PHP :: Bug #22118 :: Sablotron segfaults

Bug #22118	Sablotron segfaults
Submitted:	2003-02-07 21:12 UTC	Modified:	2003-02-10 19:45 UTC
From:	pete+php at narya dot phys dot cwru dot edu	Assigned:
Status:	Not a bug	Package:	XSLT related
PHP Version:	4.3.0	OS:	AIX 4.3
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	pete+php at narya dot phys dot cwru dot edu
New email:
PHP Version:		OS:

New Comment:

[2003-02-07 21:12 UTC] pete+php at narya dot phys dot cwru dot edu

SCRIPT:
<?
  $processor = xslt_create();
  $result = xslt_process($processor, 'about.xml','about.xsl');

  echo "foo";
?>
======================================================
% cat config.nice
#! /bin/sh
#
# Created by configure

'./configure' \
'--with-apxs=/usr/local/apache/bin/apxs' \
'--with-mysql=/usr/local' \
'--enable-libgcc' \
'--enable-xslt' \
'--with-xslt-sablot=/usr/local' \
'--with-expat-dir=/usr/local' \
'--enable-debug' \
'--without-sablot-js' \
"$@"
======================================================= 
% gcc -v
Reading specs from /usr/local/lib/gcc-lib/powerpc-ibm-aix4.3.2.0/2.95.3/specs
gcc version 2.95.3 20010315 (release)

% httpd -V
Server version: Apache/1.3.27 (Unix)
...

EXPAT Version expat_1.95.5
Sablotron Version 0.97 
Sablotron Information Cflags: -g -O2 Libs: -L/usr/local/lib -liconv -lexpat Prefix: /usr/local


========================================================
gdb backtrace:
(gdb) bt
#0  0x10003f88 in sig_coredump ()
#1  <signal handler called>
#2  0xd10e5030 in XML_ParserCreateNS () at lib/xmlparse.c:630
#3  0xd10db1a4 in TreeConstructer::parseDataLineUsingExpat (this=0x60013fe1, 
    S=@0x0, t=0x60032019, d=0x7fffff, 
    base_=0x7fffff <Address 0x7fffff out of bounds>) at parser.cpp:106
#4  0xd10678d8 in Tree::parse (this=0x20161ee8, S=@0x20160708, d=0x7fffff)
    at tree.cpp:1375
#5  0xd101a89c in Processor::addLineParse (this=0x201617c8, S=@0x20160708, 
    newTree=@0x201617cc, absolute=@0x2ff206b8, isXSL=1, ignoreErr=0)
    at proc.cpp:597
#6  0xd101b054 in Processor::readTreeFromURI (this=0x201617c8, S=@0x20160708, 
    newTree=@0x201617cc, location=@0x20161bf8, base=@0x2ff20758, isXSL=1, 
    ignoreErr=0) at proc.cpp:645
#7  0xd1017d7c in Processor::open (this=0x201617c8, S=@0x20160708, 
    sheetURI=0x20161d70 <Address 0x20161d70 out of bounds>, 
    inputURI=0x20161cd0 <Address 0x20161cd0 out of bounds>) at proc.cpp:314
#8  0xd10d48d0 in SablotRunProcessorGen (S=0x20160708, processor_=0x201617c8, 
    sheetURI=0x20161d70 <Address 0x20161d70 out of bounds>, 
    inputURI=0x20161cd0 <Address 0x20161cd0 out of bounds>, 
    resultURI=0xd1581850 "arg:/_result") at sablot.cpp:374
#9  0xd151e9cc in zif_xslt_process (ht=3, return_value=0x20161dc0, 
    this_ptr=0xffffffff, return_value_used=-1)
    at /home/pete/tmp/php-4.3.0/ext/xslt/sablot.c:590
#10 0xd14792f4 in execute (op_array=0x20160390)
    at /home/pete/tmp/php-4.3.0/Zend/zend_execute.c:1596
#11 0xd145e900 in zend_execute_scripts (type=0, retval=0x0, file_count=3)
    at /home/pete/tmp/php-4.3.0/Zend/zend.c:864
#12 0xd1459cb8 in php_execute_script (primary_file=0x2ff22310)
    at /home/pete/tmp/php-4.3.0/main/main.c:1573
#13 0xd155e54c in apache_php_module_main (r=0x0, display_source_mode=0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/sapi_apache.c:55
#14 0xd15610ac in send_php (r=0x20156990, display_source_mode=0, filename=0x0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/mod_php4.c:556
#15 0xd156113c in send_parsed_php (r=0x0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/mod_php4.c:571
#16 0x100164ac in ap_invoke_handler ()
#17 0x10044924 in process_request_internal ()
#18 0x100449e8 in ap_process_request ()
#19 0x10006088 in child_main ()
#20 0x10006400 in make_child ()
---Type <return> to continue, or q <return> to quit---
#21 0x1000690c in perform_idle_server_maintenance ()
#22 0x100070a8 in standalone_main ()
#23 0x100078fc in main ()
#24 0x100001dc in __start ()
(gdb) frame 10
#10 0xd14792f4 in execute (op_array=0x20160390)
    at /home/pete/tmp/php-4.3.0/Zend/zend_execute.c:1596
1596                                                            ((zend_internal_function *) EX(function_state).function)->handler(EX(opline)->extended_value, EX(Ts)[EX(opline)->result.u.var].var.ptr, EX(object).ptr, return_value_used TSRMLS_CC);

===========================================================

i tried the more complex forms of calling xslt_process, it does not make a difference.

everything else works fine.
let me know if there is any other information which would
be useful or anything that i screwed up or should try.

  Pete

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-02-08 13:11 UTC] iliaa@php.net

Could you please provide copies of about.xml & about.xsl so that the bug can be replicated.

[2003-02-08 21:40 UTC] pete+php at narya dot phys dot cwru dot edu

about.xsl and about.xml are trivial.

about.xml:

<?xml version="1.0"?>
<pcd>
  <title>About www.phys.cwru.edu</title>
</pcd>


about.xsl:

<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
              xmlns:xsl="http://www.w3.org/1999/Transform">
</xsl:stylesheet>


i had some more complicated ones originally, but these are
sufficient on my system to cause the segfault.

if i change the call to 
  $result = xslt_process($processor, '',''); 
i also segfault.

[2003-02-08 22:13 UTC] pete+php at narya dot phys dot cwru dot edu

some more information: i have to copy the php module into
the appropriate place by hand, make install fails as follows

# make install
Installing PHP SAPI module
[activating module `php4' in /usr/local/apache/conf/httpd.conf]
cp libs/libphp4.so /usr/local/apache/libexec/libphp4.so
cp: libs/libphp4.so: No such file or directory
apxs:Break: Command failed with rc=1
make: *** [install-sapi] Error 1

# cp .libs/libphp4.so.0\ /usr/local/apache/libexec/libphp4.so

then i do the rest of the installs individually
# make install-modules
# make install-pear
# make install-build
# make install-headers
# make install-programs

and there are a number of warnings from ld in the build

ld: 0711-224 WARNING: Duplicate symbol: .XML_ParserFree
ld: 0711-224 WARNING: Duplicate symbol: XML_ParserFree
ld: 0711-224 WARNING: Duplicate symbol: .XML_ParserCreate
ld: 0711-224 WARNING: Duplicate symbol: XML_ParserCreate
...
ld: 0711-224 WARNING: Duplicate symbol: .XML_GetCurrentColumnNumber
ld: 0711-224 WARNING: Duplicate symbol: XML_GetCurrentColumnNumber
ld: 0711-224 WARNING: Duplicate symbol: .XML_GetCurrentByteIndex
ld: 0711-224 WARNING: Duplicate symbol: XML_GetCurrentByteIndex
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.

the make log is here http://www.phys.cwru.edu/~pete/make.log

[2003-02-09 16:30 UTC] msopacua@php.net

Compile Apache with --disable-rule=EXPAT.

[2003-02-09 21:59 UTC] pete+php at narya dot phys dot cwru dot edu

i am not an expert on shared libraries (far from it)
but it seemed safe to have libsablot, apache and php use the same system expat. 

changing the expat in apache did not help me here:

/apache_1.3.27> ./configure --enable-module="so" --enable-module="rewrite" --disable-rule=EXPAT

i re-installed apache. rebuilt php. re-installed php,
and to make sure that there were no other side-effects
i temporarily turned off mod_perl.

the results seem very much the same though.

here is a backtrace:

#0  0x10003f88 in sig_coredump ()
#1  <signal handler called>
#2  0xd10e5030 in XML_ParserCreateNS () at lib/xmlparse.c:630
#3  0xd10db1a4 in TreeConstructer::parseDataLineUsingExpat (this=0x6000b04f, 
    S=@0x0, t=0x60032019, d=0x7fffff, 
    base_=0x7fffff <Address 0x7fffff out of bounds>) at parser.cpp:106
#4  0xd10678d8 in Tree::parse (this=0x20161bf8, S=@0x20160448, d=0x7fffff)
    at tree.cpp:1375
#5  0xd101a89c in Processor::addLineParse (this=0x201614e8, S=@0x20160448, 
    newTree=@0x201614ec, absolute=@0x2ff206b8, isXSL=1, ignoreErr=0)
    at proc.cpp:597
#6  0xd101b054 in Processor::readTreeFromURI (this=0x201614e8, S=@0x20160448, 
    newTree=@0x201614ec, location=@0x20161908, base=@0x2ff20758, isXSL=1, 
    ignoreErr=0) at proc.cpp:645
#7  0xd1017d7c in Processor::open (this=0x201614e8, S=@0x20160448, 
    sheetURI=0x20161a80 <Address 0x20161a80 out of bounds>, 
    inputURI=0x201619e0 <Address 0x201619e0 out of bounds>) at proc.cpp:314
#8  0xd10d48d0 in SablotRunProcessorGen (S=0x20160448, processor_=0x201614e8, 
    sheetURI=0x20161a80 <Address 0x20161a80 out of bounds>, 
    inputURI=0x201619e0 <Address 0x201619e0 out of bounds>, 
    resultURI=0xd1712850 "arg:/_result") at sablot.cpp:374
#9  0xd16af9cc in zif_xslt_process (ht=3, return_value=0x20161ad0, 
    this_ptr=0xffffffff, return_value_used=-1)
    at /home/pete/tmp/php-4.3.0/ext/xslt/sablot.c:590
#10 0xd160a2f4 in execute (op_array=0x20160080)
    at /home/pete/tmp/php-4.3.0/Zend/zend_execute.c:1596
#11 0xd15ef900 in zend_execute_scripts (type=0, retval=0x0, file_count=3)
    at /home/pete/tmp/php-4.3.0/Zend/zend.c:864
#12 0xd15eacb8 in php_execute_script (primary_file=0x2ff22310)
    at /home/pete/tmp/php-4.3.0/main/main.c:1573
#13 0xd16ef54c in apache_php_module_main (r=0x0, display_source_mode=0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/sapi_apache.c:55
#14 0xd16f20ac in send_php (r=0x20156be0, display_source_mode=0, filename=0x0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/mod_php4.c:556
#15 0xd16f213c in send_parsed_php (r=0x0)
    at /home/pete/tmp/php-4.3.0/sapi/apache/mod_php4.c:571
#16 0x100164ac in ap_invoke_handler ()
#17 0x10044924 in process_request_internal ()
#18 0x100449e8 in ap_process_request ()
#19 0x10006088 in child_main ()
#20 0x10006400 in make_child ()
#21 0x1000690c in perform_idle_server_maintenance ()
#22 0x100070a8 in standalone_main ()
#23 0x100078fc in main ()
#24 0x100001dc in __start ()

the relevant line in my script was again
$result = xslt_process($processor, 'about.xml','about.xsl');

and i used the same trivial xml/xsl files.

[2003-02-10 12:22 UTC] msopacua@php.net

Are you still getting the duplicate symbol warnings?

[2003-02-10 19:41 UTC] pete+php at narya dot phys dot cwru dot edu

yes.

this appears to be a sablotron/AIX issue rather than a php
issue.

http://archive.gingerall.cz/archives/public/sablot2002/msg02240.html

sabcmd also coredumps for me. i apologize for not discovering this before posting here. thanks for your help.

[2003-02-10 19:45 UTC] iliaa@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

Thank you for updating us cause of the problem. Since the problem is not PHP related I am marking it bogus.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 06:01:29 2024 UTC