Discussion:
dillo crash when dpid missing and view source used
eocene
2014-09-16 03:27:55 UTC
Permalink
...it happens at least as far back as 3.0.4 release.
James C
2014-09-16 04:00:21 UTC
Permalink
Confirming this on OSX 10.6.8. Chmod a-x dipd is enough to exercise the fault.

Here's a gdb backtrace where only html.cc is hacked, and it seems not
to be relevant:
---------------
(gdb) run
Starting program:
/Users/jamescone/buildTrees/dillo/versions/render/dillo-jfw01/src/dillo
Reading symbols for shared libraries
.+++++++++++++................................................................................
done
Error in re-setting breakpoint 1:
Function "main" not defined.
paths: Cannot open file '/Users/jamescone/.dillo/keysrc': No such file
or directory
paths: Cannot open file '/usr/local/etc/dillo/keysrc': No such file or directory
paths: Using internal defaults...
Domain: Default accept.
dillo_dns_init: Here we go! (threaded)
Reading symbols for shared libraries . done
Enabling cookies as from cookiesrc...
Reading symbols for shared libraries . done
** WARNING **: preferred serif font "DejaVu Serif" not found.
** WARNING **: preferred monospace font "DejaVu Sans Mono" not found.
** WARNING **: preferred cursive font "URW Chancery L" not found.
** WARNING **: preferred fantasy font "DejaVu Sans" not found.
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Reading symbols for shared libraries . done
Nav_open_url: new url='about:splash'
a_Dicache_cleanup: length = 0
Nav_open_url: new url='dpi:/vsource/:about:splash'
** ERROR **: [Dpi_read_comm_keys] No such file or directory
Dpi_start_dpid (child): Permission denied
Dpi_start_dpid: can't start dpid
** ERROR **: dpi.c: can't start dpi daemon
[dpid]: terminated normally (1)

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000008
0x000000010001823d in a_Chain_check (FuncStr=0x1001013a0 "a_Capi_ccc",
Op=2, Branch=1, Dir=2, Info=0x0) at chain.c:192
192 if (Info->Flags & (CCC_Ended + CCC_Aborted)) {
(gdb) bt
#0 0x000000010001823d in a_Chain_check (FuncStr=0x1001013a0
"a_Capi_ccc", Op=2, Branch=1, Dir=2, Info=0x0) at chain.c:192
#1 0x0000000100021137 in a_Capi_ccc (Op=2, Branch=1, Dir=2, Info=0x0,
Data1=0x101914780, Data2=0x0) at capi.c:623
#2 0x0000000100021026 in a_Capi_dpi_send_data (url=0x0,
bw=0x100550fa0, data=0x10192ee90 "<cmd='start_send_page'
url='dpi:/vsource/:about:splash' data_size='9560' '>", data_sz=75,
server=0x10010126b "vsource", flags=0) at capi.c:577
#3 0x00000001000210b3 in a_Capi_dpi_send_cmd (url=0x0,
bw=0x100550fa0, cmd=0x10192ee90 "<cmd='start_send_page'
url='dpi:/vsource/:about:splash' data_size='9560' '>",
server=0x10010126b "vsource", flags=0) at capi.c:594
#4 0x00000001000208f9 in Capi_dpi_send_source (bw=0x100550fa0,
url=0x100553e60) at capi.c:361
#5 0x0000000100020cd5 in a_Capi_open_url (web=0x100553e10, Call=0,
CbData=0x0) at capi.c:440
#6 0x000000010001aad0 in Nav_open_url (bw=0x100550fa0,
url=0x100551dd0, requester=0x0, offset=0) at nav.c:235
#7 0x000000010001ae74 in a_Nav_push (bw=0x100550fa0, url=0x100551dd0,
requester=0x0) at nav.c:355
#8 0x000000010000b64e in UIcmd_open_url_nbw (new_bw=0x100550fa0,
url=0x100551dd0) at uicmd.cc:761
#9 0x000000010000cfa8 in a_UIcmd_open_url_nt (vbw=0x101e1fe10,
url=0x100551dd0, focus=1) at uicmd.cc:792
#10 0x000000010000d111 in a_UIcmd_view_page_source (bw=0x101e1fe10,
url=0x101e0e680) at uicmd.cc:1214
#11 0x00000001000473fa in Menu_view_page_source_cb
(user_data=0x101e0e680) at menu.cc:160
#12 0x000000010004774c in Fl_Menu_Item::do_callback (this=0x10018c7c0,
o=0x10018c7c0) at Fl_Menu_Item.H:375
#13 0x0000000100046dbe in Menu_popup_cb (data=0x10018c790) at menu.cc:333
#14 0x00000001000a7db9 in do_timer () at object.cc:384
#15 0x00007fff84799bb8 in __CFRunLoopRun ()
#16 0x00007fff84797d8f in CFRunLoopRunSpecific ()
#17 0x00007fff868d374e in RunCurrentEventLoopInMode ()
#18 0x00007fff868d34b1 in ReceiveNextEventCommon ()
#19 0x00007fff868d340c in BlockUntilNextEventMatchingListInMode ()
#20 0x00007fff88f5deb2 in _DPSNextEvent ()
#21 0x00007fff88f5d801 in -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#22 0x00000001000a84ff in do_queued_events () at object.cc:384
#23 0x00000001000aabeb in fl_mac_flush_and_wait () at object.cc:384
#24 0x00000001000aeaa7 in Fl::run () at object.cc:384
#25 0x00000001000049f7 in main (argc=1, argv=0x7fff5fbff440) at dillo.cc:584
Current language: auto; currently c
(gdb)
---------
Post by eocene
...it happens at least as far back as 3.0.4 release.
_______________________________________________
Dillo-dev mailing list
http://lists.dillo.org/cgi-bin/mailman/listinfo/dillo-dev
Loading...