ID: 49729 User updated by: kendallb at amainhobbies dot com Reported By: kendallb at amainhobbies dot com Status: Bogus Bug Type: Reproducible crash Operating System: Mac OS 10.6.1, Win32 PHP Version: 5.3.0 New Comment:
Well I guess the PCRE folks don't seem to give a shit about this particular bug, so it is not likely to be fixed anytime soon. So much for relying on a useful function like preg_replace on systems other than Linux: http://bugs.exim.org/show_bug.cgi?id=797 Previous Comments: ------------------------------------------------------------------------ [2009-10-01 17:14:58] kendallb at amainhobbies dot com Ok, clearly this is a problem in PCRE since it apparently heavily uses the stack. This makes using preg_replace on larger input data sets pretty much useless unless you are using Linux. It seems entirely ridiculous to me that processing this: preg_match('/(.)+/', str_repeat('x', 6000)); can chew up more than 8MB of memory on Mac OS X!? Surely the PCRE developers should have NOT used the stack, and instead used their own efficient heap based stack class? Either way, this is a serious problem for anyone using PHP, and even more so for anyone using Zend Framework, because the Zend Framework DB adapters all rely heavily on preg_replace to process the input SQL for doing parameter binding. Which pretty much means that unless you are running Linux, you will very, very quickly crash Apache on Windows or Mac OS as soon as you try to submit something to the database that is large in size. Say, a blog post? A HTML product description?? PCRE needs to be fixed IMHO. We are going to find a workaround for preg_replace inside Zend Framework and I am going to submit that workaround for inclusion in future releases, but in reality, we would really all prefer to be using a good version of preg_replace. BTW, Perl on Mac OS X processes the same regular expressions just fine, so clearly the perl folks know what they are doing :) ------------------------------------------------------------------------ [2009-10-01 16:53:00] kendallb at amainhobbies dot com BTW, bug #47689 is all related to the stack size for the Apache server, but in our case, we are running the standalone PHP binaries, not under apache. I can understand that on Windows we may need a much larger stack size for the PHP binary, and on Linux the stack size can grow as large as needed. Is there an easy way to manage the stack size on Mac OS X? I would have thought it would be similar to Linux and allow it to grow as large as necessary? ------------------------------------------------------------------------ [2009-10-01 16:49:39] kendallb at amainhobbies dot com Have tested it on Windows and it also fails. We tested on Linux with an older PHP 5.1.x and it succeeded, but we have not tested PHP 5.3.0 on Linux. This also crashes but should not: preg_match('/(.)+/', str_repeat('x', 6000)); Removing the grouping parenthesis causes it not to crash. ------------------------------------------------------------------------ [2009-10-01 16:06:45] j...@php.net See bug #47689 ------------------------------------------------------------------------ [2009-10-01 11:13:14] sjo...@php.net Could reproduce with PHP 5.3 rev 288893, MacOS X 10.5.8. (gdb) r Starting program: /Users/sjoerd/Sources/php-src-5.3/sapi/cli/php -e -f /Volumes/sjoerd-nfs/public_html/svnreps/test/a.php Reading symbols for shared libraries ++++++++++....... done Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0xbf7ffa7c 0x00058fed in match (eptr=0x976eca " OF BULLSHIT!!!\n THIS"..., ecode=0xaf07ae "_", mstart=0x976404 "'\n THIS"..., offset_top=4, md=0xbfffeacc, ims=0, eptrb=0x0, flags=0, rdepth=5515) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/pcrelib/pcre_exec.c:432 432 { (gdb) bt .... .... .... #5513 0x0005ad96 in match (eptr=0x976406 " THIS"..., ecode=0xaf07c3 "V", mstart=0x976404 "'\n THIS"..., offset_top=4, md=0xbfffeacc, ims=0, eptrb=0x0, flags=0, rdepth=2) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/pcrelib/pcre_exec.c:1361 #5514 0x00059664 in match (eptr=0x976405 "\n THIS"..., ecode=0xaf07be "T", mstart=0x976404 "'\n THIS"..., offset_top=2, md=0xbfffeacc, ims=0, eptrb=0x0, flags=0, rdepth=1) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/pcrelib/pcre_exec.c:720 #5515 0x0005a87d in match (eptr=0x976405 "\n THIS"..., ecode=0xaf07ad "g_", mstart=0x976404 "'\n THIS"..., offset_top=2, md=0xbfffeacc, ims=0, eptrb=0x0, flags=0, rdepth=0) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/pcrelib/pcre_exec.c:1224 #5516 0x00066e97 in php_pcre_exec (argument_re=0xaf0780, extra_data=0xbfffec3c, subject=0x976404 "'\n THIS"..., length=6075, start_offset=0, options=0, offsets=0x972530, offsetcount=6) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/pcrelib/pcre_exec.c:4895 #5517 0x0006d5d6 in php_pcre_replace_impl (pce=0xaf07d0, subject=0x976404 "'\n THIS"..., subject_len=6075, replace_val=0x972344, is_callable_replace=0, result_len=0xbfffee5c, limit=-1, replace_count=0xbfffee48) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/php_pcre.c:1040 #5518 0x0006d346 in php_pcre_replace (regex=0x972438 "/'(\\\\'|\\\\{2}|[^'])*'/", regex_len=21, subject=0x976404 "'\n THIS"..., subject_len=6075, replace_val=0x972344, is_callable_replace=0, result_len=0xbfffee5c, limit=-1, replace_count=0xbfffee48) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/php_pcre.c:950 #5519 0x0006e347 in php_replace_in_subject (regex=0x9723f8, replace=0x972344, subject=0xc0012c, result_len=0xbfffee5c, limit=-1, is_callable_replace=0, replace_count=0xbfffee48) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/php_pcre.c:1267 #5520 0x0006eeff in preg_replace_impl (ht=3, return_value=0x9723b8, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, is_callable_replace=0, is_filter=0) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/php_pcre.c:1367 #5521 0x0006f00a in zif_preg_replace (ht=3, return_value=0x9723b8, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1) at /Users/sjoerd/Sources/php-src-5.3/ext/pcre/php_pcre.c:1387 #5522 0x0045efd9 in zend_do_fcall_common_helper_SPEC (execute_data=0xc00040) at zend_vm_execute.h:313 #5523 0x004645d9 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0xc00040) at zend_vm_execute.h:1602 #5524 0x0045e112 in execute (op_array=0x9719f0) at zend_vm_execute.h:104 #5525 0x0042ee7e in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /Users/sjoerd/Sources/php-src-5.3/Zend/zend.c:1188 #5526 0x003b3321 in php_execute_script (primary_file=0xbffff7fc) at /Users/sjoerd/Sources/php-src-5.3/main/main.c:2214 #5527 0x00507e5f in main (argc=4, argv=0xbffff8f0) at /Users/sjoerd/Sources/php-src-5.3/sapi/cli/php_cli.c:1190 (gdb) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/49729 -- Edit this bug report at http://bugs.php.net/?id=49729&edit=1