dmitry                                   Thu, 10 Jun 2010 11:45:51 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=300350

Log:
Fixed bug #51822i (Segfault with strange __destruct() for static class 
variables)

Bug: http://bugs.php.net/51822 (Assigned) Segfault with strange __destruct() 
for static class variables
      
Changed paths:
    U   php/php-src/branches/PHP_5_2/NEWS
    A   php/php-src/branches/PHP_5_2/Zend/tests/bug51822.phpt
    U   php/php-src/branches/PHP_5_2/Zend/zend_opcode.c
    A   php/php-src/branches/PHP_5_3/Zend/tests/bug51822.phpt
    U   php/php-src/branches/PHP_5_3/Zend/zend_opcode.c
    A   php/php-src/trunk/Zend/tests/bug51822.phpt
    U   php/php-src/trunk/Zend/zend_opcode.c

Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS   2010-06-10 11:31:47 UTC (rev 300349)
+++ php/php-src/branches/PHP_5_2/NEWS   2010-06-10 11:45:51 UTC (rev 300350)
@@ -22,6 +22,8 @@
 - Fixed bug #51905 (ReflectionParameter fails if default value is an array
   with an access to self::). (Felipe)
   constant array). (Felipe)
+- Fixed bug #51822i (Segfault with strange __destruct() for static class
+  variables). (Dmitry)
 - Fixed bug #51671 (imagefill does not work correctly for small images).
   (Pierre)
 - Fixed bug #51670 (getColumnMeta causes segfault when re-executing query

Added: php/php-src/branches/PHP_5_2/Zend/tests/bug51822.phpt
===================================================================
--- php/php-src/branches/PHP_5_2/Zend/tests/bug51822.phpt                       
        (rev 0)
+++ php/php-src/branches/PHP_5_2/Zend/tests/bug51822.phpt       2010-06-10 
11:45:51 UTC (rev 300350)
@@ -0,0 +1,40 @@
+--TEST--
+Bug #51822 (Segfault with strange __destruct() for static class variables)
+--FILE--
+<?php
+class DestructableObject
+{
+       public function __destruct()
+       {
+               echo "2\n";
+       }
+}
+
+class DestructorCreator
+{
+       public function __destruct()
+       {
+               $this->test = new DestructableObject;
+               echo "1\n";
+       }
+}
+
+class Test
+{
+       public static $mystatic;
+}
+
+// Uncomment this to avoid segfault
+//Test::$mystatic = new DestructorCreator();
+
+$x = new Test();
+
+if (!isset(Test::$mystatic))
+       Test::$mystatic = new DestructorCreator();
+
+echo "bla\n";
+?>
+--EXPECT--
+bla
+1
+2

Modified: php/php-src/branches/PHP_5_2/Zend/zend_opcode.c
===================================================================
--- php/php-src/branches/PHP_5_2/Zend/zend_opcode.c     2010-06-10 11:31:47 UTC 
(rev 300349)
+++ php/php-src/branches/PHP_5_2/Zend/zend_opcode.c     2010-06-10 11:45:51 UTC 
(rev 300350)
@@ -157,7 +157,10 @@
                /* Note that only run-time accessed data need to be cleaned up, 
pre-defined data can
                   not contain objects and thus are not probelmatic */
                zend_hash_apply(&(*pce)->function_table, (apply_func_t) 
zend_cleanup_function_data_full TSRMLS_CC);
-               (*pce)->static_members = NULL;
+               if ((*pce)->static_members) {
+                       zend_hash_clean((*pce)->static_members);
+                       (*pce)->static_members = NULL;
+               }
        } else if (CE_STATIC_MEMBERS(*pce)) {
                zend_hash_destroy(CE_STATIC_MEMBERS(*pce));
                FREE_HASHTABLE(CE_STATIC_MEMBERS(*pce));

Added: php/php-src/branches/PHP_5_3/Zend/tests/bug51822.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/Zend/tests/bug51822.phpt                       
        (rev 0)
+++ php/php-src/branches/PHP_5_3/Zend/tests/bug51822.phpt       2010-06-10 
11:45:51 UTC (rev 300350)
@@ -0,0 +1,40 @@
+--TEST--
+Bug #51822 (Segfault with strange __destruct() for static class variables)
+--FILE--
+<?php
+class DestructableObject
+{
+       public function __destruct()
+       {
+               echo "2\n";
+       }
+}
+
+class DestructorCreator
+{
+       public function __destruct()
+       {
+               $this->test = new DestructableObject;
+               echo "1\n";
+       }
+}
+
+class Test
+{
+       public static $mystatic;
+}
+
+// Uncomment this to avoid segfault
+//Test::$mystatic = new DestructorCreator();
+
+$x = new Test();
+
+if (!isset(Test::$mystatic))
+       Test::$mystatic = new DestructorCreator();
+
+echo "bla\n";
+?>
+--EXPECT--
+bla
+1
+2

Modified: php/php-src/branches/PHP_5_3/Zend/zend_opcode.c
===================================================================
--- php/php-src/branches/PHP_5_3/Zend/zend_opcode.c     2010-06-10 11:31:47 UTC 
(rev 300349)
+++ php/php-src/branches/PHP_5_3/Zend/zend_opcode.c     2010-06-10 11:45:51 UTC 
(rev 300350)
@@ -159,7 +159,10 @@
                /* Note that only run-time accessed data need to be cleaned up, 
pre-defined data can
                   not contain objects and thus are not probelmatic */
                zend_hash_apply(&(*pce)->function_table, (apply_func_t) 
zend_cleanup_function_data_full TSRMLS_CC);
-               (*pce)->static_members = NULL;
+               if ((*pce)->static_members) {
+                       zend_hash_clean((*pce)->static_members);
+                       (*pce)->static_members = NULL;
+               }
        } else if (CE_STATIC_MEMBERS(*pce)) {
                zend_hash_destroy(CE_STATIC_MEMBERS(*pce));
                FREE_HASHTABLE(CE_STATIC_MEMBERS(*pce));

Added: php/php-src/trunk/Zend/tests/bug51822.phpt
===================================================================
--- php/php-src/trunk/Zend/tests/bug51822.phpt                          (rev 0)
+++ php/php-src/trunk/Zend/tests/bug51822.phpt  2010-06-10 11:45:51 UTC (rev 
300350)
@@ -0,0 +1,40 @@
+--TEST--
+Bug #51822 (Segfault with strange __destruct() for static class variables)
+--FILE--
+<?php
+class DestructableObject
+{
+       public function __destruct()
+       {
+               echo "2\n";
+       }
+}
+
+class DestructorCreator
+{
+       public function __destruct()
+       {
+               $this->test = new DestructableObject;
+               echo "1\n";
+       }
+}
+
+class Test
+{
+       public static $mystatic;
+}
+
+// Uncomment this to avoid segfault
+//Test::$mystatic = new DestructorCreator();
+
+$x = new Test();
+
+if (!isset(Test::$mystatic))
+       Test::$mystatic = new DestructorCreator();
+
+echo "bla\n";
+?>
+--EXPECT--
+bla
+1
+2

Modified: php/php-src/trunk/Zend/zend_opcode.c
===================================================================
--- php/php-src/trunk/Zend/zend_opcode.c        2010-06-10 11:31:47 UTC (rev 
300349)
+++ php/php-src/trunk/Zend/zend_opcode.c        2010-06-10 11:45:51 UTC (rev 
300350)
@@ -166,7 +166,17 @@
                /* Note that only run-time accessed data need to be cleaned up, 
pre-defined data can
                   not contain objects and thus are not probelmatic */
                zend_hash_apply(&(*pce)->function_table, (apply_func_t) 
zend_cleanup_function_data_full TSRMLS_CC);
-               (*pce)->static_members_table = NULL;
+               if ((*pce)->static_members_table) {
+                       int i;
+
+                       for (i = 0; i < (*pce)->default_static_members_count; 
i++) {
+                               if ((*pce)->static_members_table[i]) {
+                                       
zval_ptr_dtor(&(*pce)->static_members_table[i]);
+                                       (*pce)->static_members_table[i] = NULL;
+                               }
+                       }
+                       (*pce)->static_members_table = NULL;
+               }
        } else if (CE_STATIC_MEMBERS(*pce)) {
                int i;

@@ -255,7 +265,9 @@
                                int i;

                                for (i = 0; i < 
ce->default_static_members_count; i++) {
-                                       
zval_ptr_dtor(&ce->default_static_members_table[i]);
+                                       if 
(ce->default_static_members_table[i]) {
+                                               
zval_ptr_dtor(&ce->default_static_members_table[i]);
+                                       }
                                }
                                efree(ce->default_static_members_table);
                        }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to