SIGSEGV on new game, load game & exit

[naev]

Original issue 16 created by cpolymer... on 2009-04-06T01:26:40.000Z:

What version of NAEV are you using? On what operating system?

0.3.7 git trunk, commit 35742f6 on linux

Can you reproduce the bug? If so, how can you reproduce the bug?

Start a new game or load an old one or just exit the game.

Please attach the console output or paste it. Thank you for your bug
report. See http://code.google.com/p/naev/wiki/Debugging for help getting
more useful information in case of a segfault or infinite loop.

Output of gdb bt full, after clicking "Exit":

dimitri@aviva:~/Projects/naev$ gdb ./naev
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(gdb) run
Starting program: /home/dimitri/Projects/naev/naev
[Thread debugging using libthread_db enabled]
NAEV v0.3.7
[New Thread 0xb6c7c6e0 (LWP 7367)]
Sea of Darkness

SDL: 1.2.12 [compiled: 1.2.12]

OpenGL Window Created: 1280x1024@24bpp window
r: 8, g: 8, b: 8, a: 0, db: yes, fsaa: 0, tex: 2048
Renderer: GeForce4 MX 420/AGP/SSE2/3DNOW!
Version: 1.5.8 NVIDIA 96.43.09

[New Thread 0xb5014b90 (LWP 7370)]
SDL_Mixer: 1.2.8 [compiled: 1.2.8]
Driver: alsa
Format: 44100 Hz Stereo

Loaded 16 sounds
Loaded 25 songs
Loaded 14 AI Profiles
Loaded 16 Nebulae Layers
Loaded 14 Commodities
Loaded 15 Factions
Loaded 20 Missions
Loaded 50 Outfits
Loaded 26 Ships
Loaded 39 Fleets
Loaded 64 Star Systems with 35 Planets

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6c7c6e0 (LWP 7367)]
0xb7a5c472 in free () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt full

 0 0xb7a5c472 in free () from /lib/tls/i686/cmov/libc.so.6

No symbol table info available.

 1 0x080616c6 in economy_destroy () at src/economy.c:580

i = 1

 2 0x0807dd5b in unload_all () at src/naev.c:421

No locals.

 3 0x0807d7b5 in main (argc=1, argv=0xbfc291b4) at src/naev.c:274

buf =

"/home/dimitri/.naev/conf\000\201¿ƭ��\b<������\200\033\000\000)l��\b<��\000\004\000\000\000\000\000\000d\026(�\v\000\000\000�\201¿%\004\000\000
\000\000\000\2009����������
\000\000\000uy\�����\220\000\000\000\000\004\000\000\024\216¿%\004\000\000
\000\000\000\2009��$\000\000\000\002\000\000\000\000\000\000\000����\000\000\000\000\004�\005\000\000\000\000\000��������\004\000\000\000����",
'\0' <repeats 12 times>, "����\000\000\000\000\004�\005\000\024\222¿֫"...
event = {type = 12 '\f', active = {type = 12 '\f', gain = 0 '\0', state =
0 '\0'}, key = {type = 12 '\f',
which = 0 '\0', state = 0 '\0', keysym = {scancode = 199 '�', sym =
SDLK_UNKNOWN, mod = KMOD_LSHIFT, unicode = 0}},
motion = {type = 12 '\f', which = 0 '\0', state = 0 '\0', x = 7367, y =
0, xrel = 0, yrel = 0}, button = {type = 12 '\f',
which = 0 '\0', button = 0 '\0', state = 0 '\0', x = 7367, y = 0},
jaxis = {type = 12 '\f', which = 0 '\0',
axis = 0 '\0', value = 7367}, jball = {type = 12 '\f', which = 0 '\0',
ball = 0 '\0', xrel = 7367, yrel = 0}, jhat = {
type = 12 '\f', which = 0 '\0', hat = 0 '\0', value = 0 '\0'}, jbutton
= {type = 12 '\f', which = 0 '\0',
button = 0 '\0', state = 0 '\0'}, resize = {type = 12 '\f', w = 7367, h
= 0}, expose = {type = 12 '\f'}, quit = {
type = 12 '\f'}, user = {type = 12 '\f', code = 7367, data1 = 0x0,
data2 = 0x1}, syswm = {type = 12 '\f', msg = 0x1cc7}}
func = "main"

bt full for new game:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6e0c6e0 (LWP 7373)]
0xb7bec472 in free () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt full

 0 0xb7bec472 in free () from /lib/tls/i686/cmov/libc.so.6

No symbol table info available.

 1 0x080614bc in economy_init () at src/economy.c:470

i = 1

 2 0x0809abb1 in player_newMake () at src/player.c:343

ship = (Ship *) 0x9174490
sysname = 0x8e8a7c8 ""
bufsize = 359
buf = 0x8a0b620 ""
l = 10000
h = 20000
tl = 1300
th = 1400
x = 150
y = 150
node = (xmlNodePtr) 0x0
cur = (xmlNodePtr) 0x0
tmp = (xmlNodePtr) 0x0
doc = (xmlDocPtr) 0x8c34368
__func__ = "player_newMake"

 3 0x0809a1f6 in player_new () at src/player.c:217

r = 1
__func__ = "player_new"

 4 0x08077d30 in menu_main_new (wid=2, str=0x8e45810 "h��\b(J�\b\020") at

src/menu.c:205
No locals.

 5 0x080acbbb in toolkit_mouseEvent (event=0xbfab5f88) at src/toolkit.c:1064

i = 1
x = 79
y = 193
w = (Window *) 0x8f7a084
wgt = (Widget *) 0x8f92410

 6 0x080ac56d in toolkit_input (event=0xbfab5f88) at src/toolkit.c:937

No locals.

 7 0x0806f5f9 in input_handle (event=0xbfab5f88) at src/input.c:810

No locals.

 8 0x0807d77c in main (argc=1, argv=0xbfab7044) at src/naev.c:260

buf =

"/home/dimitri/.naev/conf\000_��ƭƷ\b<ַ��\t�\200\033\000\000)lз\b<ַ\000\004\000\000\000\000\000\000d\026A�\v\000\000\000``��%\004\000\000
\000\000\000\2009ַ��\t���\t�
\000\000\000uyu���\t�\220\000\000\000\000\004\000\000�l��%\004\000\000
\000\000\000\2009ַ$\000\000\000\002\000\000\000\000\000\000\000����\000\000\000\000\004�\005\000\000\000\000\000��������\004\000\000\000����",
'\0' <repeats 12 times>, "����\000\000\000\000\004�\005\000�p��֫"...
event = {type = 6 '\006', active = {type = 6 '\006', gain = 0 '\0', state
= 1 '\001'}, key = {type = 6 '\006',
which = 0 '\0', state = 1 '\001', keysym = {scancode = 79 'O', sym =
SDLK_UNKNOWN, mod = KMOD_NONE, unicode = 0}},
motion = {type = 6 '\006', which = 0 '\0', state = 1 '\001', x = 79, y =
193, xrel = 0, yrel = 0}, button = {
type = 6 '\006', which = 0 '\0', button = 1 '\001', state = 0 '\0', x =
79, y = 193}, jaxis = {type = 6 '\006',
which = 0 '\0', axis = 1 '\001', value = 79}, jball = {type = 6 '\006',
which = 0 '\0', ball = 1 '\001', xrel = 79,
yrel = 193}, jhat = {type = 6 '\006', which = 0 '\0', hat = 1 '\001',
value = 0 '\0'}, jbutton = {type = 6 '\006',
which = 0 '\0', button = 1 '\001', state = 0 '\0'}, resize = {type = 6
'\006', w = 12648527, h = 0}, expose = {
type = 6 '\006'}, quit = {type = 6 '\006'}, user = {type = 6 '\006',
code = 12648527, data1 = 0x0, data2 = 0x0},
---Type <return> to continue, or q <return> to quit---
syswm = {type = 6 '\006', msg = 0xc1004f}}
func = "main"

And for load game:

 0 0xb7a6b472 in free () from /lib/tls/i686/cmov/libc.so.6

No symbol table info available.

 1 0x080614bc in economy_init () at src/economy.c:470

i = 1

 2 0x080a0020 in load_game (file=0xbf933d24

"/home/dimitri/.naev/saves/Dimitri.ns") at src/save.c:320
node = (xmlNodePtr) 0x87b6368
doc = (xmlDocPtr) 0x87afd98
func = "load_game"

 3 0x0809fe83 in load_menu_load (wdw=3, str=0x87bcba0 "\001") at

src/save.c:254
save = 0x86e2398 "\002"
path =
"/home/dimitri/.naev/saves/Dimitri.ns\000=\223��\235��p�Q\b����h=\223�\021I��p�Q\b�?��\230M\223�t�\a\bp�Q\bior/aquatic.png\000@�\233\b�\222��@���1|��_{��@���1|��_{��xQ��t���1\000\000\000t���\002\000\000\000�L-\b\000\000\000\000�y\211�\000p\232\b\000p\232\b@Q���I|\b�I"\t\000\000\000\000\200p\232\b\030\000\000\000�L-\b8\001\000\000"...
wid = 3

 4 0x080acbbb in toolkit_mouseEvent (event=0xbf934e08) at src/toolkit.c:1064

i = 2
x = 359
y = 74
w = (Window *) 0x87adda8
wgt = (Widget *) 0x87b0790

 5 0x080ac56d in toolkit_input (event=0xbf934e08) at src/toolkit.c:937

No locals.

 6 0x0806f5f9 in input_handle (event=0xbf934e08) at src/input.c:810

No locals.

 7 0x0807d77c in main (argc=1, argv=0xbf935ec4) at src/naev.c:260

buf =

"/home/dimitri/.naev/conf\000N\223��\235��\b,���\233��\200\033\000\000)\��\b,��\000\004\000\000\000\000\000\000d\006)�\v\000\000\000�N\223�%\004\000\000
\000\000\000\200)���\233���\233��
\000\000\000ui]��\233��\220\000\000\000\000\004\000\000$[\223�%\004\000\000
\000\000\000\200)��$\000\000\000\002\000\000\000\000\000\000\000����\000\000\000\000\004�\005\000\000\000\000\000��������\004\000\000\000����",
'\0' <repeats 12 times>, "����\000\000\000\000\004�\005\000$_\223��\233"...
event = {type = 6 '\006', active = {type = 6 '\006', gain = 0 '\0', state
= 1 '\001'}, key = {type = 6 '\006',
which = 0 '\0', state = 1 '\001', keysym = {scancode = 103 'g', sym =
SDLK_UNKNOWN, mod = KMOD_NONE, unicode = 0}},
motion = {type = 6 '\006', which = 0 '\0', state = 1 '\001', x = 359, y =
74, xrel = 0, yrel = 0}, button = {
type = 6 '\006', which = 0 '\0', button = 1 '\001', state = 0 '\0', x =
359, y = 74}, jaxis = {type = 6 '\006',
which = 0 '\0', axis = 1 '\001', value = 359}, jball = {type = 6
'\006', which = 0 '\0', ball = 1 '\001', xrel = 359,
yrel = 74}, jhat = {type = 6 '\006', which = 0 '\0', hat = 1 '\001',
value = 0 '\0'}, jbutton = {type = 6 '\006',
which = 0 '\0', button = 1 '\001', state = 0 '\0'}, resize = {type = 6
'\006', w = 4850023, h = 0}, expose = {
type = 6 '\006'}, quit = {type = 6 '\006'}, user = {type = 6 '\006',
code = 4850023, data1 = 0x0, data2 = 0x0}, syswm = {
type = 6 '\006', msg = 0x4a0167}}
func = "main"

[naev]

Comment #1 originally posted by bobbens on 2009-04-06T09:07:17.000Z:

Hello,

I can't reproduce at all and valgrind checks come up clean. I've committed a few
patches to try ta address the issue, but in theory it should have been fine already.
Try running a make clean before compiling again and trying the changes.

From what it seems it looks the the "prices" member of Systems structures isn't being
set to NULL as it should, causing all segfaults because it checks against NULL to see
if it should free. It's strange.

Either way, try to sync with trunk again and the make clean and see what happens.

[naev]

Comment #2 originally posted by cpolymer... on 2009-04-07T20:56:03.000Z:

The patches solved the issue, thank you.

[naev]

Comment #3 originally posted by bobbens on 2009-04-07T21:09:06.000Z:

Ok, cool, marking as Verified.