Re: [elinks-users] Reproducable crash with ELinks 0.13.GIT

2013-05-14 Thread Witold Filipczyk 
W dniu 14.05.2013 o 10:58 Steffen Daode Nurpmeso sdao...@gmail.com pisze:

 Hello,
 i get a reproducable crash on Mac OS X Snow Leopard, seems to be
 a double free.
 Minimum reproducable HTML snippet is

   #!/bin/sh -
   cat  t.html  \!
   HTMLHEADTITLEA/TITLE
   META content=text/html; charset=GB2312  
 http-equiv=Content-Type/HEAD
   BODY/BODY/HTML
   !
   elinks t.html

 Results in

   elinks(8586) malloc: *** error for object 0x: pointer  
 being freed was not allocated

 The crash doesn't occur without a TITLE tag, nor with LATIN1
 charset.
 Ciao,

What valgrind says?
___
elinks-users mailing list
elinks-users@linuxfromscratch.org
http://linuxfromscratch.org/mailman/listinfo/elinks-users

Re: [elinks-users] Reproducable crash with ELinks 0.13.GIT

2013-05-14 Thread Daode 
Witold Filipczyk gglate...@gmail.com wrote:
 |W dniu 14.05.2013 o 10:58 Steffen Daode Nurpmeso sdao...@gmail.com pisze:
 |
 | Hello,
 | i get a reproducable crash on Mac OS X Snow Leopard, seems to be
 | a double free.
 | Minimum reproducable HTML snippet is
 |
 |   #!/bin/sh -
 |   cat  t.html  \!
 |   HTMLHEADTITLEA/TITLE
 |   META content=text/html; charset=GB2312  
 | http-equiv=Content-Type/HEAD
 |   BODY/BODY/HTML
 |   !
 |   elinks t.html
 |
 | Results in
 |
 |   elinks(8586) malloc: *** error for object 0x: pointer  
 | being freed was not allocated
 |
 | The crash doesn't occur without a TITLE tag, nor with LATIN1
 | charset.
 | Ciao,
 |
 |What valgrind says?

Aehm, my elinks was compiled on january 25 and i'm looking at your
commit 7dd4d9b7 at the very moment.  (I did not recompile though.)
Thanks for elinks!
Ciao,

--steffen

hmm, i'm not using programs like that.  :)
I.e., i stumbled over Electic Fence around year 2000, and that was
so terrible that we implemented a memory pool that, if compiled
with debug enabled, enwraps objects, like that:

  #if s_DEBUG
  struct Guard {
s_ui32  magic_back1;
s_ui32  magic_back2;
const char  *file_line;
s_uir   user_size;
s_ui16  linger_index;
s_bool  is_linger_free;
s_bool  is_free;
s_ui32  magic_lower;
/* (upper magic injected _after_ user chunk) */
  } s_PACKED;

  s_COMPILE_TIME_ASSERT(ALIGN_MIN(SZOF(Guard)) == SZOF(Guard));

 /* (+MIN includes 2*s_ui32 upper magics ...) */
  # define GUARD_SIZE_ADD   (SZOF(Guard) + s_MEMORYPOOL_MIN)
  # define GUARD_TO_PTR(GUARD,PTR) do { \
PTR = R(s_ui8*,GUARD) + SZOF(Guard);\
  } while (0)
  # define GUARD_FROM_PTR(GUARD,PTR) do {   \
GUARD = R(Guard*,((s_ui8*)PTR) - SZOF(Guard));  \
  } while (0)
  # define GUARD_FROM_PTR_CAST(PTR) \
R(Guard*,((s_ui8*)PTR) - SZOF(Guard))

(note this is half a lie, we, that is a C++ library and there
the type was Electron, since there were Atoms etc., you know;
besides ..).
So no, we and i *never* needed nor used a program like valgrind.

If you can't reproduce the crash with the snippet above, then
maybe it's already fixed on latest HEAD, or whatever, 
___
elinks-users mailing list
elinks-users@linuxfromscratch.org
http://linuxfromscratch.org/mailman/listinfo/elinks-users