From: php at max-imp dot com Operating system: Red Hat PHP version: 5.0.4 PHP Bug Type: DOM XML related Bug description: Segmentation fault when running xpath
Description: ------------ The code below causes a segmentation fault. The line it crashes on is $nodelist = $xpath->query( '/*' ); The machine I have the problem on is running PHP 5.0.4 libxml 2-2.6.19 On a different machine running the following we have no issues PHP 5.0.4-dev libxml 2.6.16 We have installed the newest snapshot of PHP as of the April 16th, but still had issues so we went back to PHP 5.0.4. (There are a few notes in the code below.) Thanks. Reproduce code: --------------- <?php $x = new DOMDocument(); // This line gives a segmentation fault. $x->loadXml( '<template xmlns="http://blah.com"/>'); // ... but if i comment the line above out and uncomment the next line there are no issues. It does not matter what xmlns is set to in the line above. //$x->loadXml( '<template/>' ); $xpath = new DOMXPath( $x ); $nodelist = $xpath->query( '/*' ); ?> Expected result: ---------------- Nothing should really output in this example...but we expect no segmentation fault. :-) Actual result: -------------- Segmentation fault This is what GDB gives me. (gdb) run test.php Starting program: /usr/local/bin/php test.php [New Thread 1024 (LWP 18035)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1024 (LWP 18035)] __pthread_mutex_lock (mutex=0x1528) at mutex.c:99 99 mutex.c: No such file or directory. in mutex.c (gdb) bt #0 __pthread_mutex_lock (mutex=0x1528) at mutex.c:99 #1 0x402d2974 in __libc_free (mem=0x83b22a0) at malloc.c:3152 #2 0x4020c4c6 in xmlFreePatParserContext (ctxt=0x83b22a0) at pattern.c:293 #3 0x4020e3ef in xmlPatterncompile (pattern=0x83aa3dc "/*", dict=0x0, flags=0, namespaces=0x83af450) at pattern.c:1899 #4 0x401b282b in xmlXPathTryStreamCompile (ctxt=0x83b0760, str=0x83aa3dc "/*") at xpath.c:11270 #5 0x401b2afa in xmlXPathEvalExpr (ctxt=0x83af268) at xpath.c:11452 #6 0x401b2d53 in xmlXPathEvalExpression (str=0x83aa3dc "/*", ctxt=0x83b0760) at xpath.c:11549 #7 0x0808f552 in zif_dom_xpath_query (ht=1, return_value=0x83af224, this_ptr=0x83b228c, return_value_used=1) at /home/krisw/php-5.0.4/ext/dom/xpath.c:198 #8 0x4040b7e1 in get_module () from /usr/local/Zend/lib/Optimizer-2.5.7/php-5.0.x/ZendOptimizer.so #9 0x4041985a in zend_oe () from /usr/local/Zend/lib/Optimizer-2.5.7/php-5.0.x/ZendOptimizer.so #10 0x081714ee in php_execute_script (primary_file=0xbfffe0e0) at /home/krisw/php-5.0.4/main/main.c:1632 #11 0x081dd1e0 in main (argc=2, argv=0xbfffe184) at /home/krisw/php-5.0.4/sapi/cli/php_cli.c:946 #12 0x40272306 in __libc_start_main (main=0x81dc888 <main>, argc=2, ubp_av=0xbfffe184, init=0x807a580 <_init>, fini=0x81f9f10 <_fini>, rtld_fini=0x4000d2cc <_dl_fini>, stack_end=0xbfffe17c) at ../sysdeps/generic/libc-start.c:129 (gdb) -- Edit bug report at http://bugs.php.net/?id=32754&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=32754&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=32754&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=32754&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=32754&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=32754&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=32754&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=32754&r=needscript Try newer version: http://bugs.php.net/fix.php?id=32754&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=32754&r=support Expected behavior: http://bugs.php.net/fix.php?id=32754&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=32754&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=32754&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=32754&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=32754&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=32754&r=dst IIS Stability: http://bugs.php.net/fix.php?id=32754&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=32754&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=32754&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=32754&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=32754&r=mysqlcfg
