php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62210 Exceptions can leak temporary variables
Submitted: 2012-06-02 00:46 UTC Modified: 2012-06-25 08:12 UTC
Votes:3
Avg. Score:4.7 ± 0.5
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: nikic@php.net Assigned: dmitry
Status: Assigned Package: Scripting Engine problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-06-02 00:46 UTC] nikic@php.net
Description:
------------
The script

<?php
function throwException() { throw new Exception }
function doSomething() { [] + throwException(); }
try { doSomething(); } catch (Exception $e) { }

leaks

/home/nikic/dev/php-src/Zend/zend_vm_execute.h(25625) :  Freeing 0xB77ABA44 (44 bytes), script=-
/home/nikic/dev/php-src/Zend/zend_API.c(982) : Actual location (location was relayed)
=== Total 1 memory leaks detected ===

This generally always happens whenever an exception is thrown while evaluation an expression which contains (non-scalar) temporary variables. In the above case the array hash table is leaked.

The reason is that the FREE opcode for the temporary variable is never executed due to the exception. Exceptions only free temporary loop variables.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-06-03 14:20 UTC] felipe@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: dmitry
 [2012-06-25 08:12 UTC] dmitry@php.net
I confirm the bug, but I don't see a simple way to fix it.

In general, it's possible to extend zend_op_array with information about ranges of temporary variables livenes, but overhead is going to be too high.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 22:02:05 2014 UTC