From: pvandijk at gmail dot com Operating system: Linux 2.4.22-1.2115.nptl PHP version: 4.3.11 PHP Bug Type: Reproducible crash Bug description: large array keys causes memory corruption and segfaults
Description: ------------ Hashes with a large number of keys and large key data size seem to cause memory corruption, which in turn causes php to either segfault or hang upon exiting (depending on the context of the code). I've heard mention that arrays are not unlimited in size. This issue seems to occur at about 65535 elements in my tests, but also depends on the size of the keys. Presumably this is because i'm indexing my arrays with Strings, and therefore it's running out of memory faster. If the memory limit of a hash is reached, should it not be handled more gracefully than corrupting memory, which results in a segfault? The code example i've provided seems to reproduce a crash under both linux and windows, php 4.3.11 Reproduce code: --------------- <?php $data = 'hello, i like cheese'; $ar = array(); for($i = 1000000; $i < 3000000 ; $i++) { $key = 'abc'.$i; $ar[$key] = $data; } function check($ar) { global $data; foreach($ar as $k => $value) { if($data != $value) { print 'invalid value: '. $k .' => '. $value ."\r\n"; } } } check($ar); print 'done.'."\r\n"; ?> Expected result: ---------------- done. Actual result: -------------- "done. Segmentation fault" sorry i cant provide a backtrace or any further info, i dont have access to these tools on my current dev server. -- Edit bug report at http://bugs.php.net/?id=32738&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=32738&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=32738&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=32738&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=32738&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=32738&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=32738&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=32738&r=needscript Try newer version: http://bugs.php.net/fix.php?id=32738&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=32738&r=support Expected behavior: http://bugs.php.net/fix.php?id=32738&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=32738&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=32738&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=32738&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=32738&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=32738&r=dst IIS Stability: http://bugs.php.net/fix.php?id=32738&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=32738&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=32738&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=32738&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=32738&r=mysqlcfg