Edit report at https://bugs.php.net/bug.php?id=54460&edit=1
ID: 54460 Updated by: [email protected] Reported by: courtois at templeet dot org Summary: memory leaks -Status: Feedback +Status: No Feedback Type: Bug Package: Reproducible crash Operating System: debian squeeze PHP Version: 5.3.6 New Comment: No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. Previous Comments: ------------------------------------------------------------------------ [2011-11-16 14:32:04] [email protected] Please try using this snapshot: http://snaps.php.net/php5.3-latest.tar.gz For Windows: http://windows.php.net/snapshots/ ------------------------------------------------------------------------ [2011-04-09 14:34:15] decoder-php at own-hero dot net The following is an automatically reduced testcase that can be run in the same way as described here for the original testcase: <?php class TempleetRedirect extends Exception {}; Function parseform($template) { $txt = eval_list($templatecache[$template]['template']); } Function eval_list($array) { throw new TempleetRedirect($file); } Function parsetemplate($template) { $txt = parseform($template); } try { $output=parsetemplate($global_var['template']); } catch (TempleetRedirect $r) { exit(); } ?> ------------------------------------------------------------------------ [2011-04-04 06:48:06] courtois at templeet dot org To call it from command line I simulated a cgi call with this script: #!/bin/sh PHPRC="/var/www/dev4.sociatomdev.com/" export PHPRC export USE_ZEND_ALLOC=0 export REQUEST_URI=/auth/packageinstall.html.en export SCRIPT_NAME=/templeet.php export QUERY_STRING= export REQUEST_METHOD=GET export REDIRECT_STATUS=404 export REDIRECT_URL=/templeet.php export DOCUMENT_ROOT=/var/www/dev4.sociatomdev.com/chroot/htdocs export SCRIPT_FILENAME=/templeet.php export SERVER_NAME=localhost export SERVER_PROTOCOL=HTTP/1.0 export REDIRECT_HANDLER=php-cgi export PATH_TRANSLATED=/var/www/dev4.sociatomdev.com/chroot/htdocs/templeet.php exec valgrind --leak-check=full /home/courtois/test2/php-5.3.6/sapi/cgi/php-cgi ------------------------------------------------------------------------ [2011-04-03 23:35:17] decoder-php at own-hero dot net Hello, do you happen to have a testcase that runs on command line, or can your testcase be run on command line instead of using Apache? That would allow me to automatically reduce the testcase. Best, Chris ------------------------------------------------------------------------ [2011-04-03 21:28:12] courtois at templeet dot org Description: ------------ memory leaks leed to memory exhaustion (see valgrind trace below) PHP 5.3.6 './configure' '--prefix=/usr/local/php53' '--with-mysql' '--with-mysqli' '--with-gd' '--with-zlib' '--enable-debug' '--disable-cli' called with cgi memory exhaustion appears with zend memory manager. Test script: --------------- bug can be reproduced by downloading Templeet installer at: http://t4.templeet.org/templeet.php/makeinstaller/?action=makeinstaller&dists[core]=201104030716&dists[templeet4_admin]=201103010804 install Templeet by calling the php file downloaded. in templeet/serverconf.php : set $config['usepagecache'] and $config['usetemplatecache'] to 0 go to the package install page : auth/packageinstall.html.en Actual result: -------------- ==22302== Memcheck, a memory error detector ==22302== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. ==22302== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==22302== Command: /home/courtois/test2/php-5.3.6/sapi/cgi/php-cgi ==22302== /var/www/dev4.sociatomdev.com/chroot/htdocs/templeet/fetch.php(215) : Warning - Cannot modify header information - headers already sent by (output started at /var/www/dev4.sociatomdev.com/chroot/htdocs/templeet/fetch.php:580) ==22302== ==22302== HEAP SUMMARY: ==22302== in use at exit: 60,706 bytes in 1,591 blocks ==22302== total heap usage: 1,815,703 allocs, 1,814,112 frees, 302,914,393 bytes allocated ==22302== ==22302== 21 (20 direct, 1 indirect) bytes in 1 blocks are definitely lost in loss record 27 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x844BADE: zend_assign_to_variable_reference (zend_execute.c:413) ==22302== by 0x84D6FF2: ZEND_ASSIGN_REF_SPEC_CV_VAR_HANDLER (zend_vm_execute.h:27383) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 21 (20 direct, 1 indirect) bytes in 1 blocks are definitely lost in loss record 28 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x844CE48: zend_assign_to_variable (zend_execute.c:714) ==22302== by 0x84C5B07: ZEND_ASSIGN_SPEC_CV_CONST_HANDLER (zend_vm_execute.h:24059) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 39 bytes in 3 blocks are possibly lost in loss record 46 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83E748F: zend_scan_escape_string (zend_language_scanner.l:740) ==22302== by 0x83E90AC: lex_scan (zend_language_scanner.l:2037) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 40 bytes in 2 blocks are definitely lost in loss record 54 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84BE49D: zend_send_by_var_helper_SPEC_CV (zend_vm_execute.h:22135) ==22302== by 0x84BEBC5: ZEND_SEND_VAR_SPEC_CV_HANDLER (zend_vm_execute.h:22242) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 54 (20 direct, 34 indirect) bytes in 1 blocks are definitely lost in loss record 65 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x844C52A: zend_assign_to_object (zend_execute.c:558) ==22302== by 0x84C531D: ZEND_ASSIGN_OBJ_SPEC_CV_CONST_HANDLER (zend_vm_execute.h:23966) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 75 bytes in 12 blocks are possibly lost in loss record 73 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83E748F: zend_scan_escape_string (zend_language_scanner.l:740) ==22302== by 0x83EB434: lex_scan (zend_language_scanner.l:1870) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 85 bytes in 11 blocks are possibly lost in loss record 77 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83F3D83: lex_scan (zend_language_scanner.l:1036) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 92 (80 direct, 12 indirect) bytes in 4 blocks are definitely lost in loss record 82 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x844F09E: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:300) ==22302== by 0x8452D45: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:1606) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 100 bytes in 7 blocks are possibly lost in loss record 84 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x841E742: zend_str_tolower_dup (zend_operators.c:1884) ==22302== by 0x8405CB6: zend_do_begin_dynamic_function_call (zend_compile.c:1683) ==22302== by 0x84057F8: zend_do_begin_function_call (zend_compile.c:1575) ==22302== by 0x83E3F78: zendparse (zend_language_parser.c:4652) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 100 bytes in 12 blocks are possibly lost in loss record 85 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83EC50D: lex_scan (zend_language_scanner.l:1672) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 122 bytes in 9 blocks are possibly lost in loss record 90 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83E9E0E: lex_scan (zend_language_scanner.l:1695) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 182 bytes in 14 blocks are possibly lost in loss record 100 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84010EA: _estrndup (zend_alloc.c:2503) ==22302== by 0x83EB237: lex_scan (zend_language_scanner.l:1817) ==22302== by 0x840E952: zendlex (zend_compile.c:4954) ==22302== by 0x83E1482: zendparse (zend_language_parser.c:3280) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 322 bytes in 34 blocks are possibly lost in loss record 112 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x841E742: zend_str_tolower_dup (zend_operators.c:1884) ==22302== by 0x840579D: zend_do_begin_function_call (zend_compile.c:1571) ==22302== by 0x83E3F78: zendparse (zend_language_parser.c:4652) ==22302== by 0x83E6D7F: compile_file (zend_language_scanner.l:364) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 482 (144 direct, 338 indirect) bytes in 1 blocks are definitely lost in loss record 116 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x83E6C86: compile_file (zend_language_scanner.l:334) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 613 (60 direct, 553 indirect) bytes in 3 blocks are definitely lost in loss record 117 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x84BEA56: ZEND_SEND_REF_SPEC_CV_HANDLER (zend_vm_execute.h:22226) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 679 (120 direct, 559 indirect) bytes in 6 blocks are definitely lost in loss record 121 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x844CEFB: zend_assign_to_variable (zend_execute.c:724) ==22302== by 0x84CCEAB: ZEND_ASSIGN_SPEC_CV_TMP_HANDLER (zend_vm_execute.h:25697) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 14,467 (88 direct, 14,379 indirect) bytes in 2 blocks are definitely lost in loss record 135 of 136 ==22302== at 0x4023F50: malloc (vg_replace_malloc.c:236) ==22302== by 0x8400D36: _emalloc (zend_alloc.c:2348) ==22302== by 0x8415A60: zend_rebuild_symbol_table (zend_execute_API.c:1699) ==22302== by 0x844CFEC: zend_get_target_symbol_table (zend_execute.c:766) ==22302== by 0x8452290: zend_fetch_var_address_helper_SPEC_CONST (zend_vm_execute.h:1340) ==22302== by 0x8452904: ZEND_FETCH_R_SPEC_CONST_HANDLER (zend_vm_execute.h:1424) ==22302== by 0x844E8AA: execute (zend_vm_execute.h:107) ==22302== by 0x8421BD7: zend_execute_scripts (zend.c:1194) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== 17,328 bytes in 1 blocks are possibly lost in loss record 136 of 136 ==22302== at 0x4024046: realloc (vg_replace_malloc.c:525) ==22302== by 0x8400DF7: _erealloc (zend_alloc.c:2369) ==22302== by 0x84176D6: pass_two (zend_opcode.c:380) ==22302== by 0x83E6DDB: compile_file (zend_language_scanner.l:376) ==22302== by 0x82658C4: phar_compile_file (phar.c:3393) ==22302== by 0x8421B37: zend_execute_scripts (zend.c:1186) ==22302== by 0x83B8CC8: php_execute_script (main.c:2268) ==22302== by 0x84E649E: main (cgi_main.c:2109) ==22302== ==22302== LEAK SUMMARY: ==22302== definitely lost: 592 bytes in 21 blocks ==22302== indirectly lost: 15,877 bytes in 524 blocks ==22302== possibly lost: 18,353 bytes in 103 blocks ==22302== still reachable: 25,884 bytes in 943 blocks ==22302== suppressed: 0 bytes in 0 blocks ==22302== Reachable blocks (those to which a pointer was found) are not shown. ==22302== To see them, rerun with: --leak-check=full --show-reachable=yes ==22302== ==22302== For counts of detected and suppressed errors, rerun with: -v ==22302== ERROR SUMMARY: 18 errors from 18 contexts (suppressed: 38 from 11) ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=54460&edit=1
