|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2005-01-07 21:16 UTC] hexer at studentcenter dot org
Description:
------------
A memory leak happens with any script that contains curly brackets { }
The global variable yy_start_stack in zend_language_scanner.c is not freed at the end of the php program execution.
Reproduce code:
---------------
Test script (test.php):
<?php
{
}
?>
Php was compiled with:
./configure --with-mysql \
--with-xml \
--with-apache=../apache_1.3.33 \
--enable-track-vars \
--with-gd \
--enable-discard-path \
--enable-bcmath \
--enable-gd-native-tt \
--with-freetype-dir=/usr/local \
--with-png-dir=/usr/local \
--with-jpeg-dir=/usr/local \
--with-zlib=/usr/local
Actual result:
--------------
Valgrind detects and reports the leak:
valgrind --tool=memcheck --leak-check=yes --show-reachable=yes php test.php
==31180== 100 bytes in 1 blocks are still reachable in loss record 1 of 1
==31180== at 0x1B900D20: malloc (vg_replace_malloc.c:131)
==31180== by 0x8125199: yy_push_state (Zend/zend_language_scanner.c:5805)
==31180== by 0x8122DA7: lex_scan (Zend/zend_language_scanner.c:4252)
==31180== by 0x812B2AD: zendlex (/usr/local/src/php-4.3.10/Zend/zend_compile.c:2472)
==31180==
==31180== LEAK SUMMARY:
==31180== definitely lost: 0 bytes in 0 blocks.
==31180== possibly lost: 0 bytes in 0 blocks.
==31180== still reachable: 100 bytes in 1 blocks.
==31180== suppressed: 0 bytes in 0 blocks.
Code in question is at zend_language_scanner.c:4252
In the above scenario the yy_start_stack does not get freed
at the end of the program execution.
Proposed patch frees it under shutdown_scanner()
Possible patch below:
(Note: The following patch fixed the problem but has not yet been
tested under server load / real world conditions. Will post real world test results next week)
Apply to zend_language_scanner.c:
*** 2874,2892 ****
--- 2874,2899 ----
{
if (CG(heredoc)) {
efree(CG(heredoc));
CG(heredoc_len)=0;
}
+ if (SCNG(yy_start_stack)) {
+ yy_flex_free(SCNG(yy_start_stack));
+ SCNG(yy_start_stack) = NULL;
+ }
+
#ifdef ZEND_MULTIBYTE
if (SCNG(code)) {
efree(SCNG(code));
SCNG(code) = NULL;
}
if (SCNG(current_code)) {
efree(SCNG(current_code));
SCNG(current_code) = NULL;
}
#endif /* ZEND_MULTIBYTE */
}
END_EXTERN_C()
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Oct 26 18:00:01 2025 UTC |
hexer at studentcenter dot org: You should probably patch zend_language_scanner.l instead of .c Andi, this problem is reproducible with all branches. Index: zend_language_scanner.l =================================================================== RCS file: /repository/ZendEngine2/zend_language_scanner.l,v retrieving revision 1.118 diff -u -r1.118 zend_language_scanner.l --- zend_language_scanner.l 3 Jan 2005 10:01:03 -0000 1.118 +++ zend_language_scanner.l 10 Jan 2005 16:33:35 -0000 @@ -145,6 +145,10 @@ efree(CG(heredoc)); CG(heredoc_len)=0; } + if (SCNG(yy_start_stack)) { + yy_flex_free(SCNG(yy_start_stack)); + SCNG(yy_start_stack) = NULL; + } RESET_DOC_COMMENT(); #ifdef ZEND_MULTIBYTE