PHP :: Bug #33431 :: test ext/dom/tests/dom001.phpt fails (because of segfault)

Bug #33431	test ext/dom/tests/dom001.phpt fails (because of segfault)
Submitted:	2005-06-22 11:38 UTC	Modified:	2005-06-27 00:35 UTC
From:	sniper@php.net	Assigned:	rrichards (profile)
Status:	Closed	Package:	DOM XML related
PHP Version:	5CVS-2005-06-23	OS:	Linux (FC4 x86_64)
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	sniper@php.net
New email:
PHP Version:		OS:

New Comment:

[2005-06-22 11:38 UTC] sniper@php.net

Description:
------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912531672000 (LWP 19242)]
0x000000000081787a in zend_object_store_get_object (zobject=0x0)
    at /usr/src/php/php5/Zend/zend_objects_API.c:202
202             zend_object_handle handle = Z_OBJ_HANDLE_P(zobject);
(gdb) bt
#0  0x000000000081787a in zend_object_store_get_object (zobject=0x0)
    at /usr/src/php/php5/Zend/zend_objects_API.c:202
#1  0x00000000004d90e7 in zif_dom_namednodemap_item (ht=1, return_value=0xedf660, return_value_ptr=0x0, 
    this_ptr=0xedfef0, return_value_used=1) at /usr/src/php/php5/ext/dom/namednodemap.c:182
#2  0x0000000000828da6 in zend_do_fcall_common_helper_SPEC (execute_data=0x7fffff9a9dc0)
    at /usr/src/php/php5/Zend/zend_vm_execute.h:184
#3  0x0000000000829a33 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x7fffff9a9dc0)
    at /usr/src/php/php5/Zend/zend_vm_execute.h:299
#4  0x0000000000828921 in execute (op_array=0xed37c0) at /usr/src/php/php5/Zend/zend_vm_execute.h:87
#5  0x00000000007f6311 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/src/php/php5/Zend/zend.c:1080
#6  0x000000000079cceb in php_execute_script (primary_file=0x7fffff9ac420)
    at /usr/src/php/php5/main/main.c:1671
#7  0x000000000089021a in main (argc=2, argv=0x7fffff9ac628) at /usr/src/php/php5/sapi/cli/php_cli.c:103

Reproduce code:
---------------
ext/dom/tests/dom001.phpt

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-06-22 11:44 UTC] sniper@php.net

Related to bug #33432 ?

[2005-06-22 17:10 UTC] rrichards@php.net

Can you try this patch and see if it fixes this bug and 33432?
http://www.ctindustries.net/patches/dom.diff.txt

Can't reproduce this with FC 3 x86_64 (gcc 3.4.3) but think this may be the problem caught by gcc 4.

[2005-06-23 13:00 UTC] sniper@php.net

Still crashes with latest CVS HEAD.

[2005-06-24 02:20 UTC] rrichards@php.net

Was it a fresh/clean build?
if so, can you try the following and add your configure?

$dom = DOMDocument::loadXML('<root a="1" b="2" />');
$atts = $dom->documentElement->attributes;
var_dump($atts->item(0));
var_dump($atts->item(0)->nodeName);

[2005-06-26 15:03 UTC] sniper@php.net

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496219840 (LWP 21164)]
0x00000000005752c8 in zend_object_store_get_object (zobject=0x0)
    at /usr/src/php/php5/Zend/zend_objects_API.c:202
202             zend_object_handle handle = Z_OBJ_HANDLE_P(zobject);
(gdb) bt 
#0  0x00000000005752c8 in zend_object_store_get_object (zobject=0x0)
    at /usr/src/php/php5/Zend/zend_objects_API.c:202
#1  0x00000000004595f1 in zif_dom_namednodemap_item (ht=1, return_value=0x865270, return_value_ptr=0x0, 
    this_ptr=0x864f30, return_value_used=1) at /usr/src/php/php5/ext/dom/namednodemap.c:182
#2  0x00000000005858ea in zend_do_fcall_common_helper_SPEC (execute_data=0x7fffff8d2d70)
    at /usr/src/php/php5/Zend/zend_vm_execute.h:184
#3  0x000000000058642e in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x7fffff8d2d70)
    at /usr/src/php/php5/Zend/zend_vm_execute.h:299
#4  0x00000000005854aa in execute (op_array=0x8600e0) at /usr/src/php/php5/Zend/zend_vm_execute.h:87
#5  0x0000000000555118 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /usr/src/php/php5/Zend/zend.c:1080
#6  0x0000000000502ebb in php_execute_script (primary_file=0x7fffff8d53d0)
    at /usr/src/php/php5/main/main.c:1671
#7  0x00000000005dd2ea in main (argc=2, argv=0x7fffff8d55a8) at /usr/src/php/php5/sapi/cli/php_cli.c:1039

Configure line was:
'../php5/configure' '--disable-all' '--with-xsl' '--enable-dom' '--enable-libxml' '-
-enable-debug' '--disable-cgi'

And yes, I always do clean builds. (./cvsclean&&./buildconf)

[2005-06-26 16:26 UTC] rrichards@php.net

Just making sure as I cant find anything wrong there.
Can you try something else as tracking this down is little difficult here.

first: any idea what is happening within zend_parse_method_parameters for the item methods?
paritcular interested in what object and ce are as well as what happens within zend_parse_va_args.

and do the following changes work? I had hit this same problem using zend_parse_method_parameters about a year back in a different extension and assumed I had bad builds as it resolved itself after about a week and many rebuilds.

in namenodemap.c for PHP_FUNCTION(dom_namednodemap_item), change:

	if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Ol", &id, dom_namednodemap_class_entry, &index) == FAILURE) {

to

id = getThis();

if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l", &index) == FAILURE) {

might want to also do the same change in nodelist.c for PHP_FUNCTION(dom_nodelist_item)

[2005-06-27 00:35 UTC] sniper@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Apr 29 16:01:26 2025 UTC