ID: 29549
Updated by: [EMAIL PROTECTED]
Reported By: r dot korving at xit dot nl
Status: Open
Bug Type: SimpleXML related
Operating System: debian linux 2.4.26 kernel
PHP Version: 5.0.0
New Comment:
looks like an engine bug. when it parsers the arguments for a function
and tries to do its auto string conversion magic, the zval gets hosed
since it uses the zval as both the read and write object for the
cast_object call in zend_parse_arg_impl. simple script:
<?php
$xml = new SimpleXMLElement("<test/>");
str_split($xml); // any function requiring string paremeter
var_dump($xml); // $xml is foobar at this point
?>
Previous Comments:
------------------------------------------------------------------------
[2004-08-13 12:34:33] [EMAIL PROTECTED]
I don't know, if it's an Engine or a SimpleXML problem, but here's the
backtrace to it
#0 _efree (ptr=0xffffffff) at /opt/cvs/php5.0/Zend/zend_alloc.c:263
#1 0x001452f4 in _zval_ptr_dtor (zval_ptr=0xffffffef) at
/opt/cvs/php5.0/Zend/zend_execute_API.c:391
#2 0x001452f4 in _zval_ptr_dtor (zval_ptr=0x1982538) at
/opt/cvs/php5.0/Zend/zend_execute_API.c:391
#3 0x001728a0 in zend_do_fcall_common_helper (execute_data=0xbfffeb70,
opline=0x2009f7c, op_array=0x19868e0) at
/opt/cvs/php5.0/Zend/zend_execute.h:124
#4 0x0016effc in execute (op_array=0x19868e0) at
/opt/cvs/php5.0/Zend/zend_execute.c:1400
#5 0x0015103c in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /opt/cvs/php5.0/Zend/zend.c:1061
#6 0x00119914 in php_execute_script (primary_file=0xbffff5b0) at
/opt/cvs/php5.0/main/main.c:1627
#7 0x0017c548 in main (argc=2, argv=0xbffffaf4) at
/opt/cvs/php5.0/sapi/cli/php_cli.c:943
------------------------------------------------------------------------
[2004-08-06 15:24:06] r dot korving at xit dot nl
Description:
------------
When I use the output of $xmlobject->xpath() in a preg_match("/whatever
pattern/", $xpathoutput) it makes memory usage explode or the whole
script segfaults.
The problem can be manually solved by typecasting the $xpathoutput to a
string, but nonetheless, a segfault should never ever be desired
behaviour. In fact, in one case I actually saw PHP tried to allocate
over 1 gigabyte of memory.
Reproduce code:
---------------
#!/usr/bin/php5
<?
$xml = simplexml_load_file("test.xml");
$val = $xml->xpath("/rootelem/testelems");
for ($i=0; $i < 20; $i++)
{
if (preg_match("/abc/", $val[0]))
echo "Y";
else
echo "N";
}
?>
test.xml:
<rootelem>
<testelems>this is one</testelems>
<testelems>this is another one !</testelems>
</rootelem>
Expected result:
----------------
NNNNNNNNNNNNNNNNNNNN
Actual result:
--------------
NSegmentation fault
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=29549&edit=1
