From 5cc8db8c4b67b85c880a29740548ab965adf5458 Mon Sep 17 00:00:00 2001
From: Arnaud Le Blanc <arnaud.lb@gmail.com>
Date: Tue, 10 Sep 2024 13:41:40 +0200
Subject: [PATCH] Fix zend_lazy_object_get_properties for object with prop ht,
 when init fails

---
 Zend/tests/lazy_objects/gh15823.phpt | 37 ++++++++++++++++++++++++++++
 Zend/zend_lazy_objects.c             |  6 +++--
 2 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 Zend/tests/lazy_objects/gh15823.phpt

diff --git a/Zend/tests/lazy_objects/gh15823.phpt b/Zend/tests/lazy_objects/gh15823.phpt
new file mode 100644
index 0000000000000..6164e54ea239b
--- /dev/null
+++ b/Zend/tests/lazy_objects/gh15823.phpt
@@ -0,0 +1,37 @@
+--TEST--
+GH-15823: Wrong expectations in zend_lazy_object_get_properties()
+--FILE--
+<?php
+
+class C {
+    public int $a = 1;
+}
+
+$reflector = new ReflectionClass(C::class);
+$calls = 0;
+$obj = $reflector->newLazyGhost(function ($obj) use (&$calls) {
+    if ($calls++ === 0) {
+        throw new Error("initializer");
+    }
+    $obj->a = 2;
+});
+
+// Builds properties ht without lazy initialization
+var_dump($obj);
+try {
+    // Lazy initialization fails during fetching of properties ht
+    json_encode($obj);
+} catch (Error $e) {
+    printf("%s: %s\n", $e::class, $e->getMessage());
+}
+
+var_dump(json_encode($obj));
+
+?>
+--EXPECTF--
+lazy ghost object(C)#%d (0) {
+  ["a"]=>
+  uninitialized(int)
+}
+Error: initializer
+string(7) "{"a":2}"
diff --git a/Zend/zend_lazy_objects.c b/Zend/zend_lazy_objects.c
index 8be8e8b7b773c..c8e9fa1bfb3d9 100644
--- a/Zend/zend_lazy_objects.c
+++ b/Zend/zend_lazy_objects.c
@@ -624,8 +624,10 @@ ZEND_API HashTable *zend_lazy_object_get_properties(zend_object *object)
 
 	zend_object *tmp = zend_lazy_object_init(object);
 	if (UNEXPECTED(!tmp)) {
-		ZEND_ASSERT(!object->properties || object->properties == &zend_empty_array);
-		return object->properties = (zend_array*) &zend_empty_array;
+		if (object->properties) {
+			return object->properties;
+		}
+		return object->properties = zend_new_array(0);
 	}
 
 	object = tmp;