ID: 36234 Updated by: [EMAIL PROTECTED] Reported By: matt dot flaherty at hildebrand dot co dot uk Status: Assigned Bug Type: Reproducible crash Operating System: SUSE LINUX 10.0 (i586) PHP Version: 4.4.2 -Assigned To: derick +Assigned To: andrei New Comment:
Andrei is the maintainer of this extension, not me... Previous Comments: ------------------------------------------------------------------------ [2006-02-13 15:53:49] matt dot flaherty at hildebrand dot co dot uk Thank you for this. I'm aware that the OO implementation in PHP5 is very different and I intend to use 5 for any serious OO development from now on. However, there is a project I'm working on which requires PHP 4 and needs a drop-in replacement for the PEAR DB libraries within a third-party framework. As support for PHP 4 is still a going concern I decided to raise this ticket. Since posting this bug report, I have also encountered the same problem in PHP 4.3.11. Thank you again for your response. ------------------------------------------------------------------------ [2006-02-11 13:19:50] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.1-latest.tar.gz For Windows: http://snaps.php.net/win32/php5.1-win32-latest.zip ------------------------------------------------------------------------ [2006-01-31 23:51:27] judas dot iscariote at gmail dot com Program received signal SIGSEGV, Segmentation fault. 0x0000000000417258 in overload_get_property (property_reference=0x7fffffe61af8) at /home/cristian/php-src/ext/overload/overload.c:363 363 if (Z_TYPE_P(overloaded_property) == OE_IS_OBJECT) { (gdb) bt #0 0x0000000000417258 in overload_get_property (property_reference=0x7fffffe61af8) at /home/cristian/php-src/ext/overload/overload.c:363 #1 0x00000000004e9c01 in get_overloaded_property (T=0x7fffffe61ae0) at /home/cristian/php-src/Zend/zend_execute.c:970 #2 0x00000000004e8327 in _get_zval_ptr (node=0x6a6bd0, Ts=0x7fffffe614c0, should_free=0x649c10) at /home/cristian/php-src/Zend/zend_execute.c:93 #3 0x00000000004f2503 in zend_switch_free (opline=0x6a6ba8, Ts=0x7fffffe614c0) at /home/cristian/php-src/Zend/zend_execute.c:236 #4 0x00000000004efe54 in execute (op_array=0x6978d0) at /home/cristian/php-src/Zend/zend_execute.c:2053 #5 0x00000000004d5cf5 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/cristian/php-src/Zend/zend.c:934 #6 0x0000000000498774 in php_execute_script (primary_file=0x7fffffe64750) at /home/cristian/php-src/main/main.c:1753 #7 0x00000000004f50eb in main (argc=2, argv=0x7fffffe648b8) at /home/cristian/php-src/sapi/cli/php_cli.c:830 ./sapi/cli/php -v PHP 4.4.3-dev (cli) (built: Jan 31 2006 19:48:51) (DEBUG) ------------------------------------------------------------------------ [2006-01-31 18:30:29] matt dot flaherty at hildebrand dot co dot uk Almost forgot. PHP is configured in the standard way for this distro: ./configure --prefix=/usr --datadir=/usr/share/php --mandir=/usr/share/man --bindir=/usr/bin --libdir=/usr/share --includedir=/usr/include --sysconfdir=/etc --with-_lib=lib --with-config-file-path=/etc --with-exec-dir=/usr/lib/php/bin --disable-debug --enable-inline-optimization --enable-memory-limit --enable-magic-quotes --enable-safe-mode --enable-sigchild --disable-ctype --disable-session --without-mysql --disable-cli --without-pear --with-openssl --with-apxs2=/usr/sbin/apxs2-prefork i586-suse-linux ------------------------------------------------------------------------ [2006-01-31 18:22:51] matt dot flaherty at hildebrand dot co dot uk Description: ------------ Apologies in advance if this turns out to be user error, but it seems odd to me. A segmentation fault occurs when evaluating in a switch statement an instance property of an overloaded class with which has a __get() method. It does not matter whether the evaluated property is native to the instance or overloaded. Also, native and overloaded properties on an overloaded class instance don't like to be passed by reference. If you change the switch statements to cast the argument to (string), as in "switch ((string)$decorator->bar) {" (a memory copy), then the expected result occurs. If you leave either of the switch statements alone there is a crash. Interestingly, with both of the switch statements "fixed" and the block uncommented that calls function reverse_me, the output looks like this: ----%<---- I can see that the value of bar is 'bar' and the value of myVar is 'mine'. I've tested === and that worked okay. So did ==. subst function is okay too. Fatal error: Only variables can be passed by reference in /srv/www/htdocs/seagull/www/crash.php on line 54 ----%<---- This is a native property on the instance so I can't understand why passing by reference is bad. Turning off overloading produces the expected result there, which is this: ----%<---- I can see that the value of bar is '' and the value of myVar is 'mine'. I've tested === and that worked okay. So did ==. subst function is okay too. Just passed by myVar by reference and reversed the string. The value is now enim I am not expecting a switch statemtent on bar to segfault. Switch says the value of bar is not 'bar'. It's 'baz'. I am not expecting a switch statemtent on myVar to segfault. Switch says the value of myVar is not 'mine'. It's 'yours'. ----%<---- I have observed this behaviour in php 4.4.0 and 4.4.2. Very strange. Reproduce code: --------------- http://www.jellybee.co.uk/overload_fault.txt Expected result: ---------------- I can see that the value of bar is 'bar' and the value of myVar is 'mine'. I've tested === and that worked okay. So did ==. subst function is okay too. I am not expecting a switch statemtent on bar to segfault. Switch says the value of bar is not 'bar'. It's 'baz'. I am not expecting a switch statemtent on myVar to segfault. Switch says the value of myVar is not 'mine'. It's 'yours'. Actual result: -------------- Last few lines of Apache2 strace... open("/srv/www/htdocs/seagull/www/crash.php", O_RDONLY) = 35 fstat64(35, {st_mode=S_IFREG|0644, st_size=2110, ...}) = 0 fstat64(35, {st_mode=S_IFREG|0644, st_size=2110, ...}) = 0 lseek(35, 0, SEEK_CUR) = 0 lseek(35, 0, SEEK_SET) = 0 read(35, "<?php\nclass Decorator_Foo {\n "..., 8192) = 2110 brk(0x8045f000) = 0x8045f000 read(35, "", 8192) = 0 close(35) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- chdir("/srv/www") = 0 rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 0 kill(18058, SIGSEGV) = 0 sigreturn() = ? (mask now []) --- SIGSEGV (Segmentation fault) @ 0 (0) --- ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=36234&edit=1