------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=841 Summary: Segmentation fault Product: PCRE Version: 7.8 Platform: Other OS/Version: Windows Status: NEW Severity: bug Priority: medium Component: Code AssignedTo: [email protected] ReportedBy: [email protected] CC: [email protected] Created an attachment (id=311) --> (http://bugs.exim.org/attachment.cgi?id=311) Full backtrace Hi. One of my php scripts dies with "Segmentation fault" error. I can reproduce this bug every time (as long as blog entry it processes is available on net). I made tests of php from ubuntu package and php 5.2.9 compiled from source with pcre 7.8 and 7.9RC2 - same result. Full backtrace made with gdb is quite big. I included it as zip archive. Below some fragments: #0 0x000000000046b0fc in match (eptr=Cannot access memory at address 0x7fff63e53f70 ) at /usr/src/php-5.2.9/ext/pcre/pcrelib/pcre_exec.c:432 rrc = 0 i = 0 c = 0 utf8 = 0 minimize = 0 possessive = 0 condcode = 0 charptr = (const uschar *) 0x0 callpat = (const uschar *) 0x0 data = (const uschar *) 0x0 next = (const uschar *) 0x0 pp = (const unsigned char *) 0x0 prev = (const uschar *) 0x0 saved_eptr = (const unsigned char *) 0x0 new_recursive = {prevrec = 0x0, group_num = 0, after_call = 0x0, save_start = 0x0, offset_save = 0x0, saved_max = 0} cur_is_word = 0 condition = 0 prev_is_word = 0 original_ims = 0 prop_type = 0 prop_value = 0 prop_fail_result = 0 prop_category = 0 prop_chartype = 0 prop_script = 0 oclength = 0 occhars = "\000\000\000\000\000\000\000" codelink = 0 ctype = 0 length = 0 max = 0 min = 0 number = 0 offset = 0 op = 0 save_capture_last = 0 save_offset1 = 0 save_offset2 = 0 save_offset3 = 0 stacksave = {0 <repeats 30 times>} newptrb = {epb_prev = 0x0, epb_saved_eptr = 0x0} #1 0x000000000046b6fa in match (eptr=0x1548da1 " jedyne s<C5>\202owo jakie w konkluzji powinno si<C4>\231 nasuwa<C4>\207 ka<C5><BC>demu <C5>\233wiad omemu politycznie Amerykaninowi. Link do artyku<C5>\202u: http://wiadomosci.wp.pl/kat,107158,title,Przywodca-Iranu-odpowiada-Obamie-";..., ecode=0 x11011bf "_", mstart=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obie g<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5> <BC>o wybrany prezyde"..., offset_top=10, md=0x7fff64648d80, ims=4, eptrb=0x0, flags=0, rdepth=4964) at /usr/src/php-5.2.9/ext/pcre/pcrelib/pcre_exec .c:720 rrc = 0 i = 0 c = 0 utf8 = 0 minimize = 0 possessive = 0 condcode = 0 charptr = (const uschar *) 0x0 callpat = (const uschar *) 0x0 data = (const uschar *) 0x0 next = (const uschar *) 0x0 pp = (const unsigned char *) 0x0 prev = (const uschar *) 0x0 saved_eptr = (const unsigned char *) 0x0 new_recursive = {prevrec = 0x0, group_num = 0, after_call = 0x0, save_start = 0x0, offset_save = 0x0, saved_max = 0} cur_is_word = 0 condition = 0 prev_is_word = 0 original_ims = 4 prop_type = 0 prop_value = 0 prop_fail_result = 0 prop_category = 0 prop_chartype = 0 prop_script = 0 oclength = 0 occhars = "\000\000\000\000\000\000\000" codelink = 0 ctype = 0 length = 0 max = 0 min = 0 number = 4 offset = 8 op = 95 save_capture_last = 4 save_offset1 = 2480 save_offset2 = 2481 save_offset3 = 2480 stacksave = {0 <repeats 30 times>} newptrb = {epb_prev = 0x0, epb_saved_eptr = 0x0} #2 0x000000000046d431 in match (eptr=0x1548da1 " jedyne s<C5>\202owo jakie w konkluzji powinno si<C4>\231 nasuwa<C4>\207 ka<C5><BC>demu <C5>\233wiadomemu politycznie Amerykaninowi. Link do artyku<C5>\202u: http://wiadomosci.wp.pl/kat,107158,title,Przywodca-Iranu-odpowiada-Obamie-";..., ecode=0x11011f2 "V", mstart=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"..., offset_top=10, md=0x7fff64648d80, ims=4, eptrb=0x0, flags=0, rdepth=4963) at /usr/src/php-5.2.9/ext/pcre/pcrelib/pcre_exec.c:1361 rrc = 0 i = 2 c = 111 utf8 = 0 minimize = 0 possessive = 0 condcode = 0 charptr = (const uschar *) 0x0 callpat = (const uschar *) 0x0 data = (const uschar *) 0x11011d2 "<FF><FF><FF><FF><FF>\177<FF><BF>", '<FF>' <repeats 24 times>, "V" next = (const uschar *) 0x0 pp = (const unsigned char *) 0x0 prev = (const uschar *) 0x11011bf "_" saved_eptr = (const unsigned char *) 0x0 new_recursive = {prevrec = 0x0, group_num = 0, after_call = 0x0, save_start = 0x0, offset_save = 0x0, saved_max = 0} cur_is_word = 0 condition = 0 prev_is_word = 0 original_ims = 4 prop_type = 0 prop_value = 0 prop_fail_result = 0 prop_category = 0 prop_chartype = 0 prop_script = 0 oclength = 0 occhars = "\000\000\000\000\000\000\000" codelink = 0 ctype = 0 length = 0 max = 1 min = 1 number = 4 offset = 8 op = 86 save_capture_last = 0 save_offset1 = 0 save_offset2 = 0 save_offset3 = 0 stacksave = {0 <repeats 30 times>} newptrb = {epb_prev = 0x0, epb_saved_eptr = 0x0} ------CUT------ #4965 0x000000000046b6fa in match (eptr=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202 y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Ira nu. <C5>\232wie<C5><BC>o wybrany prezyde"..., ecode=0x11011a3 "_", mstart=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\" Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205 <C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"..., offset_top=2, md=0x7fff64648d80, ims=4, eptrb=0x0, flags=0, rdepth=0) at /usr/src/php-5.2.9/ext/pcre/pcrelib/pcre_exec.c:720 rrc = 1 i = 0 c = 20104040 utf8 = 0 minimize = 0 possessive = 0 condcode = 0 charptr = (const uschar *) 0x7fff646489a0 "" callpat = (const uschar *) 0x107ff70 "H\035\b\001" data = (const uschar *) 0x77e496 "\205<C0>u\030H\213E<F0>H\213P\020H\213E<C8>H\211\020<C7>E<C4>" next = (const uschar *) 0x0 pp = (const unsigned char *) 0x0 prev = (const uschar *) 0x7fff64651ee0 "\003" saved_eptr = (const unsigned char *) 0x0 new_recursive = {prevrec = 0x7fff646488b0, group_num = 0, after_call = 0x7fff64651ee0 "\003", save_start = 0x100000000 <Address 0x100000000 o ut of bounds>, offset_save = 0x1065a10, saved_max = 17193488} cur_is_word = 20780480 condition = 0 prev_is_word = 0 original_ims = 4 prop_type = 32767 prop_value = 0 prop_fail_result = 0 prop_category = 1550138368 prop_chartype = 0 prop_script = 22307776 oclength = 0 occhars = "\000\215dd<FF>\177\000" codelink = 13755024 ctype = 6 length = 20780424 max = 32767 min = 1684312056 number = 1 offset = 2 op = 95 save_capture_last = -1 save_offset1 = -1 save_offset2 = -1 save_offset3 = -1 stacksave = {371425234, -641582999, 22219328, 12, 14585744, 0, 22219328, 417, 10765256, 0, 1684310056, 32767, 1684310112, 32767, 7946961, 0, 1684310016, 32767, 7656292, 0, 22847968, 0, 3, 0, 0, 0, 20104040, 0, 1684310288, 32767} newptrb = {epb_prev = 0x0, epb_saved_eptr = 0x1065a10 "\002ZZZZZZZ\by\005\001"} #4966 0x000000000047ad8f in php_pcre_exec (argument_re=0x1101170, extra_data=0x7fff64648fe0, subject=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odp owiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Ob ama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"..., length=6679, start_offset=0, options=0, of fsets=0x14eb5b8, offsetcount=18) at /usr/src/php-5.2.9/ext/pcre/pcrelib/pcre_exec.c:4895 save_end_subject = (const unsigned char *) 0x1549e07 "" new_start_match = (const unsigned char *) 0x8 <Address 0x8 out of bounds> rc = 0 resetcount = 12 ocount = 18 first_byte = 60 req_byte = 62 req_byte2 = 62 newline = 10 ims = 4 using_temporary_offsets = 0 anchored = 0 startline = 0 firstline = 0 first_byte_caseless = 0 req_byte_caseless = 0 utf8 = 0 match_block = {match_call_count = 7445, match_limit = 100000, match_limit_recursion = 100000, offset_vector = 0x14eb5b8, offset_end = 18, off set_max = 12, nltype = 0, nllen = 1, nl = "\n\221dd", lcc = 0x7faf60 "", ctypes = 0x7fb2a0 "\200", offset_overflow = 0, notbol = 0, noteol = 0, utf8 = 0, jscript_compat = 0, endonly = 0, notempty = 0, partial = 0, hitend = 0, bsr_anycrlf = 0, start_code = 0x11011a0 "^", start_subject = 0x15483f0 " <a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"..., end_s ubject = 0x1549e07 "", start_match_ptr = 0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\20 2y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Ir anu. <C5>\232wie<C5><BC>o wybrany prezyde"..., end_match_ptr = 0x14ec4d8 "", end_offset_top = 160, capture_last = 4, start_offset = 0, eptrchain = 0x 9520074d364, eptrn = 10742728, recursive = 0x0, callout_data = 0x0} md = (match_data *) 0x7fff64648d80 tables = (const uschar *) 0x7faf60 "" start_bits = (const uschar *) 0x0 start_match = (const unsigned char *) 0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca <C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\23 1 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"... end_subject = (const unsigned char *) 0x1549e07 "" req_byte_ptr = (const unsigned char *) 0x15483ef "Z<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca <C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyd"... internal_study = {size = 1684311920, options = 32767, start_bits = "!<D5>t", '\0' <repeats 17 times>, "[\002\000\000X<A8>\200\000\000\000\000"} study = (const pcre_study_data *) 0x0 internal_re = {magic_number = 13755024, size = 0, options = 48, flags = 0, dummy1 = 0, top_bracket = 36512, top_backref = 25700, first_byte = 32767, req_byte = 0, name_table_offset = 54561, name_entry_size = 116, name_count = 0, ref_count = 0, tables = 0x7fff64648f68 "<E0>\222dd<FF>\177", nullpad = 0x800000008 <Address 0x800000008 out of bounds>} external_re = (const real_pcre *) 0x1101170 re = (const real_pcre *) 0x1101170 #4967 0x000000000047f902 in php_pcre_match_impl (pce=0x146b980, subject=0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca <C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg<C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205 <C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5><BC>o wybrany prezyde"..., subject_len=6679, return_value=0x14eb070, subpats=0x13bbd60, global=0 , use_flags=0, flags=0, start_offset=0) at /usr/src/php-5.2.9/ext/pcre/php_pcre.c:621 result_set = (zval *) 0x7fff646490d0 match_sets = (zval **) 0x0 extra = (pcre_extra *) 0x7fff64648fe0 extra_data = {flags = 18, study_data = 0x7fff6464911c, match_limit = 100000, callout_data = 0x7fff64649118, tables = 0x13efec0 "~(</?)(\\w*)( (/(?!>)|[^/>])*)(/?>)~s", match_limit_recursion = 100000} exoptions = 0 count = 0 offsets = (int *) 0x14eb5b8 num_subpats = 6 size_offsets = 18 matched = 0 g_notempty = 0 stringlist = (const char **) 0x7fbb5a9875ca match = 0x0 subpat_names = (char **) 0x1607618 i = 0 rc = 0 subpats_order = 0 offset_capture = 0 #4968 0x000000000047f54d in php_do_pcre_match (ht=3, return_value=0x14eb070, return_value_ptr=0x0, this_ptr=0x0, return_value_used=1, global=0) at /u sr/src/php-5.2.9/ext/pcre/php_pcre.c:513 regex = 0x13efec0 "~(</?)(\\w*)((/(?!>)|[^/>])*)(/?>)~s" subject = 0x15483f0 "<a title=\"Przyw<C3><B3>dca Iranu odpowiada Obamie\" mce_href=\"Ca<C5>\202kiem niedawno ca<C5>\202y <C5>\233wiat obieg <C5>\202a informacja i<C5><BC> nowy przyw<C3><B3>dca USA - Barack Obama, wyci<C4>\205gn<C4>\205<C5>\202 r<C4>\231k<C4>\231 do Iranu. <C5>\232wie<C5> <BC>o wybrany prezyde"... regex_len = 35 subject_len = 6679 pce = (pcre_cache_entry *) 0x146b980 subpats = (zval *) 0x13bbd60 flags = 0 start_offset = 0 PS Sorry about my English. -- Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email -- ## List details at http://lists.exim.org/mailman/listinfo/pcre-dev
