PHP :: Bug #51760 :: Memory Leak: zend hash not properly destroyed in CGI main

Bug #51760	Memory Leak: zend hash not properly destroyed in CGI main
Submitted:	2010-05-06 23:57 UTC	Modified:	2013-02-18 00:34 UTC
From:	russell dot tempero at rightnow dot com	Assigned:
Status:	No Feedback	Package:	Performance problem
PHP Version:	5.3.2	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	russell dot tempero at rightnow dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2010-05-06 23:57 UTC] russell dot tempero at rightnow dot com

Description:
------------
After upgrading to PHP 5.3.2, we ran it through Purify and noticed the following memory leak:

MLK: 32 bytes leaked at 0x9b70ca8
  * This memory was allocated from:
    calloc         [rtlib.o]
    _zend_hash_init [zend_hash.c:168]
    php_cgi_globals_ctor [cgi_main.c:1429]
    allocate_new_resource [TSRM.c:303]
    ts_resource_ex [TSRM.c:370]
    .
    .
    .

The problem is that php_cgi_globals_ctor() (the constructor) is calling zend_hash_init() but there is no corresponding destructor to call zend_hash_destroy(). I have attached a patch that will fix this.

You will notice in the patch that I had to make changes to zend_hash_destroy() to prevent a double free. Apparently there are places that are already calling zend_hash_destroy() for the hash that is initialized in php_cgi_globals_ctor(), but it is not currently getting called all of the time. Perhaps a more correct fix would be to find where these other calls to zend_hash_destroy() are being made and either eliminate them altogether or make sure they are called all of the time and not have the destructor function.

Patches

zend_hash_init_MLK.diff (last revision 2010-05-06 21:57 UTC by russell dot tempero at rightnow dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2010-05-14 20:32 UTC] russell dot tempero at rightnow dot com

In my patch I forgot to set ht->pListHead to NULL. The following line should be added toward the end of the zend_hash_destroy() function:

ht->pListHead = NULL;

[2010-06-08 14:04 UTC] tony2001@php.net

-Status: Open +Status: Feedback

[2010-06-08 14:04 UTC] tony2001@php.net

This hash is destroyed on shutdown by this function:
static PHP_MSHUTDOWN_FUNCTION(cgi)
{
    zend_hash_destroy(&CGIG(user_config_cache));

    UNREGISTER_INI_ENTRIES();
    return SUCCESS;
}

[2010-06-08 15:49 UTC] tony2001@php.net

See also bug #47412.

[2013-02-18 00:34 UTC] php-bugs at lists dot php dot net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Oct 25 16:00:02 2025 UTC