PHP :: Bug #41113 :: another complex memleak

Bug #41113

another complex memleak

Submitted:

2007-04-17 08:14 UTC

Modified:

2008-07-22 07:27 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

tony2001@php.net

Assigned:

tony2001 (profile)

Status:

Wont fix

Package:

Scripting Engine problem

PHP Version:

5CVS-2007-04-17 (CVS)

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	tony2001@php.net
New email:
PHP Version:		OS:

New Comment:

[2007-04-17 08:14 UTC] tony2001@php.net

Description:
------------
The code below causes two small memleaks.

Reproduce code:
---------------
<?php
function err($errno, $errstr, $errfile, $errline) {
    throw new Exception($errstr);
}
set_error_handler("err");

function foo() {
    $a = array("aaa");
    foreach ($a as $o) {
        //$this->prop[$a] = foo($undef2); //no leak
        //$this->prop["aa"] = foo($undef2); //no leak
        $this->prop[$a[0]] = foo($undef2); //leak
    }
}

try {
    foo();
} catch (Exception $e) {
    var_dump($e->getMessage());
}
?>

Actual result:
--------------
==10584== 4 bytes in 1 blocks are indirectly lost in loss record 1 of 2
==10584==    at 0x401C6CE: malloc (vg_replace_malloc.c:149)
==10584==    by 0x82995DF: _emalloc (zend_alloc.c:2231)
==10584==    by 0x8299885: _estrndup (zend_alloc.c:2353)
==10584==    by 0x82B210F: _zval_copy_ctor_func (zend_variables.c:120)
==10584==    by 0x831694C: _zval_copy_ctor (zend_variables.h:45)
==10584==    by 0x82D9FAB: ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER (zend_vm_execute.h:3562)
==10584==    by 0x82DA140: ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER (zend_vm_execute.h:3609)
==10584==    by 0x82D31F8: execute (zend_vm_execute.h:92)
==10584==    by 0x82D371A: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:234)
==10584==    by 0x82D6614: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:1681)
==10584==    by 0x82D31F8: execute (zend_vm_execute.h:92)
==10584==    by 0x82B3E37: zend_execute_scripts (zend.c:1134)
==10584==    by 0x826A9BC: php_execute_script (main.c:1790)
==10584==    by 0x831A5B5: main (php_cli.c:1127)
==10584==
==10584==
==10584== 20 (16 direct, 4 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 2
==10584==    at 0x401C6CE: malloc (vg_replace_malloc.c:149)
==10584==    by 0x82995DF: _emalloc (zend_alloc.c:2231)
==10584==    by 0x82D9F5D: ZEND_ADD_ARRAY_ELEMENT_SPEC_CONST_UNUSED_HANDLER (zend_vm_execute.h:3559)
==10584==    by 0x82DA140: ZEND_INIT_ARRAY_SPEC_CONST_UNUSED_HANDLER (zend_vm_execute.h:3609)
==10584==    by 0x82D31F8: execute (zend_vm_execute.h:92)
==10584==    by 0x82D371A: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:234)
==10584==    by 0x82D6614: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:1681)
==10584==    by 0x82D31F8: execute (zend_vm_execute.h:92)
==10584==    by 0x82B3E37: zend_execute_scripts (zend.c:1134)
==10584==    by 0x826A9BC: php_execute_script (main.c:1790)
==10584==    by 0x831A5B5: main (php_cli.c:1127)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2007-05-02 07:37 UTC] dmitry@php.net

The problem is clear but unfixable.

$a[0] is compiled into ZEND_FETCH_DIM_R that increments reference count of $a[0] this reference should be decremented back on $a[0] usage, but because of exception this statement is never reached.

[2008-07-21 21:49 UTC] jani@php.net

Isn't this "won't fix" then?

[2008-07-22 07:27 UTC] tony2001@php.net

I guess so.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Jul 01 17:01:34 2025 UTC