I ran into this with simplexml but am able to reproduce with userland classes.
The segfault only occurs when the property in question does not exist, no __get and __set methods implemented (if either is implemented then no segfault), and is not being called off the initial object in the foreach.
i.e. - $obj->valid()->invalid will segfault while $obj->invalid doesnt.
class Test implements Iterator {
function c() {
return new Test();
}
/* No need to implement functionality - never gets here */
public function rewind() {}
public function key() {}
public function current() {}
public function next() {}
public function hasMore() {}
}
$obj = new Test();
/*
foreach ($obj->c() as $value) { - works correctly with functions implemented
foreach ($obj->a as $value) { - correctly issues Invalid argument supplied for foreach()
*/
foreach ($obj->c()->a as $value) { // Segafults
print "Test\n";
}
0x08298238 in zend_pzval_unlock_func (z=0x5a5a5a5a)
at /home/rrichards/php5/Zend/zend_execute.c:65
65 z->refcount--;
(gdb) bt
#0 0x08298238 in zend_pzval_unlock_func (z=0x5a5a5a5a)
at /home/rrichards/php5/Zend/zend_execute.c:65
#1 0x082984dd in _get_zval_ptr_ptr (node=0x4047ea2c, Ts=0xbfffb860)
at /home/rrichards/php5/Zend/zend_execute.c:142
#2 0x08295c59 in zend_fe_reset_handler (execute_data=0xbfffba90,
opline=0x4047ea14, op_array=0x4047e3c0)
at /home/rrichards/php5/Zend/zend_execute.c:3630
#3 0x0828f7f4 in execute (op_array=0x4047e3c0)
at /home/rrichards/php5/Zend/zend_execute.c:1339
#4 0x0826d4d1 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /home/rrichards/php5/Zend/zend.c:1052
#5 0x0822a364 in php_execute_script (primary_file=0xbfffde90)
at /home/rrichards/php5/main/main.c:1647
#6 0x0829c7ee in main (argc=2, argv=0xbfffdf24)
at /home/rrichards/php5/sapi/cli/php_cli.c:941
#7 0x42015704 in __libc_start_main () from /lib/tls/libc.so.6
Rob
Hello,
On Tue, 17 Feb 2004 08:17:54 -0500
"Rob Richards" rrichards@ctindustries.net wrote:
I ran into this with simplexml but am able to reproduce with userland
classes.The segfault only occurs when the property in question does not exist,
no __get and __set methods implemented (if either is implemented then
no segfault), and is not being called off the initial object in the
foreach. i.e. - $obj->valid()->invalid will segfault while
$obj->invalid doesnt.
I got the same thing this morning and wondering why as well. I'm not
sure it's due to the iterator but more to the (de)references. At some
point ZE2 destroys the object (afair or see just before returning the
object).
Find below 2 scripts to reproduce the problem. In both the public
property is not required. Only to show that is not related to the
existence or non existence of a property.
Works:
<?php
class Test {
public $a = array(1,2,3,4,5); // if removed, the notice works
function c() {
return new Test();
}
}
$obj = new Test();
$b = $obj->c();
foreach ($b->a as $value) { // Segafults
print "Test\n";
}
?>
Segfault:
<?php
class Test {
public $a = array(1,2,3,4,5); // removed, crash too
function c() {
return new Test();
}
}
$obj = new Test();
foreach ($obj->c()->a as $value) { // Segafults
print "Test\n";
}
?>
Sidenote, if someone has some tips to get the ZE2 macros working in gdb
(ie to work with all the the TSRMLS_C*, T, and other macros with
explicit names ;)
hth
pierre
This should be fixed now.
Thanks for the reproducing case.
Andi
At 20:20 17/02/2004 +0100, Pierre-Alain Joye wrote:
Segfault:
<?php
class Test {
public $a = array(1,2,3,4,5); // removed, crash too
function c() {
return new Test();
}}
$obj = new Test();
foreach ($obj->c()->a as $value) { // Segafults
print "Test\n";
}?
Was there a test for this..?
Would be nice if Pierre/Andi would add one if not. :)
--Jani
This should be fixed now.
Thanks for the reproducing case.Andi
At 20:20 17/02/2004 +0100, Pierre-Alain Joye wrote:
Segfault:
<?php
class Test {
public $a = array(1,2,3,4,5); // removed, crash too
function c() {
return new Test();
}}
$obj = new Test();
foreach ($obj->c()->a as $value) { // Segafults
print "Test\n";
}?