010b87f018) at zend_compile.c:8137 [opt]
    frame #10: 0x000000010ae55853 php`zend_compile(type=2) at zend_language_scanner.l:602 [opt]
    frame #11: 0x000000010ae5570d php`compile_file(file_handle=0x00007ffee512b7f0, type=8) at zend_language_scanner.l:636 [opt]
    frame #12: 0x000000010ad50e0b php`phar_compile_file(file_handle=0x00007ffee512b7f0, type=8) at phar.c:3344 [opt]
    frame #13: 0x000000010ad8189c php`zif_spl_autoload at php_spl.c:279 [opt]
    frame #14: 0x000000010ad81846 php`zif_spl_autoload(execute_data=<unavailable>, return_value=<unavailable>) at php_spl.c:332 [opt]
    frame #15: 0x000000010ae87746 php`zend_call_function(fci=<unavailable>, fci_cache=<unavailable>) at zend_execute_API.c:770 [opt]
    frame #16: 0x000000010ae87ec1 php`zend_lookup_class_ex(name=<unavailable>, key=0x0000000000000000, use_autoload=<unavailable>) at zend_execute_API.c:926 [opt]
    frame #17: 0x000000010ae88572 php`zend_fetch_class(class_name=0x000000010b86c300, fetch_type=512) at zend_execute_API.c:1339 [opt]
    frame #18: 0x000000010af2154a php`ZEND_FETCH_CLASS_SPEC_UNUSED_CV_HANDLER(execute_data=0x000000010b81f110) at zend_vm_execute.h:36062 [opt]
    frame #19: 0x000000010aede0e8 php`execute_ex(ex=0x000000010b81f110) at zend_vm_execute.h:55287 [opt]
    frame #20: 0x000000010aede2a5 php`zend_execute(op_array=0x000000010b87c540, return_value=0x0000000000000000) at zend_vm_execute.h:60834 [opt]
    frame #21: 0x000000010ae97605 php`zend_execute_scripts(type=8, retval=0x0000000000000000, file_count=3) at zend.c:1568 [opt]
    frame #22: 0x000000010ae2e36f php`php_execute_script(primary_file=<unavailable>) at main.c:2630 [opt]
    frame #23: 0x000000010af594f4 php`do_cli(argc=<unavailable>, argv=<unavailable>) at php_cli.c:997 [opt]
    frame #24: 0x000000010af583d8 php`main(argc=2, argv=0x00007ffee512c9c0) at php_cli.c:1389 [opt]
    frame #25: 0x00007fff604cced9 libdyld.dylib`start + 1
 [2018-12-28 11:38 UTC] lauri dot kentta at gmail dot com
This is probably same as bug #77359, because spl_autoload_register without parameters will use spl_autoload.
 [2018-12-28 11:59 UTC] nikic@php.net
-Status: Open +Status: Duplicate
 [2018-12-28 11:59 UTC] nikic@php.net
Yeah, pretty sure this is the same root cause, marking as duplicate.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Jun 16 18:01:27 2019 UTC