ID: 38017
User updated by: baco at infomaniak dot ch
Reported By: baco at infomaniak dot ch
Status: Open
Bug Type: XML related
Operating System: Linux Debian Sarge
PHP Version: 5.1.4
New Comment:
New strace of previous code
open("/home/www/29212ea8a58d20e52ba0886bd64685bb/web/test.php",
O_RDONLY) = 7
fstat64(7, {st_mode=S_IFREG|0644, st_size=235, ...}) = 0
lseek(7, 0, SEEK_CUR) = 0
read(7, "<?php\n\t$data = \'<?xml version=\"1"..., 8192) =
235
read(7, "", 8192) = 0
read(7, "", 8192) = 0
brk(0) = 0x85f2000
brk(0x8613000) = 0x8613000
close(7) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
chdir("/opt/apache") = 0
rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 0
getpid() = 29068
kill(29068, SIGSEGV) = 0
sigreturn() = ? (mask now [])
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
Process 29068 detached
New gdb output from new code
(gdb) continue
Continuing.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1210239712 (LWP 29128)]
0xb7e4e07f in memcpy () from /lib/tls/libc.so.6
Previous Comments:
------------------------------------------------------------------------
[2006-07-05 17:51:45] baco at infomaniak dot ch
Exemple without any external xml.
$ cat test.php
<?php
$data = '<?xml version="1.0"
encoding="ISO-8859-1" ?><baco></baco>';
$xml_parser = xml_parser_create("ISO-8859-1");
xml_parse_into_struct($xml_parser, $data, $vals, $index);
xml_parser_free($xml_parser);
print_r($vals);
?>
$ /opt/php/bin/php test.php
Array
(
[0] => Array
(
[tag] => BACO
[type] => complete
[level] => 1
)
)
$ wget -O- http://localhost/test.php
Connecting to localhost[127.0.0.1]:80... connected.
HTTP request sent, awaiting response...
End of file while parsing headers.
Retrying.
...looping forever...
$ tail -n1 /var/log/httpd/error
[Wed Jul 5 19:48:49 2006] [notice] child pid 28993 exit
signal Segmentation fault (11)
------------------------------------------------------------------------
[2006-07-05 17:34:19] [EMAIL PROTECTED]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2006-07-05 17:32:55] baco at infomaniak dot ch
Description:
------------
PHP5 Segmentation fault when a script call
xml_parser_create() under Apache but not when called
from the CLI ?!?
$ wget -O- http://.../xml.php
=> Crash of Apache thread
HTTP request sent, awaiting response...
End of file while parsing headers.
Retrying.
child pid ... exit signal Segmentation fault (11)
$ php xml.php
=> result OK
Reproduce code:
---------------
PHP Code to reproduce the segmentation fault inside Apache
$file = "data.xml";
$data = '';
if (!($fp = fopen($file, "r"))) {
die("could not open XML input");
}
while (!feof($fp)) {
$data .= fread($fp, 8192);
}
fclose($fp);
$xml_parser = xml_parser_create("ISO-8859-1");
# crash at this point
xml_parse_into_struct($xml_parser, $data, $vals, $index);
xml_parser_free($xml_parser);
print_r($vals);
Expected result:
----------------
Expected to return on Apache but only output this when I
call the script from PHP CLI.
Array
(
[0] => Array
(
...
)
...
)
Actual result:
--------------
N.B.
php.ini and php-cli.ini are the same.
ldd on php cli and on libphp5.so both
use same libxml2 from Debian Sarge.
Result
(gdb) continue
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1210239712 (LWP 28800)]
0x0808b14c in XML_ParserFree ()
strace
open("/home/www/29212ea8a58d20e52ba0886bd64685bb/web/test-xml/data.xml",
O_RDONLY) = 7
fstat64(7, {st_mode=S_IFREG|0644, st_size=113, ...}) = 0
lseek(7, 0, SEEK_CUR) = 0
read(7, "<?xml version=\"1.0\" encoding=\"IS"..., 8192) =
113
read(7, "", 8192) = 0
close(7) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
chdir("/opt/apache") = 0
rt_sigaction(SIGSEGV, {SIG_DFL}, {SIG_DFL}, 8) = 0
getpid() = 28871
kill(28871, SIGSEGV) = 0
sigreturn() = ? (mask now [])
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
PHP Compiled with
'./configure' '--prefix=/opt/php' '--mandir=/usr/share/man'
'--with-apxs=/opt/apache/bin/apxs' '--disable-cgi'
'--with-config-file-path=/opt/php/lib' '--disable-sigchild'
'--disable-ipv6' '--disable-all' '--enable-libxml'
'--with-libxml-dir' '--with-openssl' '--with-kerberos'
'--with-pcre-regex' '--with-zlib' '--with-zlib-dir'
'--enable-bcmath' '--enable-calendar' '--enable-ctype'
'--with-curl' '--enable-dom' '--enable-exif' '--enable-ftp'
'--with-openssl-dir' '--with-gd' '--with-jpeg-dir'
'--with-png-dir' '--with-xpm-dir' '--with-ttf'
'--with-freetype-dir' '--enable-gd-native-ttf'
'--with-gettext' '--with-gmp' '--with-iconv' '--with-imap'
'--with-imap-ssl' '--enable-mbstring' '--enable-mbregex'
'--with-mcrypt' '--with-mhash'
'--with-mysql=/opt/misc/mysql'
'--with-mysqli=/opt/misc/mysql/bin/mysql_config'
'--enable-pdo' '--with-pdo-mysql=/opt/misc/mysql'
'--enable-posix' '--enable-session' '--enable-simplexml'
'--enable-soap' '--enable-spl' '--with-tidy'
'--enable-tokenizer' '--enable-wddx' '--enable-xml'
'--with-libexpat-dir' '--with-xmlrpc' '--with-iconv-dir'
'--with-xsl' '--with-pear' '--enable-memory-limit'
'--enable-zend-multibyte' '--with-ming=/opt/misc/ming'
'--enable-debug'
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=38017&edit=1
