Menu

#178 dom::selectNode seg-faults

C/C++ Module
open
Steve Ball
TclDOM (91)
5
2008-11-20
2008-02-12
Mikhail T.
No

Hello!

I'm trying to use dom::selectNode on Solaris-10 (32-bit binary). The only parser supporting selectNode is the libxml2 one which is included with Solaris-10 (/usr/include/libxml2, /usr/lib/libxml2.so.2).

Unfortunately, the method crashes trying to report an error to me:

t@1 (l@1) terminated by signal SEGV (access to address exceeded protections)
0xff1e9a50: Tcl_SetObjResult+0x0010: st %i5, [%i1]
Current function is TclDOMSelectNodeCommand
1768 Tcl_SetObjResult(interp, errObjPtr);
(dbx) where
current thread: t@1
[1] Tcl_SetObjResult(0x27148, 0xfebe1300, 0xff24b9f4, 0xff38bfcc, 0x18, 0x9de3bf71), at 0xff1e9a50
=>[2] TclDOMSelectNodeCommand(dummy = (nil), interp = 0x27148, objc = 3, objv = 0x367cc), line 1768 in "tcldomlibxml2.c"
[3] TclExecuteByteCode(0x27148, 0x239ce, 0x3, 0xe15, 0x2, 0x36790), at 0xff187210
[4] TclCompEvalObj(0x27148, 0xab6f8, 0xffbff648, 0x3, 0x0, 0x23958), at 0xff185b0c
[5] TclEvalObjEx(0x27148, 0xab6f8, 0x0, 0xffbff648, 0x3, 0xff2465e0), at 0xff131e98
[6] Tcl_ForeachObjCmd(0x8, 0x27148, 0x1, 0x0, 0x367b0, 0x367ac), at 0xff13f554
[7] TclEvalObjvInternal(0x27148, 0x4, 0xffbff710, 0x44478, 0x6c, 0xe13), at 0xff130264
[8] TclEvalEx(0x27148, 0x0, 0x444e3, 0x44491, 0x36, 0x1), at 0xff131594
[9] Tcl_FSEvalFileEx(0x27148, 0x2a750, 0x1, 0xff21ad60, 0x0, 0x0), at 0xff1b82c0
[10] Tcl_Main(0x5, 0x0, 0x107a0, 0x2a750, 0x2a750, 0xff24b0e4), at 0xff1c3064
[11] main(0x6, 0xffbffb54, 0xffbffb70, 0x20830, 0xfffeff70, 0x10000), at 0x10768

Please, advise. Thanks!

Discussion

  • Mikhail T.

    Mikhail T. - 2008-02-12

    Logged In: YES
    user_id=173641
    Originator: YES

    Some more details. The versions of tclxml and tcldom are both 3.1.

    The errrObjPtr, that TclDOMSelectNodeCommand is trying to set as the result is bogus (this is what TclXML_libxml2_GetErrorObj returns).

    (dbx) p *errObjPtr
    *errObjPtr = {
    refCount = -1646018704
    bytes = 0x84100018 "<bad address 0x84100018>"
    length = -1004036028
    typePtr = 0x86100019
    internalRep = {
    longValue = -970481592
    doubleValue = -9.3592649813065e+29
    otherValuePtr = 0xc627a048
    wideValue = -4168186696827928561LL
    twoPtrValue = {
    ptr1 = 0xc627a048
    ptr2 = 0x8210000f
    }
    ptrAndLongRep = {
    ptr = 0xc627a048
    value = 2182086671U
    }
    }
    }

    The ctxt pointer points to a legible structure:

    (dbx) p *ctxt
    *ctxt = {
    doc = 0x115f58
    node = 0x115f58
    nb_variables_unused = 0
    max_variables_unused = 0
    varHash = (nil)
    nb_types = 0
    max_types = 0
    types = (nil)
    nb_funcs_unused = 0
    max_funcs_unused = 0
    funcHash = 0x112c20
    nb_axis = 0
    max_axis = 0
    axis = (nil)
    namespaces = (nil)
    nsNr = 0
    user = (nil)
    contextSize = -1
    proximityPosition = -1
    xptr = 0
    here = (nil)
    origin = (nil)
    nsHash = (nil)
    varLookupFunc = (nil)
    varLookupData = (nil)
    extra = (nil)
    function = (nil)
    functionURI = (nil)
    funcLookupFunc = (nil)
    funcLookupData = (nil)
    tmpNsList = (nil)
    tmpNsNr = 0
    userData = (nil)
    error = (nil)
    lastError = {
    domain = 12
    code = 1219
    message = (nil)
    level = XML_ERR_ERROR
    file = (nil)
    line = 0
    str1 = 0x33cb1f8 "//rtsh:sheet"
    str2 = (nil)
    str3 = (nil)
    int1 = 12
    int2 = 0
    ctxt = (nil)
    node = (nil)
    }
    debugNode = (nil)
    dict = (nil)
    }

     

  • Steve Ball

    Steve Ball - 2008-11-20
    • assigned_to: nobody --> balls
     

  • Steve Ball

    Steve Ball - 2008-11-26

    Please provide a small script that demonstrates the seg fault. I'd like to try running it on other platforms to confirm the bug.

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.