URL:
<http://gna.org/bugs/?20742>
Summary: Segfault before main menu
Project: Battle for Wesnoth
Submitted by: mathstuf
Submitted on: Thu Apr 18 03:35:59 2013
Category: Bug
Severity: 4 - Important
Priority: 5 - Normal
Item Group: None of the others
Status: None
Privacy: Public
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: 1.10.6
Operating System: Linux
_______________________________________________________
Details:
On Fedora Rawhide, Wesnoth crashes before the main menu. Tracking down the
crash, I've determined the following:
- Only happens in release mode (RelWithDebInfo doesn't crash either)
- valgrind doesn't mention anything doing use-after-free or out-of-bounds
reading
The backtrace:
#0 __memcpy_ssse3_back () at
../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:1578
#1 0x0000000000a28c70 in write_key_val_visitor::operator()(t_string const&)
const ()
#2 0x0000000000a28ea1 in write_key_val(std::ostream&, std::string const&,
config::attribute_value const&, unsigned int, std::string&) ()
#3 0x0000000000a291eb in write_internal(config const&, std::ostream&,
std::string&, unsigned long) ()
#4 0x0000000000a29249 in write_internal(config const&, std::ostream&,
std::string&, unsigned long) ()
#5 0x0000000000a29372 in write(std::ostream&, config const&, unsigned int)
()
#6 0x000000000074c2d1 in game_config::config_cache::write_file(std::string,
config const&) ()
#7 0x00000000007511e9 in game_config::config_cache::read_cache(std::string
const&, config&) ()
#8 0x000000000075246b in game_config::config_cache::load_configs(std::string
const&, config&) ()
#9 0x000000000048399b in game_controller::load_game_cfg(bool) ()
#10 0x0000000000484ccc in game_controller::init_config(bool) ()
#11 0x00000000004491a9 in do_gameloop(int, char**) ()
#12 0x000000000042c2e4 in main ()
In write_key_val_visitor (src/serialization/parser.cpp:454), the t_string
passed in is "\004\000\000Easy". Any gdb commands relating to the t_string
take a while. When the walker iterates over it, the walker is first:
(gdb) p w
$5 = {string_ = "\004\000\000Easy", begin_ = 3, end_ = 7, textdomain_ =
"wesnoth", translatable_ = true}
On the second iteration, in the current session of gdb (where the above line
came from), it's been trying to print the walker's value for the past 20
minutes. In one core dump I have, I see its value as:
(gdb) p w
$1 = {
string_ = "\256\256\256\256\256\256\256\256\060\000\000\000\000\000\000\000
\000\000\000\000\000\000\000\240\351\363\002", '\000' <repeats 12 times>,
"\017\000\000\000\000\000\000\aq\000\000\000\000\000\000\000P\366\342\002\000\000\000\000
_\324\002\000\000\000\000", '\256' <repeats 80 times>,
"p\000\000\000\000\000\000\000@\000\000\000\000\000\000\000\025\000\000\000\000\000\000\000\025\000\000\000\000\000\000\000\001\000\000\000QQQQANIMATIO"...<Address
0x3acc000 out of bounds>, begin_ = 7, end_ = 45276816, textdomain_ = "",
translatable_ = false}
The value passed in is the same in the core as the gdb session.
Moving the ~/.cache/wesnoth and ~/.config/wesnoth directories out of the way
does not help. There is no ~/.wesnoth1.10 directory.
_______________________________________________________
Reply to this item at:
<http://gna.org/bugs/?20742>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
_______________________________________________
Wesnoth-bugs mailing list
[email protected]
https://mail.gna.org/listinfo/wesnoth-bugs
