php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #28676 Segmentation fault/crash while destroying large arrays at end of execution
Submitted: 2004-06-07 18:38 UTC Modified: 2004-06-08 09:57 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: mikeb at tracersinfo dot com Assigned:
Status: Wont fix Package: Reproducible crash
PHP Version: 4.3.7 OS: WinXP; Mandrake Linux 2.4.22-26
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: mikeb at tracersinfo dot com
New email:
PHP Version: OS:

 

 [2004-06-07 18:38 UTC] mikeb at tracersinfo dot com
Description:
------------
In WinXP, crash occurs at $howmany >= 65537; in Mandrake Linux, crash (specifying Segmentation fault) occurs at $howmany >= 131073.  Note that crash only occurs *after* all statements are performed.

I have been able to reproduce this everywhere, with any 4.3.2+ version of PHP on all platforms, regardless of configuration or state of php.ini.



Reproduce code:
---------------
<?php
$string = "X";
$howmany = 65537;
$b4guts = mktime();
$guts = array();
for ( $x = 0; $x < $howmany; $x++ ) {
  $guts[$x] = $string;
}
$afterguts = mktime();
$gutstime = $afterguts - $b4guts;
echo "\nGuts built.  Time $gutstime seconds.  ", count($guts), " elements\n";
?>


Expected result:
----------------
Normal program termination.


Actual result:
--------------
Windows generates a GPF requiring close of the process.  Mandrake Linux generates a "Segmentation fault".

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-06-08 09:57 UTC] derick@php.net
This is a limitation in PHP 4 (elements can only have 2^16 references too them), and is addressed in PHP 5. We will not fix this for PHP 4.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 06:01:29 2024 UTC