ID: 45546 Comment by: joe at lastpass dot com Reported By: kaiser at macbureau dot de Status: No Feedback Bug Type: PCRE related Operating System: FreeBSD 7 PHP Version: 5.2.6 New Comment:
Happens at somewhere between 3500 and 6400 characters on every Linux platform I have access to (x86 and x86_64): PHP 5.2.6-3ubuntu2 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 13 2009 20:07:08) PHP 5.2.6-2ubuntu4.1 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 11 2009 20:44:58) PHP 5.2.4-2ubuntu5.5 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 11 2009 20:09:11) PHP 5.2.6-3ubuntu2 with Suhosin-Patch 0.9.6.2 (cli) (built: Feb 13 2009 20:20:01) Previous Comments: ------------------------------------------------------------------------ [2009-02-08 11:55:20] vanav at vanav dot com dot ua Two gdb examples: gdb66: Program received signal SIGSEGV, Segmentation fault. match ( eptr=0x29385a68 "3'\";\n$select[] = \"SELECT p1.id, nick, p1.creation_date, p1.modification_date, p1.post_title, p1.post_text, p1.parent_post_id, p2.post_title AS parent_post_title, p3.post_title AS answer_parent_post_ti"..., ecode=0x28f160ed "\034\"T", mstart=0x293854bc "<?php\n$select = array();\n$select[] = \"SELECT uni_files.id, name, disk_filename, icon, size FROM uni_files INNER JOIN uni_filetypes ON uni_files.filetype_id=uni_filetypes.id WHERE post_id='167' AND blo"..., offset_top=4, md=0xbfbef000, ims=6, eptrb=0x0, flags=0, rdepth=1362) at /usr/ports/lang/php5/work/php-5.2.8/ext/pcre/pcrelib/pcre_exec.c:580 580 prop_value = 0; and 0x2863b28a in match ( eptr=0x2940b64f "?аМ202М214, даже М201М200еднемМ203 клаМ201М201М203>, ?00\223 заМ217вил ?232М203ниМ206М213н. даже М201М200еднемМ203 клаМ201М201М203>, ?00\223 заМ217вил ?232М203ниМ206М213н. </p><p><?222М213 знаеМ202е, М207М202о ?..., ecode=0x28ef03bb "\034'U", mstart=0x2940b398 "'<p>?237о мнениМ216 ?232М203ниМ206М213на, кМ200М213мМ201кие влаМ201М202и должнМ213 даМ202М214 возможноМ201М202М214 М201М200еднемМ203 клаМ201М201М203 капиМ202ализиМ200оваМ202М214 иМ205 М201беМ200ежен?..., offset_top=4, md=0xbfbf89d0, ims=0, eptrb=0xbfa006a0, flags=2, rdepth=1388) at /usr/ports/lang/php5/work/php-5.2.8/ext/pcre/pcrelib/pcre_exec.c:2160 2160 /usr/ports/lang/php5/work/php-5.2.8/ext/pcre/pcrelib/pcre_exec.c: No such file or directory. in /usr/ports/lang/php5/work/php-5.2.8/ext/pcre/pcrelib/pcre_exec.c ------------------------------------------------------------------------ [2009-02-05 01:43:05] vanav at vanav dot com dot ua Got the same bug, PHP 5.2.8/PCRE 7.8, Apache 2.2.11, Freebsd. ------------------------------------------------------------------------ [2009-01-27 12:37:10] keltia at gmail dot com I have a similar problem after upgrading to PHP 5.2.8/PCRE 7.8 on a FreeBSD 7.1/amd64. I'm trying to upgrade Gallery2 to 2.3 and the installer fails with that error. [Tue Jan 27 12:28:12 2009] [notice] child pid 92633 exit signal Illegal instruction (4) ------------------------------------------------------------------------ [2009-01-27 02:16:43] jdw at wheelhouse dot org We are also having this problem on FreeBSD 7 with Apache 1.3. The stack trace is the same: #0 0x286dcbc7 in match () from /usr/local/lib/libpcre.so.0 #1 0x286e3aba in match () from /usr/local/lib/libpcre.so.0 #2 0x286e3aba in match () from /usr/local/lib/libpcre.so.0 #3 0x286e469e in match () from /usr/local/lib/libpcre.so.0 #4 0x286dd629 in match () from /usr/local/lib/libpcre.so.0 #5 0x286e76c4 in pcre_exec () from /usr/local/lib/libpcre.so.0 #6 0x284b72fe in php_pcre_match_impl () from /nfsn/apps/apache/libexec/libphp5.so #7 0x284b7cac in php_do_pcre_match () from /nfsn/apps/apache/libexec/libphp5.so #8 0x285db1a8 in zend_do_fcall_common_helper_SPEC () from /nfsn/apps/apache/libexec/libphp5.so #9 0x285cca7f in execute () from /nfsn/apps/apache/libexec/libphp5.so #10 0x28b2f0c2 in _su3jdmx () from /nfsn/apps/php5/lib/php/extensions/no-debug-non-zts- 20060613/ioncube_loader_fre_5.2.so #11 0x2af863d8 in ?? () #12 0x29e80750 in ?? () #13 0x29e7f75c in ?? () #14 0x285dac0e in zend_do_fcall_common_helper_SPEC () from /nfsn/apps/apache/libexec/libphp5.so (This version was built with the FreeBSD PCRE instead of the builtin in case that helped; it didn't.) In one case, a customer has to set pcre.backtrack_limit and pcre.recursion_limit to 10 to get a Wordpress RSS feed to load. Are those considered "sane" values? Or is this getting ignored due to the incorrect "No Feedback" status? ------------------------------------------------------------------------ [2009-01-14 13:00:22] jdc at parodius dot com I've built PHP 5.2.8 with debugging enabled, and ran the following script under PHP via the CLI, under gdb: <?php $str = str_repeat('a', 1244); $utf8 = (preg_match("/^([\x09\x0A\x0D\x20-\x7E]|[\xC2-\xDF][\x80-\xBF]|\xE0[\xA0-\xBF][\x80-\xBF]|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}| \xED[\x80-\x9F][\x80-\xBF]|\xF0[\x90-\xBF][\x80-\xBF]{2}|[\xF1-\xF3][\x80-\xBF]{3}|\xF4[\x80-\x8F][\x80-\xBF]{2})*$/", $str)) ? "yes " : "no"; echo $utf8; ?> It's important to note that if I change the str_repeat() length from 1244 to 1243, the segfault doesn't happen. The system limits: Resource limits (current): cputime infinity secs filesize infinity kB datasize 786432 kB stacksize 131072 kB coredumpsize infinity kB memoryuse infinity kB memorylocked infinity kB maxprocesses 5547 openfiles 11095 sbsize infinity bytes vmemoryuse infinity kB Anyway, the results of the gdb backtrace are here (~790KB file): http://www.malkavian.com/~jdc/php.bug45546.backtrace.txt Hope this helps. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/45546 -- Edit this bug report at http://bugs.php.net/?id=45546&edit=1