ID: 45546 Comment by: nikolas dot hagelstein at gmail dot com Reported By: kaiser at macbureau dot de Status: Feedback Bug Type: PCRE related Operating System: FreeBSD 7 PHP Version: 5.2.6 New Comment:
Confirmed. System: FreeBSD 7 PHP 5.2.6 (PCRE Library Version => 7.6 2008-01-28) stack size (kbytes, -s) 524288 Backtrace: #6216 0x000000080407a494 in match () from /usr/local/lib/php/20060613/pcre.so # #6217 0x000000080407701c in match () from /usr/local/lib/php/20060613/pcre.so # #6218 0x000000080407a494 in match () from /usr/local/lib/php/20060613/pcre.so # #6219 0x000000080407701c in match () from /usr/local/lib/php/20060613/pcre.so # #6220 0x0000000804076d05 in match () from /usr/local/lib/php/20060613/pcre.so # #6221 0x000000080407f12f in php_pcre_exec () # from /usr/local/lib/php/20060613/pcre.so # # #6222 0x0000000804084c02 in php_pcre_match_impl () # from /usr/local/lib/php/20060613/pcre.so # #6223 0x000000080408569b in php_do_pcre_match () # from /usr/local/lib/php/20060613/pcre.so # #6224 0x0000000000538912 in zend_do_fcall_common_helper_SPEC () # #6225 0x0000000000528603 in execute () # #6226 0x00000000005383a4 in zend_do_fcall_common_helper_SPEC () # #6227 0x0000000000528603 in execute () # #6228 0x0000000000508dd3 in zend_execute_scripts () # #6229 0x00000000004c5a5d in php_execute_script () Previous Comments: ------------------------------------------------------------------------ [2008-07-19 12:19:46] [EMAIL PROTECTED] I can reproduce. (PHP 5.2.7-dev) ==6244== Stack overflow in thread 1: can't grow stack to 0xBE04DFC0 ==6244== ==6244== Process terminating with default action of signal 11 (SIGSEGV) ==6244== Access not within mapped region at address 0xBE04DFC0 ==6244== at 0x8099F78: match (pcre_exec.c:1287) ==6244== Stack overflow in thread 1: can't grow stack to 0xBE04DF9C ==6244== ==6244== Process terminating with default action of signal 11 (SIGSEGV) ==6244== Access not within mapped region at address 0xBE04DF9C ==6244== at 0x401D200: _vgnU_freeres (vg_preloaded.c:56) ------------------------------------------------------------------------ [2008-07-19 11:13:41] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5.3-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.3-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.3-win32-installer-latest.msi I can't reproduce the crash here, nor valgrind finds any problem. Can you please try the cvs version please? ------------------------------------------------------------------------ [2008-07-17 19:29:53] kaiser at macbureau dot de Sorry, c&p error, thanks, looking forward to hear from you. ./test.php Segmentation fault (core dumped) #!/usr/local/bin/php <?php function is_utf8($str) { return (preg_match('/^([\x00-\x7f]|[\xc2-\xdf][\x80- \xbf]|\xe0[\xa0-\xbf][\x80-\xbf]|[\xe1-\xec][\x80-\xbf]{2}|\xed[\x80- \x9f][\x80- \xbf]|[\xee-\xef][\x80-\xbf]{2}|f0[\x90-\xbf][\x80-\xbf]{2}|[\xf1- \xf3][\x80- \xbf]{3}|\xf4[\x80-\x8f][\x80-\xbf]{2})*$/', $str) === 1); } $i=0; $str = ''; while ($i<5000) { $str .= 'a'; $i++; } is_utf8($str); ?> ------------------------------------------------------------------------ [2008-07-17 17:53:51] [EMAIL PROTECTED] the pasted code is incomplete (doesn't even run). Please provide a complete, but short, reproducible script. ------------------------------------------------------------------------ [2008-07-17 16:31:50] kaiser at macbureau dot de Description: ------------ PCRE with utf8 (Typo3 Mailform) kills apache childprocess. With the following entry in apache errorlog on FreeBSD 7 with Apache 2.2.8: [notice] child pid 6709 exit signal Illegal instruction (4) Output of ulimit -a: core file size (blocks, -c) unlimited data seg size (kbytes, -d) 33554432 file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files (-n) 11095 pipe size (512 bytes, -p) 1 stack size (kbytes, -s) 524288 cpu time (seconds, -t) unlimited max user processes (-u) 5547 virtual memory (kbytes, -v) unlimite Reproduce code: --------------- #!/usr/local/bin/php <?php function is_utf8($str) { return (preg_match('/^([\x00-\x7f]|[\xc2-\xdf][\x80-\xbf]|\xe0[\ } $i=0; $str = ''; while ($i<5000) { $str .= 'a'; $i++; } is_utf8($str); ?> ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=45546&edit=1
