php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69446 GC leak relating to removal of nested data after dtors run
Submitted: 2015-04-14 14:02 UTC Modified: 2015-04-14 14:03 UTC
From: nikic@php.net Assigned: dmitry (profile)
Status: Closed Package: Scripting Engine problem
PHP Version: master-Git-2015-04-14 (Git) OS:
Private report: No CVE-ID: None
 [2015-04-14 14:02 UTC] nikic@php.net
Description:
------------
This issue is only obvious when freeing of the object store is disabled - otherwise the leaks will be hidden. Here is a patch to disable it: https://gist.github.com/nikic/2ccbc61c407d5e807781

The following script will leak:

<?php

$bar = NULL;
class bad {
	public function __destruct() {
		global $bar;
		$bar = $this;
		$bar->y = new stdClass;
	}
}

$foo = new stdClass;
$foo->foo = $foo;
$foo->bad = new bad;
$foo->bad->x = new stdClass;

unset($foo);
gc_collect_cycles();

The following script will also leak:

<?php
$bar = NULL;
class bad
{
	public $_private = array();

	public function __construct()
	{
		$this->_private[] = 'php';
	}

	public function __destruct()
	{
		global $bar;
		$bar = $this;
	}
}

$foo = new stdclass;
$foo->foo = $foo;
$foo->bad = new bad;

unserialize(serialize($foo));
//unset($foo);

gc_collect_cycles();
var_dump($bar); 

I have not been able to figure out how to stop the leak in both cases. The fundamental issue seems to be that gc_remove_nested_data does not decrement the refcount to compensate the incref that occurs in gc_collect_roots.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-04-14 14:03 UTC] nikic@php.net
-Assigned To: +Assigned To: dmitry
 [2015-04-14 16:54 UTC] dmitry@php.net
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=00445ba22dd97988009692e2b35edaeff715f5e1
Log: Fixed bug #69446 (GC leak relating to removal of nested data after dtors run)
 [2015-04-14 16:54 UTC] dmitry@php.net
-Status: Assigned +Status: Closed
 [2016-07-20 11:39 UTC] davey@php.net
Automatic comment on behalf of dmitry@zend.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=00445ba22dd97988009692e2b35edaeff715f5e1
Log: Fixed bug #69446 (GC leak relating to removal of nested data after dtors run)
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sun Aug 09 05:01:23 2020 UTC