|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
Patchesv1.patch (last revision 2011-04-25 21:13 UTC by hannes dot magnusson at gmail dot com)Pull RequestsHistoryAllCommentsChangesGit/SVN commits
[2011-04-25 13:07 UTC] bjori@php.net
-Status: Open
+Status: Assigned
-Assigned To:
+Assigned To: rrichards
[2011-04-25 13:07 UTC] bjori@php.net
[2011-04-25 23:14 UTC] bjori@php.net
[2011-05-29 13:39 UTC] bjori@php.net
[2011-06-02 20:06 UTC] iliaa@php.net
-Status: Assigned
+Status: Feedback
[2011-06-02 20:06 UTC] iliaa@php.net
[2011-06-02 20:38 UTC] hannes dot magnusson at gmail dot com
-Status: Feedback
+Status: Assigned
[2011-06-02 20:38 UTC] hannes dot magnusson at gmail dot com
[2011-08-30 13:48 UTC] bjori@php.net
-Status: Assigned
+Status: Closed
[2011-08-30 13:48 UTC] bjori@php.net
[2012-04-18 09:50 UTC] laruence@php.net
[2012-07-24 23:41 UTC] rasmus@php.net
[2013-11-17 09:38 UTC] laruence@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Wed Apr 16 04:01:26 2025 UTC |
Description: ------------ ext/dom segfaults during shutdown when removing the doctype node :] The resulting document appears fine. Test script: --------------- --TEST-- Segfault when removing the Doctype node --SKIPIF-- <?php require_once('skipif.inc'); ?> --FILE-- <?php $xml = <<< XML <?xml version='1.0' encoding='utf-8' ?> <!DOCTYPE set PUBLIC "-//OASIS//DTD DocBook XML V5.0//EN" "http://www.docbook.org/xml/5.0/dtd/docbook.dtd" [ <!ENTITY foo '<foo>footext</foo>'> <!ENTITY bar '<bar>bartext</bar>'> ]> <set>&foo;&bar;</set> XML; $doc = new DOMDocument(); $doc->loadXML($xml, LIBXML_NOENT); $n = $doc->doctype; $doc->removeChild($n); var_dump($n); ?> ===DONE=== <?php exit(0); ?> --EXPECTF-- object(DOMDocumentType)#%d (0) { } ===DONE=== Actual result: -------------- 0x0000000000481cbf in php_libxml_decrement_node_ptr (object=0x14a1750) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:956 956 ret_refcount = --obj_node->refcount; (gdb) bt #0 0x0000000000481cbf in php_libxml_decrement_node_ptr (object=0x14a1750) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:956 #1 0x000000000047fae5 in php_libxml_clear_object (object=0x14a1750) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:150 #2 0x000000000047fb30 in php_libxml_unregister_node (nodep=0x14a1b90) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:163 #3 0x000000000047fda0 in php_libxml_node_free_list (node=0x14a1b90) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:248 #4 0x000000000047fd57 in php_libxml_node_free_list (node=0x149e190) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:239 #5 0x0000000000481f7c in php_libxml_node_free_resource (node=0x149df90) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:1024 #6 0x0000000000482060 in php_libxml_node_decrement_resource (object=0x147fb90) at /home/bjori/Work/OSS/svn-php/php/php- src/branches/PHP_5_3/ext/libxml/libxml.c:1059 #7 0x0000000000599b02 in dom_objects_free_storage (object=0x147fb90) at /home/bjori/Work/OSS/php/php5.3/ext/dom/php_dom.c:1017 #8 0x00000000009c5c92 in zend_objects_store_del_ref_by_handle_ex (handle=2, handlers=0x1233100) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_objects_API.c:220 #9 0x00000000009c598b in zend_objects_store_del_ref (zobject=0x147d5a0) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_objects_API.c:172 #10 0x00000000009931ef in _zval_dtor_func (zvalue=0x147d5a0, __zend_filename=0xf09128 "/home/bjori/Work/OSS/php/php5.3/Zend/zend_execute_API.c", __zend_lineno=445) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_variables.c:52 #11 0x0000000000981fe9 in _zval_dtor (zvalue=0x147d5a0, __zend_filename=0xf09128 "/home/bjori/Work/OSS/php/php5.3/Zend/zend_execute_API.c", __zend_lineno=445) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_variables.h:35 #12 0x000000000098341a in _zval_ptr_dtor (zval_ptr=0x147fde0, __zend_filename=0xf0a230 "/home/bjori/Work/OSS/php/php5.3/Zend/zend_variables.c", __zend_lineno=189) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_execute_API.c:445 #13 0x0000000000993668 in _zval_ptr_dtor_wrapper (zval_ptr=0x147fde0) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_variables.c:189 #14 0x00000000009a6ad7 in zend_hash_apply_deleter (ht=0x12395c8, p=0x147fdc8) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_hash.c:612 #15 0x00000000009a717e in zend_hash_reverse_apply (ht=0x12395c8, apply_func=0x9829e0 <zval_call_destructor>) at /home/bjori/Work/OSS/php/php5.3/Zend/zend_hash.c:761 #16 0x0000000000982a94 in shutdown_destructors () at /home/bjori/Work/OSS/php/php5.3/Zend/zend_execute_API.c:226 #17 0x000000000099521b in zend_call_destructors () at /home/bjori/Work/OSS/php/php5.3/Zend/zend.c:874 #18 0x000000000091414a in php_request_shutdown (dummy=0x0) at /home/bjori/Work/OSS/php/php5.3/main/main.c:1591 #19 0x0000000000a84304 in main (argc=2, argv=0x7fffffffe198) at /home/bjori/Work/OSS/php/php5.3/sapi/cli/php_cli.c:1374 (gdb)