Crashes in connection with annotations

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Crashes in connection with annotations

Urs Holzer
Hi

Long ago I reported this bug, however nobody took care of it. Also, the
bug itself is quite old. It was introduced somewhere around version
8.5. I investigated the problem a little bit. I found out more than I
reported last time. I ask myself why no-one else complains about this
problem. Does nobody use the annotations functionality anymore?

I observe the following:

1. When I load annotations of a page which actually has no annotations
at all, Amaya crashes with
*** glibc detected *** double free or corruption (!prev):
0x000000000427d000 ***

2. When I load annotations of a page which has at least one annotation,
everything works well. But as soon as this page gets cleaned away,
Amaya crashes with a segmentation fault.
With "cleaned away" I mean the following:
- I close the tab or window
- I enter another URI and laod it in the same tab
- I follow a link and load its target in the same tab
- I close Amaya

I used a debugger to make backtraces for both cases. They are attached,
bt_1.txt and bt_2.txt

Looking at the backtrace of situation 2, I see that the crash really
happens while closing a document. I guess that something gets freed
twice. However, Backtrace 2 does not indicate where to look for the
problem. But backtrace 1 is interesting. There we find that
RemoteLoad_callback at annotlib/ANNOTevent.c:591 calls TtaFreeMemory.
This line is:
  TtaFreeMemory (ctx->remoteAnnotIndex);

I simply have commented out this line and looked what happens. And
indeed, both crashes described above are gone. Of course this might have
introduced a memory leak ...

I give up at this point. I hope that the Amaya developers will be able
to eliminate this bug this time.

For the sake of completeness:
I tested it on Debian Linux Etch x86 as well as x86_64.

Greetings
Urs

bt_1.txt (3K) Download Attachment
bt_2.txt (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Crashes in connection with annotations

Irene Vatton-2

On Thursday 31 January 2008 22:30, Urs Holzer wrote:
> Hi
>
> Long ago I reported this bug, however nobody took care of it. Also, the
> bug itself is quite old. It was introduced somewhere around version
> 8.5. I investigated the problem a little bit. I found out more than I
> reported last time. I ask myself why no-one else complains about this
> problem. Does nobody use the annotations functionality anymore?

I only use local annotations.
I guess the ctx->remoteAnnotIndex is already freed in
LINK_LoadAnnotationIndex.
I hope the patch will fix the problem.
Thanks for the complete report.

>
> I observe the following:
>
> 1. When I load annotations of a page which actually has no annotations
> at all, Amaya crashes with
> *** glibc detected *** double free or corruption (!prev):
> 0x000000000427d000 ***
>
> 2. When I load annotations of a page which has at least one annotation,
> everything works well. But as soon as this page gets cleaned away,
> Amaya crashes with a segmentation fault.
> With "cleaned away" I mean the following:
> - I close the tab or window
> - I enter another URI and laod it in the same tab
> - I follow a link and load its target in the same tab
> - I close Amaya
>
> I used a debugger to make backtraces for both cases. They are attached,
> bt_1.txt and bt_2.txt
>
> Looking at the backtrace of situation 2, I see that the crash really
> happens while closing a document. I guess that something gets freed
> twice. However, Backtrace 2 does not indicate where to look for the
> problem. But backtrace 1 is interesting. There we find that
> RemoteLoad_callback at annotlib/ANNOTevent.c:591 calls TtaFreeMemory.
> This line is:
>   TtaFreeMemory (ctx->remoteAnnotIndex);
>
> I simply have commented out this line and looked what happens. And
> indeed, both crashes described above are gone. Of course this might have
> introduced a memory leak ...
>
> I give up at this point. I hope that the Amaya developers will be able
> to eliminate this bug this time.
>
> For the sake of completeness:
> I tested it on Debian Linux Etch x86 as well as x86_64.
>
> Greetings
> Urs

--
Irène Vatton @ INRIA Rhône-Alpes