PHP :: Bug #65814 :: Memory leak in unserialize()

Bug #65814

Memory leak in unserialize()

Submitted:

2013-10-02 15:47 UTC

Modified:

2017-01-01 13:22 UTC

Votes:	17
Avg. Score:	4.5 ± 0.6
Reproduced:	17 of 17 (100.0%)
Same Version:	4 (23.5%)
Same OS:	8 (47.1%)

From:

M dot Slowe at kent dot ac dot uk

Assigned:

Status:

Not a bug

Package:

Unknown/Other Function

PHP Version:

5.4.20

OS:

Linux (Bitnami)

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2013-10-02 15:47 UTC] M dot Slowe at kent dot ac dot uk

Description:
------------
It appears that passing a large amount of data (possibly including heavily nested objects) through unserialize() causes a memory leak.

I've run into this problem using a SimpleSAMLphp script to keep memcache instances in sync (https://code.google.com/p/simplesamlphp/source/browse/trunk/bin/memcacheSync.php) when syncronizing large caches. The code makes repeated calls to unserialize() with SimpleSAML_Session objects and appears to leak memory within that call.

I've noticed that the refcount of the returned objects is 3 but I don't know if that's relevant.

Cutting out the call to unserialize() and, instead, just returning the string does not leak the memory. Returning the unserialized object directly after the unserialize() (rather than letting the rest of the function continue) exhibits the leak.

The test script doesn't leak anywhere near the amounts I've seen live data leaking (see http://pastebin.com/a15gbNek).

Test script:
---------------
http://pastebin.com/0cSwhznQ


Expected result:
----------------
$ php test.php
Populating object...
Serializing...
Looping...
19000: 7.55Mb
18000: 7.55Mb
17000: 7.55Mb
16000: 7.55Mb
15000: 7.55Mb
14000: 7.55Mb
13000: 7.55Mb
12000: 7.55Mb
11000: 7.55Mb
10000: 7.55Mb
9000: 7.55Mb
8000: 7.55Mb
7000: 7.55Mb
6000: 7.55Mb
5000: 7.55Mb
4000: 7.55Mb
3000: 7.55Mb
2000: 7.55Mb
1000: 7.55Mb
0: 7.55Mb

Actual result:
--------------
$ php test.php
Populating object...
Serializing...
Looping...
19000: 7.55Mb
18000: 7.57Mb
17000: 7.59Mb
16000: 7.60Mb
15000: 7.60Mb
14000: 7.61Mb
13000: 7.61Mb
12000: 7.62Mb
11000: 7.62Mb
10000: 7.62Mb
9000: 7.62Mb
8000: 7.62Mb
7000: 7.62Mb
6000: 7.62Mb
5000: 7.62Mb
4000: 7.62Mb
3000: 7.62Mb
2000: 7.62Mb
1000: 7.62Mb
0: 7.62Mb

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-11-01 06:08 UTC] yohgaki@php.net

This is test script result of my Fedora 19 (x86_64)

PHP master
--------
Populating object...
Serializing...
Looping...
19000: 13.71Mb
18000: 13.76Mb
17000: 13.81Mb
16000: 13.85Mb
15000: 13.86Mb
14000: 13.87Mb
13000: 13.88Mb
12000: 13.89Mb
11000: 13.89Mb
10000: 13.90Mb
9000: 13.91Mb
8000: 13.91Mb
7000: 13.91Mb
6000: 13.92Mb
5000: 13.93Mb
4000: 13.93Mb
3000: 13.94Mb
2000: 13.94Mb
1000: 13.94Mb
0: 13.95Mb
----------

PHP-5.4 branch
----------
Populating object...
Serializing...
Looping...
19000: 13.70Mb
18000: 13.76Mb
17000: 13.81Mb
16000: 13.85Mb
15000: 13.86Mb
14000: 13.87Mb
13000: 13.88Mb
12000: 13.89Mb
11000: 13.89Mb
10000: 13.90Mb
9000: 13.91Mb
8000: 13.91Mb
7000: 13.91Mb
6000: 13.91Mb
5000: 13.92Mb
4000: 13.93Mb
3000: 13.93Mb
2000: 13.94Mb
1000: 13.95Mb
0: 13.95Mb
---------

[2017-01-01 13:22 UTC] nikic@php.net

-Status: Open +Status: Not a bug

[2017-01-01 13:22 UTC] nikic@php.net

Memory is stable for me on both 5.6 and 7.0, and the submitted "Actual result" does not indicate a memory leak either. If there is a leak here, this test case doesn't show it.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri May 03 23:01:30 2024 UTC