|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2014-02-08 06:37 UTC] dereckson at espace-win dot org
[2014-02-09 06:18 UTC] dereckson at espace-win dot org
[2014-02-09 06:19 UTC] dereckson at espace-win dot org
[2014-02-09 18:51 UTC] bjori@php.net
-Status: Open
+Status: Suspended
[2014-02-09 18:51 UTC] bjori@php.net
[2014-11-12 23:29 UTC] dereckson at espace-win dot org
-Status: Suspended
+Status: Closed
[2014-11-12 23:29 UTC] dereckson at espace-win dot org
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri May 02 15:01:29 2025 UTC |
Description: ------------ There is a memory leak issue when creating a Generator object with yield when a MongoCursor (empty, or with result) is initialized in the generator function. * When connecting to MongoDB in SSL, this returns each $item, then will segfault. * When connecting to MongoDB without SSL, this segfault immediately (production PHP). * When recompiling PHP and MongoDB in production mode, it traverses $items without SSL before segfault. This issue is limited to yield. For example, the following code works as expected: $documents = $collection->find(); foreach ($documents as $document) { print_r($document); } The same code with yield is featured in the test script. The issue occurs even when the loop to yield isn't reached. If the MongoCursor is initialized and we directly return, this produces also a segfault. Test script: --------------- <?php function getDocuments (MongoCollection $collection) { $items = $collection->find(); foreach ($items as $item) { yield $item; } } function runBugTestCase () { $m = new MongoClient(); $collection = $m->selectDB("foo")->selectCollection("quux"); $documents = getDocuments($collection); foreach ($documents as $document) { print_r($document); } } runBugTestCase(); Actual result: -------------- [ Backtrace ] #0 0x2881a1f7 in kill () from /lib/libc.so.7 #1 0x08242487 in zend_mm_panic (message=0x83ec030 "zend_mm_heap corrupted") at /opt/php-5.5.9/Zend/zend_alloc.c:92 #2 0x08243721 in zend_mm_find_leaks (segment=0x28917000, b=0x28934b40) at /opt/php-5.5.9/Zend/zend_alloc.c:1254 #3 0x082438bf in zend_mm_check_leaks (heap=0x2890e300) at /opt/php-5.5.9/Zend/zend_alloc.c:1308 #4 0x08244469 in zend_mm_shutdown (heap=0x2890e300, full_shutdown=0, silent=0) at /opt/php-5.5.9/Zend/zend_alloc.c:1672 #5 0x08246941 in shutdown_memory_manager (silent=0, full_shutdown=0) at /opt/php-5.5.9/Zend/zend_alloc.c:2718 #6 0x081f5cdc in php_request_shutdown (dummy=0x0) at /opt/php-5.5.9/main/main.c:1827 #7 0x0831577d in do_cli (argc=5, argv=0xbfbfea90) at /opt/php-5.5.9/sapi/cli/php_cli.c:1177 #8 0x08315d10 in main (argc=5, argv=0xbfbfea90) at /opt/php-5.5.9/sapi/cli/php_cli.c:1378 [ PHP session ] [Sat Feb 8 06:55:06 2014] Script: '/opt/php-debug/testCase.php' --------------------------------------- /opt/php-debug/mongo-1.4.5/cursor.c(1900) : Block 0x28934d2c status: Invalid pointer: ((prev=0x00000069) != (prev.size=0x00000002)) --------------------------------------- [Sat Feb 8 06:55:06 2014] Script: '/opt/php-debug/testCase.php' --------------------------------------- /opt/php-5.5.9/Zend/zend_generators.c(161) : Block 0x28934b68 status: Beginning: OK (allocated on /opt/php-5.5.9/Zend/zend_execute.h:177, 304 bytes) Start: OK End: Overflown (magic=0x00000038 instead of 0x0E07EF67) At least 4 bytes overflown --------------------------------------- [Sat Feb 8 06:55:06 2014] Script: '/opt/php-debug/testCase.php' --------------------------------------- /opt/php-5.5.9/Zend/zend_generators.c(211) : Block 0x28934cc4 status: Invalid pointer: ((size=0x00000002) != (next.prev=0x0000015d)) --------------------------------------- [Sat Feb 8 06:55:06 2014] Script: '/opt/php-debug/testCase.php' /opt/php-5.5.9/Zend/zend_execute.h(177) : Freeing 0x28934B68 (304 bytes), script=/opt/php-debug/testCase.php zend_mm_heap corrupted Segmentation fault (core dumped)