Bug 1515944 - [abrt] freedink-engine: safe_hasher(): freedink killed by SIGSEGV
Summary: [abrt] freedink-engine: safe_hasher(): freedink killed by SIGSEGV
Keywords:
Status: CLOSED DUPLICATE of bug 1448761
Alias: None
Product: Fedora
Classification: Fedora
Component: freedink
Version: 26
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Sylvain Beucler
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:406842dc3717705e8d138c24fc8...
: 1585499 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-21 16:35 UTC by Håkon Løvdal
Modified: 2018-06-03 21:51 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-21 21:48:05 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
File: backtrace (11.46 KB, text/plain)
2017-11-21 16:35 UTC, Håkon Løvdal 		no flags Details
File: cgroup (383 bytes, text/plain)
2017-11-21 16:35 UTC, Håkon Løvdal 		no flags Details
File: core_backtrace (3.52 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: cpuinfo (1.23 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: dso_list (5.32 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: environ (4.05 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: limits (1.29 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: maps (24.46 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: open_fds (357 bytes, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: proc_pid_status (1.29 KB, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
File: var_log_messages (311 bytes, text/plain)
2017-11-21 16:36 UTC, Håkon Løvdal 		no flags Details
Game save files (3.62 KB, application/octet-stream)
2017-11-21 21:44 UTC, Håkon Løvdal 		no flags Details
View All

Description Håkon Løvdal 2017-11-21 16:35:52 UTC 
Description of problem:
After playing freedink for the first time for an hour maybe, it crashed when exiting, leaving both monitors displaying the
same screen. This report is from the second crash where I started freedrink again to see if it perhaps would restore
screens properly on exit. But it crashed on selecting "continue" to play.

Version-Release number of selected component:
freedink-engine-108.4-4.fc26

Additional info:
reporter:       libreport-2.9.1
backtrace_rating: 4
cmdline:        /usr/bin/freedink
crash_function: safe_hasher
executable:     /usr/bin/freedink
journald_cursor: s=bca32a204a5c450e8d891064d4ae4e93;i=2ae21e;b=6546e3b51dba47d2b981b6ead0de5bfb;m=15212688ce0;t=55e80918c9cc4;x=862fe18a7aceec21
kernel:         4.13.10-200.fc26.x86_64
rootdir:        /
runlevel:       N 5
type:           CCpp
uid:            5000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 safe_hasher at hash.c:251
 #1 hash_lookup at hash.c:263
 #2 dinkc_bindings_lookup at dinkc_bindings.c:1964
 #3 process_line at dinkc_bindings.c:3070
 #4 run_script at dinkc.c:1123
 #5 load_game at dinkvar.c:1385
 #6 dc_load_game at dinkc_bindings.c:1280
 #7 process_line at dinkc_bindings.c:3126
 #8 run_script at dinkc.c:1123
 #9 process_talk at freedink.c:4407
Comment 1 Håkon Løvdal 2017-11-21 16:35:58 UTC 
Created attachment 1356858 [details]
File: backtrace
Comment 2 Håkon Løvdal 2017-11-21 16:35:59 UTC 
Created attachment 1356859 [details]
File: cgroup
Comment 3 Håkon Løvdal 2017-11-21 16:36:01 UTC 
Created attachment 1356860 [details]
File: core_backtrace
Comment 4 Håkon Løvdal 2017-11-21 16:36:03 UTC 
Created attachment 1356861 [details]
File: cpuinfo
Comment 5 Håkon Løvdal 2017-11-21 16:36:05 UTC 
Created attachment 1356862 [details]
File: dso_list
Comment 6 Håkon Løvdal 2017-11-21 16:36:07 UTC 
Created attachment 1356863 [details]
File: environ
Comment 7 Håkon Løvdal 2017-11-21 16:36:08 UTC 
Created attachment 1356864 [details]
File: limits
Comment 8 Håkon Løvdal 2017-11-21 16:36:10 UTC 
Created attachment 1356865 [details]
File: maps
Comment 9 Håkon Løvdal 2017-11-21 16:36:11 UTC 
Created attachment 1356866 [details]
File: open_fds
Comment 10 Håkon Løvdal 2017-11-21 16:36:13 UTC 
Created attachment 1356867 [details]
File: proc_pid_status
Comment 11 Håkon Løvdal 2017-11-21 16:36:15 UTC 
Created attachment 1356868 [details]
File: var_log_messages
Comment 12 Håkon Løvdal 2017-11-21 21:32:07 UTC 
Actually, this crash is related to loading a saved game, it was after "continue" on the first screen. Debugging with gdb gives the following:

(gdb) run                                                                                                                                                                                                                                    
Starting program: /usr/bin/freedink 
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.25-12.fc26.x86_64
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffee795700 (LWP 18192)]
(gdb) [New Thread 0x7fffe4d48700 (LWP 18200)]
[Thread 0x7fffe4d48700 (LWP 18200) exited]
[New Thread 0x7fffe4d48700 (LWP 18201)]

Thread 1 "freedink" received signal SIGSEGV, Segmentation fault.
safe_hasher (table=table@entry=0x55d6cb70, key=key@entry=0x7fffffffa5f0)
    at hash.c:251
251       size_t n = table->hasher (key, table->n_buckets);
Missing separate debuginfos, use: dnf debuginfo-install SDL-1.2.15-25.fc26.x86_64 SDL_gfx-2.0.25-5.fc26.x86_64 SDL_image-1.2.12-15.fc26.x86_64 SDL_mixer-1.2.12-12.fc26.x86_64 SDL_ttf-2.0.11-9.fc26.x86_64 bzip2-libs-1.0.6-22.fc26.x86_64 dbus-libs-1.11.18-1.fc26.x86_64 expat-2.2.4-1.fc26.x86_64 flac-libs-1.3.2-2.fc26.x86_64 fontconfig-2.12.6-4.fc26.x86_64 freetype-freeworld-2.7.1-7.fc26.x86_64 gsm-1.0.17-1.fc26.x86_64 jbigkit-libs-2.1-6.fc26.x86_64 libICE-1.0.9-9.fc26.x86_64 libSM-1.2.2-5.fc26.x86_64 libX11-1.6.5-2.fc26.x86_64 libXau-1.0.8-7.fc26.x86_64 libXcursor-1.1.14-8.fc26.x86_64 libXext-1.3.3-5.fc26.x86_64 libXfixes-5.0.3-2.fc26.x86_64 libXi-1.7.9-2.fc26.x86_64 libXrandr-1.5.1-2.fc26.x86_64 libXrender-0.9.10-2.fc26.x86_64 libXtst-1.2.3-2.fc26.x86_64 libasyncns-0.8-11.fc26.x86_64 libcap-2.25-5.fc26.x86_64 libgcc-7.2.1-2.fc26.x86_64 libgcrypt-1.7.9-1.fc26.x86_64 libgpg-error-1.25-2.fc26.x86_64 libjpeg-turbo-1.5.1-0.fc26.x86_64 libmikmod-3.3.11.1-1.fc26.x86_64 libogg-1.3.2-6.fc26.x86_64 libpng-1.6.28-2.fc26.x86_64 libselinux-2.6-7.fc26.x86_64 libsndfile-1.0.28-6.fc26.x86_64 libtiff-4.0.8-1.fc26.x86_64 libuuid-2.30.2-1.fc26.x86_64 libvorbis-1.3.5-2.fc26.x86_64 libxcb-1.12-3.fc26.x86_64 lz4-libs-1.8.0-1.fc26.x86_64 pcre-8.41-1.fc26.x86_64 pulseaudio-libs-11.1-6.fc26.x86_64 systemd-libs-233-7.fc26.x86_64 tcp_wrappers-libs-7.6-85.fc26.x86_64 xz-libs-5.2.3-2.fc26.x86_64 zlib-1.2.11-2.fc26.x86_64
(gdb) 

The above printed in terminal while screen in graphics mode, the following captured on a virtual terminal after hijacking the gdb instance:

$ pstree -plA | grep -w gdb
           |                |               |-bash(10888)---gdb(18183)-+-freedink(18188)-+-{freedink}(18192)
           |                |               |                          `-{gdb}(18185)
$ reptyr -T 18183
(gdb) bt
#0  safe_hasher (table=table@entry=0x55d6cb70, key=key@entry=0x7fffffffa5f0) at hash.c:251
#1  0x00005555555838df in hash_lookup (table=table@entry=0x55d6cb70, entry=entry@entry=0x7fffffffa5f0) at hash.c:263
#2  0x0000555555560161 in dinkc_bindings_lookup (hash=0x55d6cb70, funcname=funcname@entry=0x555556486790 "make_global_int") at dinkc_bindings.c:1964
#3  0x0000555555566671 in process_line (script=script@entry=1, s=s@entry=0x555555cf6230 "make_global_int(\"&exp\",0);\n", doelse=doelse@entry=0) at dinkc_bindings.c:3070
#4  0x000055555555b550 in run_script (script=1) at dinkc.c:1123
#5  0x000055555556a090 in load_game (num=num@entry=2) at dinkvar.c:1385
#6  0x000055555555d4f2 in dc_load_game (script=1, yield=0x7fffffffd120, preturnint=0x5555557955a8 <returnint>, game_slot=2) at dinkc_bindings.c:1280
#7  0x0000555555566a71 in process_line (script=script@entry=1, s=s@entry=0x55555639f6f0 "load_game(&result);\n", doelse=doelse@entry=0) at dinkc_bindings.c:3126
#8  0x000055555555b550 in run_script (script=1) at dinkc.c:1123
#9  0x0000555555580b5b in process_talk () at freedink.c:4407
#10 0x0000555555582e39 in updateFrame () at update_frame.c:911
#11 0x0000555555558bd7 in main (argc=<optimized out>, argv=<optimized out>) at freedink.c:5032
(gdb) list
246     /* Hash KEY and return a pointer to the selected bucket.
247        If TABLE->hasher misbehaves, abort.  */
248     static struct hash_entry *
249     safe_hasher (const Hash_table *table, const void *key)
250     {
251       size_t n = table->hasher (key, table->n_buckets);
252       if (! (n < table->n_buckets))
253         abort ();
254       return table->bucket + n;
255     }
(gdb) print n
$1 = <optimized out>
(gdb) print table->n_buckets
Cannot access memory at address 0x55d6cb80
(gdb) cont
Continuing.
[Thread 0x7fffe4d48700 (LWP 18201) exited]
X Error of failed request:  BadValue (integer parameter out of range for operation)
  Major opcode of failed request:  152 (XFree86-VidModeExtension)
  Minor opcode of failed request:  10 (XF86VidModeSwitchToMode)
  Value in failed request:  0xc800003
  Serial number of failed request:  186
  Current serial number in output stream:  188

Thread 1 "freedink" received signal SIGSEGV, Segmentation fault.
hash_free (table=0x55d6cb70) at hash.c:703
703       if (table->data_freer && table->n_entries)
(gdb) kill
Kill the program being debugged? (y or n) y
(gdb) quit
Comment 13 Håkon Løvdal 2017-11-21 21:44:56 UTC 
Created attachment 1357001 [details]
Game save files

Crashes on loading both save files.
Comment 14 Sylvain Beucler 2017-11-21 21:48:05 UTC 
I believe this is a duplicate of #1448761 .

*** This bug has been marked as a duplicate of bug 1448761 ***
Comment 15 Sylvain Beucler 2018-06-03 21:51:27 UTC 
*** Bug 1585499 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.