Hi, now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea? (gdb) bt #0 dFree (mem=0x285c8000) at dlib.c:59 #1 0x08071ae7 in dStr_free (ds=0x285c0ed0, all=677150720) at dlib.c:291 #2 0x08058ef1 in a_Cache_set_content_type (url=0x28539500, ctype=0x285d2000 "text/html; charset=us-asci i", force=0 '\0') at cache.c:499 #3 0x08061a82 in Html_tag_open_meta (html=0x28689e00, tag=0x285c80a5 "<META http-equiv=\"Content-Type\" content=\"text/html; charset=us-ascii\">\n </HEAD >\n <BODY BGCOLOR=\"#ffffff\">\n <h1>The Mercurial Archives </h1>\n <p>\n You can get <a h ref=\"http://selenic.com"..., tagsize=70) at html.cc:3995 #4 0x080616c4 in Html_write_raw (html=0x28689e00, buf=0x285c8000 "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n<HTML>\n <HEAD>\n <title>T he Mercurial Archives</title>\n <META NAME=\"robots\" CONTENT=\"noindex,follow\">\n <META http-e quiv=\"Content-Type\" con"..., bufsize=1119, Eof=0) at html.cc:5653 #5 0x08061af1 in DilloHtml::write (this=0x28689e00, Buf=0x285c8000 "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n<HTML>\n <HEAD>\n <title>T he Mercurial Archives</title>\n <META NAME=\"robots\" CONTENT=\"noindex,follow\">\n <META http-e quiv=\"Content-Type\" con"..., BufSize=675443204, Eof=0) at html.cc:967 #6 0x080621ba in Html_callback (Op=0, Client=0x28549bc0) at html.cc:5883 #7 0x08058433 in Cache_process_queue (entry=0x285d4200) at cache.c:1075 #8 0x08058d98 in a_Cache_process_dbuf (Op=0, buf=0x285a1000 "HTTP/1.1 200 OK\r\nDate: Sat, 07 Jun 2008 09:35:46 GMT\r\nServer: Apache/1.3.34 (Deb ian) PHP/4.4.4-8+etch6 mod_ssl/2.8.25 OpenSSL/0.9.8c\r\nLast-Modified: Sat, 07 Jun 2008 08:24:59 GMT\r\n ETag: \"271005-41b5-4"..., buf_size=1440, Url=0x28539800) at cache.c:871 #9 0x0805650c in a_Chain_fcb (Op=675443204, Info=0x0, Data1=0x285c0340, Data2=0x80eb382) at chain.c:111 #10 0x08074440 in a_Dpi_ccc (Op=2, Branch=2, Dir=1, Info=0x285490c0, Data1=0x2848d5f0, Data2=0x0) at dpi .c:223 #11 0x0805650c in a_Chain_fcb (Op=675443204, Info=0x0, Data1=0x2848d5f0, Data2=0x0) at chain.c:111 #12 0x08074d61 in a_IO_ccc (Op=2, Branch=2, Dir=1, Info=0x28549ac0, Data1=0x285497c0, Data2=0x0) at IO.c :418 #13 0x08074eee in IO_callback (fd=<value optimized out>, io=0x285497c0) at IO.c:205 #14 0x08074fc7 in IO_fd_read_cb (fd=7, data=0xc) at IO.c:291 #15 0x080c2869 in fltk::wait () #16 0x080c2a19 in fltk::run () #17 0x0804e63d in main (argc=0, argv=0x0) at dillo.cc:125 (gdb) Cheers, Johannes
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
Yes, it does. Excellent! Johannes
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
--- dillo2/src/html.cc 2008-06-05 14:06:50.000000000 +0000 +++ dillo2-cur/src/html.cc 2008-06-07 14:16:37.000000000 +0000 @@ -5449,6 +5449,9 @@ static void Html_process_tag(DilloHtml * /* Call the open function for this tag */ Tags[ni].open (html, tag, tagsize);
+ if (html->stop_parser) + return; + /* Now parse attributes that can appear on any tag */ if (tagsize >= 8 && /* length of "<t id=i>" */ (attrbuf = Html_get_attr2(html, tag, tagsize, "id",
I tried to simplify the code by avoiding a return point in the middle of the function. It took long to figure a way! Please test the patch in CVS. -- Cheers Jorge.-
On Sat, Jun 07, 2008 at 06:49:22PM -0400, Jorge Arellano Cid wrote:
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
--- dillo2/src/html.cc 2008-06-05 14:06:50.000000000 +0000 +++ dillo2-cur/src/html.cc 2008-06-07 14:16:37.000000000 +0000 @@ -5449,6 +5449,9 @@ static void Html_process_tag(DilloHtml * /* Call the open function for this tag */ Tags[ni].open (html, tag, tagsize);
+ if (html->stop_parser) + return; + /* Now parse attributes that can appear on any tag */ if (tagsize >= 8 && /* length of "<t id=i>" */ (attrbuf = Html_get_attr2(html, tag, tagsize, "id",
I tried to simplify the code by avoiding a return point in the middle of the function. It took long to figure a way!
Please test the patch in CVS.
Are you sure it's in CVS? Current CVS still shows the bug. Cheers, Johannes
Johannes wrote:
On Sat, Jun 07, 2008 at 06:49:22PM -0400, Jorge Arellano Cid wrote:
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
--- dillo2/src/html.cc 2008-06-05 14:06:50.000000000 +0000 +++ dillo2-cur/src/html.cc 2008-06-07 14:16:37.000000000 +0000 @@ -5449,6 +5449,9 @@ static void Html_process_tag(DilloHtml * /* Call the open function for this tag */ Tags[ni].open (html, tag, tagsize);
+ if (html->stop_parser) + return; + /* Now parse attributes that can appear on any tag */ if (tagsize >= 8 && /* length of "<t id=i>" */ (attrbuf = Html_get_attr2(html, tag, tagsize, "id",
I tried to simplify the code by avoiding a return point in the middle of the function. It took long to figure a way!
Please test the patch in CVS.
Are you sure it's in CVS? Current CVS still shows the bug.
How is it breaking?
On Sun, Jun 08, 2008 at 08:55:52AM +0200, Johannes Hofmann wrote:
On Sat, Jun 07, 2008 at 06:49:22PM -0400, Jorge Arellano Cid wrote:
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
--- dillo2/src/html.cc 2008-06-05 14:06:50.000000000 +0000 +++ dillo2-cur/src/html.cc 2008-06-07 14:16:37.000000000 +0000 @@ -5449,6 +5449,9 @@ static void Html_process_tag(DilloHtml * /* Call the open function for this tag */ Tags[ni].open (html, tag, tagsize);
+ if (html->stop_parser) + return; + /* Now parse attributes that can appear on any tag */ if (tagsize >= 8 && /* length of "<t id=i>" */ (attrbuf = Html_get_attr2(html, tag, tagsize, "id",
I tried to simplify the code by avoiding a return point in the middle of the function. It took long to figure a way!
Please test the patch in CVS.
Are you sure it's in CVS? Current CVS still shows the bug.
Yes. If you have a switch statement in Html_process_tag(), that's it. -- Cheers Jorge.-
On Sun, Jun 08, 2008 at 11:36:57AM -0400, Jorge Arellano Cid wrote:
On Sun, Jun 08, 2008 at 08:55:52AM +0200, Johannes Hofmann wrote:
On Sat, Jun 07, 2008 at 06:49:22PM -0400, Jorge Arellano Cid wrote:
On Sat, Jun 07, 2008 at 02:24:09PM +0000, corvid wrote:
Johannes wrote:
now I've got some more info on that problem. The buffer on which Html_write_raw is operating (0x285c8000 in this case) is free'd by a_Cache_set_content_type(). I don't understand the details though. Do you have an idea?
Ah! Does this help?
--- dillo2/src/html.cc 2008-06-05 14:06:50.000000000 +0000 +++ dillo2-cur/src/html.cc 2008-06-07 14:16:37.000000000 +0000 @@ -5449,6 +5449,9 @@ static void Html_process_tag(DilloHtml * /* Call the open function for this tag */ Tags[ni].open (html, tag, tagsize);
+ if (html->stop_parser) + return; + /* Now parse attributes that can appear on any tag */ if (tagsize >= 8 && /* length of "<t id=i>" */ (attrbuf = Html_get_attr2(html, tag, tagsize, "id",
I tried to simplify the code by avoiding a return point in the middle of the function. It took long to figure a way!
Please test the patch in CVS.
Are you sure it's in CVS? Current CVS still shows the bug.
Yes.
If you have a switch statement in Html_process_tag(), that's it.
Now I've got it. Works fine. For some reason I got this change only now from CVS. Thanks, Johannes
participants (3)
-
corvid@lavabit.com -
jcid@dillo.org -
Johannes.Hofmann@gmx.de