ID: 37083
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
-Status: Open
+Status: Assigned
Bug Type: SOAP related
-Operating System: Solaris 2.9
+Operating System: *
PHP Version: 5CVS-2006-04-14 (snap)
-Assigned To:
+Assigned To: andrei
New Comment:
Can definitely reproduce this. Valgrind trace follows:
==8798== Invalid read of size 4
==8798== at 0x81FE864: master_to_xml (php_encoding.c:362)
==8798== by 0x8201ED5: model_to_xml_object (php_encoding.c:1459)
==8798== by 0x82022B9: model_to_xml_object (php_encoding.c:1540)
==8798== by 0x8202A93: to_xml_object (php_encoding.c:1716)
==8798== by 0x8208C9C: sdl_guess_convert_xml (php_encoding.c:2979)
==8798== by 0x81FE8AF: master_to_xml (php_encoding.c:366)
==8798== by 0x81F9732: serialize_zval (soap.c:4162)
==8798== by 0x81F9633: serialize_parameter (soap.c:4135)
==8798== by 0x81F8AA5: serialize_function_call (soap.c:3970)
==8798== by 0x81F2545: do_soap_call (soap.c:2477)
==8798== by 0x81F3A76: zif_SoapClient___call (soap.c:2691)
==8798== by 0x837BE3F: zend_call_function (zend_execute_API.c:952)
==8798== Address 0x4B165E4 is 36 bytes inside a block of size 44
free'd
==8798== at 0x401D048: free (vg_replace_malloc.c:235)
==8798== by 0x820AA2D: delete_encoder (php_encoding.c:3301)
==8798== by 0x83912EB: zend_hash_destroy (zend_hash.c:521)
==8798== by 0x8235248: delete_sdl_impl (php_sdl.c:3196)
==8798== by 0x82350C7: get_sdl (php_sdl.c:3153)
==8798== by 0x81F1A76: zif_SoapClient_SoapClient (soap.c:2301)
==8798== by 0x83A6870: execute_internal (zend_execute.c:1368)
==8798== by 0x4A1D670: xdebug_execute_internal (xdebug.c:1428)
==8798== by 0x83A6EB1: zend_do_fcall_common_helper_SPEC
(zend_vm_execute.h:202)
==8798== by 0x83A7B59: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(zend_vm_execute.h:322)
==8798== by 0x83A6A44: execute (zend_vm_execute.h:92)
==8798== by 0x4A1D30C: xdebug_execute (xdebug.c:1366)
==8798==
==8798== Invalid read of size 4
==8798== at 0x81FE886: master_to_xml (php_encoding.c:365)
==8798== by 0x8201ED5: model_to_xml_object (php_encoding.c:1459)
==8798== by 0x82022B9: model_to_xml_object (php_encoding.c:1540)
==8798== by 0x8202A93: to_xml_object (php_encoding.c:1716)
==8798== by 0x8208C9C: sdl_guess_convert_xml (php_encoding.c:2979)
==8798== by 0x81FE8AF: master_to_xml (php_encoding.c:366)
==8798== by 0x81F9732: serialize_zval (soap.c:4162)
==8798== by 0x81F9633: serialize_parameter (soap.c:4135)
==8798== by 0x81F8AA5: serialize_function_call (soap.c:3970)
==8798== by 0x81F2545: do_soap_call (soap.c:2477)
==8798== by 0x81F3A76: zif_SoapClient___call (soap.c:2691)
==8798== by 0x837BE3F: zend_call_function (zend_execute_API.c:952)
==8798== Address 0x4B165D8 is 24 bytes inside a block of size 44
free'd
==8798== at 0x401D048: free (vg_replace_malloc.c:235)
==8798== by 0x820AA2D: delete_encoder (php_encoding.c:3301)
==8798== by 0x83912EB: zend_hash_destroy (zend_hash.c:521)
==8798== by 0x8235248: delete_sdl_impl (php_sdl.c:3196)
==8798== by 0x82350C7: get_sdl (php_sdl.c:3153)
==8798== by 0x81F1A76: zif_SoapClient_SoapClient (soap.c:2301)
==8798== by 0x83A6870: execute_internal (zend_execute.c:1368)
==8798== by 0x4A1D670: xdebug_execute_internal (xdebug.c:1428)
==8798== by 0x83A6EB1: zend_do_fcall_common_helper_SPEC
(zend_vm_execute.h:202)
==8798== by 0x83A7B59: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(zend_vm_execute.h:322)
==8798== by 0x83A6A44: execute (zend_vm_execute.h:92)
==8798== by 0x4A1D30C: xdebug_execute (xdebug.c:1366)
==8798==
gdb backtrace:
#0 0x00000030 in ?? ()
#1 0x081fe8d9 in master_to_xml (encode=0x873eca0, data=0x8733218,
style=1,
parent=0x873dcd8) at
/dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:369
#2 0x08201ed6 in model_to_xml_object (node=0x873dcd8,
model=0x874a7e0,
object=0x87331b8, style=1, strict=1)
at /dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:1459
#3 0x082022ba in model_to_xml_object (node=0x873dcd8,
model=0x874b228,
object=0x87331b8, style=1, strict=1)
at /dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:1540
#4 0x08202a94 in to_xml_object (type=0x874bf20, data=0x87331b8,
style=1,
parent=0x873dd50) at
/dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:1716
#5 0x08208c9d in sdl_guess_convert_xml (enc=0x874bf20,
data=0x87331b8,
style=1, parent=0x873dd50)
at /dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:2979
#6 0x081fe8b0 in master_to_xml (encode=0x874bf20, data=0x87331b8,
style=1,
parent=0x873dd50) at
/dat/dev/php/php-5.1dev/ext/soap/php_encoding.c:366
#7 0x081f9733 in serialize_zval (val=0x87331b8, param=0x874bad0,
paramName=0x874afb0 "searchDescription", style=1,
parent=0x873dd50)
at /dat/dev/php/php-5.1dev/ext/soap/soap.c:4162
#8 0x081f9634 in serialize_parameter (param=0x874bad0,
param_val=0x87331b8,
index=1, name=0x0, style=1, parent=0x873dd50)
at /dat/dev/php/php-5.1dev/ext/soap/soap.c:4135
#9 0x081f8aa6 in serialize_function_call (this_ptr=0x87330b0,
function=0x874bc80, function_name=0x0,
uri=0x874bca8 "urn:PanWebServices.PangaVista",
arguments=0x874e490,
arg_count=5, version=1, soap_headers=0x0)
at /dat/dev/php/php-5.1dev/ext/soap/soap.c:3970
#10 0x081f2546 in do_soap_call (this_ptr=0x87330b0,
function=0x8739fd8 "advSearch", function_len=9, arg_count=5,
real_args=0x874e490, return_value=0x87395a8,
location=0x874ced8 "http://ws.pangaea.de/ws/services/PangaVista";,
soap_action=0x0, call_uri=0x0, soap_headers=0x0,
output_headers=0x0)
at /dat/dev/php/php-5.1dev/ext/soap/soap.c:2477
#11 0x081f3a77 in zif_SoapClient___call (ht=2, return_value=0x87395a8,
return_value_ptr=0x0, this_ptr=0x87330b0, return_value_used=1)
at /dat/dev/php/php-5.1dev/ext/soap/soap.c:2691
#12 0x0837be40 in zend_call_function (fci=0xbf8fb374,
fci_cache=0xbf8fb348)
at /dat/dev/php/php-5.1dev/Zend/zend_execute_API.c:952
#13 0x0839b6ab in zend_call_method (object_pp=0xbf8fb42c,
obj_ce=0x8703ea0,
fn_proxy=0x8703fbc, function_name=0x85a6318 "__call",
function_name_len=6,
retval_ptr_ptr=0xbf8fb3ec, param_count=2, arg1=0x8739810,
arg2=0x87398e8)
at /dat/dev/php/php-5.1dev/Zend/zend_interfaces.c:88
#14 0x083a3008 in zend_std_call_user_call (ht=5,
return_value=0x8739928,
return_value_ptr=0x0, this_ptr=0x87330b0, return_value_used=1)
at /dat/dev/php/php-5.1dev/Zend/zend_object_handlers.c:634
#15 0x083a6871 in execute_internal (execute_data_ptr=0xbf8fb774,
return_value_used=1) at
/dat/dev/php/php-5.1dev/Zend/zend_execute.c:1368
#16 0xb76d0671 in xdebug_execute_internal
(current_execute_data=0xbf8fb774,
return_value_used=1) at /dat/dev/php/xdebug/xdebug.c:1428
#17 0x083a6eb2 in zend_do_fcall_common_helper_SPEC
(execute_data=0xbf8fb774)
at zend_vm_execute.h:202
#18 0x083a7b5a in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(execute_data=0xbf8fb774)
at zend_vm_execute.h:322
#19 0x083a6a45 in execute (op_array=0x8732908) at zend_vm_execute.h:92
#20 0xb76d030d in xdebug_execute (op_array=0x8732908)
at /dat/dev/php/xdebug/xdebug.c:1366
#21 0x08387aed in zend_execute_scripts (type=8, retval=0x0,
file_count=3)
at /dat/dev/php/php-5.1dev/Zend/zend.c:1109
#22 0x0833fdca in php_execute_script (primary_file=0xbf8fdc10)
at /dat/dev/php/php-5.1dev/main/main.c:1728
#23 0x083f7b74 in main (argc=2, argv=0xbf8fdd24)
at /dat/dev/php/php-5.1dev/sapi/cli/php_cli.c:1092
Previous Comments:
------------------------------------------------------------------------
[2006-04-14 14:57:07] [EMAIL PROTECTED]
But your idea was good. I tried it with a CLI script that calls the
same code in a for loop:
[EMAIL PROTECTED]:~/test$ php test.php
Loop: 0
Loop: 1
Illegal Instruction (core dumped)
Now i debug this...
(gdb) run test.php
Starting program: /pangaea/gnu/bin/php test.php
Loop: 0
Loop: 1
Program received signal SIGILL, Illegal instruction.
0x0071727c in ?? ()
(gdb) bt
#0 0x0071727c in ?? ()
#1 0x00717280 in ?? ()
Previous frame identical to this frame (corrupt stack?)
(gdb)
Compiling with/without --enable-debug does not show more info. But the
error is always SIGILL.
The code used for testing:
[EMAIL PROTECTED]:~/test$ cat test.php
<?php
for ($i=0; $i<20; $i++) {
echo "Loop: ".$i."\n";
$ws=new
SoapClient('http://ws.pangaea.de/ws/services/PangaVista?wsdl',array('encoding'=>'ISO-8859-1'));
$ua='test/1.0';
$sess=$ws->registerSession(NULL,$ua,'127.0.0.1',"PangaVista");
$search=new stdClass();
$search->queryString='grobe';
$res=$ws->advSearch($sess,$search,0,10,'thumb');
}
?>
------------------------------------------------------------------------
[2006-04-14 14:32:05] [EMAIL PROTECTED]
With CLI it works because CLI does not use the WSDL cache in memory
(after finishing the program it forgets its cache). The first call to
the webservice always works, even in the webserver.
------------------------------------------------------------------------
[2006-04-14 14:29:25] [EMAIL PROTECTED]
Did you try to run the same code using CLI ?
------------------------------------------------------------------------
[2006-04-14 13:31:21] [EMAIL PROTECTED]
When you read my mail you see that I CANNOT generate a backtrace
because:
a) the crash occurs on different locations (so I could send you about
20 different backtraces)
b) in most cases the stack is corrupt so no backtrace can be generated
If I had a backtrace I could fix it myself as I have done it in the
past. I know that the new caching code was submitted by andrei. I think
he knows what he has done. I would assign this bug to "andrei".
The error log shows in most cases the function name in which the crashs
occur.
------------------------------------------------------------------------
[2006-04-14 13:25:25] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32
Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/37083
--
Edit this bug report at http://bugs.php.net/?id=37083&edit=1
