ID: 46380
Updated by: [EMAIL PROTECTED]
Reported By: marek dot miska at netart dot pl
-Status: Open
+Status: Assigned
Bug Type: Reproducible crash
Operating System: linux
PHP Version: 5.2.6
-Assigned To:
+Assigned To: dmitry
New Comment:
Dmitry, can you check this out please?
Previous Comments:
------------------------------------------------------------------------
[2008-10-24 13:40:24] marek dot miska at netart dot pl
Description:
------------
Incorrect reference counting in:
ZEND_VM_HANDLER(39, ZEND_ASSIGN_REF, VAR|CV, VAR|CV)
refcount is decremented twice.
(In short: ZEND_RETURNS_FUNCTION for "new" is missing).
It's fixed in 5.3.0alpha1 with ZEND_RETURNS_NEW.
But it will be nice to have it also in stable version.
Reproduce code:
---------------
<?
class A{
function A() {
global $g;
$g[0] = $g[1] = $this;
}
function __destruct() { }
}
$g = array();
for($i=0; $i<1000; ++$i)
{
$a =& new A;
}
?>
Expected result:
----------------
Exit without any errors.
Actual result:
--------------
Segmentation fault
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=46380&edit=1
