[xml] Strange XPath crash

From: Trey Gruel <drathos-xml nightmoose net>
To: xml gnome org
Subject: [xml] Strange XPath crash
Date: Wed, 7 Apr 2004 15:28:17 -0400 (EDT)

I'm using XPath (in libxml2-2.6.8) to parse some XML configuration files
for a set of servers and I've run across an annoying and baffling seg
fault.  I've got 4 servers that I'm starting up which all use basically
the same code for parsing their config files.  The only difference in the
parsing is the actual paths they're looking for.  Setup and node
processing is the same.  On 3, it works fine, but on the fourth, I get a
seg fault when calling xmlXPathFreeObject.

Here's what backtrace shows in gdb:
#0  __pthread_mutex_lock (mutex=0x206ca) at mutex.c:99
#1  0x407c93e8 in __libc_free (mem=0x4062dfb0) at malloc.c:3152
#2  0x4069f447 in xmlXPathFreeObject () from /usr/lib/libxml2.so.2
#3  0x08059687 in MyApp::parseConfigFile (this=0x8137ec0) at parsexml.cpp:73
#4  0x0804ea06 in MyApp::appInitialize (this=0x8137ec0) at myapp.cpp:400
#5  0x0804d6de in main (argc=6, argv=0xbffff184) at main.cpp:59
#6  0x40764657 in __libc_start_main (main=0x804d660 <main>, argc=6, 
    ubp_av=0xbffff184, init=0x804c9c0 <_init>, fini=0x81033f0 <_fini>, 
    rtld_fini=0x4000dc54 <_dl_fini>, stack_end=0xbffff17c)
    at ../sysdeps/generic/libc-start.c:129

And here's the xmlXPathObjectPtr I'm trying to free:
$1 = {type = 1407551829, nodesetval = 0xe810ec83, boolval = -60, 
  floatval = 1.044512297805358e+27, 
  stringval = 0x48508b08 <Address 0x48508b08 out of bounds>, 
  user = 0xac7ae852, index = 1569456127, user2 = 0x10c483fc, 
  index2 = -1017254775}

I imagine it's related to stringval being out of bounds, but as this is 
internal to libxml2, I'm not sure what to do about it.

the segment of code where the crash is occurring is identical to the other 
servers (getting the data from the path /config/system) and I suspect it's 
happenning there simply because it's the first part of the config file 
being read.

I had a similar problem to this occur in one of the other servers when
using the libxml/parser API to manually parse the file that magically
fixed itself.

For the time being, I've gone back to using the parser API (which works)  
for this particular server, but I would like to have them all using the
same method of reading the config files.

Any ideas?

-- 
trey

Follow-Ups:
- Re: [xml] Strange XPath crash
  - From: Daniel Veillard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]