<URL: http://bugs.freeciv.org/Ticket/Display.html?id=39583 >

Platform: linux (freeciv built from source)
GTK+ version: 2.10.14
Freeciv version: 2.1.0-beta5 (yes, I know it's not officially announced
yet, but that's the tarball it's built from)

Steps to reproduce:
  1. start a new local game
  2. build a new city

Expected results:
  1. a city should be built

Actual results:
  Freeciv crashes with the following backtrace:

#0  0x00002b68019b8f6e in IA__g_strdup (str=0x35 <Address 0x35 out of bounds>) 
at gstrfuncs.c:90
#1  0x00002b6801762c43 in value_collect_string (value=0x7fffa9d96b60, 
n_collect_values=1,
    collect_values=0x7fffa9d96b00, collect_flags=4294967295) at 
gvaluetypes.c:292
#2  0x00002b68017456e9 in IA__g_object_set_valist (object=0x3508550,
    first_property_name=<value optimized out>, var_args=0x7fffa9d96bc0) at 
gobject.c:1116
#3  0x00002b6801745d12 in IA__g_object_set (_object=0x3508550, 
first_property_name=0x4e4232 "text")
    at gobject.c:1207
#4  0x00000000004c3f41 in cell_render_func (col=<value optimized out>, 
rend=0x3508550,
    model=<value optimized out>, it=<value optimized out>, data=0x579fdd8) at 
wldlg.c:1011
#5  0x00002b6800f300bc in IA__gtk_tree_view_column_cell_set_cell_data 
(tree_column=0x576c6c0,
    tree_model=0x8efb80, iter=0x7fffa9d96fc0, is_expander=0, is_expanded=0) at 
gtktreeviewcolumn.c:2526
#6  0x00002b6800f182da in validate_row (tree_view=0x34d3200, tree=0x572ebd0, 
node=0x572e0a0,
    iter=0x7fffa9d96fc0, path=<value optimized out>) at gtktreeview.c:5524
#7  0x00002b6800f1bec8 in do_validate_rows (tree_view=0x34d3200, 
queue_resize=0) at gtktreeview.c:6102
#8  0x00002b6800f23fad in gtk_tree_view_size_request (widget=0x34d3200, 
requisition=0x34d3238)
    at gtktreeview.c:1984
#9  0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d97380, invocation_hint=0x7fffa9d97260) at 
gclosure.c:490
#10 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x34d3200,
    emission_return=0x0, instance_and_params=0x7fffa9d97380) at gsignal.c:2370
#11 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x34d3200, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d97600) at gsignal.c:2199
#12 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x34d3200,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#13 0x00002b6800ea6690 in compute_base_dimension (widget=0x35, 
mode=GTK_SIZE_GROUP_HORIZONTAL)
    at gtksizegroup.c:602
#14 0x00002b6800ea674d in compute_dimension (widget=<value optimized out>, 
mode=GTK_SIZE_GROUP_HORIZONTAL)
    at gtksizegroup.c:642
#15 0x00002b6800ea6844 in _gtk_size_group_compute_requisition 
(widget=0x34d3800, requisition=0x7fffa9d97780)
    at gtksizegroup.c:781
#16 0x00002b6800e9cd11 in gtk_scrolled_window_size_request (widget=0x576dbd0, 
requisition=0x576dc08)
    at gtkscrolledwindow.c:1165
#17 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d97af0, invocation_hint=0x7fffa9d979d0) at 
gclosure.c:490
#18 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x576dbd0,
    emission_return=0x0, instance_and_params=0x7fffa9d97af0) at gsignal.c:2370
#19 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x576dbd0, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d97d70) at gsignal.c:2199
#20 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x576dbd0,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#21 0x00002b6800ea686d in _gtk_size_group_compute_requisition 
(widget=0x576dbd0, requisition=0x0)
    at gtksizegroup.c:792
#22 0x00002b6800ebd373 in gtk_table_size_request (widget=0x576bf20, 
requisition=0x576bf58) at gtktable.c:960
#23 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d98200, invocation_hint=0x7fffa9d980e0) at 
gclosure.c:490
#24 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x576bf20,
    emission_return=0x0, instance_and_params=0x7fffa9d98200) at gsignal.c:2370
#25 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x576bf20, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d98480) at gsignal.c:2199
#26 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x576bf20,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#27 0x00002b6800ea686d in _gtk_size_group_compute_requisition 
(widget=0x576bf20, requisition=0x7fffa9d985a0)
    at gtksizegroup.c:792
#28 0x00002b6800f38b0b in gtk_vbox_size_request (widget=0x8f7f20, 
requisition=0x8f7f58) at gtkvbox.c:95
#29 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d98900, invocation_hint=0x7fffa9d987e0) at 
gclosure.c:490
#30 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x8f7f20,
    emission_return=0x0, instance_and_params=0x7fffa9d98900) at gsignal.c:2370
#31 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x8f7f20, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d98b80) at gsignal.c:2199
#32 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x8f7f20,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#33 0x00002b6800ea686d in _gtk_size_group_compute_requisition (widget=0x8f7f20, 
requisition=0x7fffa9d98ca0)
    at gtksizegroup.c:792
#34 0x00002b6800f38b0b in gtk_vbox_size_request (widget=0x8efd00, 
requisition=0x8efd38) at gtkvbox.c:95
#35 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d99000, invocation_hint=0x7fffa9d98ee0) at 
gclosure.c:490
#36 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x8efd00,
    emission_return=0x0, instance_and_params=0x7fffa9d99000) at gsignal.c:2370
#37 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x8efd00, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d99280) at gsignal.c:2199
#38 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x8efd00,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#39 0x00002b6800ea686d in _gtk_size_group_compute_requisition (widget=0x8efd00, 
requisition=0x7fffa9d99400)
    at gtksizegroup.c:792
#40 0x00002b6800e6b89a in gtk_notebook_size_request (widget=<value optimized 
out>,
    requisition=<value optimized out>) at gtknotebook.c:1683
#41 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d99770, invocation_hint=0x7fffa9d99650) at 
gclosure.c:490
#42 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x134e5c0,
    emission_return=0x0, instance_and_params=0x7fffa9d99770) at gsignal.c:2370
#43 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x134e5c0, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d999f0) at gsignal.c:2199
#44 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x134e5c0,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#45 0x00002b6800ea686d in _gtk_size_group_compute_requisition 
(widget=0x134e5c0, requisition=0x7fffa9d99b10)
    at gtksizegroup.c:792
#46 0x00002b6800f38b0b in gtk_vbox_size_request (widget=0x8f7310, 
requisition=0x8f7348) at gtkvbox.c:95
#47 0x00002b6801741210 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d99e70, invocation_hint=0x7fffa9d99d50) at 
gclosure.c:490
#48 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x8f7310,
    emission_return=0x0, instance_and_params=0x7fffa9d99e70) at gsignal.c:2370
#49 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x8f7310, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d9a0f0) at gsignal.c:2199
#50 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x8f7310,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#51 0x00002b6800ea686d in _gtk_size_group_compute_requisition (widget=0x8f7310, 
requisition=0x7fffa9d9a210)
    at gtksizegroup.c:792
#52 0x00002b6800f463c5 in gtk_window_size_request (widget=<value optimized 
out>, requisition=0x36e2b18)
    at gtkwindow.c:4444
#53 0x00002b6801741144 in IA__g_closure_invoke (closure=0x855ea0, 
return_value=0x0, n_param_values=2,
    param_values=0x7fffa9d9a540, invocation_hint=0x7fffa9d9a420) at 
gclosure.c:490
#54 0x00002b6801753021 in signal_emit_unlocked_R (node=0x891130, detail=0, 
instance=0x36e2ae0,
    emission_return=0x0, instance_and_params=0x7fffa9d9a540) at gsignal.c:2370
#55 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x36e2ae0, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d9a7c0) at gsignal.c:2199
#56 0x00002b6801755031 in IA__g_signal_emit_by_name (instance=0x36e2ae0,
    detailed_signal=0x2b6800fedcc8 "size_request") at gsignal.c:2267
#57 0x00002b6800ea686d in _gtk_size_group_compute_requisition 
(widget=0x36e2ae0, requisition=0x0)
    at gtksizegroup.c:792
#58 0x00002b6800f46700 in gtk_window_compute_configure_request 
(window=0x36e2ae0, request=0x7fffa9d9aa50,
    geometry=0x7fffa9d9aa10, flags=0x7fffa9d9aa7c) at gtkwindow.c:5297
#59 0x00002b6800f4de8b in gtk_window_show (widget=0x36e2ae0) at gtkwindow.c:4022
#60 0x00002b6801741144 in IA__g_closure_invoke (closure=0x84a9d0, 
return_value=0x0, n_param_values=1,
    param_values=0x7fffa9d9adb0, invocation_hint=0x7fffa9d9ac90) at 
gclosure.c:490
#61 0x00002b6801753021 in signal_emit_unlocked_R (node=0x890a00, detail=0, 
instance=0x36e2ae0,
    emission_return=0x0, instance_and_params=0x7fffa9d9adb0) at gsignal.c:2370
#62 0x00002b6801754d6b in IA__g_signal_emit_valist (instance=0x36e2ae0, 
signal_id=<value optimized out>,
    detail=0, var_args=0x7fffa9d9b030) at gsignal.c:2199
#63 0x00002b6801755128 in IA__g_signal_emit (instance=0x35, signal_id=1, 
detail=2849598208)
    at gsignal.c:2243
#64 0x00002b6800f41e2e in IA__gtk_widget_show (widget=0x36e2ae0) at 
gtkwidget.c:2224
#65 0x000000000042c057 in handle_city_packet_common (pcity=0x57669d0, 
is_new=true, popup=true,
    investigate=<value optimized out>) at packhand.c:662
#66 0x000000000042cb4f in handle_city_info (packet=0x57fa1a0) at packhand.c:581
#67 0x000000000042d435 in client_handle_packet (type=PACKET_PROCESSING_STARTED, 
packet=0x1)
    at packhand_gen.c:102
#68 0x000000000041281c in handle_packet_input (packet=0x1, type=21) at 
civclient.c:400
#69 0x0000000000415952 in input_from_server (fd=<value optimized out>) at 
clinet.c:382
#70 0x00002b68012ac502 in gdk_io_invoke (source=<value optimized out>, 
condition=<value optimized out>,
    data=<value optimized out>) at gdkevents.c:958
#71 0x00002b68019a1e15 in IA__g_main_context_dispatch (context=0x88b5a0) at 
gmain.c:2045
#72 0x00002b68019a49cd in g_main_context_iterate (context=0x88b5a0, block=1, 
dispatch=1,
    self=<value optimized out>) at gmain.c:2677
#73 0x00002b68019a4d02 in IA__g_main_loop_run (loop=0x1ecedc0) at gmain.c:2881
#74 0x00002b6800e4f5a4 in IA__gtk_main () at gtkmain.c:1154
#75 0x00000000004acfb5 in ui_main (argc=1, argv=0x7fffa9d9b908) at 
gui_main.c:1424
#76 0x0000000000412c3d in main (argc=<value optimized out>, 
argv=0x7fffa9d9b908) at civclient.c:357
#77 0x000000323e41d903 in __libc_start_main () from /lib/libc.so.6
#78 0x000000000040e599 in _start ()


It appears that somehow the column is getting screwed up:
(gdb) frame 4
#4  0x00000000004c3f41 in cell_render_func (col=<value optimized out>, 
rend=0x3508550,
    model=<value optimized out>, it=<value optimized out>, data=0x579fdd8) at 
wldlg.c:1011
1011    wldlg.c: No such file or directory.
        in wldlg.c
(gdb) p g_object_get_data(G_OBJECT(rend), "column")
$12 = -1
(gdb) p row[-1]
$13 = 0x35 <Address 0x35 out of bounds>

Unfortunately, I know nothing about GTK+ programming, so I'm afraid I
can't debug any further on my own; I'd be happy to try out patches or
poke at things further, though.

Thanks,
-- BKS

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to