From 52f25f61324e44c169441fdfea3f5e76a920d4a1 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@php.net>
Date: Tue, 6 Nov 2007 14:56:14 +0000
Subject: [PATCH] Fixed bug #43175 (__destruct() throwing an exception with
 __call() causes segfault)

---
 Zend/tests/bug43175.phpt | 24 ++++++++++++++++++++++++
 Zend/zend_vm_def.h       |  5 +++--
 Zend/zend_vm_execute.h   |  5 +++--
 3 files changed, 30 insertions(+), 4 deletions(-)
 create mode 100755 Zend/tests/bug43175.phpt

diff --git a/Zend/tests/bug43175.phpt b/Zend/tests/bug43175.phpt
new file mode 100755
index 0000000000..3bf6befc15
--- /dev/null
+++ b/Zend/tests/bug43175.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Bug #43175 (__destruct() throwing an exception with __call() causes segfault)
+--FILE--
+<?php
+
+class foobar {
+    public function __destruct() {
+        throw new Exception();
+    }
+    public function __call($m, $a) {
+        return $this;
+    }
+}
+function foobar() {
+    return new foobar();
+}
+try {
+    foobar()->unknown();
+} catch (Exception $e) {
+    echo "__call via traditional factory should be caught\n";
+}
+?>
+--EXPECT--
+__call via traditional factory should be caught
diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h
index 207a241a5a..42f550430e 100644
--- a/Zend/zend_vm_def.h
+++ b/Zend/zend_vm_def.h
@@ -2092,6 +2092,9 @@ ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY)
 		}
 	}
 
+	EX(function_state).function = (zend_function *) EX(op_array);
+	EG(function_state_ptr) = &EX(function_state);
+
 	if (EG(This)) {
 		if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
 			if (IS_CTOR_USED(EX(called_scope))) {
@@ -2115,8 +2118,6 @@ ZEND_VM_HELPER(zend_do_fcall_common_helper, ANY, ANY)
 		EG(called_scope) = current_called_scope;
 	}
 
-	EX(function_state).function = (zend_function *) EX(op_array);
-	EG(function_state_ptr) = &EX(function_state);
 	zend_ptr_stack_clear_multiple(TSRMLS_C);
 
 	if (EG(exception)) {
diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h
index ab6b84ae51..d4782320b3 100644
--- a/Zend/zend_vm_execute.h
+++ b/Zend/zend_vm_execute.h
@@ -275,6 +275,9 @@ static int zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
 		}
 	}
 
+	EX(function_state).function = (zend_function *) EX(op_array);
+	EG(function_state_ptr) = &EX(function_state);
+
 	if (EG(This)) {
 		if (EG(exception) && IS_CTOR_CALL(EX(called_scope))) {
 			if (IS_CTOR_USED(EX(called_scope))) {
@@ -298,8 +301,6 @@ static int zend_do_fcall_common_helper_SPEC(ZEND_OPCODE_HANDLER_ARGS)
 		EG(called_scope) = current_called_scope;
 	}
 
-	EX(function_state).function = (zend_function *) EX(op_array);
-	EG(function_state_ptr) = &EX(function_state);
 	zend_ptr_stack_clear_multiple(TSRMLS_C);
 
 	if (EG(exception)) {
-- 
2.50.1