#22855 [NEW]: Memory corruption when dealing with cyclic references between objects

Mon, 24 Mar 2003 10:05:00 -0800 

From:             knizhnik at garret dot ru
Operating system: Windows and Linux
PHP version:      4.3.1
PHP Bug Type:     Zend Engine 2 problem
Bug description:  Memory corruption when dealing with cyclic references between objects

PHP is using reference counter garbage collection so it is not able to
deallocate objects with cyclic references. But
it should not be a reason for corrupting memory. The following example
cause either loosing value of object property either segmentation fault at
PHP 4.3.1 and PHP-4.3.2RC1. The fault takes place after inserting 65533
objects (0xfffd - looks like somewhere short type is used:).
In first case after inserting about 65k of objects the system reports "PHP
Notice:  Undefined property:" when 
accessing "opened" field in storeObject.


<?php


class Storage { 
    var $opened;
    var $count;

    function Storage() { 
        $this->objByOidMap = array();
        $this->opened = true;
        $this->count = 0;
    }

    function storeObject(&$obj) {
        if ($this->opened) { 
            if ($obj->__oid__ == 0) {   
                $this->count += 1;
                $obj->__oid__ = $this->count;
                $obj->__storage__ = &$this;
                $this->objByOidMap[$obj->__oid__] = &$obj;
            }
        }
    }
}

class Object {
    var $__storage__;
    var $__oid__;
}

$storage = &new Storage();
for ($i = 0; $i < 100000; $i++) {
    print("i=$i\n");
    $obj = &new Object();
    $storage->storeObject($obj);
}

?>

-- 
Edit bug report at http://bugs.php.net/?id=22855&edit=1
-- 
Try a CVS snapshot:         http://bugs.php.net/fix.php?id=22855&r=trysnapshot
Fixed in CVS:               http://bugs.php.net/fix.php?id=22855&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=22855&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=22855&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=22855&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=22855&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=22855&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=22855&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=22855&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=22855&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=22855&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=22855&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=22855&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=22855&r=gnused

Reply via email to