Just opened a bug report:
https://bugs.php.net/bug.php?id=60042
The documentation does not indicate that autoloader functions
registered with spl_autoload_register have to return anything, but if
an autoloader other than the first one returns no value, PHP crashes.
This is because of a dangling pointer condition. 'retval' is
initialized at the top of spl_autoload_call but never re-initialized
to NULL after the return value of each autoloader is destroyed. If the
next autoloader has a return value, no harm is done, but if it does
not the dangling pointer is destroyed again.
Many authors of autoloaders have resorted to returning true or false
in an educated guess at what they are supposed to do to avoid this
problem, but in fact it's just a core PHP bug - when the code is
working properly it doesn't actually care what the return value is.
The patch is one line (:
Wanted to bring this to folks' attention since it causes a lot of
frustration for those using multiple frameworks, libraries, etc. all
of which come with autoloaders.
--
Tom Boutell
P'unk Avenue
215 755 1330
punkave.com
window.punkave.com
Update: actually, this was not my crashing bug, although it does still
look suspicious - I don't see how retval gets cleaned up between
invocations.
My crashing bug appears to be triggered when an autoloader decides to
unregister and re-register itself from inside the autoload() function.
Specifically, Symfony's sfAutoloadAgain class does this, in an attempt
to save us all from having to clear the autoloader cache when we add a
class by doing it automatically and then giving autoloading one more
try.
My suspicion is that the PHP core's iteration over the list of
autoloaders is not safe against this possibility and it winds up off
the end of a list or referencing something previously removed.
Any thoughts?
Just opened a bug report:
https://bugs.php.net/bug.php?id=60042
The documentation does not indicate that autoloader functions
registered with spl_autoload_register have to return anything, but if
an autoloader other than the first one returns no value, PHP crashes.This is because of a dangling pointer condition. 'retval' is
initialized at the top of spl_autoload_call but never re-initialized
toNULLafter the return value of each autoloader is destroyed. If the
next autoloader has a return value, no harm is done, but if it does
not the dangling pointer is destroyed again.Many authors of autoloaders have resorted to returning true or false
in an educated guess at what they are supposed to do to avoid this
problem, but in fact it's just a core PHP bug - when the code is
working properly it doesn't actually care what the return value is.The patch is one line (:
Wanted to bring this to folks' attention since it causes a lot of
frustration for those using multiple frameworks, libraries, etc. all
of which come with autoloaders.--
Tom Boutell
P'unk Avenue
215 755 1330
punkave.com
window.punkave.com
--
Tom Boutell
P'unk Avenue
215 755 1330
punkave.com
window.punkave.com