ID: 28771 User updated by: mbm at interflow dot dk Reported By: mbm at interflow dot dk Status: Open Bug Type: XSLT related Operating System: FreeBSD 5.2 PHP Version: 5.0.0RC3 New Comment:
After we recompiled php with debugoptions we started getting segfault in CLI as well. Previous Comments: ------------------------------------------------------------------------ [2004-06-14 11:00:12] mbm at interflow dot dk Description: ------------ This took us quite a while to locate, but when using xslt processor in colaboration with clone and then accesing the resulting domdocument you will end up with a segfault. This only seems to happen when used on cgi, not with cli (here anyways, it has been reproduced on rc1 cli). We originally encountered this inside a rather big system so we tried to boil it down and the included script recreates the segfault. I've included a gdb backtrace - if you need aditional info feel free to mail me at mbm at interflow . dk. Reproduce code: --------------- $xmlString=<<<EOS <?xml version="1.0" encoding="iso-8859-1"?> <document>Test</document> EOS; $xslString = <<<EOS <?xml version="1.0" encoding="ISO-8859-1"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform";> </xsl:stylesheet> EOS; $xml = new DomDocument; $xml->LoadXml($xmlString); $xsl = new DomDocument; $xsl->LoadXml($xslString); $xsltProcessor = new XsltProcessor(); $xsltProcessor->ImportStylesheet($xsl); $xml2 = $xsltProcessor->TransformToDoc($xml); $xml2->SaveXml(); $xml3 = clone $xml2; $list = $xml3->GetElementsByTagName('foo'); Expected result: ---------------- The included script should put a elementlist in $list, but it results in segmentation fault. The reason for $xml2->SaveXml() is because the segmentationfault only seems to happen when we try to access anything in the resulting document from xsltprocessing before doing the clone. Actual result: -------------- (gdb) bt #0 0x285cb7c7 in zend_objects_store_add_ref (object=0x814a568) at /usr/home/jacob/php-5.0.0RC3/Zend/zend_objects_API.c:118 #1 0x285b2f33 in _zval_copy_ctor (zvalue=0x814a568, __zend_filename=0x285e8260 "/usr/home/jacob/php-5.0.0RC3/ext/dom/php_dom.c", __zend_lineno=797) at /usr/home/jacob/php-5.0.0RC3/Zend/zend_variables.c:156 #2 0x2845a082 in dom_namednode_iter (basenode=0x814a198, ntype=0, intern=0x814a410, ht=0x0, local=0x81de910 "foo", ns=0x0) at /usr/home/jacob/php-5.0.0RC3/ext/dom/php_dom.c:797 #3 0x2845d2e7 in zif_dom_document_get_elements_by_tag_name (ht=1, return_value=0x814a3cc, this_ptr=0x814a108, return_value_used=1) at /usr/home/jacob/php-5.0.0RC3/ext/dom/document.c:1019 #4 0x285dc17a in zend_do_fcall_common_helper (execute_data=0xbfbfd380, opline=0x814faf8, op_array=0x8148868) at /usr/home/jacob/php-5.0.0RC3/Zend/zend_execute.c:2697 #5 0x285dc7bc in zend_do_fcall_by_name_handler (execute_data=0xbfbfd380, opline=0x814faf8, op_array=0x8148868) at /usr/home/jacob/php-5.0.0RC3/Zend/zend_execute.c:2808 #6 0x285d8737 in execute (op_array=0x8148868) at /usr/home/jacob/php-5.0.0RC3/Zend/zend_execute.c:1389 #7 0x285b5045 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/home/jacob/php-5.0.0RC3/Zend/zend.c:1061 #8 0x2856f6a7 in php_execute_script (primary_file=0xbfbfe9c0) at /usr/home/jacob/php-5.0.0RC3/main/main.c:1627 ---Type <return> to continue, or q <return> to quit--- #9 0x285e5751 in php_handler (r=0x81f7050) at /usr/home/jacob/php-5.0.0RC3/sapi/apache2handler/sapi_apache2.c:556 #10 0x0806656c in ap_run_handler () #11 0x08066cc4 in ap_invoke_handler () #12 0x08062e97 in ap_process_request () #13 0x0805d5f4 in ap_process_http_connection () #14 0x08071bac in ap_run_process_connection () #15 0x08071f6c in ap_process_connection () #16 0x080648b7 in child_main () #17 0x080649a2 in make_child () #18 0x08064b28 in startup_children () #19 0x08064f6a in ap_mpm_run () #20 0x0806c9a3 in main () #21 0x0805d0a2 in _start () ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=28771&edit=1
