ID: 31444 Updated by: [EMAIL PROTECTED] Reported By: hexer at studentcenter dot org -Status: Assigned +Status: Closed Bug Type: Scripting Engine problem Operating System: * PHP Version: 4CVS, 5CVS (2005-01-10) Assigned To: andi New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2005-01-11 16:30:22] [EMAIL PROTECTED] I've tried the patch with both PHP 4 and 5 (PHP_4_3 & HEAD) and it does fix the leak. And does not seem to cause any trouble either. Just commit it. :) ------------------------------------------------------------------------ [2005-01-10 17:37:09] [EMAIL PROTECTED] hexer at studentcenter dot org: You should probably patch zend_language_scanner.l instead of .c Andi, this problem is reproducible with all branches. Index: zend_language_scanner.l =================================================================== RCS file: /repository/ZendEngine2/zend_language_scanner.l,v retrieving revision 1.118 diff -u -r1.118 zend_language_scanner.l --- zend_language_scanner.l 3 Jan 2005 10:01:03 -0000 1.118 +++ zend_language_scanner.l 10 Jan 2005 16:33:35 -0000 @@ -145,6 +145,10 @@ efree(CG(heredoc)); CG(heredoc_len)=0; } + if (SCNG(yy_start_stack)) { + yy_flex_free(SCNG(yy_start_stack)); + SCNG(yy_start_stack) = NULL; + } RESET_DOC_COMMENT(); #ifdef ZEND_MULTIBYTE ------------------------------------------------------------------------ [2005-01-07 21:16:34] hexer at studentcenter dot org Description: ------------ A memory leak happens with any script that contains curly brackets { } The global variable yy_start_stack in zend_language_scanner.c is not freed at the end of the php program execution. Reproduce code: --------------- Test script (test.php): <?php { } ?> Php was compiled with: ./configure --with-mysql \ --with-xml \ --with-apache=../apache_1.3.33 \ --enable-track-vars \ --with-gd \ --enable-discard-path \ --enable-bcmath \ --enable-gd-native-tt \ --with-freetype-dir=/usr/local \ --with-png-dir=/usr/local \ --with-jpeg-dir=/usr/local \ --with-zlib=/usr/local Actual result: -------------- Valgrind detects and reports the leak: valgrind --tool=memcheck --leak-check=yes --show-reachable=yes php test.php ==31180== 100 bytes in 1 blocks are still reachable in loss record 1 of 1 ==31180== at 0x1B900D20: malloc (vg_replace_malloc.c:131) ==31180== by 0x8125199: yy_push_state (Zend/zend_language_scanner.c:5805) ==31180== by 0x8122DA7: lex_scan (Zend/zend_language_scanner.c:4252) ==31180== by 0x812B2AD: zendlex (/usr/local/src/php-4.3.10/Zend/zend_compile.c:2472) ==31180== ==31180== LEAK SUMMARY: ==31180== definitely lost: 0 bytes in 0 blocks. ==31180== possibly lost: 0 bytes in 0 blocks. ==31180== still reachable: 100 bytes in 1 blocks. ==31180== suppressed: 0 bytes in 0 blocks. Code in question is at zend_language_scanner.c:4252 In the above scenario the yy_start_stack does not get freed at the end of the program execution. Proposed patch frees it under shutdown_scanner() Possible patch below: (Note: The following patch fixed the problem but has not yet been tested under server load / real world conditions. Will post real world test results next week) Apply to zend_language_scanner.c: *** 2874,2892 **** --- 2874,2899 ---- { if (CG(heredoc)) { efree(CG(heredoc)); CG(heredoc_len)=0; } + if (SCNG(yy_start_stack)) { + yy_flex_free(SCNG(yy_start_stack)); + SCNG(yy_start_stack) = NULL; + } + #ifdef ZEND_MULTIBYTE if (SCNG(code)) { efree(SCNG(code)); SCNG(code) = NULL; } if (SCNG(current_code)) { efree(SCNG(current_code)); SCNG(current_code) = NULL; } #endif /* ZEND_MULTIBYTE */ } END_EXTERN_C() ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=31444&edit=1
