On Thu, Aug 20, 2009 at 08:03:57PM +0200, Johannes Hofmann wrote:
On Wed, Aug 19, 2009 at 08:03:09PM +0200, Johannes Hofmann wrote:
On Tue, Aug 18, 2009 at 02:46:51PM -0400, Jorge Arellano Cid wrote:
BTW: I don't remember whether a fix for the uClinux URL above was already committed. It didn't SEGFAULT when testing tip.
I got some segfaults recently. I will try to get a proper stack trace.
Ok here it is. It happend after a couple of hours:
Core was generated by `dillo'. Program terminated with signal 11, Segmentation fault. #0 a_Chain_check (FuncStr=0x80f763a "a_Capi_ccc", Op=2, Branch=1, Dir=2, Info=0x0) at chain.c:191 191 if (Info->Flags & (CCC_Ended + CCC_Aborted)) { (gdb) bt #0 a_Chain_check (FuncStr=0x80f763a "a_Capi_ccc", Op=2, Branch=1, Dir=2, Info=0x0) at chain.c:191 #1 0x0805e448 in a_Capi_ccc (Op=2, Branch=1, Dir=2, Info=0x0, Data1=0x9274df0, Data2=0x0) at capi.c:537 #2 0x0805e5d8 in a_Capi_ccc (Op=2, Branch=1, Dir=1, Info=0x86cf3a8, Data1=0x0, Data2=0x80f7669) at capi.c:178 #3 0x0805960d in a_Chain_fcb (Op=2, Info=0x44, Data1=0x0, Data2=0x80f7669) at chain.c:113 #4 0x0807bf82 in a_Dpi_ccc (Op=1, Branch=1, Dir=2, Info=0x92a9a20, Data1=0x8e2ff90, Data2=0x0) at dpi.c:625 #5 0x0805966d in a_Chain_bcb (Op=1, Info=0x44, Data1=0x8e2ff90, Data2=0x0) at chain.c:136 #6 0x0805eaa3 in a_Capi_dpi_send_cmd (url=0x8f30ff8, bw=0x8e2e790, cmd=0x86cf328 "<cmd='open_url' url='dpi:/bm/' '>", server=0x8e2ff90 "bookmarks", flags=<value optimized out>) at capi.c:493 #7 0x0805f3cc in a_Capi_open_url (web=0x8305208, Call=0, CbData=0x0) at capi.c:365 #8 0x0805aa05 in Nav_open_url (bw=0x8e2e790, url=0x83d1878, offset=-1) at nav.c:238 #9 0x08050c61 in UI::handle (this=0x92be3a0, event=12) at ui.cc:760 #10 0x080e22dc in fltk::Widget::send () #11 0x080d3935 in fltk::TabGroup::handle () #12 0x08054538 in CustTabGroup::handle (this=<value optimized out>, e=<value optimized out>) at uicmd.cc:312 #13 0x080e22dc in fltk::Widget::send () #14 0x080b2c0f in fltk::Group::handle () #15 0x080e4439 in fltk::Window::handle () #16 0x080e22dc in fltk::Widget::send () #17 0x080c7749 in fltk::handle () #18 0x080cac10 in fltk::handle () #19 0x080cc32d in do_queued_events () #20 0x080cc5a8 in fltk::wait () #21 0x080cc784 in fltk::run () #22 0x0804f371 in main (argc=1, argv=0xbffff654) at dillo.cc:353 Current language: auto; currently c (gdb)
Good. This is hard to track and I spent a lot of time trying to figure a way for it to happen. I don't yet find it, but at least saw there may be a small race window while the conn is unref'ed twice. Protection committed. Please test. -- Cheers Jorge.-