From: romain dot lalaut at laposte dot net Operating system: Linux Ubuntu 2.6.20-16-server PHP version: 5.2.4RC3 PHP Bug Type: Reproducible crash Bug description: Segmentation when trying to set an attribute in a DOMElement
Description: ------------ When i try to set an attribute in a DOMElement instance, a segmentation fault may occurs (not for every element but always the same) . PHP 5.2.1 (cli) (built: Jul 17 2007 18:14:23) Copyright (c) 1997-2007 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies My phpinfo() : http://paste-it.net/3324 Reproduce code: --------------- /* XML code <div id="one"> <div id="one_a" /> <div id="one_b" /> </div> <div id="two"></div> */ $els = $view->getElementsByXPath( "/xhtml:html[1]/xhtml:body[1]//xhtml:[EMAIL PROTECTED]" ); // It works and $els is an iterator of DOMElement encapsulated in home-made objects foreach($els as $el) { echo('ID : '.$el->getAttribute('id')."\n"); flush(); $el->setAttribute('id', 'foo'); echo("OK\n"); flush(); } Expected result: ---------------- ID : one OK ID : one_a OK ID : one_b OK ID : two OK Actual result: -------------- ID : one [Segmentation fault] GDB backtrace #0 0x080db409 in php_dom_object_get_data (obj=0x656e6f) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:242 #1 0x080e0140 in node_list_unlink (node=0x656e6f) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:931 #2 0x080e01a0 in node_list_unlink (node=0x8676f20) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:948 #3 0x080e8509 in zif_dom_element_set_attribute (ht=2, return_value=0x8711f08, return_value_ptr=0x0, this_ptr=0x87101c0, return_value_used=0) at /tmp/php5.2-200708281430/ext/dom/element.c:308 #4 0x0833fb70 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc12100) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:200 #5 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc12100) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #6 0x0833f6c0 in execute (op_array=0x866bfa4) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #7 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc126b0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #8 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc126b0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #9 0x0833f6c0 in execute (op_array=0x870169c) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #10 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc12ba0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #11 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc12ba0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #12 0x0833f6c0 in execute (op_array=0x86ee670) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #13 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc12d10) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #14 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc12d10) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #15 0x0833f6c0 in execute (op_array=0x86dcff8) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #16 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc13740) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #17 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc13740) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #18 0x0833f6c0 in execute (op_array=0x86dbb84) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #19 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc13c00) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #20 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc13c00) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #21 0x0833f6c0 in execute (op_array=0x85928b4) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #22 0x0833fcea in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc140f0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:234 #23 0x083407bd in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbfc140f0) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:322 #24 0x0833f6c0 in execute (op_array=0x8538d2c) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:92 #25 0x0831aaf5 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /tmp/php5.2-200708281430/Zend/zend.c:1134 #26 0x082c6d91 in php_execute_script (primary_file=0xbfc16468) at /tmp/php5.2-200708281430/main/main.c:1982 #27 0x083944c1 in main (argc=3, argv=0xbfc165d4) at /tmp/php5.2-200708281430/sapi/cli/php_cli.c:1140 (gdb) frame 4 #4 0x0833fb70 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfc12100) at /tmp/php5.2-200708281430/Zend/zend_vm_execute.h:200 200 ((zend_internal_function *) EX(function_state).function)->handler(opline->extended_value, EX_T(opline->result.u.var).var.ptr, EX(function_state).function->common.return_reference?&EX_T(opline->result.u.var).var.ptr:NULL, EX(object), return_value_used TSRMLS_CC); (gdb) frame 3 #3 0x080e8509 in zif_dom_element_set_attribute (ht=2, return_value=0x8711f08, return_value_ptr=0x0, this_ptr=0x87101c0, return_value_used=0) at /tmp/php5.2-200708281430/ext/dom/element.c:308 308 node_list_unlink(attr->children TSRMLS_CC); (gdb) frame 2 #2 0x080e01a0 in node_list_unlink (node=0x8676f20) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:948 948 node_list_unlink((xmlNodePtr) node->properties TSRMLS_CC); (gdb) frame 1 #1 0x080e0140 in node_list_unlink (node=0x656e6f) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:931 931 wrapper = php_dom_object_get_data(node); (gdb) frame 0 #0 0x080db409 in php_dom_object_get_data (obj=0x656e6f) at /tmp/php5.2-200708281430/ext/dom/php_dom.c:242 242 if (obj && obj->_private != NULL) { -- Edit bug report at http://bugs.php.net/?id=42462&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=42462&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=42462&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=42462&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=42462&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=42462&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=42462&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=42462&r=needscript Try newer version: http://bugs.php.net/fix.php?id=42462&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=42462&r=support Expected behavior: http://bugs.php.net/fix.php?id=42462&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=42462&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=42462&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=42462&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=42462&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=42462&r=dst IIS Stability: http://bugs.php.net/fix.php?id=42462&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=42462&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=42462&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=42462&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=42462&r=mysqlcfg
