php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60218 instantiating unknown class leads to memory leak in cli
Submitted: 2011-11-04 14:02 UTC Modified: 2011-11-12 17:22 UTC
From: yohgaki at ohgaki dot net Assigned: dsp
Status: Closed Package: Unknown/Other Function
PHP Version: 5.4SVN-2011-11-04 (SVN) OS: Linux x86_64
Private report: No CVE-ID:
 [2011-11-04 14:02 UTC] yohgaki at ohgaki dot net
Description:
------------
I support dir() support is not dropped.
http://jp.php.net/manual/en/class.dir.php

At first, I noticed this issue on Scientific Linux 6's PHP and not with my Linux 
box. I though they have patched something for it, but I found it can happen with 
my Linux box, too.

This happens in PHP 5.3.3, PHP 5.3.8 and php-src-5.4 at least.
This may not be 100% reproducible, but I think chances are high in SL6. PHP may 
be destroying class entry.

I'm not sure following valgrind result may help or not, but "echo 1" don't 
report any leak.

$ USE_ZEND_ALLOC=0 valgrind --leak-check=full ./php -r '$o = new Dir(".");'
==24918== Memcheck, a memory error detector
==24918== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==24918== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==24918== Command: ./php -r $o\ =\ new\ Dir(".");
==24918== 
PHP Fatal error:  Class 'Dir' not found in Command line code on line 1

Fatal error: Class 'Dir' not found in Command line code on line 1
==24918== 
==24918== HEAP SUMMARY:
==24918==     in use at exit: 724 bytes in 6 blocks
==24918==   total heap usage: 15,100 allocs, 15,094 frees, 3,101,573 bytes 
allocated
==24918== 
==24918== 724 (240 direct, 484 indirect) bytes in 1 blocks are definitely lost 
in loss record 6 of 6
==24918==    at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==24918==    by 0x7A6845: _emalloc (zend_alloc.c:2423)
==24918==    by 0x782E75: compile_string (zend_language_scanner.l:717)
==24918==    by 0x7CDC99: zend_eval_stringl (zend_execute_API.c:1181)
==24918==    by 0x7CE00D: zend_eval_stringl_ex (zend_execute_API.c:1240)
==24918==    by 0x7CE097: zend_eval_string_ex (zend_execute_API.c:1251)
==24918==    by 0x93C6E1: do_cli (php_cli.c:1023)
==24918==    by 0x93D625: main (php_cli.c:1356)
==24918== 
==24918== LEAK SUMMARY:
==24918==    definitely lost: 240 bytes in 1 blocks
==24918==    indirectly lost: 484 bytes in 5 blocks
==24918==      possibly lost: 0 bytes in 0 blocks
==24918==    still reachable: 0 bytes in 0 blocks
==24918==         suppressed: 0 bytes in 0 blocks
==24918== 
==24918== For counts of detected and suppressed errors, rerun with: -v
==24918== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 6 from 6)


**********************************************************************

$ USE_ZEND_ALLOC=0 valgrind --leak-check=full ./php -r "echo 1;"
==28266== Memcheck, a memory error detector
==28266== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==28266== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==28266== Command: ./php -r echo\ 1;
==28266== 
1==28266== 
==28266== HEAP SUMMARY:
==28266==     in use at exit: 0 bytes in 0 blocks
==28266==   total heap usage: 15,078 allocs, 15,078 frees, 3,099,330 bytes 
allocated
==28266== 
==28266== All heap blocks were freed -- no leaks are possible
==28266== 
==28266== For counts of detected and suppressed errors, rerun with: -v
==28266== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 6 from 6)


Test script:
---------------
php -r '$o = new Dir(".");'


Expected result:
----------------
PHP should not complain

Actual result:
--------------
Fatal error: Class 'Dir' not found in Command line code on line 1


Patches

ensure-efree-of-oparray (last revision 2011-11-12 16:40 UTC) by dsp@php.net)
60218-try-catch-efree-op-array (last revision 2011-11-12 16:39 UTC) by dsp@php.net)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-11-04 14:06 UTC] yohgaki at ohgaki dot net
s/I support dir()/I suppose dir()/
 [2011-11-04 14:10 UTC] yohgaki at ohgaki dot net
dir is ancient class in PHP, so it may be the first one. It may be related. Just 
my guess.
 [2011-11-04 18:08 UTC] sixd@php.net
1. The documentation examples don't use 'new'.  This works:
  php -r '$o = dir(".");'
2. SPL might have better alternatives, e.g.:
  http://www.php.net/manual/en/class.recursivedirectoryiterator.php
3. I'll leave the bug open to track the memleak
 [2011-11-05 00:32 UTC] yohgaki at ohgaki dot net
> 1. The documentation examples don't use 'new'.  This works:
> php -r '$o = dir(".");'

It should always raise error for it, I suppose. 
Strange thing is 'It works' sometimes.

If leak and other problem(works for sometimes) are specific to dir(), I think 
dropping dir() is an option.
 [2011-11-12 16:38 UTC] dsp@php.net
I added a patch that fixes it for me
 [2011-11-12 16:39 UTC] dsp@php.net
The following patch has been added/updated:

Patch Name: 60218-try-catch-efree-op-array
Revision:   1321115944
URL:        https://bugs.php.net/patch-display.php?bug=60218&patch=60218-try-catch-efree-op-array&revision=1321115944
 [2011-11-12 16:40 UTC] dsp@php.net
The following patch has been added/updated:

Patch Name: ensure-efree-of-oparray
Revision:   1321116048
URL:        https://bugs.php.net/patch-display.php?bug=60218&patch=ensure-efree-of-oparray&revision=1321116048
 [2011-11-12 16:43 UTC] dsp@php.net
-Status: Open +Status: Analyzed
 [2011-11-12 16:49 UTC] dsp@php.net
updated the title
 [2011-11-12 16:49 UTC] dsp@php.net
-Summary: dir() is missing +Summary: instantiating new class leads to memory leak in cli
 [2011-11-12 17:05 UTC] dsp@php.net
-Summary: instantiating new class leads to memory leak in cli +Summary: instantiating unknown class leads to memory leak in cli
 [2011-11-12 17:22 UTC] dsp@php.net
-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: dsp
 [2011-11-12 17:22 UTC] dsp@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-01-29 15:25 UTC] derick@php.net
Automatic comment from SVN on behalf of derick
Revision: http://svn.php.net/viewvc/?view=revision&revision=322922
Log: - Reinstated correct return values after David's fix for #60218.
 [2012-04-18 09:47 UTC] laruence@php.net
Automatic comment on behalf of dsp
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ce06b4397c8b5d92c4e7c6d3fc0c172db671fe81
Log: Fix #60218 (instantiating unknown class leads to memory leak in cli)
 [2012-07-24 23:38 UTC] rasmus@php.net
Automatic comment on behalf of dsp
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ce06b4397c8b5d92c4e7c6d3fc0c172db671fe81
Log: Fix #60218 (instantiating unknown class leads to memory leak in cli)
 [2013-11-17 09:35 UTC] laruence@php.net
Automatic comment on behalf of dsp
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ce06b4397c8b5d92c4e7c6d3fc0c172db671fe81
Log: Fix #60218 (instantiating unknown class leads to memory leak in cli)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 07:02:02 2014 UTC