MantisBT - NetSurf
View Issue Details
0002322NetSurf[All Projects] Generalpublic2015-05-31 19:532016-02-16 14:43
ReporterChris Young 
Assigned ToDaniel Silverstone 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionfixed 
PlatformAmigaOSAmigaOSOS Version4.1
Product Version3.4 
Target Version3.4Fixed in Version3.4 
Fixed in CI build #2788
Reported in CI build #2785
URL of problem pagehttps://boardgamegeek.com/boardgame/15817/manila
Summary0002322: Crash in form_free_control
DescriptionCrash in form_free_control when visiting https://boardgamegeek.com/boardgame/15817/manila
Steps To ReproduceVisit https://boardgamegeek.com/boardgame/15817/manila
Additional InformationStack trace:
    [render/form.c:256] form_free_control()+0x80 (section 1 @ 0xCC8A0)
    [render/form.c:224] form_free_control()+0x58 (section 1 @ 0xCC878)
    [render/box_construct.c:871] convert_xml_to_box()+0x5d4 (section 1 @ 0xC6708)
    [amiga/schedule.c:239] ami_schedule_handle()+0x178 (section 1 @ 0x385EC)
    [amiga/gui.c:2801] ami_get_msg()+0x5e8 (section 1 @ 0x1D0BC)
    [amiga/gui.c:5539] main()+0xb40 (section 1 @ 0x2081C)
    native kernel module newlib.library.kmod+0x000020ac
    native kernel module newlib.library.kmod+0x00002d5c
    native kernel module newlib.library.kmod+0x00002ef0
    _start()+0x170 (section 1 @ 0x16C)
    native kernel module dos.library.kmod+0x00024c18
    native kernel module kernel+0x0003b648
    native kernel module kernel+0x0003b6c8
TagsNo tags attached.
Attached Files

Notes
(0000853)
Vincent Sanders   
2015-06-01 00:14   
reproducible on gtk too

(gdb) run
Starting program: /home/vince/dev-netsurf/workspace/netsurf/nsgtk https://boardgamegeek.com/boardgame/15817/manila
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe9b92700 (LWP 6154)]
[New Thread 0x7fffe3079700 (LWP 6155)]
[New Thread 0x7fffe2878700 (LWP 6156)]
[New Thread 0x7fffe1e3c700 (LWP 6157)]
[New Thread 0x7fffe163b700 (LWP 6158)]
[New Thread 0x7fffe0e3a700 (LWP 6159)]
[New Thread 0x7fffdbfff700 (LWP 6160)]
[Thread 0x7fffdbfff700 (LWP 6160) exited]
[Thread 0x7fffe3079700 (LWP 6155) exited]
[Thread 0x7fffe0e3a700 (LWP 6159) exited]

Program received signal SIGSEGV, Segmentation fault.
0x00000000004e4aeb in form_free_control (control=0x1db1780) at render/form.c:256
256 for (c = control->form->controls; c != NULL; c = c->next) {
(gdb) p control
$1 = (struct form_control *) 0x1db1780
(gdb) p control->form
$2 = (struct form *) 0x0
(gdb) p *control
$3 = {node = 0x18ee340, html = 0x1237500, type = GADGET_SELECT, form = 0x0, name = 0x0, value = 0x0,
  initial_value = 0x0, disabled = false, box = 0x0, length = 0, maxlength = 0, selected = false, data = {
    image = {mx = 0, my = 0}, select = {num_items = 0, items = 0x0, last_item = 0x0, multiple = false,
      num_selected = 0, current = 0x0, menu = 0x0}, text = {ta = 0x0, initial = 0x0, data = {gadget = 0x0}}},
  prev = 0x0, next = 0x0}
(0000858)
Daniel Silverstone   
2015-06-03 19:41   
Slight bug in the form_free_control() routine which wasn't checking that the
form was non-NULL before iterating it.
(0001272)
Vincent Sanders   
2016-02-16 14:43   
Confirmed fixed in 3.4 release


Issue History
2015-05-31 19:53Chris YoungNew Issue
2015-06-01 00:14Vincent SandersNote Added: 0000853
2015-06-01 00:15Vincent SandersAssigned To => Daniel Silverstone
2015-06-01 00:15Vincent SandersStatusnew => confirmed
2015-06-01 00:15Vincent SandersDescription Updatedbug_revision_view_page.php?rev_id=1476#r1476
2015-06-01 00:15Vincent SandersAdditional Information Updatedbug_revision_view_page.php?rev_id=1478#r1478
2015-06-03 19:41Daniel SilverstoneFixed in CI build # => 2788
2015-06-03 19:41Daniel SilverstoneNote Added: 0000858
2015-06-03 19:41Daniel SilverstoneStatusconfirmed => resolved
2015-06-03 19:41Daniel SilverstoneFixed in Version => 3.4
2015-06-03 19:41Daniel SilverstoneTarget Version => 3.4
2015-10-31 21:44Vincent SandersResolutionopen => fixed
2016-02-16 14:43Vincent SandersNote Added: 0001272
2016-02-16 14:43Vincent SandersStatusresolved => closed
2016-02-16 14:43Vincent SandersNote Edited: 0001272bug_revision_view_page.php?bugnote_id=1272#r1816