------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=809 Summary: Memory leak when backtracking limit is reached Product: PCRE Version: 7.8 Platform: Other OS/Version: Linux Status: NEW Severity: bug Priority: medium Component: Code AssignedTo: [email protected] ReportedBy: [email protected] CC: [email protected] Hi all, The pattern below causes mem. leak when error -8 is returned, see this valgrind log running on pcretest: ==24206== Memcheck, a memory error detector. ==24206== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al. ==24206== Using LibVEX rev 1878, a library for dynamic binary translation. ==24206== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==24206== Using valgrind-3.4.0-Debian, a dynamic binary instrumentation framework. ==24206== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==24206== For more details, rerun with: -v ==24206== PCRE version 7.8 2008-09-05 ~\{\{?\s*(begin)(?:\s+(.*?))?\}\}?((?:(?R)|.)*?)\{\{?\s*(?:end(?:\s+\2)?)?\s*\}\}?|\{\{(\??(?:[^\}\'"]*([\'"]).*?(?<!\\\\)\5)*.*?)\}\}|\{\s*(if|foreach|section|for|while|switch|literal|capture|php|strip|textformat|dynamic|select|joincalculator|function|helper|form|_if|_foreach|_for|shortcut|block|optgroup)(\s(?:[^\\}\'"]*([\'"]).*?(?<!\\\\)\8)*.*?)?\}((?:(?R)|.)*?)\{/\s*\6?\s*\}|\{(\??(?:[^\\}\'"]*([\'"]).*?(?<!\\\\)\11)*.*?)\}|\r?\n~sig Memory allocation (code space): 891 Capturing subpattern count = 11 Max back reference = 11 Partial matching not supported Contains explicit CR or LF match Options: caseless dotall No first char No need char {?$_debug_info = get_debug_info()}\n{capture assign="debug_output"}\n{if empty($_debug_charset)}{assign var="_debug_charset" value="utf-8"}{/if}\n<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";>\n else {ldelim}\n var title = \'Debug Console_\' + self.name;\n {rdelim}\n _quicky_console = window.open("", title.value, "width=880, height=600, resizable, scrollbars=yes");\n _quicky_console.document.write({$debug_output|native_json_encode});\n _quicky_console.document.close();\n// ]]>\n</script>\n{/if} 0: {?$_debug_info = get_debug_info()} 1: <unset> 2: <unset> 3: <unset> 4: <unset> 5: <unset> 6: <unset> 7: <unset> 8: <unset> 9: <unset> 10: ?$_debug_info = get_debug_info() 0: \x0a Error -8 ==24206== ==24206== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 17 from 1) ==24206== malloc/free: in use at exit: 180 bytes in 1 blocks. ==24206== malloc/free: 764,275 allocs, 764,274 frees, 137,719,883 bytes allocated. ==24206== For counts of detected errors, rerun with: -v ==24206== searching for pointers to 1 not-freed blocks. ==24206== checked 72,092 bytes. ==24206== ==24206== 180 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==24206== at 0x402401E: malloc (vg_replace_malloc.c:207) ==24206== by 0x80493B6: (within /usr/bin/pcretest) ==24206== by 0x41A9BAF: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41A380D: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41A30B9: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41ACD74: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41AA7A2: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41ACD74: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41AA7A2: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41ACD74: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41AA7A2: (within /usr/lib/libpcre.so.3.12.1) ==24206== by 0x41ACD74: (within /usr/lib/libpcre.so.3.12.1) ==24206== ==24206== LEAK SUMMARY: ==24206== definitely lost: 180 bytes in 1 blocks. ==24206== possibly lost: 0 bytes in 0 blocks. ==24206== still reachable: 0 bytes in 0 blocks. ==24206== suppressed: 0 bytes in 0 blocks. This issue was originally reported on http://bugs.php.net/bug.php?id=47352, but for the reporter it's crashing (under Windows). The valgrind log running on PHP (Linux): ==24433== 144 bytes in 1 blocks are definitely lost in loss record 1 of 2 ==24433== at 0x402401E: malloc (vg_replace_malloc.c:207) ==24433== by 0x807C5A9: match (pcre_exec.c:1046) ==24433== by 0x807C807: match (pcre_exec.c:1107) ==24433== by 0x807BC10: match (pcre_exec.c:773) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BC10: match (pcre_exec.c:773) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) ==24433== by 0x807CF5B: match (pcre_exec.c:1313) ==24433== by 0x807BB9E: match (pcre_exec.c:765) -- Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email -- ## List details at http://lists.exim.org/mailman/listinfo/pcre-dev
