php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61352 uninitialized value in tests/apc_009.phpt
Submitted: 2012-03-11 20:51 UTC Modified: 2012-03-18 13:20 UTC
From: ab@php.net Assigned: ab (profile)
Status: Closed Package: APC (PECL)
PHP Version: 5.4.0 OS: all
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ab@php.net
New email:
PHP Version: OS:

 

 [2012-03-11 20:51 UTC] ab@php.net
Description:
------------
After applying the patches there are leaks and fails on both TS and NTS builds.


TS build:

=====================================================================
FAILED TEST SUMMARY
---------------------------------------------------------------------
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
=====================================================================

=====================================================================
LEAKED TEST SUMMARY
---------------------------------------------------------------------
APC: apc_delete_file test [tests/apc_009.phpt]
APC: bindump user cache [tests/apc_bin_001.phpt]
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
APC: APCIterator general [tests/iterator_001.phpt]
APC: APCIterator regex [tests/iterator_002.phpt]
APC: APCIterator chunk size [tests/iterator_003.phpt]
APC: APCIterator regex & chunk size & list [tests/iterator_004.phpt]
APC: APCIterator delete [tests/iterator_005.phpt]
APC: APCIterator formats [tests/iterator_006.phpt]
=====================================================================


NTS build:

=====================================================================
FAILED TEST SUMMARY
---------------------------------------------------------------------
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
=====================================================================

=====================================================================
LEAKED TEST SUMMARY
---------------------------------------------------------------------
APC: apc_delete_file test [tests/apc_009.phpt]
APC: bindump user cache [tests/apc_bin_001.phpt]
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
=====================================================================


Test script:
---------------
make test TESTS=-m

Expected result:
----------------
clean test run

Actual result:
--------------
failed tests

Patches

61352.1.patch (last revision 2012-03-13 17:54 UTC by ab@php.net)
61352.0.patch (last revision 2012-03-12 11:11 UTC by ab@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-03-12 09:03 UTC] ab@php.net
Current valgrind trace for this:


==32706== Invalid read of size 1
==32706==    at 0x4026898: memcpy (mc_replace_strmem.c:497)
==32706==    by 0x46A7453: apc_pmemcpy (apc_pool.c:493)
==32706==    by 0x469B4CC: apc_string_pmemcpy (apc_compile.c:289)
==32706==    by 0x469B73F: my_copy_zval (apc_compile.c:338)
==32706==    by 0x469CDCC: apc_copy_zval (apc_compile.c:990)
==32706==    by 0x46998F0: apc_cache_fetch_zval (apc_cache.c:1136)
==32706==    by 0x46A7AF8: apc_iterator_item_ctor (apc_iterator.c:114)
==32706==    by 0x46A84CE: apc_iterator_fetch_active (apc_iterator.c:314)
==32706==    by 0x46A8BEB: zim_apc_iterator_rewind (apc_iterator.c:474)
==32706==    by 0x8267A08: zend_call_function (zend_execute_API.c:980)
==32706==    by 0x829A625: zend_call_method (zend_interfaces.c:97)
==32706==    by 0x829AECD: zend_user_it_rewind (zend_interfaces.c:261)
==32706==  Address 0x43e8767 is 7 bytes inside a block of size 8 free'd
==32706==    at 0x4024B3A: free (vg_replace_malloc.c:366)
==32706==    by 0x823E63F: _efree (zend_alloc.c:2433)
==32706==    by 0x8276874: _zval_dtor_func (zend_variables.c:36)
==32706==    by 0x82BD09F: zend_do_fcall_common_helper_SPEC 
(zend_variables.h:35)
==32706==    by 0x82C3F6F: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==32706==    by 0x82BA3CB: execute (zend_vm_execute.h:410)
==32706==    by 0x827B547: zend_execute_scripts (zend.c:1272)
==32706==    by 0x81D6053: php_execute_script (main.c:2473)
==32706==    by 0x83CD026: do_cli (php_cli.c:983)
==32706==    by 0x83CE3C1: main (php_cli.c:1356)

Reproduceable with one of the failed test.
 [2012-03-12 09:05 UTC] ab@php.net
-Assigned To: +Assigned To: ab
 [2012-03-12 11:11 UTC] ab@php.net
The following patch has been added/updated:

Patch Name: 61352.0.patch
Revision:   1331550688
URL:        https://bugs.php.net/patch-display.php?bug=61352&patch=61352.0.patch&revision=1331550688
 [2012-03-12 11:13 UTC] ab@php.net
The patch 61352.0.patch partly fixes the issue, i've got now on both TS and NTS

NTS build:

=====================================================================
FAILED TEST SUMMARY
---------------------------------------------------------------------
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
=====================================================================

=====================================================================
LEAKED TEST SUMMARY
---------------------------------------------------------------------
APC: apc_delete_file test [tests/apc_009.phpt]
APC: bindump user cache [tests/apc_bin_001.phpt]
APC: bindump file cache part 1 [tests/apc_bin_002.phpt]
=====================================================================

Just to be noted, the bin dump issue is already recorded in 
https://bugs.php.net/bug.php?id=61133
 [2012-03-12 11:29 UTC] ab@php.net
-Status: Assigned +Status: Duplicate
 [2012-03-12 11:29 UTC] ab@php.net
this patch will be merged into #61238
 [2012-03-12 11:37 UTC] pajoye@php.net
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=324144
Log: - fix bug #61352, fix leaks
 [2012-03-12 14:31 UTC] pajoye@php.net
Patch applied (last revision 2012-03-12 11:11 UTC) already.
 [2012-03-12 14:31 UTC] pajoye@php.net
-Status: Duplicate +Status: Open
 [2012-03-12 19:52 UTC] ab@php.net
Current valgrind traces:

tests/apc_009.phpt

==3401== Use of uninitialised value of size 4
==3401==    at 0x817042F: make_digest_ex (md5.c:38)
==3401==    by 0x81703F7: make_digest (md5.c:28)
==3401==    by 0x46A52D9: apc_iterator_item_ctor (apc_iterator.c:122)
==3401==    by 0x46A5C08: apc_iterator_fetch_active (apc_iterator.c:314)
==3401==    by 0x46A6F21: apc_iterator_delete (apc_iterator.c:719)
==3401==    by 0x469413B: zif_apc_delete_file (php_apc.c:1042)
==3401==    by 0x82F668F: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==3401==    by 0x82FCF33: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==3401==    by 0x82F5127: execute (zend_vm_execute.h:410)
==3401==    by 0x82BB8EE: zend_execute_scripts (zend.c:1272)
==3401==    by 0x82315BA: php_execute_script (main.c:2473)
==3401==    by 0x83DFEBD: do_cli (php_cli.c:983)
==3401== 
==3401== Use of uninitialised value of size 4
==3401==    at 0x8170453: make_digest_ex (md5.c:39)
==3401==    by 0x81703F7: make_digest (md5.c:28)
==3401==    by 0x46A52D9: apc_iterator_item_ctor (apc_iterator.c:122)
==3401==    by 0x46A5C08: apc_iterator_fetch_active (apc_iterator.c:314)
==3401==    by 0x46A6F21: apc_iterator_delete (apc_iterator.c:719)
==3401==    by 0x469413B: zif_apc_delete_file (php_apc.c:1042)
==3401==    by 0x82F668F: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==3401==    by 0x82FCF33: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==3401==    by 0x82F5127: execute (zend_vm_execute.h:410)
==3401==    by 0x82BB8EE: zend_execute_scripts (zend.c:1272)
==3401==    by 0x82315BA: php_execute_script (main.c:2473)
==3401==    by 0x83DFEBD: do_cli (php_cli.c:983)
==3401==

tests/apc_bin_001.phpt

==3424== Invalid read of size 4
==3424==    at 0x46A11FD: sma_allocate (apc_sma.c:261)
==3424==    by 0x46A17C4: apc_sma_malloc_ex (apc_sma.c:453)
==3424==    by 0x46A1C52: apc_sma_malloc (apc_sma.c:517)
==3424==    by 0x46A4A7D: apc_realpool_create (apc_pool.c:435)
==3424==    by 0x46A453F: apc_pool_create (apc_pool.c:57)
==3424==    by 0x4692B0E: _apc_store (php_apc.c:589)
==3424==    by 0x46AA208: apc_bin_load (apc_bin.c:958)
==3424==    by 0x46958E7: zif_apc_bin_load (php_apc.c:1482)
==3424==    by 0x82F668F: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==3424==    by 0x82FCF33: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==3424==    by 0x82F5127: execute (zend_vm_execute.h:410)
==3424==    by 0x82BB8EE: zend_execute_scripts (zend.c:1272)
==3424==  Address 0x4abc3f8 is 0 bytes after a block of size 584 alloc'd
==3424==    at 0x46A193E: apc_sma_malloc_ex (apc_sma.c:467)
==3424==    by 0x46A1C52: apc_sma_malloc (apc_sma.c:517)
==3424==    by 0x46A4A7D: apc_realpool_create (apc_pool.c:435)
==3424==    by 0x46A453F: apc_pool_create (apc_pool.c:57)
==3424==    by 0x46A9BD4: apc_bin_load (apc_bin.c:852)
==3424==    by 0x46958E7: zif_apc_bin_load (php_apc.c:1482)
==3424==    by 0x82F668F: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==3424==    by 0x82FCF33: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==3424==    by 0x82F5127: execute (zend_vm_execute.h:410)
==3424==    by 0x82BB8EE: zend_execute_scripts (zend.c:1272)
==3424==    by 0x82315BA: php_execute_script (main.c:2473)
==3424==    by 0x83DFEBD: do_cli (php_cli.c:983)

==3424== 
==3424== Invalid write of size 4
==3424==    at 0x46A120A: sma_allocate (apc_sma.c:266)
==3424==    by 0x46A17C4: apc_sma_malloc_ex (apc_sma.c:453)
==3424==    by 0x46A1C52: apc_sma_malloc (apc_sma.c:517)
==3424==    by 0x46A4A7D: apc_realpool_create (apc_pool.c:435)
==3424==    by 0x46A453F: apc_pool_create (apc_pool.c:57)
==3424==    by 0x4692B0E: _apc_store (php_apc.c:589)
==3424==    by 0x46AA208: apc_bin_load (apc_bin.c:958)
==3424==    by 0x46958E7: zif_apc_bin_load (php_apc.c:1482)
==3424==    by 0x82F668F: zend_do_fcall_common_helper_SPEC 
(zend_vm_execute.h:642)
==3424==    by 0x82FCF33: ZEND_DO_FCALL_SPEC_CONST_HANDLER 
(zend_vm_execute.h:2219)
==3424==    by 0x82F5127: execute (zend_vm_execute.h:410)
==3424==    by 0x82BB8EE: zend_execute_scripts (zend.c:1272)
==3424==  Address 0x4abc408 is not stack'd, malloc'd or (recently) free'd
==3424==
 [2012-03-12 21:23 UTC] ab@php.net
the latter three tests was listed in the leaked list with php 5.3 and APC 3.1.9
 [2012-03-12 21:45 UTC] ab@php.net
The summary just changed, this ticket should be used for tests/apc_009.phpt only.
 [2012-03-12 21:45 UTC] ab@php.net
-Summary: memory leaks after fixes in #61219 and #61238 +Summary: uninitialized value in tests/apc_009.phpt
 [2012-03-13 17:54 UTC] ab@php.net
The following patch has been added/updated:

Patch Name: 61352.1.patch
Revision:   1331661287
URL:        https://bugs.php.net/patch-display.php?bug=61352&patch=61352.1.patch&revision=1331661287
 [2012-03-13 17:56 UTC] ab@php.net
The patch 61352.1.patch fixes memory leaks in the tests/apc_009.phpt
 [2012-03-18 13:19 UTC] pajoye@php.net
Automatic comment from SVN on behalf of pajoye
Revision: http://svn.php.net/viewvc/?view=revision&revision=324326
Log: - fix bug #61352, fix invalid read
 [2012-03-18 13:20 UTC] pajoye@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-03-18 13:20 UTC] pajoye@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Oct 14 15:01:28 2024 UTC