php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #10303 Crash while parsing large XML file and writing to DB
Submitted: 2001-04-12 10:54 UTC Modified: 2002-01-14 09:56 UTC
From: conrad at tivano dot de Assigned:
Status: Closed Package: XML related
PHP Version: 4.0.4pl1 OS: Linux (SuSE 7.0)
Private report: No CVE-ID: None
 [2001-04-12 10:54 UTC] conrad at tivano dot de
I have a PHP script where I import data from an XML file (uploaded via an HTML form) into a database. This works fine for small and medium-sized XML files, but breaks on a larger file (2.2MB with 47317 elems, 63133 attrs, 0 spaces, 355839 chars, validated with xerces). 
The behaviour is the same no matter if I use a MySQL or an Oracle database. I'm making pretty heavy use of classes and references, and when I comment out a few things inside the xml-callback-functions everything works as expected.

We're using Apache-1.3.12. PHP was compiled with          
	--with-oci8=/export/oracle/product/8.1.7 \
        --with-mysql=yes \
        --with-tiff-dir \
        --with-jpeg-dir \
        --with-png-dir \
        --with-imap=yes \
        --with-gd=yes \
        --with-zlib=yes \
        --with-xml \
        --with-ttf \
        --with-ftp \
        --with-dbm \
        --with-ndbm \
        --with-gdbm \
        --with-snmp \
        --with-mm \
        --with-config-file-path=%{apache_sysconfdir} \
        --with-apxs="`which apxs`" \
        --with-exec-dir=%{apache_libexecdir}/bin \
        --enable-versioning \
        --enable-yp \
        --enable-trans-sid \
        --enable-inline-optimization \
        --enable-track-vars \
        --enable-magic-quotes \
        --enable-safe-mode \
        --enable-sysvsem \
        --enable-sysvshm \
        --enable-calendar \
        --enable-memory-limit \
        --enable-wddx \
        --with-readline \
        --with-pthread \
        --with-sablot \
	--with-libssl

I've increased the maximum execution timeout to 5 minutes (it crashes after about 90 seconds) and the max memory to 128MB. All other options should be on default settings.

Here's my GDB backtrace. PHP wasn't compiled with debug option, because with that option the program doesn't SEGFAULT but print an error message :
Fatal error: Call to a member function on a non-object in ...
Under Solaris, without debug option, it prints a different error message:
Fatal error: Cannot create references to/from string offsets nor overloaded objects in ... (different place than above).

(For this backtrace, I have attached gdb to the running httpd process. Starting httpd with option -X yields a different backtrace, see below.)
Program received signal SIGSEGV, Segmentation fault.
0x402ff12d in zend_hash_del_key_or_index () from /usr/lib/apache/libphp4.so
(gdb) bt
#0  0x402ff12d in zend_hash_del_key_or_index () from /usr/lib/apache/libphp4.so #1  0x402f0616 in execute () from /usr/lib/apache/libphp4.so
#2  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#3  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#4  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#5  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#6  0x402f314d in call_user_function_ex () from /usr/lib/apache/libphp4.so
#7  0x402f2abf in call_user_function () from /usr/lib/apache/libphp4.so
#8  0x403b688d in php_info_xml () from /usr/lib/apache/libphp4.so
#9  0x403b70cb in _xml_startElementHandler () from /usr/lib/apache/libphp4.so
#10 0x403badd7 in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#11 0x403ba592 in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#12 0x403ba22a in php_XML_ParseBuffer () from /usr/lib/apache/libphp4.so
#13 0x403ba1cf in php_XML_Parse () from /usr/lib/apache/libphp4.so
#14 0x403b863d in php_if_xml_parse () from /usr/lib/apache/libphp4.so
#15 0x402e98ef in execute () from /usr/lib/apache/libphp4.so
#16 0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#17 0x402fb626 in zend_execute_scripts () from /usr/lib/apache/libphp4.so
#18 0x4030e364 in php_execute_script () from /usr/lib/apache/libphp4.so
#19 0x4030a5a0 in apache_php_module_main () from /usr/lib/apache/libphp4.so
#20 0x4030b001 in send_php () from /usr/lib/apache/libphp4.so
#21 0x4030b043 in send_parsed_php () from /usr/lib/apache/libphp4.so
#22 0x8054405 in ap_invoke_handler ()
#23 0x8063dec in ap_some_auth_required ()
#24 0x8063e51 in ap_process_request ()
#25 0x805d559 in ap_child_terminate ()
#26 0x805d78f in ap_child_terminate ()
#27 0x805da39 in ap_child_terminate ()
#28 0x805de6b in ap_child_terminate ()
#29 0x805e3af in main ()
#30 0x400d9a8e in __libc_start_main () at ../sysdeps/generic/libc-start.c:93

Here's the backtrace for "httpd -X ...":
Program received signal SIGSEGV, Segmentation fault.
0x402ff12d in zend_hash_compare () from /usr/lib/apache/libphp4.so
(gdb) bt
#0  0x402ff12d in zend_hash_compare () from /usr/lib/apache/libphp4.so
#1  0x4042b9bc in gdSinT () from /usr/lib/apache/libphp4.so
#2  0x402f0616 in execute () from /usr/lib/apache/libphp4.so
#3  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#4  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#5  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#6  0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#7  0x402f314d in zend_llist_sort () from /usr/lib/apache/libphp4.so
#8  0x402f2abf in zend_highlight () from /usr/lib/apache/libphp4.so
#9  0x403b688d in _xml_characterDataHandler () from /usr/lib/apache/libphp4.so
#10 0x403b70cb in php_if_xml_set_processing_instruction_handler ()
   from /usr/lib/apache/libphp4.so
#11 0x403badd7 in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#12 0x403ba592 in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#13 0x403ba22a in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#14 0x403ba1cf in php_XML_ErrorString () from /usr/lib/apache/libphp4.so
#15 0x403b863d in php_if_utf8_decode () from /usr/lib/apache/libphp4.so
#16 0x402e98ef in execute () from /usr/lib/apache/libphp4.so
#17 0x402e9abe in execute () from /usr/lib/apache/libphp4.so
#18 0x402fb626 in add_assoc_long () from /usr/lib/apache/libphp4.so
#19 0x4030e364 in php_fopen_with_path () from /usr/lib/apache/libphp4.so
#20 0x4030a5a0 in php_xbithack_handler () from /usr/lib/apache/libphp4.so
#21 0x4030b001 in php_if_virtual () from /usr/lib/apache/libphp4.so
#22 0x4030b043 in php_if_virtual () from /usr/lib/apache/libphp4.so
#23 0x8054405 in ap_invoke_handler ()
#24 0x8063dec in ap_some_auth_required ()
#25 0x8063e51 in ap_process_request ()
---Type <return> to continue, or q <return> to quit---
#26 0x805d559 in ap_child_terminate ()
#27 0x805d6ec in ap_child_terminate ()
#28 0x805d811 in ap_child_terminate ()
#29 0x805dce0 in ap_child_terminate ()
#30 0x805e3af in main ()
#31 0x400d9a8e in __libc_start_main () at ../sysdeps/generic/libc-start.c:93

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-13 07:15 UTC] lobbin@php.net
Can this be reproduced with 4.1.1?
 [2002-01-14 09:02 UTC] conrad at tivano dot de
I'm sorry, but I can't try that. The project where that
happened has been finished quite a while ago and it would
be a *lot* of work to set things up again.


 [2002-01-14 09:56 UTC] lobbin@php.net
Closing. If you can get this going again, and bug is still valid, please open the bug again.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Nov 28 16:03:12 2021 UTC