From: vovan-ve at yandex dot ru
Operating system: linux
PHP version: 5.4.11
Package: Class/Object related
Bug Type: Bug
Bug description:clone object with circular reference cause segfault
Description:
------------
There are two objects of the same class. Both objects has a property. There
are
circular object reference: $a->prop === $b && $b->prop === $a. The class
has
a __clone() handler which clones object in that property.
So, clonning such object cause segfault.
Yes, described architecture is ugly, but this is just for test.
Test code:
----
class A {
public $prop;
public function __clone() {
$this->prop = clone $this->prop;
}
}
// create two objects
$a = new A();
$b = new A();
// create circular reference
$b->prop = $a;
$a->prop = $b;
// see short dump with *RECURSION* marker
print_r($a);
// now make a problem
$c = clone $a;
// never will reach here
print_r($c);
----
5.5.0.a2, 5.4.11, 5.3.20 and 5.2.17 crashes with segfault. It is infinite
recursion. Also Fatal Error can be emited about memory allocation when
small
memory_limit is set (1M for example).
Unlimited recursion for a simple function cause a fatal error, so the bug
always should cause the same fatal error.
Test script:
---------------
class A {
public $prop;
public function __clone() {
$this->prop = clone $this->prop;
}
}
$a = new A();
$b = new A();
$b->prop = $a;
$a->prop = $b;
print_r($a);
$c = clone $a;
print_r($c);
Expected result:
----------------
A Object
(
[prop] => A Object
(
[prop] => A Object
*RECURSION*
)
)
Fatal error: Allowed memory size of ... bytes exhausted (tried to allocate
... bytes)
Actual result:
--------------
A Object
(
[prop] => A Object
(
[prop] => A Object
*RECURSION*
)
)
Segmentation fault (core dumped)
--
Edit bug report at https://bugs.php.net/bug.php?id=64195&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=64195&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=64195&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=64195&r=trysnapshottrunk
Fixed in SVN: https://bugs.php.net/fix.php?id=64195&r=fixed
Fixed in release: https://bugs.php.net/fix.php?id=64195&r=alreadyfixed
Need backtrace: https://bugs.php.net/fix.php?id=64195&r=needtrace
Need Reproduce Script: https://bugs.php.net/fix.php?id=64195&r=needscript
Try newer version: https://bugs.php.net/fix.php?id=64195&r=oldversion
Not developer issue: https://bugs.php.net/fix.php?id=64195&r=support
Expected behavior: https://bugs.php.net/fix.php?id=64195&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=64195&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=64195&r=submittedtwice
register_globals: https://bugs.php.net/fix.php?id=64195&r=globals
PHP 4 support discontinued: https://bugs.php.net/fix.php?id=64195&r=php4
Daylight Savings: https://bugs.php.net/fix.php?id=64195&r=dst
IIS Stability: https://bugs.php.net/fix.php?id=64195&r=isapi
Install GNU Sed: https://bugs.php.net/fix.php?id=64195&r=gnused
Floating point limitations: https://bugs.php.net/fix.php?id=64195&r=float
No Zend Extensions: https://bugs.php.net/fix.php?id=64195&r=nozend
MySQL Configuration Error: https://bugs.php.net/fix.php?id=64195&r=mysqlcfg
