Crash is reliable, repro is as simple as opening the level. Here's the C++ bt from GDB with full debuginfo installed: Program received signal SIGSEGV, Segmentation fault. ElementHandler<Block>::_removeColElementFromCells (this=this@entry=0x1172660, pColElem=pColElem@entry=0x0) at Collision.cpp:1087 1087 } (gdb) bt #0 ElementHandler<Block>::_removeColElementFromCells (this=this@entry=0x1172660, pColElem=pColElem@entry=0x0) at Collision.cpp:1087 #1 0x00000000006335b7 in moveElement (pColElem=0x0, this=0x1172660) at Collision.cpp:924 #2 CollisionSystem::moveDynBlock (this=0x1172560, id=<optimized out>) at Collision.cpp:798 #3 0x00000000006364c4 in SDynamicBlockMove::performMove (this=0x1165ef0, v_motoGame=0x11724e0, i_nbCents=1) at ScriptDynamicObjects.cpp:281 #4 0x0000000000636b8f in SDynamicObject::nextState (this=0x1165ef0, v_motoGame=<optimized out>, i_nbCents=1) at ScriptDynamicObjects.cpp:58 #5 0x000000000069ba61 in Scene::nextStateScriptDynamicObjects (this=this@entry=0x11724e0, i_nbCents=i_nbCents@entry=1) at xmscene/Scene.cpp:1237 #6 0x000000000069f64d in Scene::updateLevel (this=0x11724e0, timeStep=1, i_frameRecorder=0x294bb90, i_eventRecorder=0x294bb90, i_fast=false, i_allowParticules=<optimized out>, i_updateDiedPlayers=true) at xmscene/Scene.cpp:369 #7 0x0000000000490731 in StateScene::update (this=0x3378320) at states/StateScene.cpp:216 #8 0x000000000059ab46 in StatePlayingLocal::update (this=0x3378320) at states/StatePlayingLocal.cpp:165 #9 0x000000000047ef1d in StateManager::update (this=0xe513c0) at states/StateManager.cpp:306 #10 0x0000000000643db0 in GameApp::run_loop (this=this@entry=0xb6c9f0) at GameInit.cpp:816 #11 0x00000000006497ce in GameApp::run (this=0xb6c9f0, nNumArgs=nNumArgs@entry=1, ppcArgs=ppcArgs@entry=0x7fffffffde88) at GameInit.cpp:159 #12 0x00000000004104cd in main (nNumArgs=1, ppcArgs=0x7fffffffde88) at GameInit.cpp:120 I'll poke around upstream and see if there's anything. In the mean time if I can do anything to help track it down, let me know.
NULL ptr deref: 1085 /* remove cell from ColElem*/ 1086 pColElem->gridCells.clear(); 1087 } (gdb) p pColElem $1 = (ColElement<Block> *) 0x0 Looking backwards for cause...
796 void CollisionSystem::moveDynBlock(Block* id) 797 { 798 m_dynBlocksHandler.moveElement(id->getColElement()); 799 } id->getColElement() is NULL at this point.
(gdb) p *m_block $7 = {m_id = "block0", m_texture = "snow", The block with NULL m_collisionElement in frame 3.
No matching upstream bug that I can find.
Trying to reproduce, but I can't find that level, how do you navigate to it?
I go to "All levels", enter "snowing" in the search box, and it's the only one. It was (probably) downloaded as an player-created level from the internet by Xmoto's autodownloader... let me try to find it.
Here it is: http://xmoto.tuxfamily.org/pages/thumbnail.php?id_level=1538
This appears to be a level-specific bug due to a feature xmoto no longer supports. http://forum.xmoto.tuxfamily.org/viewtopic.php?f=48&t=3259 Since it's not a level shipped in the default install, that forum thread is probably the best place to have this resolved, since I have no way to publish a fix for the level.
Still, just because it's unsupported doesn't mean it should segfault ;-). Let me see if I can come up with some sort of reasonable patch...
I agree. If you can fix the level, send it upstream. If you can patch xmoto to let it run this level without breaking anything, I'll be happy to include it as well as send it upstream.
Looks like levels are simple XML files with some embedded Lua for level scripting, and then a bunch of vertexes describing shapes (+ textures along edges). I wonder what feature became deprecated...
None of the APIs used in the script seem deprecated[0]. The file uses only Game.GetPlayerPosition(), Game.GetBlockPos(), Game.SetDynamicBlockTranslation(), and Game.SetBlockPos(). All of these are documented in the scripted levels wiki. [0]: http://wiki.xmoto.tuxfamily.org/index.php?title=Scripted_levels
Created attachment 743522 [details] Patch to xmoto RPM sources to fix NULL deref Ok, reopening because I have a patch for you. This one is more of a bandaid than a real fix -- the 'snowing' effect is broken. A real fix might forward-port whatever feature(s) is/are missing. TODO ;).
Created attachment 743523 [details] patch to fix null de-ref Oh goddamnit, bugzilla ate my patch. Attaching as text...
BZ still seems to be munging things. Can you attach just the .diff as a .patch? I can probably recreate it but I want to be sure I get it right.
It seems fine to me. It's a git format-patch, apply with 'git apply'. I'll attach just the .diff as well...
Created attachment 744794 [details] Just the patch!
Ah, I'd never used one of those before. Thanks. :) Anyway, that looks good, your patch is a much more successful version of what I'd attempted. I'll send this upstream, and get builds out for rawhide->f18.
xmoto-0.5.10-7.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/xmoto-0.5.10-7.fc19
xmoto-0.5.10-7.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/xmoto-0.5.10-7.fc18
(In reply to comment #18) > Ah, I'd never used one of those before. Thanks. :) > > Anyway, that looks good, your patch is a much more successful version of > what I'd attempted. I'll send this upstream, and get builds out for > rawhide->f18. Awesome. It would be great if we could find out what changed since the level was created and fix either it or the game, but I don't think I'm going to investigate that on my own -- I'll wait to hear back from someone on the forum. I'm looking forward to F-19 GA, but I'm on F-18 for now -- give me a minute and I can give karma to the update(s) =).
Package xmoto-0.5.10-7.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing xmoto-0.5.10-7.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-7604/xmoto-0.5.10-7.fc19 then log in and leave karma (feedback).
xmoto-0.5.10-7.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
xmoto-0.5.10-7.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.