Player crashes when trying to load a BMP with < 8 bit palette #432

Closed
fdelapena opened this Issue Mar 6, 2015 · 3 comments

Projects

None yet

3 participants

@fdelapena
Member

It should exit without crashing, or just replace the Output::Error with Output::Warning to match current image warning policy and fill with a chess board. Or be even more tolerant and allow to load these images with smaller palettes (RPG_RT are not supporting them however).

The crash does not happen always. Here is the backtrace:

*** Error in `/usr/bin/easyrpg-player': corrupted double-linked list: 0x00000000023ba860 ***

55    return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);

#0  0x00007ffff36c08d7 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:55
        resultvar = 0
        pid = 23977
        selftid = 23977
#1  0x00007ffff36c253a in __GI_abort () at abort.c:89
        save_stage = 2
        act = {__sigaction_handler = {sa_handler = 0x6466203030303030, sa_sigaction = 0x6466203030303030}, sa_mask = {__val = {3690753981693374522, 2314885530820030772, 
              2314885530818453536, 3395749441387372576, 3918810539139167093, 3420042391722602292, 8029123697353646951, 7017503717531088228, 7378697426076788835, 3472328327201961830, 
              7365468305578407725, 8606977229197424742, 3472328296226648109, 3475143045726351408, 7378645556122361904, 9179280}}, sa_flags = 93, sa_restorer = 0x7fffffffd130}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007ffff3703da3 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff38132f0 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
        ap = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fffffffd140, reg_save_area = 0x7fffffffd0d0}}
        fd = 3
        on_2 = <optimized out>
        list = <optimized out>
        nlist = <optimized out>
        cp = <optimized out>
        written = <optimized out>
#3  0x00007ffff37100d8 in malloc_printerr (str=0x7ffff3810ef8 "corrupted double-linked list", ptr=<optimized out>, action=3) at malloc.c:4974
        buf = "00000000023ba860"
        cp = <optimized out>
#4  _int_free (have_lock=0, p=<optimized out>, av=0x7ffff3a43cc0 <main_arena>) at malloc.c:3981
        size = 12192
        nextsize = 80
        nextinuse = <optimized out>
        errstr = 0x0
        nextchunk = 0x23bd800
        prevsize = <optimized out>
        fwd = <optimized out>
        locked = 1
        fb = <optimized out>
        bck = <optimized out>
#5  __GI___libc_free (mem=<optimized out>) at malloc.c:2951
        ar_ptr = 0x7ffff3a43cc0 <main_arena>
        p = <optimized out>
        hook = <optimized out>
#6  0x000000000043d1d4 in __gnu_cxx::new_allocator<int>::deallocate (this=0x23ba658, __p=0x23bd670) at /usr/include/c++/4.9.2/ext/new_allocator.h:110
No locals.
#7  0x000000000043d1a3 in __gnu_cxx::__alloc_traits<std::allocator<int> >::deallocate (__a=..., __p=0x23bd670, __n=99) at /usr/include/c++/4.9.2/ext/alloc_traits.h:185
No locals.
#8  0x000000000043d146 in std::_Vector_base<int, std::allocator<int> >::_M_deallocate (this=0x23ba658, __p=0x23bd670, __n=99) at /usr/include/c++/4.9.2/bits/stl_vector.h:178
No locals.
#9  0x000000000043d092 in std::_Vector_base<int, std::allocator<int> >::~_Vector_base (this=0x23ba658, __in_chrg=<optimized out>) at /usr/include/c++/4.9.2/bits/stl_vector.h:160
No locals.
#10 0x000000000043d012 in std::vector<int, std::allocator<int> >::~vector (this=0x23ba658, __in_chrg=<optimized out>) at /usr/include/c++/4.9.2/bits/stl_vector.h:425
No locals.
#11 0x00000000004ebadf in Game_Actor::~Game_Actor (this=0x23ba630, __in_chrg=<optimized out>) at src/game_actor.h:34
No locals.
#12 0x00000000004ebb2c in boost::checked_delete<Game_Actor> (x=0x23ba630) at /usr/include/boost/checked_delete.hpp:34
No locals.
#13 0x00000000004ebeee in boost::detail::sp_counted_impl_p<Game_Actor>::dispose (this=0x22e3d30) at /usr/include/boost/smart_ptr/detail/sp_counted_impl.hpp:78
No locals.
#14 0x0000000000437848 in boost::detail::sp_counted_base::release (this=0x22e3d30) at /usr/include/boost/smart_ptr/detail/sp_counted_base_gcc_x86.hpp:146
No locals.
#15 0x00000000004378d7 in boost::detail::shared_count::~shared_count (this=0x23c5648, __in_chrg=<optimized out>) at /usr/include/boost/smart_ptr/detail/shared_count.hpp:371
No locals.
#16 0x00000000004eaa08 in boost::shared_ptr<Game_Actor>::~shared_ptr (this=0x23c5640, __in_chrg=<optimized out>) at /usr/include/boost/smart_ptr/shared_ptr.hpp:328
No locals.
#17 0x00000000004ebd30 in std::_Destroy<boost::shared_ptr<Game_Actor> > (__pointer=0x23c5640) at /usr/include/c++/4.9.2/bits/stl_construct.h:93
No locals.
#18 0x00000000004eba62 in std::_Destroy_aux<false>::__destroy<boost::shared_ptr<Game_Actor>*> (__first=0x23c5640, __last=0x23c5690) at /usr/include/c++/4.9.2/bits/stl_construct.h:103
No locals.
#19 0x00000000004eb812 in std::_Destroy<boost::shared_ptr<Game_Actor>*> (__first=0x23c5620, __last=0x23c5690) at /usr/include/c++/4.9.2/bits/stl_construct.h:126
No locals.
#20 0x00000000004eb463 in std::_Destroy<boost::shared_ptr<Game_Actor>*, boost::shared_ptr<Game_Actor> > (__first=0x23c5620, __last=0x23c5690)
    at /usr/include/c++/4.9.2/bits/stl_construct.h:151
No locals.
#21 0x00000000004ebf4a in std::vector<boost::shared_ptr<Game_Actor>, std::allocator<boost::shared_ptr<Game_Actor> > >::~vector (this=0x860800 <(anonymous namespace)::data>, 
    __in_chrg=<optimized out>) at /usr/include/c++/4.9.2/bits/stl_vector.h:424
No locals.
#22 0x00007ffff36c5392 in __run_exit_handlers (status=1, listp=0x7ffff3a436a0 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true) at exit.c:82
        atfct = <optimized out>
        onfct = <optimized out>
        cxafct = <optimized out>
        f = <optimized out>
#23 0x00007ffff36c53e5 in __GI_exit (status=<optimized out>) at exit.c:104
No locals.
#24 0x00000000005145cf in Output::ErrorStr (err="BMP image is not 8-bit.") at src/output.cpp:209
        recursive_call = true
#25 0x0000000000514434 in Output::Error (fmt=0x577d82 "BMP image is not 8-bit.") at src/output.cpp:181
        args = {{gp_offset = 8, fp_offset = 48, overflow_arg_area = 0x7fffffffd610, reg_save_area = 0x7fffffffd540}}
#26 0x000000000050ff78 in ImageBMP::ReadBMP (data=0x2270ce0 "BM\272\b", len=2234, transparent=true, width=@0x7fffffffd77c: 64, height=@0x7fffffffd778: 64, pixels=@0x7fffffffd770: 0x0)
    at src/image_bmp.cpp:100
        bits_offset = 186
        BI_RGB = 0
        BITMAPFILEHEADER_SIZE = 14
        vflip = true
        compression = -10592
        planes = 1
        depth = 4
        num_colors = 0
        palette = 0x7fffffffd6f0
        src_pixels = 0x8ba <error: Cannot access memory at address 0x8ba>
        dst = 0x2270ce0 "BM\272\b"
#27 0x0000000000510309 in ImageBMP::ReadBMP (stream=0x240ff90, transparent=true, width=@0x7fffffffd77c: 64, height=@0x7fffffffd778: 64, pixels=@0x7fffffffd770: 0x0)
    at src/image_bmp.cpp:148
        size = 2234
        buffer = std::vector of length 2234, capacity 2234 = {66 'B', 77 'M', 186 '\272', 8 '\b', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 186 '\272', 0 '\000', 
          0 '\000', 0 '\000', 108 'l', 0 '\000', 0 '\000', 0 '\000', 64 '@', 0 '\000', 0 '\000', 0 '\000', 64 '@', 0 '\000', 0 '\000', 0 '\000', 1 '\001', 0 '\000', 4 '\004', 
          0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 8 '\b', 0 '\000', 0 '\000', 19 '\023', 11 '\v', 0 '\000', 0 '\000', 19 '\023', 11 '\v', 0 '\000', 0 '\000', 
          16 '\020', 0 '\000', 0 '\000', 0 '\000', 16 '\020', 0 '\000', 0 '\000', 0 '\000', 66 'B', 71 'G', 82 'R', 115 's', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 
          0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 
          0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 
          0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 2 '\002', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 
          0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 56 '8', 56 '8', 56 '8', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 112 'p', 
          136 '\210', 72 'H', 0 '\000', 160 '\240', 160 '\240', 112 'p', 0 '\000', 208 '\320', 208 '\320', 152 '\230', 0 '\000', 64 '@', 80 'P', 40 '(', 0 '\000', 24 '\030', 40 '(', 
          24 '\030', 0 '\000', 248 '\370', 248 '\370', 192 '\300', 0 '\000', 248 '\370', 248 '\370', 248 '\370', 0 '\000', 80 'P', 88 'X', 88 'X', 0 '\000', 176 '\260', 176 '\260', 
          176 '\260', 0 '\000', 0 '\000', 8 '\b', 120 'x', 0 '\000', 208 '\320', 176 '\260', 144 '\220', 0 '\000', 144 '\220', 112 'p', 64 '@', 0 '\000', 248 '\370', 232 '\350', 
          184 '\270', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 0 '\000', 17 '\021', 17 '\021', 17 '\021', 17 '\021', 17 '\021', 
          17 '\021', 17 '\021', 17 '\021', 17 '\021'...}
#28 0x000000000049be80 in Bitmap::Bitmap (this=0x24914c0, filename="./Picture/ultros.bmp", transparent=true, flags=0) at src/bitmap.cpp:540
        ext = "bmp"
        stream = 0x240ff90
        w = 64
        data = "BM\272\b"
        bytes = 4
        namelen = 20
        h = 64
        pixels = 0x0
#29 0x000000000049ecec in boost::make_shared<Bitmap, std::string, bool, unsigned int> (a1="./Picture/ultros.bmp", a2=@0x7fffffffd85c: true, a3=@0x7fffffffd858: 0)
    at /usr/include/boost/smart_ptr/make_shared_object.hpp:783
        pt = {px = 0x0, pn = {pi_ = 0x24914a0}}
        pd = 0x24914b8
        pv = 0x24914c0
        pt2 = 0x4a9c9c
     <std::_Rb_tree<std::pair<std::string, std::string>, std::pair<std::pair<std::string, std::string> const, boost::weak_ptr<Bitmap> >, std::_Select1st<std::pair<std::pair<std::string, std::string> const, boost::weak_ptr<Bitmap> > >, std::less<std::pair<std::string, std::string> >, std::allocator<std::pair<std::pair<std::string, std::string> const, boost::weak_ptr<Bitmap> > > >::find(std::pair<std::string, std::string> const&)+172>
#30 0x00000000004990b6 in Bitmap::Create (filename="./Picture/ultros.bmp", transparent=true, flags=0) at src/bitmap.cpp:52
No locals.
#31 0x00000000004a27c1 in (anonymous namespace)::LoadBitmap (folder_name="Picture", filename="", transparent=true, flags=0) at src/cache.cpp:62
        path = "./Picture/ultros.bmp"
        key = {first = "Picture", second = "ultros"}
Python Exception <class 'gdb.error'> No type named const std::_Rb_tree_const_iterator<std::pair<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::basic_string<char, std::char_traits<char>, std::allocator<char> > > const, boost::weak_ptr<Bitmap> > >::_Link_type.: 
        it = 
#32 0x00000000004a6164 in (anonymous namespace)::LoadBitmap<(<unnamed>::Material::Type)8>(const std::string &, bool) (f="", transparent=true) at src/cache.cpp:149
        s = @0x84f540: {directory = 0x56e3e0 "Picture", transparent = true, min_width = 1, max_width = 640, min_height = 1, max_height = 480}
        ret = {px = 0x0, pn = {pi_ = 0x2a9e870}}
#33 0x00000000004a2bab in Cache::Picture (f="", trans=true) at src/cache.cpp:184
No locals.
#34 0x0000000000556705 in Game_Picture::Show (this=0x2295e00, _name="", _transparency=true) at src/game_picture.cpp:77
        bitmap = {px = 0x2aa09b8, pn = {pi_ = 0x23be900}}
#35 0x000000000054f28c in Game_Interpreter_Map::CommandShowPicture (this=0x23bdfd0, com=...) at src/game_interpreter_map.cpp:792
        pic_id = 1
        pic_name = ""
        y = 60
        magnify = 100
        red = 100
        bottom_trans = 25
        picture = 0x2295e00
        scrolls = false
        top_trans = 25
        effect = 0
        green = 100
        blue = 100
        saturation = 100
        speed = 0
        x = 160
        use_trans = true
#36 0x000000000054d743 in Game_Interpreter_Map::ExecuteCommand (this=0x23bdfd0) at src/game_interpreter_map.cpp:257
        com = @0x2a9e810: {code = 37480288, indent = 0, string = "", parameters = std::vector of length 16, capacity 16 = {0, 0, 160, 60, 0, 100, 25, 1, 100, 100, 100, 100, 0, 0, 25, 
            0}}
#37 0x00000000004f19ef in Game_Interpreter::Update (this=0x23bdfd0) at src/game_interpreter.cpp:242
No locals.
#38 0x00000000004f148f in Game_Interpreter::Setup (this=0x23bdfd0, _list=std::vector of length 3, capacity 3 = {...}, _event_id=1, dbg_x=1, dbg_y=8) at src/game_interpreter.cpp:114
No locals.
#39 0x00000000004f1b36 in Game_Interpreter::SetupStartingEvent (this=0x23bdfd0, ev=0x2aa05f0) at src/game_interpreter.cpp:271
No locals.
#40 0x000000000054a8a4 in Game_Event::Start (this=0x2aa05f0) at src/game_event.cpp:463
No locals.
#41 0x000000000054a8e6 in Game_Event::CheckEventTriggerAuto (this=0x2aa05f0) at src/game_event.cpp:469
No locals.
#42 0x000000000054a9e6 in Game_Event::Update (this=0x2aa05f0) at src/game_event.cpp:497
No locals.
#43 0x00000000004f95d6 in Game_Map::Update () at src/game_map.cpp:669
        i = {first = -134389760, second = {px = , pn = {pi_ = <_rtld_local+2456>}}}
#44 0x00000000004579b5 in Scene_Map::Update (this=0x2aa0440) at src/scene_map.cpp:108
No locals.
#45 0x0000000000454afd in Scene::MainFunction (this=0x2aa0440) at src/scene.cpp:101
        init = true
        __PRETTY_FUNCTION__ = "virtual void Scene::MainFunction()"
#46 0x000000000043d411 in Player::MainLoop () at src/player.cpp:170
No locals.
#47 0x000000000043d367 in Player::Run () at src/player.cpp:165
No locals.
#48 0x0000000000432f85 in main (argc=4, argv=0x7fffffffdec8) at src/platform/sdl_main.cpp:31
No locals.
@fdelapena fdelapena added the Crash label Mar 6, 2015
@fdelapena fdelapena added this to the 0.3 milestone Mar 6, 2015
@Ghabry
Member
Ghabry commented Mar 17, 2015

Can you attach a test case image?

@fdelapena fdelapena modified the milestone: 0.3.1, 0.3 Apr 29, 2015
@fdelapena
Member

16 color palette BMP sample for Picture (taken and converted from png from #358):
https://fran.cr/owncloud/index.php/s/JLyAjVhk56LLEfp/download

@Ghabry Ghabry modified the milestone: 0.3.1, 0.4, 0.4.1 Sep 6, 2015
@Ghabry Ghabry modified the milestone: 0.4.1, 0.6.0 Feb 19, 2016
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue May 26, 2016
@carstene1ns carstene1ns Support 4 bit BMP images. Related: #432 1754b11
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue May 26, 2016
@carstene1ns carstene1ns Do not crash on broken images. Related: #858,#432
This also degrades most image reader errors to warnings, because Player
does not need to close if one image is unreadable.
db1c558
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue May 30, 2016
@carstene1ns carstene1ns Do not crash on broken images. Related: #858,#432
This makes it also possible to degrades most image reader errors
to warnings, because Player can go on if one image is not useable.
329da6d
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue May 30, 2016
@carstene1ns carstene1ns Refactor BMP reader, support 4 bit BMP images.
Uses warnings instead of errors. Related: #432
df81b47
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Jul 14, 2016
@carstene1ns carstene1ns Do not crash on broken images. Related: #858,#432
This makes it also possible to degrades most image reader errors
to warnings, because Player can go on if one image is not useable.
60aa87b
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Jul 14, 2016
@carstene1ns carstene1ns Refactor BMP reader, support 4 bit BMP images.
Uses warnings instead of errors. Related: #432
fe7db7c
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Jul 24, 2016
@carstene1ns carstene1ns Do not crash on broken images. Related: #858,#432
This makes it also possible to degrades most image reader errors
to warnings, because Player can go on if one image is not useable.
b34415c
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Jul 24, 2016
@carstene1ns carstene1ns Refactor BMP reader, support 4 bit BMP images.
Uses warnings instead of errors. Related: #432
4d3cc13
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Aug 16, 2016
@carstene1ns carstene1ns Do not crash on broken images. Related: #858,#432
This makes it also possible to degrades most image reader errors
to warnings, because Player can go on if one image is not useable.
00376f1
@carstene1ns carstene1ns added a commit to carstene1ns/easyrpg-player that referenced this issue Aug 16, 2016
@carstene1ns carstene1ns Refactor BMP reader, support 4 bit BMP images.
Uses warnings instead of errors. Related: #432
f1e2d4b
@Ghabry Ghabry added a commit to Ghabry/easyrpg-player that referenced this issue Aug 23, 2016
@carstene1ns @Ghabry carstene1ns + Ghabry Do not crash on broken images. Related: #858,#432
This makes it also possible to degrades most image reader errors
to warnings, because Player can go on if one image is not useable.
b31327b
@Ghabry Ghabry added a commit to Ghabry/easyrpg-player that referenced this issue Aug 23, 2016
@carstene1ns @Ghabry carstene1ns + Ghabry Refactor BMP reader, support 4 bit BMP images.
Uses warnings instead of errors. Related: #432
385031b
@carstene1ns carstene1ns modified the milestone: 0.5.0, 0.7.0 Sep 3, 2016
@carstene1ns
Member

Fixed by #1008.

@carstene1ns carstene1ns closed this Sep 3, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment