Otto Moerbeek <[email protected]> wrote: > On Thu, Jun 11, 2020 at 05:15:28PM +0200, Romero Pérez, Abel wrote: > > > > > > > On 2020-06-11 17:07, Otto Moerbeek wrote: > > > On Thu, Jun 11, 2020 at 04:53:25PM +0200, Romero Pérez, Abel wrote: > > > > > > > > > > > > > > > On 2020-06-11 16:45, Klemens Nanni wrote: > > > > > On Thu, Jun 11, 2020 at 03:59:09PM +0200, Otto Moerbeek wrote: > > > > > > This already trips the bug; > > > > > > > > > > > > man -T html -c pfctl id > > > > > > > > > > > > No need for a custom man function. No clue yet why. > > > > > This is in mandoc's HTML parser, but only happens for multiple manuals > > > > > in html.c:html_reset_internal(): > > > > > > > > > > 164 while ((tag = h->tag) != NULL) { > > > > > 165 h->tag = tag->next; > > > > > 166 free(tag); > > > > > 167 } > > > > > > > > > > Note that it crashes differently depending on the optimization level: > > > > > > > > > > $ cd /usr/src/usr.bin/mandoc > > > > > $ make DEBUG=-O0 > > > > > $ ./obj/mandoc -Thtml `man -w id cat` >/dev/null ; echo $? > > > > > 0 > > > > > > > > > > $ make DEBUG=-O1 > > > > > $ ./obj/mandoc -Thtml `man -w id cat` >/dev/null > > > > > Segmentation fault (core dumped) > > > > > > > > > > $ make DEBUG=-O2 > > > > > $ ./obj/mandoc -Thtml `man -w id cat` >/dev/null > > > > > mandoc(32092) in free(): bogus pointer (double free?) > > > > > 0x6641bab613b > > > > > Abort trap (core dumped) > > > > > > > > > > Need to run now, but wanted to share what seems to be the right > > > > > direction. > > > > > > > > > Compile with -O0 to fix temporally the bug. > > > > But, I also want to note that a binary is not need to be specified, can > > > > be a > > > > just a file... (as second man entry). > > > > > > > > > > This fixes it for me, > > > > > > -Otto > > > > > > Index: main.c > > > =================================================================== > > > RCS file: /cvs/src/usr.bin/mandoc/main.c,v > > > retrieving revision 1.247 > > > diff -u -p -r1.247 main.c > > > --- main.c 24 Feb 2020 21:15:05 -0000 1.247 > > > +++ main.c 11 Jun 2020 15:06:43 -0000 > > > @@ -872,7 +872,7 @@ parse(struct mparse *mp, int fd, const c > > > if (outst->outdata == NULL) > > > outdata_alloc(outst, outconf); > > > else if (outst->outtype == OUTT_HTML) > > > - html_reset(outst); > > > + html_reset(outst->outdata); > > > mandoc_xr_reset(); > > > meta = mparse_result(mp); > > > > > Only one comment, don't use -O0 flag as optimization (disabled) to hunt more > > bugs of this kind. > > I have no clue what you mean by above sentence. If code has a bug, > optmization level might cause the bug to be hidden or exposed; it can > work both ways.
The person who didn't fix the bug is giving you advice about fixing the bug.
