|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2003-04-24 12:06 UTC] sniper@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Dec 08 15:00:01 2025 UTC |
<?php $big = array(); $test = array(); fwrite(STDOUT, "Start\n"); for($i=0; $i < 100000; $i++) { $big[$i] = $i; } fwrite(STDOUT, "Middle\n"); for ($k=0; $k < 20; $k++) { fwrite(STDOUT,"$k"); $test = array(); fwrite(STDOUT,"."); for($i=0; $i < 100000; $i++) { $test[$i] = $big; } fwrite(STDOUT,"."); for($i=0; $i < 100000; $i++) { unset($test[$i]); } // unset($test); } fwrite(STDOUT, "\nEnd\n"); ?> Running the above script produces the following output: Start Middle 0..1..2.. Segmentation fault A trace in gdb produces: Program received signal SIGSEGV, Segmentation fault. 0x4207ad8e in chunk_free () from /lib/i686/libc.so.6 (gdb) where #0 0x4207ad8e in chunk_free () from /lib/i686/libc.so.6 #1 0x4207ad14 in free () from /lib/i686/libc.so.6 #2 0x08121bdc in zend_hash_destroy () #3 0x0811c5fa in _zval_dtor () #4 0x08114e01 in _zval_ptr_dtor () #5 0x08121aa6 in zend_hash_del_key_or_index () #6 0x0813587a in execute () #7 0x0811db3c in zend_execute_scripts () #8 0x080f75cd in php_execute_script () #9 0x081384a0 in main () #10 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6 If I comment out the for loop containing the unset() and instead use: unset($test); Then the script hangs. strace shows the following output and seems to be in an infinite loop: brk(0x8f73000) = 0x8f73000 brk(0x8f74000) = 0x8f74000 write(5, ".", 1.) = 1 munmap(0x40256000, 528384) = 0 brk(0x8a21000) = 0x8a21000 munmap(0x402d7000, 528384) = 0 write(5, "1", 11) = 1 write(5, ".", 1.) = 1 write(5, ".", 1.) = 1 munmap(0xcac4, 136005040) = -1 EINVAL (Invalid argument) munmap(0xff797a94, 144821032) = -1 EINVAL (Invalid argument) munmap(0x8658cc, 136016488) = -1 EINVAL (Invalid argument) munmap(0xc608927c, 1108533240) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136028904) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136028960) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029016) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029072) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029128) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029184) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029240) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029296) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029352) = -1 EINVAL (Invalid argument) munmap(0xffffffcc, 136029408) = -1 EINVAL (Invalid argument)