Bug 432767 - Tuxtype segfaults when launched
Tuxtype segfaults when launched
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: tuxtype2 (Show other bugs)
9
x86_64 Linux
low Severity medium
: ---
: ---
Assigned To: Steven Pritchard
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-14 04:39 EST by Simon Andrews
Modified: 2008-10-15 22:12 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-15 22:10:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
gdb session which shows backtrace from tuxtype2 crash (16.32 KB, text/plain)
2008-02-14 04:39 EST, Simon Andrews
no flags Details
spec file for updated TuxType package (2.64 KB, text/plain)
2008-05-21 02:06 EDT, Jonathan Dieter
no flags Details
patch to avoid NULL deref (497 bytes, patch)
2008-09-13 13:45 EDT, Neil Horman
no flags Details | Diff
new updated version of the patch (1.38 KB, patch)
2008-09-14 21:07 EDT, Neil Horman
no flags Details | Diff

  None (edit)
Description Simon Andrews 2008-02-14 04:39:32 EST
Description of problem:
When launching tuxtype2 the program segfaults as soon as you try to start a game.

Version-Release number of selected component (if applicable):
1.5.3-2.fc6

How reproducible:
Always

Steps to Reproduce:
1. Start tuxtype2
2. Select a game from the list
3. Screen Freezes
  
Actual results:
Screen freezes, but running in a window shows that the program actually segfaults.


Additional info:
This was initially reported by someone on the fedora-users list, but they don't
seem to have created a bug report.  I tried it on my system and got the same
problem.

Both our systems are x86_64 so it might only happen on a 64 bit machine.

I've got a stack trace for the crash which I'll attach.
Comment 1 Simon Andrews 2008-02-14 04:39:32 EST
Created attachment 294899 [details]
gdb session which shows backtrace from tuxtype2 crash
Comment 2 Simon Andrews 2008-02-14 09:37:29 EST
I installed the SDL debuginfo package to try to get a more useful debug message
and it said:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496271280 (LWP 14399)]
0x0000000000402d99 in SDL_Quit () at src/SDL.c:217
217     {

So it looks like this might be an SDL bug rather than a tuxtype bug.  I'll leave
it assigned to tuxtype for the moment, but it might need to move.
Comment 3 Simon Andrews 2008-05-16 10:31:31 EDT
Updating to show that this still does exactly the same thing in F9.
Comment 4 Jonathan Dieter 2008-05-21 02:06:11 EDT
Created attachment 306213 [details]
spec file for updated TuxType package

This is a problem with TuxType.  Updating to 1.5.17 fixes the problem. 
Attached is a .spec file for 1.5.17.  If we could get this into F8 as well as
F9, I'd sure appreciate it.
Comment 5 Neil Horman 2008-09-13 13:45:40 EDT
Created attachment 316670 [details]
patch to avoid NULL deref

Here, its a bug in which ttf_letter doesn't check for a NULL return from TTF_RenderText_Solid.  It happens because we pass NULL in as the letter to render.  Seems like the right thing to do in that case is just to fail.  This patch fixes the problem for me.
Comment 6 Neil Horman 2008-09-14 21:07:33 EDT
Created attachment 316703 [details]
new updated version of the patch

Found another segfault at another point in the code, involving the same SDL function.  It appears that TTF_RenderText_Solid has some odd problems in which is behavior is undefined when passing in a string of non-printable characters.  Sometimes it returns null, sometimes it crashes inside the SDL library, etc.  This almost certainly makes it an SDL problem, but I know so very little about the internals of SDL.  This updated patch got tuxtype2 to work around the problem (and got my son to stop asking me if I'd fixed his game :)
Comment 7 Fedora Update System 2008-09-15 13:11:57 EDT
tuxtype2-1.5.17-1.fc8 has been submitted as an update for Fedora 8.
http://admin.fedoraproject.org/updates/tuxtype2-1.5.17-1.fc8
Comment 8 Fedora Update System 2008-09-15 13:12:00 EDT
tuxtype2-1.5.17-1.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/tuxtype2-1.5.17-1.fc9
Comment 9 Tom "spot" Callaway 2008-09-15 13:13:31 EDT
Update to 1.5.17 fixes crashes (at least in my smoke tests).

I am not the normal maintainer here, just the janitor getting this back to basic working order. Please test and give karma.
Comment 10 Fedora Update System 2008-09-16 19:27:46 EDT
tuxtype2-1.5.17-1.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tuxtype2'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-8126
Comment 11 Fedora Update System 2008-09-16 19:29:15 EDT
tuxtype2-1.5.17-1.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tuxtype2'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-8137
Comment 12 Fedora Update System 2008-10-15 22:10:17 EDT
tuxtype2-1.5.17-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2008-10-15 22:12:32 EDT
tuxtype2-1.5.17-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.