Subject: Re: Word importer bugs #684 and #634
From: Justin Bradford (justin@ukans.edu)
Date: Sun Dec 19 1999 - 02:21:52 CST
> Yeah, something funky is going on here, but I'm not sure what either. For
> example, with VC's debug heap turned on, I got the following warning when
> opening a second document from a fresh CVS build:
>
> HEAP[AbiWord.exe]: HEAP: Free Heap block e10b10 modified at e15110 after it
> was freed
>
> Ick! When I ignored the assert, things continued to work, which is even
> spookier. :-(
The location of the crash depends on a number of things, including the
documents and whether you reload a document or open a new one. It suggests
to me that something is messing with memory it shouldn't be.
> Any caching logic which doesn't know how to clean up after itself may also
> have problems with reuse. Just a wild-eyed guess, though.
I'm pretty sure that wv is freeing/overwriting something it shouldn't. And
the reason it is doing this is because a pointer is not cleared when wv
finishes/initializes, so that it's bogus value is thought to be real.
This was the problem with a couple of things in wvConvert.c, which I
fixed. They were causing the crashes seen before, but something new, and
similar, I think, is still causing a crash now.
It's a difficult bug to track, and the only idea I have is to go through
the wv code looking for conditional memory allocations and corresponding
frees. I expect it to be something where if a pointer is not null, it is
assumed to have been already initialized and when/if this pointer is
freed, the variable is not set to null. This suggests that we're looking
for a global/static variable, too.
Justin
This archive was generated by hypermail 2b25 : Sun Dec 19 1999 - 02:21:58 CST