|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2011-05-04 19:02 UTC] aleksey dot v dot korzun at gmail dot com
[2011-06-05 03:38 UTC] felipe@php.net
[2011-06-05 03:38 UTC] felipe@php.net
-Status: Open
+Status: Feedback
[2011-06-05 03:38 UTC] felipe@php.net
[2011-06-07 03:24 UTC] aleksey dot v dot korzun at gmail dot com
-Status: Feedback
+Status: Open
[2011-06-07 03:24 UTC] aleksey dot v dot korzun at gmail dot com
[2011-06-07 03:26 UTC] felipe@php.net
-Status: Open
+Status: Closed
-Assigned To:
+Assigned To: felipe
[2011-06-07 03:26 UTC] felipe@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Oct 26 11:00:02 2025 UTC |
Description: ------------ Problem can be reproduced on both Linux and Unix environments, does not seem to be OS specific. Backtrace and other tests point specifically at SplFixedArray. PHP/OS: PHP 5.3.6 8.2-RELEASE FreeBSD Extensions: extension=ctype.so extension=curl.so extension=dom.so extension=filter.so extension=gd.so extension=hash.so extension=json.so extension=mbstring.so extension=mcrypt.so extension=session.so extension=simplexml.so extension=ftp.so extension=mysqli.so extension=igbinary.so extension=apc.so extension=memcached.so Test script: --------------- <?php /** * Proof of concept * @author Aleksey Korzun */ ini_set('memory_limit', '1024M'); ini_set('display_errors', 'On'); error_reporting(E_ALL); // Hard limit for our test loop $limit = 10000; /** * Placeholder model */ class Model { public function foo() {} } /** * Placeholder collection, using SplFixedArray */ class Collection extends \SplFixedArray { // Population method public function bar() { $models = array(); foreach($this as $id => $model) { $model->foo(); $models[$id] = $model; } } } // Initialize and run the test $collection = new Collection; $collection->setSize($limit); while($limit > 0) { --$limit; $collection[$limit] = new Model; } $collection->bar(); Expected result: ---------------- Script should not crash Actual result: -------------- (gdb) bt full #0 0x00000008026f5567 in _zend_is_inconsistent (ht=0xffffffff, file=0x80285a5b8 "/usr/ports/lang/php5/work/php-5.3.6/Zend/zend_hash.c", line=520) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_hash.c:53 No locals. #1 0x00000008026f7381 in zend_hash_destroy (ht=0xffffffff) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_hash.c:520 p = (Bucket *) 0x802858ff0 q = (Bucket *) 0x480 #2 0x0000000802710a66 in zend_object_std_dtor (object=0x808581920) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_objects.c:41 No locals. #3 0x0000000802710f15 in zend_objects_free_object_storage (object=0x808581920) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_objects.c:126 No locals. #4 0x0000000802716abf in zend_objects_store_del_ref_by_handle_ex (handle=3697, handlers=0x8029f0c20) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_objects_API.c:220 __orig_bailout = (sigjmp_buf *) 0x7fffffffe1b0 __bailout = {{_sjb = {34400725674, 34376863547, 140737488347016, 140737488347184, 140737488350136, 140737488350104, 0, 0, 34499527295, 34498252960, 34499605672, 34359738368}}} obj = (struct _store_object *) 0x8094bdca8 failure = 0 #5 0x00000008027167ae in zend_objects_store_del_ref (zobject=0x8085a8130) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_objects_API.c:172 handle = 3697 #6 0x00000008026e35b3 in _zval_dtor_func (zvalue=0x8085a8130, __zend_filename=0x802857e68 "/usr/ports/lang/php5/work/php-5.3.6/Zend/zend_execute_API.c", __zend_lineno=443) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_variables.c:52 No locals. #7 0x00000008026d223f in _zval_dtor (zvalue=0x8085a8130, __zend_filename=0x802857e68 "/usr/ports/lang/php5/work/php-5.3.6/Zend/zend_execute_API.c", __zend_lineno=443) at zend_variables.h:35 No locals. #8 0x00000008026d2628 in _zval_ptr_dtor (zval_ptr=0x80821ad58, __zend_filename=0x80282b9d8 "/usr/ports/lang/php5/work/php-5.3.6/ext/spl/spl_fixedarray.c", __zend_lineno=182) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_execute_API.c:443 No locals. #9 0x000000080256f408 in spl_fixedarray_object_free_storage (object=0x808214990) at /usr/ports/lang/php5/work/php-5.3.6/ext/spl/spl_fixedarray.c:182 intern = (spl_fixedarray_object *) 0x808214990 i = 897 #10 0x00000008027164bd in zend_objects_store_free_object_storage (objects=0x8029f75b8) at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_objects_API.c:92 obj = (struct _store_object *) 0x809484668 i = 24 #11 0x00000008026d1f7a in shutdown_executor () at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend_execute_API.c:302 __orig_bailout = (sigjmp_buf *) 0x0 __bailout = {{_sjb = {34400444143, 34376863547, 140737488347560, 140737488347712, 140737488350136, 140737488350104, 0, 0, 34402009727, 34384020168, 140737488347696, 34359738368}}} #12 0x00000008026e56de in zend_deactivate () at /usr/ports/lang/php5/work/php-5.3.6/Zend/zend.c:890 No locals. #13 0x00000008026656a1 in php_request_shutdown (dummy=0x0) at /usr/ports/lang/php5/work/php-5.3.6/main/main.c:1635 report_memleaks = 1 '\001' #14 0x00000008027d98b6 in php_apache_request_dtor (r=0x8035778a8) at /usr/ports/lang/php5/work/php-5.3.6/sapi/apache2handler/sapi_apache2.c:509 No locals.