Bug 182280 - Segv on inital launch
Segv on inital launch
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: freedroid (Show other bugs)
4
All Linux
medium Severity high
: ---
: ---
Assigned To: Ville Skyttä
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-21 11:36 EST by Tethys
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.0.2-5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-24 10:43:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tethys 2006-02-21 11:36:12 EST
Description of problem:
freedroid segfaults on launch, and refuses to run at all

Version-Release number of selected component (if applicable):
freedroid-1.0.2-3

How reproducible:
Every time

Steps to Reproduce:
1. Launch freedroid
2. Segfault
3.

Additional info:

I couldn't find a debuginfo RPM, so this is all I've got:

leto:~% gdb /usr/bin/freedroid 
GNU gdb Red Hat Linux (6.3.0.0-1.84rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run
Starting program: /usr/bin/freedroid 
Reading symbols from shared object read from target memory...(no debugging symbo
ls found)...done.
Loaded system supplied DSO at 0xb7f13000
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1209567552 (LWP 18332)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)

Program received signal SIGSEGV, Segmentation fault.
---Type <return> to continue, or q <return> to quit---
[Switching to Thread -1209567552 (LWP 18332)]
0x0071b4cf in vfprintf () from /lib/libc.so.6
(gdb) bt
#0  0x0071b4cf in vfprintf () from /lib/libc.so.6
#1  0x007ba6cd in __vsnprintf_chk () from /lib/libc.so.6
#2  0x0805d07b in ?? ()
#3  0x0805df8f in ?? ()
#4  0x08057161 in ?? ()
#5  0x08061633 in ?? ()
#6  0x006f1d5f in __libc_start_main () from /lib/libc.so.6
#7  0x0804a2f1 in ?? ()
(gdb) 

leto:~% strace -f freedroid
[...]
open("/local/os/x86/linux/lib/tls/i686/sse2/libgcc_s.so.1", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/local/os/x86/linux/lib/tls/i686/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/local/os/x86/linux/lib/tls/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/local/os/x86/linux/lib/tls/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such
file or directory)
open("/local/os/x86/linux/lib/i686/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT
(No such file or directory)
open("/local/os/x86/linux/lib/i686/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/local/os/x86/linux/lib/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/local/os/x86/linux/lib/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such
file or directory)
open("tls/i686/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("tls/i686/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/libgcc_s.so.1", O_RDONLY)     = -1 ENOENT (No such file or directory)
open("i686/sse2/libgcc_s.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libgcc_s.so.1", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("sse2/libgcc_s.so.1", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("libgcc_s.so.1", O_RDONLY)         = -1 ENOENT (No such file or directory)
open("/lib/libgcc_s.so.1", O_RDONLY)    = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200F\301"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=40112, ...}) = 0
old_mmap(0xc13000, 37576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)
= 0xc13000
old_mmap(0xc1c000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0xc1c000
close(3)                                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ea6000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ea5000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7ea56c0, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0,
useable:1}) = 0
mprotect(0x831000, 4096, PROT_READ)     = 0
mprotect(0x800000, 8192, PROT_READ)     = 0
mprotect(0xc37000, 4096, PROT_READ)     = 0
mprotect(0x82b000, 4096, PROT_READ)     = 0
mprotect(0xb7ea9000, 446464, PROT_READ|PROT_WRITE) = 0
mprotect(0xb7ea9000, 446464, PROT_READ|PROT_EXEC) = 0
mprotect(0x6d9000, 4096, PROT_READ)     = 0
munmap(0xb7f34000, 46566)               = 0
set_tid_address(0xb7ea5708)             = 18460
rt_sigaction(SIGRTMIN, {0xc2d340, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xc2d3a8, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xbff409d0, 34, (nil), 0}) = 0
futex(0x28d7ca4, FUTEX_WAKE, 2147483647) = 0
gettimeofday({1140539992, 646989}, NULL) = 0
stat64("/local/home/tet/.freedroidClassic", {st_mode=S_IFDIR|0700, st_size=4096,
...}) = 0
brk(0)                                  = 0x8143000
brk(0x8164000)                          = 0x8164000
open("/local/home/tet/.freedroidClassic/config", O_RDONLY) = -1 ENOENT (No such
file or directory)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Comment 1 Ville Skyttä 2006-02-21 12:24:41 EST
The debuginfo packages are in the debug/ subdirectories of the corresponding
repositories, for example for FC4/i386 at
http://download.fedora.redhat.com/pub/fedora/linux/extras/4/i386/debug/

I'm unable to reproduce on FC4/i386 (headless, running remotely) or
FC5t3/x86_64, both launch it fine.

In addition to installing the debuginfo package and trying to obtain a better
backtrace, could you try running with the debug flag on (eg. -d 10) as well as
without sound (-q) (and possibly with other options, see --help) and see what
those result in?
Comment 2 Tethys 2006-02-21 12:30:17 EST
leto:~% gdb freedroid
GNU gdb Red Hat Linux (6.3.0.0-1.84rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
library "/lib/libthread_db.so.1".

(gdb) run
Starting program: /usr/bin/freedroid 
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0xdde000
[Thread debugging using libthread_db enabled]
[New Thread -1208801600 (LWP 19429)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208801600 (LWP 19429)]
0x0071b4cf in vfprintf () from /lib/libc.so.6
(gdb) bt
#0  0x0071b4cf in vfprintf () from /lib/libc.so.6
#1  0x007ba6cd in __vsnprintf_chk () from /lib/libc.so.6
#2  0x0805d07b in DebugPrintf (db_level=0, fmt=0x0) at misc.c:891
#3  0x0805df8f in LoadGameConfig () at misc.c:178
#4  0x08057161 in InitFreedroid (argc=1, argv=0xbf942b04) at init.c:918
#5  0x08061633 in main (argc=0, argv=0x0) at main.c:73
#6  0x006f1d5f in __libc_start_main () from /lib/libc.so.6
#7  0x0804a2f1 in _start ()
(gdb) quit
The program is running.  Exit anyway? (y or n) y
leto:~% freedroid -q -d 10
Segmentation fault
leto:~% freedroid --help
Segmentation fault
Comment 3 Ville Skyttä 2006-02-21 13:22:03 EST
Thanks, reproduced here with:

    $ rm -rf ~/.freedroidClassic
    $ mkdir ~/.freedroidClassic
    $ freedroid

The crash occurs in a warning statement when the config file
(~/.freedroidClassic/config) cannot be opened for some reason.  If
~/.freedroidClassic doesn't exist, the crashing code is never entered, so I
guess you should be able to work around it for now by removing the
~/.freedroidClassic directory or moving it somewhere else in case you have
something of importance (high scores etc) there.

Real fix coming up soon.
Comment 4 Tethys 2006-02-21 13:35:22 EST
Yep. Having looked, my .freedroidClassic directory was empty. Looking at the
source, the offending line appears to be in LoadGameConfig():

  DebugPrintf (0, "WARNING: failed to open config-file: %s\n");

You're not supplying any arguments for the %s. Anyway, as a temporary
workaround, removing the config dir worked.
Comment 5 Ville Skyttä 2006-02-21 13:52:59 EST
Right.  There's also another similar case in misc.c (when writing the config
file) as well as some room for other printf() improvements here and there.  Fix
submitted upstream already, will push package errata builds in a jiffy.

https://sf.net/tracker/?func=detail&aid=1436106&group_id=54521&atid=474018
Comment 6 Ville Skyttä 2006-02-24 10:43:40 EST
Fixed in 1.0.2-5.fc*

Note You need to log in before you can comment on or make changes to this bug.