go to bug id or search bugs for
range() function throws a fatal error message when low = 2147483646, high = 2147483647 & step is default (i.e 1). These values gives range of 1 step and the values are valid integers.
Operating System: RHEL 4
Linux Kernel : Linux 2.6.9
PHP Version: PHP 5.2 (Built on Apr 17, 2007 from snaps.php.net)
PHP Configure Setup: ./configure
I will be attaching a patch for this as soon as possible.
var_dump( range(2147483646, 2147483647) );
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 34 bytes) in %s on line %d
Add a Patch
Add a Pull Request
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
The 2147483647 overflows resulting in a negative value directing PHP to
create an array of an enourmous number of elements. To achieve the
desired result you need to pass the parameters are doubles
Ex. var_dump( range(2147483646.0, 2147483647.0) );
Again as with 41118 I reviewed this one prior to Mahesh
raising the defect and having reviewed your comments above I still believe this defect reports a valid issue in the PHP code.
As the value for low and high could be variables your suggestion that
the request should be re-coded as range(2147483646.0, 2147483647.0)
implies all user scripts would need to include range checks on calculated high and low values in order that the correct range()
request could be issued to avoid the bad behaviour reported by this defect, i.e script loops until storage is exhausted. This seems unnecessary and unacceptable to me.
After reading the description of range() in the php manual I would
to create an array of int's with 2 entries as follows:
I certainly would not expect an array with 2G entries. If the users
input causes overflow then that should be detected and reported.
However, both the low and high values specified in the range() request
above are within the range which can be expressed as a 32 bit signed
integer; 2147483647 is the MAX_INTEGER value.
Further if I code something like range(2147483400, 2147483600, 100)
where both high and low are clearly within range of valid int's I get
the same bad behaviour, i.e the PHP code loops creating a huge
array because the logic in array.c does not detect overflow.
Please find here:
a patch to array.c based on latest PHP 52 branch from CVS which fixes
the code to produce the output I would expect as per the description
in the PHP manual.
The following testcase runs clean with the fix; without the fix a
number of use cases cause bad/unexpected behaviour.
// posotive steps
var_dump(range(2147483400, 2147483600, 100));
var_dump( range(2147483646, 2147483648, 1 ) ); // OK
var_dump( range(2147483646, 2147483657, 1 ) ); // Loops without fix
var_dump( range(2147483630, 2147483646, 5 ) ); // Loops without fix
// negative steps
var_dump( range(-2147483645, -2147483648, 1 ) ); // OK
var_dump( range(-2147483645, -2147483649, 1 ) ); // OK
var_dump( range(-2147483630, -2147483646, 5 ) ); // Loops without fix
// low > high
var_dump(range(2147483647, 2147483645, 1 )); // Loops without fix
var_dump(range(2147483648, 2147483645, 1 )); //OK
I am therefore re-opening the defect so that my propsed fix can be considered for inclusion.
IBM United Kingdom Limited
This bug has been fixed in CVS.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.