Bug 218131

Summary: xsltproc segfaults while trying to process the XML files for xcb.
Product: [Fedora] Fedora Reporter: Ian Romanick <idr>
Component: libxsltAssignee: Daniel Veillard <veillard>
Status: CLOSED UPSTREAM QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-12-04 09:38:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ian Romanick 2006-12-01 22:19:58 UTC 
Description of problem:

xsltproc segfaults while trying to process the XML files for xcb.

Version-Release number of selected component (if applicable):

libxslt-1.1.18-1.FC6

How reproducible:

Every time.

Steps to Reproduce:
1. Get libxcb source from git://anongit.freedesktop.org/git/xcb/libxcb
2. cd to libxcb/src
3. /usr/bin/xsltproc --stringparam mode source --stringparam base-path
/opt/xorg-pristine-amd64/share/xcb/ --stringparam extension-path
/opt/xorg-pristine-amd64/share/xcb/ -o xproto.c ./c-client.xsl xproto.xml
  
Actual results:

segfault.

Expected results:

Not segfault. :)

Additional info:

Program received signal SIGSEGV, Segmentation fault.
0x000000390d07212b in free () from /lib64/libc.so.6
(gdb) bt
#0  0x000000390d07212b in free () from /lib64/libc.so.6
#1  0x0000003a4c617993 in xsltFreeDocumentKeys () from /usr/lib64/libxslt.so.1
#2  0x0000003a4c615f63 in xsltReleaseRVT () from /usr/lib64/libxslt.so.1
#3  0x0000003a4c625c7f in xsltChoose () from /usr/lib64/libxslt.so.1
#4  0x0000003a4c62641a in xsltProcessOneNode () from /usr/lib64/libxslt.so.1
#5  0x0000003a4c62702d in xsltApplyTemplates () from /usr/lib64/libxslt.so.1
#6  0x0000003a4c624706 in xsltCopyTextString () from /usr/lib64/libxslt.so.1
#7  0x0000003a4c625c4e in xsltChoose () from /usr/lib64/libxslt.so.1
#8  0x0000003a4c62641a in xsltProcessOneNode () from /usr/lib64/libxslt.so.1
#9  0x0000003a4c6269b0 in xsltProcessOneNode () from /usr/lib64/libxslt.so.1
#10 0x0000003a4c62702d in xsltApplyTemplates () from /usr/lib64/libxslt.so.1
#11 0x0000003a4c624706 in xsltCopyTextString () from /usr/lib64/libxslt.so.1
#12 0x0000003a4c616983 in xsltCreateRVT () from /usr/lib64/libxslt.so.1
#13 0x0000003a4c616b3d in xsltCreateRVT () from /usr/lib64/libxslt.so.1
#14 0x0000003a4c61703b in xsltXPathVariableLookup ()
   from /usr/lib64/libxslt.so.1
#15 0x0000003a46c84299 in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#16 0x0000003a46c8373d in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#17 0x0000003a46c83e3b in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#18 0x0000003a46c83e86 in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#19 0x0000003a46c8373d in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#20 0x0000003a46c84e5e in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#21 0x0000003a46c89177 in xmlXPathEval () from /usr/lib64/libxml2.so.2
#22 0x0000003a46c89349 in xmlXPathCompiledEval () from /usr/lib64/libxml2.so.2
#23 0x0000003a4c61670f in xsltCreateRVT () from /usr/lib64/libxslt.so.1
#24 0x0000003a4c616b3d in xsltCreateRVT () from /usr/lib64/libxslt.so.1
#25 0x0000003a4c61703b in xsltXPathVariableLookup ()
   from /usr/lib64/libxslt.so.1
#26 0x0000003a46c84299 in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#27 0x0000003a46c83d1f in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#28 0x0000003a46c8373d in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#29 0x0000003a46c84e5e in xmlXPathFunctionLookup ()
   from /usr/lib64/libxml2.so.2
#30 0x0000003a46c89177 in xmlXPathEval () from /usr/lib64/libxml2.so.2
#31 0x0000003a46c89349 in xmlXPathCompiledEval () from /usr/lib64/libxml2.so.2
#32 0x0000003a4c626d7d in xsltApplyTemplates () from /usr/lib64/libxslt.so.1
#33 0x0000003a4c624706 in xsltCopyTextString () from /usr/lib64/libxslt.so.1
#34 0x0000003a4c616983 in xsltCreateRVT () from /usr/lib64/libxslt.so.1
#35 0x0000003a46c55890 in xmlHashScanFull () from /usr/lib64/libxml2.so.2
#36 0x0000003a46c558dc in xmlHashScan () from /usr/lib64/libxml2.so.2
#37 0x0000003a4c615cbb in xsltEvalGlobalVariables ()
   from /usr/lib64/libxslt.so.1
#38 0x0000003a4c62a250 in xsltNewTransformContext ()
   from /usr/lib64/libxslt.so.1
#39 0x0000003a4c62a9fb in xsltRunStylesheetUser () from /usr/lib64/libxslt.so.1
#40 0x0000000000401ebf in xsltSecurityForbid ()
#41 0x0000000000402965 in xsltSecurityForbid ()
#42 0x000000390d01da44 in __libc_start_main () from /lib64/libc.so.6
#43 0x0000000000401879 in xsltSecurityForbid ()
#44 0x00007fff7d8470c8 in ?? ()
#45 0x0000000000000000 in ?? ()
Comment 1 Ian Romanick 2006-12-01 22:25:40 UTC 
It seems that the problem is known in the XCB community, and does *not* occur
with libxslt 1.1.17. :(

http://lists.freedesktop.org/archives/xcb/2006-November/002370.html
Comment 2 Daniel Veillard 2006-12-04 09:38:14 UTC 
Being dealt with upstream. This is in no way specific to Fedora

http://bugzilla.gnome.org/show_bug.cgi?id=378766 

Also note that there is a libxslt-1.1.19 in Fedora Testing updates since
Nov 29 so a minimal thing to do is test the updates first.

If you don't want problems being detected after release, used the CVS 
versions regulary, there is a CVS snapshot generated every hours, and
anonymous CVS access... so please take that ':(' back, thanks,

Daniel