Ubuntu
abuse-sdl package

Abuse segfaults immediately on start (amd64)

Bug #3616 reported by Vermyndax
12
Affects Status Importance Assigned to Milestone
abuse-sdl (Ubuntu)
Fix Released
High
Motu Games Team

Bug Description

Abuse on AMD64 has decided it doesn't want to run... it segfaults
immediately on start.

vermyndax@raven-linux:~$ abuse
Added himem block (3072000 bytes)
Memory available : 3071856
Abuse-SDL 0.7.0
Fatal signal: Segmentation Fault (SDL Parachute Deployed)

Daniel Holbach (dholbach)
Changed in abuse-sdl:
assignee: nobody → motu
Daniel Holbach (dholbach)
Changed in abuse-sdl:
assignee: motu → motugames
Revision history for this message
Zak B. Elep (zakame) wrote :

This seems to be similar to Debian Bug #338834 . Can you or anyone else please confirm this by building an unstripped version of abuse-sdl on amd64 and run it on gdb? Thanks...

Revision history for this message
Vermyndax (vermyndax) wrote :

I don't know much about how to do that... can you educate me via email?

Revision history for this message
Lakin Wecker (lakin) wrote :
Download full text (6.3 KiB)

I built a debug version of abuse-sdl on amd64, the following is a backtrace and some extra info:

(gdb) r
Starting program: /home/lakin/Documents/remote-dev/abuse-sdl-0.7.0/src/abuse.sdl
[Thread debugging using libthread_db enabled]
[New Thread 46912536229648 (LWP 21777)]
Added himem block (3072000 bytes)
Memory available : 3071856
Abuse-SDL 0.7.0

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912536229648 (LWP 21777)]
0x00002aaaab6527ff in strcpy () from /lib/libc.so.6
(gdb) where
#0 0x00002aaaab6527ff in strcpy () from /lib/libc.so.6
#1 0x000000000048e747 in set_save_filename_prefix (
    save_prefix=0x2aaaad0ec0c0 "/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff"...) at specs.cpp:102
#2 0x0000000000480d09 in setup (argc=1, argv=0x7fffffca1418) at setup.cpp:374
#3 0x0000000000475c17 in main (argc=1, argv=0x7fffffca1418) at game.cpp:2611
(gdb) up
#1 0x000000000048e747 in set_save_filename_prefix (
    save_prefix=0x2aaaad0ec0c0 "/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff"...) at specs.cpp:102
102 strcpy( save_spec_prefix, save_prefix );
(gdb) print save_spec_prefix
$1 = 0x2aaaad0ec0d4 "/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff"...
(gdb) print save_prefix
$2 = 0x2aaaad0ec0c0 "/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff/home/lakin/.abu\uffff\uffff\016\uffff"...
(gdb) b specs.cpp:102
Breakpoint 1 at 0x48e737: file specs.cpp, line 102.
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/lakin/Documents/remote-dev/abuse-sdl-0.7.0/src/abuse.sdl
[Thread debugging using libthread_db enabled]
[New Thread 46912536229648 (LWP 21785)]
Added himem block (3072000 bytes)
Memory available : 3071856
Abuse-SDL 0.7.0
[Switching to Thread 46912536229648 (LWP 21785)]

Breakpoint 1, set_save_filename_prefix (save_prefix=0x2aaaad0ec0c0 "/home/lakin/.abu\u...

Read more...

Revision history for this message
Lakin Wecker (lakin) wrote :

Sorry about the long backtrace in the post, I'll use attachments from now on.

Revision history for this message
Tobi Vollebregt (tobivollebregt) wrote :

If I run it first time (or after rm -rf ~/.abuse), it crashes:

[...]
Engine : Registering base graphics
Palette has changed, recalculating light table...
white light [...................................... ]
tints [.................................. ]
Fatal signal: Segmentation Fault (SDL Parachute Deployed)
*** glibc detected *** corrupted double-linked list: 0x00000000005b5530 ***
Aborted

However, running it in gdb, it works fine, but crashes on exit:

*** glibc detected *** double free or corruption (!prev): 0x00000000005b5540 ***

Program received signal SIGABRT, Aborted.
0x00002aaaabffc11d in raise () from /lib/libc.so.6

After one time running it in gdb, it works the same every time after, no matter whether it runs in gdb or not: it works fine, but crashes on exit.

Maybe the "darkness calibration" and/or the writing of config files is at fault?

Revision history for this message
Lakin Wecker (lakin) wrote :

My initial comments were all based on the breezy-version of abuse. In dapper I have the same symptoms as Tobi.

Revision history for this message
Lakin Wecker (lakin) wrote : Abuse Backtrace From Dapper

This is a backtrace of abuse (compiled with debugging enabled and unstripped) ... The crash happens at exit.

Changed in abuse-sdl:
status: Unconfirmed → Confirmed
Revision history for this message
Dana Olson (adolson) wrote :

This same behaviour occurs on i386.

Revision history for this message
StefanPotyra (sistpoty) wrote :

Yep, segfaults also on i386, thus I'll take a look and try to fix it (I'm on i386 only).

Changed in abuse-sdl:
status: Confirmed → In Progress
Revision history for this message
Yuriy Kozlov (yuriy-kozlov) wrote :

For me it does not crash on start, but does give an error on exit:

yuriy@yuriku:~$ abuse
Disabling memory manager, using libc instead
Abuse-SDL 0.7.0
 Abuse (Version 2.00)
Sound : Disabled (couldn't find the sfx directory)
Specs : main file set to abuse.spe
Protocol Installed : UNIX generic TCPIP
Lisp : 529 symbols defined, 99 system functions, 321 pre-compiled functions
(load "abuse.lsp") [........................................]
Lisp : tmp space resized to 16384
Engine : Registering base graphics
Video : 640x400 32bpp
Creating responder on port 37008
Simulating broadcast to [127.0.0.255:37008]
Thank you for playing Abuse!

*** glibc detected *** double free or corruption (!prev): 0x00000000005b5560 ***
Aborted

This is running kubuntu dapper amd64, just updated.

Revision history for this message
Vermyndax (vermyndax) wrote : Re: [Bug 3616] Re: Abuse segfaults immediately on start (amd64)

It just occurred to me... Perhaps that *is* the game... To abuse the user.

--Verm

On 5/3/06 5:36 PM, "Yuriy Kozlov" <email address hidden> wrote:

> For me it does not crash on start, but does give an error on exit:
>
> yuriy@yuriku:~$ abuse
> Disabling memory manager, using libc instead
> Abuse-SDL 0.7.0
> Abuse (Version 2.00)
> Sound : Disabled (couldn't find the sfx directory)
> Specs : main file set to abuse.spe
> Protocol Installed : UNIX generic TCPIP
> Lisp : 529 symbols defined, 99 system functions, 321 pre-compiled functions
> (load "abuse.lsp") [........................................]
> Lisp : tmp space resized to 16384
> Engine : Registering base graphics
> Video : 640x400 32bpp
> Creating responder on port 37008
> Simulating broadcast to [127.0.0.255:37008]
> Thank you for playing Abuse!
>
>
> *** glibc detected *** double free or corruption (!prev): 0x00000000005b5560
> ***
> Aborted
>
> This is running kubuntu dapper amd64, just updated.

Revision history for this message
Asraniel (asraniel) wrote :

i get this crash:
Disabling memory manager, using libc instead
Abuse-SDL 0.7.0
 Abuse (Version 2.00)
Sound : Disabled (couldn't find the sfx directory)
Specs : main file set to abuse.spe
Protocol Installed : UNIX generic TCPIP
Lisp : 529 symbols defined, 99 system functions, 321 pre-compiled functions
(load "abuse.lsp") [........................................]
Lisp : tmp space resized to 16384
Engine : Registering base graphics
Palette has changed, recalculating light table...
white light [...................................... ]
tints [.................................. ]
Fatal signal: Segmentation Fault (SDL Parachute Deployed)

Revision history for this message
Vassilis Pandis (pandisv) wrote :

Stefan, did you get a chance to work on this? It's been "In Progress" for several months now ...

Revision history for this message
StefanPotyra (sistpoty) wrote :

Sorry, not to the extent that I could fix the problems. My current suspicion is that the segfault is caused somewhere by the lisp interpreter of abuse-sdl. I couldn't obtain a proper stacktrace though as it seems that abuse-sdl corrupts the stack :(.

Revision history for this message
Vassilis Pandis (pandisv) wrote :

Asraniel, may you can obtain a debug backtrace (http://wiki.ubuntu.com/DebuggingProgramCrash) to help track this down? The stack trace in 338834 is different from the original trace in this bug report, but this is because of the jmalloc fixes, I believe.

Revision history for this message
Kees Cook (kees) wrote :

This is a debdiff for edgy that solves the heap corruption.

Revision history for this message
Kees Cook (kees) wrote :

Apologies, that was for the wrong abuse bug... please disgregard.

Revision history for this message
Kees Cook (kees) wrote :

Here is a patch that solves the initial crash problems on amd64. However, from testing, it seems that the problem remains on i386.

Revision history for this message
Kees Cook (kees) wrote :

The i386 fix works as well. Attached is the debdiff that fixes the typo in the code that tried to use an already-freed file pointer.

Revision history for this message
Kees Cook (kees) wrote :

New debdiff. This solves sparc/ppc compilation problems as well.

Revision history for this message
Daniel T Chen (crimsun) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 26 Sep 2006 22:18:40 -0700
Source: abuse-sdl
Binary: abuse-sdl abuse
Architecture: source
Version: 1:0.7.0-4ubuntu3
Distribution: edgy
Urgency: low
Maintainer: Debian Games Team <email address hidden>
Changed-By: Kees Cook <email address hidden>
Description:
 abuse - SDL port of the Abuse action game
 abuse-sdl - SDL port of the Abuse action game
Changes:
 abuse-sdl (1:0.7.0-4ubuntu3) edgy; urgency=low
 .
   * Add "020_tint_fileptr.diff" to fix initial load crashes
     (Closes Ubuntu: #3616).
   * Add "020_header_order.diff" to fix compilation failures on
     sparc and powerpc builds.
Files:
 1bb2fe70f2da92eae073e2843c80d3d3 699 games optional abuse-sdl_0.7.0-4ubuntu3.ds
c
 a0597b7ce194fdd680a0011d51585e55 526523 games optional abuse-sdl_0.7.0-4ubuntu3
.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFGueNe9GwFciKvaMRAh20AJ9VkthPRIULo+8+QGKPbOMky6cZwQCff5AP
mJtH1mhof0wsVMyFSDmmp3Q=
=cxGt
-----END PGP SIGNATURE-----

Changed in abuse-sdl:
status: In Progress → Fix Committed
William Grant (wgrant)
Changed in abuse-sdl:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.