From: Dmitry Stogov Date: Tue, 13 Sep 2011 07:01:46 +0000 (+0000) Subject: Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence) X-Git-Tag: php-5.3.9RC1~132 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=12864e4769237c5d1cc01665ed6f688e54e31dcf;p=php Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence) --- diff --git a/NEWS b/NEWS index c6506b4e74..57b4f970d1 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,7 @@ PHP NEWS . Fixed bug #55366: keys lost when using substr_replace an array. (Arpad) . Fixed bug #55510: $_FILES 'name' missing first character after upload. (Arpad) + . Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence) . Fixed bug #55576: Cannot conditionally move uploaded file without race condition. (Gustavo) . Fixed bug #55504 (Content-Type header is not parsed correctly on diff --git a/Zend/tests/bug55509.phpt b/Zend/tests/bug55509.phpt new file mode 100644 index 0000000000..86e5a08764 --- /dev/null +++ b/Zend/tests/bug55509.phpt @@ -0,0 +1,33 @@ +--TEST-- +Bug #55509 (segfault on x86_64 using more than 2G memory) +--SKIPIF-- + +--INI-- +memory_limit=3G +--FILE-- + +--EXPECTF-- +1 +2 +3 +4 +5 + +Fatal error: Allowed memory size of %d bytes exhausted (tried to allocate %d bytes) in %s/bug55509.php on line %d diff --git a/Zend/zend_alloc.c b/Zend/zend_alloc.c index 88944b45a2..4af99ee278 100644 --- a/Zend/zend_alloc.c +++ b/Zend/zend_alloc.c @@ -510,7 +510,7 @@ static unsigned int _zend_mm_cookie = 0; #define ZEND_MM_IS_GUARD_BLOCK(b) (((b)->info._size & ZEND_MM_TYPE_MASK) == ZEND_MM_GUARD_BLOCK) #define ZEND_MM_NEXT_BLOCK(b) ZEND_MM_BLOCK_AT(b, ZEND_MM_BLOCK_SIZE(b)) -#define ZEND_MM_PREV_BLOCK(b) ZEND_MM_BLOCK_AT(b, -(int)((b)->info._prev & ~ZEND_MM_TYPE_MASK)) +#define ZEND_MM_PREV_BLOCK(b) ZEND_MM_BLOCK_AT(b, -(ssize_t)((b)->info._prev & ~ZEND_MM_TYPE_MASK)) #define ZEND_MM_PREV_BLOCK_IS_FREE(b) (!((b)->info._prev & ZEND_MM_USED_BLOCK))