Crash: Segfault - frameresource.c?

[Veggivore]

Warzone2100 Version games-strategy/warzone2100-2.0.5

Operating System
Gentoo Linux 2.6.18-r6

Hardware Information
AMD Sempron, NVidia GE FORCE 400 MX (nvidia-drivers)

Warzone2100 Configuration
no debug, no use flags that I can tell.

Bug Description
Segfaults after multiple assertion failures in frameresource.c:525 : resGetDataFromHash (FALSE)
Finally crashed with:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1223129392 (LWP 8008)]
0xb7bd396b in strlen () from /lib/libc.so.6

gdb output attached. Compiled without debug.

[DevUrandom]

Could you build with USE=debug and try to create a backtrace, eg. with "bt full"?
Would be nice, thanks!

[Veggivore]

Could you build with USE=debug and try to create a backtrace, eg. with "bt full"?
Would be nice, thanks!

Here goes.

[DevUrandom]

*klong*
I forgot to tell you that, for debugging symbols, you also need to set FEATURES=nostrip, because Gentoo otherwise strips the debug information...

[Veggivore]

--nosound fixes this issue. Helps when stoopid newbies read the "not-a-bug" posts.  ::)

Although I can't seem to locate my openalrc file, because Gentoo doesn't create one on emerge. So a created a default. Still crashed.

Turned off OSS emulation. All my problems are solved.

[DevUrandom]

No, Gentoo doesn't ship an openalrc, but one of the bug reports should have one attached.
So you problem is fixed now?

[Veggivore]

My response was a bit premature.  I found that when launching excessive amounts of projectiles at 20x speed reproduces this problem reliably.

I am recompiling with nostrip for a more verbose back trace.

Seems to be related to SDL on some level from what I can tell from stepping after the crash.

Attached gdb backtrace.

[Veggivore]

OK... Not adept at C just yet, but here is my first take on the issue.

// Not an error, more of a curiosity:

Code: Select all

structure.c line 7958:  if (psDroid->resistance <= 0)  // comparison of <= 0 does not match previous expressions of < 0

structure.c: electronicDamage:
Shouldnt the system check if droid count is exceeded before calling "(void)giftSingleDroid(psDroid, attackPlayer);"
It does this afterwards and calls recycledroid after giftSingleDroid.

Calls (void)giftSingleDroid(psDroid, attackPlayer); which clones the object, destroying the original pointer, later, the routine attempts to "recycle" the pointer to droid which is now invalid.

Code: Select all

droid.c: Line 6955 //got to destroy the droid and build another since there are too many complications re order/action!

Suggestion:

Code: Select all

		psDroid = giftSingleDroid(psDroid, attackPlayer);

[Veggivore]

Segfault goes away when CONSPRINTF is commented out in structure.c as follows:

Code: Select all

			// tell the cluster system it has been attacked
			clustObjectAttacked((BASE_OBJECT *)psDroid);
		        psDroid->resistance = (SWORD)(psDroid->resistance - damage);
		        if (psDroid->resistance <= 0) {
				//add a console message for the selected Player
			        if (psDroid->player == selectedPlayer) {

					//CONPRINTF(ConsoleString,(ConsoleString,strresGetString(
		                        //psStringRes,STR_GAM_ELECDAM)));

					//tell the scripts if selectedPlayer has lost a droid
					eventFireCallbackTrigger((TRIGGER_TYPE)CALL_ELECTRONIC_TAKEOVER);
				}
	                	bCompleted = TRUE;

[DevUrandom]

This bug is allready fixed in SVN and will be in 2.0.6
Thanks for your efforts!