ID: 44862 User updated by: twm at twmacinta dot com Reported By: twm at twmacinta dot com -Status: Feedback +Status: Open Bug Type: Reproducible crash Operating System: Red Hat Enterprise Linux ES 3 PHP Version: 5.2.5 New Comment:
Here is a list of all of my 'aspell' and 'pspell' RPMs, with version numbers: aspell-0.33.7.1-25.3.rhel3.i386 aspell-config-0.33.7.1-25.3.rhel3.i386 aspell-da-1.4.22-7.i386 aspell-de-0.1.1-17.i386 aspell-devel-0.33.7.1-25.3.rhel3.i386 aspell-en-ca-0.33.7.1-25.3.rhel3.i386 aspell-en-gb-0.33.7.1-25.3.rhel3.i386 aspell-es-0.2-13.i386 aspell-fr-0.6-8.i386 aspell-it-0.1-16.i386 aspell-nl-0.1-17.i386 aspell-no-0.3-6.i386 aspell-pt-0.1-12.i386 aspell-pt_BR-2.4-12.i386 aspell-sv-1.3.8-4.i386 pspell-0.12.2-16.1.i386 pspell-devel-0.12.2-16.1.i386 It does appear to be dying because of a failed assertion, so maybe it doesn't die for you because your 'pspell' library wasn't compiled to enforce assertions? Previous Comments: ------------------------------------------------------------------------ [2008-04-30 00:01:18] [EMAIL PROTECTED] Which version of aspell library are you using? here things work as intended. ------------------------------------------------------------------------ [2008-04-29 17:18:41] twm at twmacinta dot com Description: ------------ When I pass an invalid encoding as the fourth argument to the function pspell_config_create() and then pass that return value to pspell_new_config(), PHP aborts and stops running. This is causing the "make test" script named "ext/pspell/tests/003.phpt" to fail on my system when I try to test my new build of PHP. I have created a simpler test case for this bug report and also read through the code a bit more to come up with an analysis which I think might be helpful. My test script works as expected in older versions of PHP on the same operating system. In particular, it works fine in PHP 4.3 on the same OS. This applies to both my custom compiled version of PHP as well as the most recent build from Red Hat. I believe that the problem was introduced in revision 1.45.2.4.2.5. See line 405 below: http://cvs.php.net/viewvc.cgi/php-src/ext/pspell/pspell.c?r1=1.45.2.4.2.4&r2=1.45.2.4.2.5&pathrev=PHP_5_2 The problem is that delete_pspell_manager() is called on a pointer obtained from new_pspell_manager() which isn't necessarily a pspell manager. It can either be an error or a pspell manager. Here is the code from the pspell library - note that the first return statement can result in PHP getting something which isn't a pspell manager (which is what it incorrectly frees): PspellCanHaveError * new_pspell_manager(PspellConfig * c) { PspellCanHaveError * possible_err = find_word_list(c); if (possible_err->error_number() != 0) return possible_err; PspellConfig * config = (PspellConfig *)(possible_err); possible_err = new_pspell_manager_class(config); delete config; return possible_err; } Perhaps this error isn't being triggered on your test systems since it depends upon whether the system's pspell library was compiled to enforce assertions. Note that there were several other changes like this made in revision 1.45.2.4.2.5. There were other lines added which call delete_pspell_*(), possibly with an invalid argument. I don't know if they are a problem in reality - I only caught the line that I'm reporting because "make test" failed for me. I was a little hesitant to remove those lines in my own code since they were added without other major changes, so there was presumably some reason for them, though the revision comment and change log don't mention what it was. I used "php -n" to run all of the tests, so as to rule out "php.ini" as a problem. I tried the test script with both PHP 5.2.5 and the latest CVS snapshot, php5.2-200804291230. Reproduce code: --------------- $cfg2 = pspell_config_create('en', 'british', '', 'b0rked'); $p2 = pspell_new_config($cfg2); print("Done\n"); Expected result: ---------------- Warning: pspell_new_config(): PSPELL couldn't open the dictionary. reason: The encoding "b0rked" is not known. This could also mean that the file "/usr/share/pspell/b0rked.map" could not be opened for reading or does not exist. in /tmp/timtest20080429.php on line 3 Done Actual result: -------------- Warning: pspell_new_config(): PSPELL couldn't open the dictionary. reason: The encoding "b0rked" is not known. This could also mean that the file "/usr/share/pspell/b0rked.map" could not be opened for reading or does not exist. in /tmp/timtest20080429.php on line 3 php: manager_impl.cc:30: void free_lt_handle(void*): Assertion `s == 0' failed. Aborted ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=44862&edit=1
