أحمد المحمودي <[EMAIL PROTECTED]> writes: > This time, the crash happened with the following scenario: > 1. in tty4, I run elinks and browsed to freshmeat.net > 2. in tty6, I ran elinks and went to download latest 0.13 snapshot of > elinks. > 3. After the download started, I closed the elinks in tty6. > Immediately the elinks in tty4 crashes (before the download > finishes) giving me the following error: > > Link: INTERNAL ERROR at > /tmp/buildd/elinks-0.13~20080928/src/main/select.c:149: assertion fd >= 0 && > fd < FD_SETSIZE failed: > set_handlers: handle -1 >= FD_SETSIZE 1024
I got the following from valgrind. I'm not sure whether it was before or after the assertion failure. ==14702== at 0x80DD791: read_from_socket (socket.c:945) ==14702== by 0x8104D0C: read_more_http_data (http.c:1180) ==14702== by 0x81052FE: read_http_data (http.c:1388) ==14702== by 0x80DD69B: read_select (socket.c:910) ==14702== by 0x80D27AA: select_loop (select.c:307) ==14702== by 0x80D1ADE: main (main.c:358) ==14702== Address 0x4F4E598 is 56 bytes inside a block of size 81 free'd ==14702== at 0x402210F: free (vg_replace_malloc.c:233) ==14702== by 0x812BED8: debug_mem_free (memdebug.c:484) ==14702== by 0x80D7C82: done_connection (connection.c:479) ==14702== by 0x80D8A44: abort_connection (connection.c:769) ==14702== by 0x80D99CE: cancel_download (connection.c:1053) ==14702== by 0x8110EB6: abort_download (download.c:143) ==14702== by 0x81115BC: download_data_store (download.c:337) ==14702== by 0x8111AFB: download_data (download.c:446) ==14702== by 0x80D7B33: notify_connection_callbacks (connection.c:458) ==14702== by 0x80D781E: set_connection_state (connection.c:388) ==14702== by 0x80D7132: set_connection_socket_state (connection.c:234) ==14702== by 0x80DD78D: read_from_socket (socket.c:943) Apparently, abort_connection() has closed the sockets of the connection, and done_connection() has then freed the connection and its sockets, but read_from_socket() does not know about that and tries to set up a read handler for the socket again. Because the socket has been freed, it is not even safe to check whether socket->fd is -1.
pgptFV5d6XnQl.pgp
Description: PGP signature
_______________________________________________ elinks-dev mailing list elinks-dev@linuxfromscratch.org http://linuxfromscratch.org/mailman/listinfo/elinks-dev
