segmentation fault in widelands

Bug #1025014 reported by Jürgen Kosel on 2012-07-15
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
widelands
Medium
Nicolai Hähnle
widelands (Debian)
Fix Released
Unknown

Bug Description

Seemingly non-deterministic crash bug that has been reproduced on:
- Debian wheezy/sid 64-bit, Widelands build 17 (by Jürgen Kosel)
- Ubuntu 12.04 64-bit, Widelands ~bzr6400, both Release and Debug builds (by Hans Joachim Desserud and Nicolai Hähnle)

To reproduce:
1. Load the savegame flusslaender3 provided in comment #5
2. Wait up to 30 seconds

Remember that the crash does not happen deterministically.

Original bug description below:
-------------------------------
Dear Maintainer,
I have a saved game. If I reload this saved game, widelands crashes with
segmentation fault after about 30 seconds (But not always).

See gdb output below:
Current directory is /usr/games/
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/games/widelands...Reading symbols from /usr/lib/debug/usr/games/widelands...done.
done.
(gdb) run
Starting program: /usr/games/widelands
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Set home directory: /home/juergen/.widelands
No version file found
Adding directory:/usr/share/games/widelands
Version file found with id "build-17" (real "build-17" )
No version file found
Adding directory:/usr/share/games/widelands
Version file found with id "build-17" (real "build-17" )
No version file found
Adding directory:.
No version file found
Adding directory: /usr/games
No version file found
selected language: (system language)
using locale de_DE@euro
SDL_VIDEODRIVER=&
Graphics: Trying Video driver: 0 x11 SDL_VIDEODRIVER=x11
Graphics: Trying opengl
Graphics: Try to set Videomode 1200x900 32Bit
Graphics: Setting video mode was successful
Graphics: OpenGL: OpenGL enabled
Graphics: OpenGL: Double buffering enabled
Graphics: OpenGL: Max texture size: 8192
Graphics: OpenGL: Number of aux buffers: 4
Graphics: OpenGL: Number of stencil buffer bits: 0
Graphics: OpenGL: Maximum number of textures for multitextures: 4
Graphics: OpenGL: Version 3.3 "3.3.0 NVIDIA 295.53"
Graphics: OpenGL: Textures may have any size
Graphics: OpenGL: Multitexture capabilities insufficient, only basic terrain rendering possible
**** GRAPHICS REPORT ****
 VIDEO DRIVER x11
 hw surface possible 0
 window manager available 1
 blitz_hw 0
 blitz_hw_CC 0
 blitz_hw_A 0
 blitz_sw 0
 blitz_sw_CC 0
 blitz_sw_A 0
 blitz_fill 0
 video_mem 0
 vfmt 0xb88a80
 size 1200 900
**** END GRAPHICS REPORT ****
Graphics: flags: 2
[New Thread 0x7fffe74dc700 (LWP 11375)]
[Thread 0x7fffe74dc700 (LWP 11375) exited]
[New Thread 0x7fffe74dc700 (LWP 11376)]
[] Section [global], key 'EXENAME' not used (did you spell the name correctly?)
Registering script: (aux,coroutine)
Registering script: (aux,format_help)
Registering script: (aux,formatting)
Registering script: (aux,infrastructure)
Registering script: (aux,objective_utils)
Registering script: (aux,set)
Registering script: (aux,table)
Registering script: (aux,ui)
Registering script: (aux,win_condition_functions)
Registering script: (aux,win_condition_texts)
Game: Reading Preload Data ... done
Game: Reading Game Class Data ... done
Game: Reading Map Data ... No version file found
Parsing world bobs...
Parsing global bobs in world...
Parsing map gen info...
 done
Game: Reading Player Info ... Compatibility ware "flax"="thatchreed" loaded.
Registering script: (tribe_barbarians,sc00_headquarters_medium)
Registering script: (tribe_barbarians,sc01_citadel_village)
Registering script: (tribe_empire,sc00_headquarters_medium)
Registering script: (tribe_empire,sc01_castle_village)
Registering script: (tribe_atlanteans,sc00_headquarters_medium)
Registering script: (tribe_atlanteans,sc01_castle_village)
 done
Game: Reading Map Data Complete!
Reading Elemental Data ... done!
 Reading Player Names And Tribe Data ... done!
 Reading Port Spaces Data ... done!
 Reading Heights Data ... done!
 Reading Terrain Data ... done!
 Reading Map Objects ... done
Reading Player Start Position Data ... done!
 Reading Resources Data ... done!
 Reading Map Extra Data ... done!
 Reading Allowed Worker Types Data ... done!
 Reading Allowed Building Types Data ... done!
 Reading Node Ownership Data ... done!
 Reading Exploration Data ... done!
 Reading AreaWatchers Data ... done!
 Reading Flag Data ... done!
 Reading Road Data ... done!
 Reading Building Data ... done!
 Reading Flagdata Data ... done!
 Reading Roaddata Data ... done!
 Reading Buildingdata Data ... done!
 Second and third phase loading Map Objects ... done
Reading Players View Data ... Vision check successful for player 1
Vision check successful for player 2
Vision check successful for player 3
Vision check successful for player 4
Vision check successful for player 5
Vision check successful for player 6
Vision check successful for player 7
done!
 Reading Player Message Data ... done!
 Reading Objective Data ... done!
 Reading Scripting Data ... done!
 Game: Reading Map Data Complete done!
Game: Reading Player Economies Info ... done
Game: Reading Command Queue Data ... done
Game: Enqueuing comands to expire player's messages ... done
Game: Reading Interactive Player Data ... done
Starting replay writer
Game: Writing Preload Data ... done
Game: Writing Game Class Data ... done
Game: Writing Player Info ... done
Game: Writing Map Data!
Writing Elemental Data ... done!
 Writing Player Names And Tribe Data ... done!
 Writing Port Spaces Data ... done!
 Writing Heights Data ... done!
 Writing Terrain Data ... done!
 Writing Player Start Position Data ... done!
 Writing Player Message Data ... done!
 Writing Resources Data ... done!
 Writing Map Extra Data ... done!
 Writing Allowed Worker Types Data ... done!
 Writing Flag Data ... done!
 Writing Road Data ... done!
 Writing Building Data ... done!
 Writing Area Watchers Data ... done!
 Writing Map Objects ... done!
 Writing Flagdata Data ... done!
 Writing Roaddata Data ... done!
 Writing Buildingdata Data ... done!
 Writing Node Ownership Data ... done!
 Writing Exploration Data ... done!
 Writing Players Unseen Data ... done!
 Writing Scripting Data ... nwritten: 13473
done!
 Writing Objective Data ... done!
 Game: Writing Map Data done!
Game: Writing Player Economies Info ... done
Game: Writing Command Queue Data ... nwritten: 1773
 done
Game: Writing Interactive Player Data ... done
Reloading the game from replay
TI(10276): destination disappeared or economy mismatch -> fail
TI(8767): destination disappeared or economy mismatch -> fail
TI(8469): destination disappeared or economy mismatch -> fail
TI(8895): destination disappeared or economy mismatch -> fail
TI(9079): destination disappeared or economy mismatch -> fail
TI(8507): destination disappeared or economy mismatch -> fail
TI(8514): destination disappeared or economy mismatch -> fail
TI(8822): destination disappeared or economy mismatch -> fail
TI(9198): destination disappeared or economy mismatch -> fail
TI(9999): destination disappeared or economy mismatch -> fail
TI(8306): destination disappeared or economy mismatch -> fail
TI(8267): destination disappeared or economy mismatch -> fail
TI(7749): destination disappeared or economy mismatch -> fail
TI(8582): destination disappeared or economy mismatch -> fail
TI(8512): destination disappeared or economy mismatch -> fail
TI(8447): destination disappeared or economy mismatch -> fail
TI(8413): destination disappeared or economy mismatch -> fail
TI(8408): destination disappeared or economy mismatch -> fail
TI(8992): destination disappeared or economy mismatch -> fail
TI(9254): destination disappeared or economy mismatch -> fail
TI(8564): destination disappeared or economy mismatch -> fail
TI(8655): destination disappeared or economy mismatch -> fail
TI(8340): destination disappeared or economy mismatch -> fail
TI(8550): destination disappeared or economy mismatch -> fail
TI(8645): destination disappeared or economy mismatch -> fail
TI(8411): destination disappeared or economy mismatch -> fail
TI(8260): destination disappeared or economy mismatch -> fail
TI(8246): destination disappeared or economy mismatch -> fail
TI(9670): destination disappeared or economy mismatch -> fail
TI(9474): destination disappeared or economy mismatch -> fail
TI(9029): destination disappeared or economy mismatch -> fail
TI(8656): destination disappeared or economy mismatch -> fail
TI(9002): destination disappeared or economy mismatch -> fail
TI(8685): destination disappeared or economy mismatch -> fail
TI(8896): destination disappeared or economy mismatch -> fail
TI(7918): destination disappeared or economy mismatch -> fail
TI(8697): destination disappeared or economy mismatch -> fail
TI(9417): destination disappeared or economy mismatch -> fail
TI(9072): destination disappeared or economy mismatch -> fail
TI(8097): destination disappeared or economy mismatch -> fail
TI(9264): destination disappeared or economy mismatch -> fail
TI(8676): destination disappeared or economy mismatch -> fail
TI(8353): destination disappeared or economy mismatch -> fail
TI(7813): destination disappeared or economy mismatch -> fail
TI(9018): destination disappeared or economy mismatch -> fail
TI(8749): destination disappeared or economy mismatch -> fail
TI(7897): destination disappeared or economy mismatch -> fail
TI(9090): destination disappeared or economy mismatch -> fail
TI(9290): destination disappeared or economy mismatch -> fail
TI(9105): destination disappeared or economy mismatch -> fail
TI(8568): destination disappeared or economy mismatch -> fail
TI(8636): destination disappeared or economy mismatch -> fail
TI(8627): destination disappeared or economy mismatch -> fail
TI(8626): destination disappeared or economy mismatch -> fail
TI(8744): destination disappeared or economy mismatch -> fail
TI(8635): destination disappeared or economy mismatch -> fail
TI(8752): destination disappeared or economy mismatch -> fail
TI(8762): destination disappeared or economy mismatch -> fail
TI(8561): destination disappeared or economy mismatch -> fail
TI(9130): destination disappeared or economy mismatch -> fail
TI(9862): destination disappeared or economy mismatch -> fail
TI(9084): destination disappeared or economy mismatch -> fail
TI(9734): destination disappeared or economy mismatch -> fail
TI(10394): destination disappeared or economy mismatch -> fail
TI(10199): destination disappeared or economy mismatch -> fail
TI(9984): destination disappeared or economy mismatch -> fail
TI(9790): destination disappeared or economy mismatch -> fail
TI(9390): destination disappeared or economy mismatch -> fail
TI(9988): destination disappeared or economy mismatch -> fail
TI(10187): destination disappeared or economy mismatch -> fail
TI(9901): destination disappeared or economy mismatch -> fail
TI(9850): destination disappeared or economy mismatch -> fail
TI(10146): destination disappeared or economy mismatch -> fail
TI(9385): destination disappeared or economy mismatch -> fail
TI(9420): destination disappeared or economy mismatch -> fail
TI(9480): destination disappeared or economy mismatch -> fail
TI(10045): destination disappeared or economy mismatch -> fail
TI(9461): destination disappeared or economy mismatch -> fail
TI(9633): destination disappeared or economy mismatch -> fail
TI(9145): destination disappeared or economy mismatch -> fail
TI(10202): destination disappeared or economy mismatch -> fail
TI(10053): destination disappeared or economy mismatch -> fail
TI(9831): destination disappeared or economy mismatch -> fail
TI(10372): destination disappeared or economy mismatch -> fail
TI(10261): destination disappeared or economy mismatch -> fail
TI(10185): destination disappeared or economy mismatch -> fail
TI(10369): destination disappeared or economy mismatch -> fail
TI(9983): destination disappeared or economy mismatch -> fail
TI(10099): destination disappeared or economy mismatch -> fail
TI(9682): destination disappeared or economy mismatch -> fail
TI(9462): destination disappeared or economy mismatch -> fail
TI(10308): destination disappeared or economy mismatch -> fail
TI(9925): destination disappeared or economy mismatch -> fail
TI(9956): destination disappeared or economy mismatch -> fail
TI(9987): destination disappeared or economy mismatch -> fail
TI(8922): destination disappeared or economy mismatch -> fail
TI(9764): destination disappeared or economy mismatch -> fail
TI(10239): destination disappeared or economy mismatch -> fail
TI(9239): destination disappeared or economy mismatch -> fail
TI(9281): destination disappeared or economy mismatch -> fail
TI(9722): destination disappeared or economy mismatch -> fail
TI(9377): destination disappeared or economy mismatch -> fail
TI(10174): destination disappeared or economy mismatch -> fail
TI(10314): destination disappeared or economy mismatch -> fail
TI(9769): destination disappeared or economy mismatch -> fail
TI(9977): destination disappeared or economy mismatch -> fail
TI(10395): destination disappeared or economy mismatch -> fail
TI(10402): destination disappeared or economy mismatch -> fail
TI(9177): destination disappeared or economy mismatch -> fail
TI(9347): destination disappeared or economy mismatch -> fail
TI(10092): destination disappeared or economy mismatch -> fail
TI(10171): destination disappeared or economy mismatch -> fail
TI(8719): destination disappeared or economy mismatch -> fail
TI(9032): destination disappeared or economy mismatch -> fail
TI(9218): destination disappeared or economy mismatch -> fail
TI(9369): destination disappeared or economy mismatch -> fail
TI(9398): destination disappeared or economy mismatch -> fail
TI(9234): destination disappeared or economy mismatch -> fail
TI(9335): destination disappeared or economy mismatch -> fail
TI(10403): destination disappeared or economy mismatch -> fail
TI(8789): destination disappeared or economy mismatch -> fail
TI(9098): destination disappeared or economy mismatch -> fail
TI(7848): destination disappeared or economy mismatch -> fail
TI(7243): destination disappeared or economy mismatch -> fail
TI(8228): destination disappeared or economy mismatch -> fail
TI(8026): destination disappeared or economy mismatch -> fail
TI(8237): destination disappeared or economy mismatch -> fail
TI(7881): destination disappeared or economy mismatch -> fail
TI(7537): destination disappeared or economy mismatch -> fail
TI(7948): destination disappeared or economy mismatch -> fail
TI(7067): destination disappeared or economy mismatch -> fail
TI(8216): destination disappeared or economy mismatch -> fail
TI(7691): destination disappeared or economy mismatch -> fail
TI(8901): destination disappeared or economy mismatch -> fail
TI(7783): destination disappeared or economy mismatch -> fail
TI(7180): destination disappeared or economy mismatch -> fail
TI(7029): destination disappeared or economy mismatch -> fail
TI(7494): destination disappeared or economy mismatch -> fail
TI(7291): destination disappeared or economy mismatch -> fail
TI(9050): destination disappeared or economy mismatch -> fail
TI(7869): destination disappeared or economy mismatch -> fail
TI(10323): destination disappeared or economy mismatch -> fail
TI(10151): destination disappeared or economy mismatch -> fail
TI(8192): destination disappeared or economy mismatch -> fail
TI(8209): destination disappeared or economy mismatch -> fail
TI(7760): destination disappeared or economy mismatch -> fail
TI(7734): destination disappeared or economy mismatch -> fail
TI(9252): destination disappeared or economy mismatch -> fail
TI(7395): destination disappeared or economy mismatch -> fail
TI(7516): destination disappeared or economy mismatch -> fail
TI(8121): destination disappeared or economy mismatch -> fail
TI(7975): destination disappeared or economy mismatch -> fail
TI(6183): destination disappeared or economy mismatch -> fail
TI(10017): destination disappeared or economy mismatch -> fail
TI(8630): destination disappeared or economy mismatch -> fail
TI(8624): destination disappeared or economy mismatch -> fail
TI(7351): destination disappeared or economy mismatch -> fail
TI(8035): destination disappeared or economy mismatch -> fail
TI(8081): destination disappeared or economy mismatch -> fail
TI(7980): destination disappeared or economy mismatch -> fail
TI(8503): destination disappeared or economy mismatch -> fail
TI(8456): destination disappeared or economy mismatch -> fail
TI(7583): destination disappeared or economy mismatch -> fail
TI(7940): destination disappeared or economy mismatch -> fail
TI(8219): destination disappeared or economy mismatch -> fail
TI(7696): destination disappeared or economy mismatch -> fail
TI(7208): destination disappeared or economy mismatch -> fail
TI(7861): destination disappeared or economy mismatch -> fail
TI(8538): destination disappeared or economy mismatch -> fail
TI(7853): destination disappeared or economy mismatch -> fail
TI(7682): destination disappeared or economy mismatch -> fail
TI(7840): destination disappeared or economy mismatch -> fail
TI(9749): destination disappeared or economy mismatch -> fail
TI(7339): destination disappeared or economy mismatch -> fail
TI(7620): destination disappeared or economy mismatch -> fail
TI(9236): destination disappeared or economy mismatch -> fail
TI(8590): destination disappeared or economy mismatch -> fail
TI(7875): destination disappeared or economy mismatch -> fail
TI(8377): destination disappeared or economy mismatch -> fail
TI(8633): destination disappeared or economy mismatch -> fail
TI(8688): destination disappeared or economy mismatch -> fail
TI(8073): destination disappeared or economy mismatch -> fail
TI(8553): destination disappeared or economy mismatch -> fail
TI(9338): destination disappeared or economy mismatch -> fail
TI(9071): destination disappeared or economy mismatch -> fail
TI(9295): destination disappeared or economy mismatch -> fail
TI(9351): destination disappeared or economy mismatch -> fail
TI(9828): destination disappeared or economy mismatch -> fail
TI(8240): destination disappeared or economy mismatch -> fail
TI(7729): destination disappeared or economy mismatch -> fail
TI(7726): destination disappeared or economy mismatch -> fail
TI(7032): destination disappeared or economy mismatch -> fail
TI(7347): destination disappeared or economy mismatch -> fail
TI(7826): destination disappeared or economy mismatch -> fail
TI(9321): destination disappeared or economy mismatch -> fail
TI(9974): destination disappeared or economy mismatch -> fail
TI(8834): destination disappeared or economy mismatch -> fail
TI(10041): destination disappeared or economy mismatch -> fail
TI(7078): destination disappeared or economy mismatch -> fail
TI(10388): destination disappeared or economy mismatch -> fail
TI(8495): destination disappeared or economy mismatch -> fail
TI(8161): destination disappeared or economy mismatch -> fail
TI(8265): destination disappeared or economy mismatch -> fail
TI(8547): destination disappeared or economy mismatch -> fail
TI(8671): destination disappeared or economy mismatch -> fail
TI(8795): destination disappeared or economy mismatch -> fail
TI(9054): destination disappeared or economy mismatch -> fail
TI(9648): destination disappeared or economy mismatch -> fail
TI(7386): destination disappeared or economy mismatch -> fail
TI(7435): destination disappeared or economy mismatch -> fail
TI(7477): destination disappeared or economy mismatch -> fail
TI(7560): destination disappeared or economy mismatch -> fail
TI(7653): destination disappeared or economy mismatch -> fail
TI(7852): destination disappeared or economy mismatch -> fail
TI(7946): destination disappeared or economy mismatch -> fail
TI(8032): destination disappeared or economy mismatch -> fail
TI(7171): destination disappeared or economy mismatch -> fail
TI(7460): destination disappeared or economy mismatch -> fail
TI(7130): destination disappeared or economy mismatch -> fail
TI(7552): destination disappeared or economy mismatch -> fail
TI(8805): destination disappeared or economy mismatch -> fail
TI(8971): destination disappeared or economy mismatch -> fail
TI(8349): destination disappeared or economy mismatch -> fail
TI(7873): destination disappeared or economy mismatch -> fail
TI(7956): destination disappeared or economy mismatch -> fail
TI(8093): destination disappeared or economy mismatch -> fail
TI(7096): destination disappeared or economy mismatch -> fail
TI(8177): destination disappeared or economy mismatch -> fail
TI(8251): destination disappeared or economy mismatch -> fail
TI(8556): destination disappeared or economy mismatch -> fail
TI(7149): destination disappeared or economy mismatch -> fail
TI(10378): destination disappeared or economy mismatch -> fail
TI(9918): destination disappeared or economy mismatch -> fail
TI(7048): destination disappeared or economy mismatch -> fail
TI(7124): destination disappeared or economy mismatch -> fail
TI(7167): destination disappeared or economy mismatch -> fail
TI(7213): destination disappeared or economy mismatch -> fail
TI(7241): destination disappeared or economy mismatch -> fail
TI(7275): destination disappeared or economy mismatch -> fail
TI(7315): destination disappeared or economy mismatch -> fail
TI(7359): destination disappeared or economy mismatch -> fail
TI(9807): destination disappeared or economy mismatch -> fail
TI(8537): destination disappeared or economy mismatch -> fail
TI(5803): destination disappeared or economy mismatch -> fail
TI(8759): destination disappeared or economy mismatch -> fail
TI(6095): destination disappeared or economy mismatch -> fail
TI(6312): destination disappeared or economy mismatch -> fail
TI(9111): destination disappeared or economy mismatch -> fail
TI(6579): destination disappeared or economy mismatch -> fail
TI(6607): destination disappeared or economy mismatch -> fail
TI(9203): destination disappeared or economy mismatch -> fail
TI(9232): destination disappeared or economy mismatch -> fail
TI(4925): destination disappeared or economy mismatch -> fail
TI(4921): destination disappeared or economy mismatch -> fail
TI(7482): destination disappeared or economy mismatch -> fail
TI(7160): destination disappeared or economy mismatch -> fail
TI(10246): destination disappeared or economy mismatch -> fail
TI(8658): destination disappeared or economy mismatch -> fail
TI(8419): destination disappeared or economy mismatch -> fail
TI(8729): destination disappeared or economy mismatch -> fail
TI(8449): destination disappeared or economy mismatch -> fail
TI(8416): destination disappeared or economy mismatch -> fail
TI(8898): destination disappeared or economy mismatch -> fail
TI(8423): destination disappeared or economy mismatch -> fail
TI(9213): destination disappeared or economy mismatch -> fail
TI(9319): destination disappeared or economy mismatch -> fail
TI(8718): destination disappeared or economy mismatch -> fail
TI(4945): destination disappeared or economy mismatch -> fail
TI(7268): destination disappeared or economy mismatch -> fail
TI(5052): destination disappeared or economy mismatch -> fail
TI(5061): destination disappeared or economy mismatch -> fail
TI(8987): destination disappeared or economy mismatch -> fail
TI(4953): destination disappeared or economy mismatch -> fail
TI(4949): destination disappeared or economy mismatch -> fail
TI(4998): destination disappeared or economy mismatch -> fail
TI(4928): destination disappeared or economy mismatch -> fail
TI(4920): destination disappeared or economy mismatch -> fail
TI(8299): destination disappeared or economy mismatch -> fail
TI(8639): destination disappeared or economy mismatch -> fail
TI(4929): destination disappeared or economy mismatch -> fail
TI(7198): destination disappeared or economy mismatch -> fail
TI(4934): destination disappeared or economy mismatch -> fail
TI(8531): destination disappeared or economy mismatch -> fail
TI(8704): destination disappeared or economy mismatch -> fail
TI(8791): destination disappeared or economy mismatch -> fail
TI(8809): destination disappeared or economy mismatch -> fail
TI(9187): destination disappeared or economy mismatch -> fail
TI(7883): destination disappeared or economy mismatch -> fail
TI(5103): destination disappeared or economy mismatch -> fail
TI(5112): destination disappeared or economy mismatch -> fail
TI(5237): destination disappeared or economy mismatch -> fail
TI(8057): destination disappeared or economy mismatch -> fail
TI(5309): destination disappeared or economy mismatch -> fail
TI(8241): destination disappeared or economy mismatch -> fail
TI(5417): destination disappeared or economy mismatch -> fail
TI(10406): destination disappeared or economy mismatch -> fail
TI(9238): destination disappeared or economy mismatch -> fail
TI(4963): destination disappeared or economy mismatch -> fail
TI(5076): destination disappeared or economy mismatch -> fail
TI(7777): destination disappeared or economy mismatch -> fail
TI(5279): destination disappeared or economy mismatch -> fail
TI(5373): destination disappeared or economy mismatch -> fail
TI(4970): destination disappeared or economy mismatch -> fail
TI(5459): destination disappeared or economy mismatch -> fail
TI(7923): destination disappeared or economy mismatch -> fail
TI(6083): destination disappeared or economy mismatch -> fail
TI(6526): destination disappeared or economy mismatch -> fail
TI(7782): destination disappeared or economy mismatch -> fail
TI(7286): destination disappeared or economy mismatch -> fail
TI(7971): destination disappeared or economy mismatch -> fail
TI(6132): destination disappeared or economy mismatch -> fail
TI(7367): destination disappeared or economy mismatch -> fail
TI(8184): destination disappeared or economy mismatch -> fail
TI(10072): destination disappeared or economy mismatch -> fail
TI(8191): destination disappeared or economy mismatch -> fail
TI(7610): destination disappeared or economy mismatch -> fail
TI(8291): destination disappeared or economy mismatch -> fail
TI(7851): destination disappeared or economy mismatch -> fail
TI(6149): destination disappeared or economy mismatch -> fail
TI(7955): destination disappeared or economy mismatch -> fail
TI(6204): destination disappeared or economy mismatch -> fail
TI(8092): destination disappeared or economy mismatch -> fail
TI(8212): destination disappeared or economy mismatch -> fail
TI(8266): destination disappeared or economy mismatch -> fail
TI(8406): destination disappeared or economy mismatch -> fail
TI(8520): destination disappeared or economy mismatch -> fail
TI(8766): destination disappeared or economy mismatch -> fail
TI(8904): destination disappeared or economy mismatch -> fail
TI(9586): destination disappeared or economy mismatch -> fail
TI(5059): destination disappeared or economy mismatch -> fail
TI(5065): destination disappeared or economy mismatch -> fail
TI(7327): destination disappeared or economy mismatch -> fail
TI(5074): destination disappeared or economy mismatch -> fail
TI(5078): destination disappeared or economy mismatch -> fail
TI(5087): destination disappeared or economy mismatch -> fail
TI(7433): destination disappeared or economy mismatch -> fail
TI(7587): destination disappeared or economy mismatch -> fail
TI(4988): destination disappeared or economy mismatch -> fail
TI(8082): destination disappeared or economy mismatch -> fail
TI(5559): destination disappeared or economy mismatch -> fail
TI(4981): destination disappeared or economy mismatch -> fail
TI(8326): destination disappeared or economy mismatch -> fail
TI(4993): destination disappeared or economy mismatch -> fail
TI(6218): destination disappeared or economy mismatch -> fail
TI(6367): destination disappeared or economy mismatch -> fail
TI(9877): destination disappeared or economy mismatch -> fail
TI(10404): destination disappeared or economy mismatch -> fail
TI(6302): destination disappeared or economy mismatch -> fail
TI(6322): destination disappeared or economy mismatch -> fail
TI(6331): destination disappeared or economy mismatch -> fail
TI(10211): destination disappeared or economy mismatch -> fail
TI(4999): destination disappeared or economy mismatch -> fail
TI(5010): destination disappeared or economy mismatch -> fail
TI(6868): destination disappeared or economy mismatch -> fail
TI(8873): destination disappeared or economy mismatch -> fail
TI(6594): destination disappeared or economy mismatch -> fail
TI(7066): destination disappeared or economy mismatch -> fail
TI(5012): destination disappeared or economy mismatch -> fail
TI(10301): destination disappeared or economy mismatch -> fail
TI(5026): destination disappeared or economy mismatch -> fail
TI(7162): destination disappeared or economy mismatch -> fail
TI(5036): destination disappeared or economy mismatch -> fail
TI(5049): destination disappeared or economy mismatch -> fail
TI(5045): destination disappeared or economy mismatch -> fail
TI(5051): destination disappeared or economy mismatch -> fail
TI(7216): destination disappeared or economy mismatch -> fail
TI(5055): destination disappeared or economy mismatch -> fail
TI(9370): destination disappeared or economy mismatch -> fail
TI(4990): destination disappeared or economy mismatch -> fail
WareList: 17 items of 3 left.
WareList: 39 items of 8 left.
WareList: 25 items of 11 left.
WareList: 7 items of 13 left.
WareList: 14 items of 14 left.
WareList: 26 items of 24 left.
WareList: 29 items of 26 left.
WareList: 5 items of 27 left.
WareList: 10 items of 28 left.
WareList: 3 items of 32 left.
WareList: 20 items of 33 left.
WareList: 29 items of 35 left.
WareList: 141 items of 38 left.
WareList: 134 items of 39 left.
WareList: 7 items of 8 left.
WareList: 7 items of 13 left.
WareList: 10 items of 5 left.
WareList: 5 items of 11 left.
WareList: 8 items of 28 left.
WareList: 9 items of 31 left.
WareList: 15 items of 38 left.
WareList: 16 items of 39 left.
WareList: 4 items of 0 left.
WareList: 9 items of 3 left.
WareList: 33 items of 4 left.
WareList: 184 items of 6 left.
WareList: 16 items of 7 left.
WareList: 46 items of 8 left.
WareList: 6 items of 10 left.
WareList: 13 items of 13 left.
WareList: 8 items of 14 left.
WareList: 93 items of 16 left.
WareList: 21 items of 17 left.
WareList: 6 items of 19 left.
WareList: 103 items of 22 left.
WareList: 119 items of 23 left.
WareList: 6 items of 25 left.
WareList: 35 items of 30 left.
WareList: 125 items of 34 left.
WareList: 21 items of 36 left.
WareList: 49 items of 37 left.
WareList: 6 items of 38 left.
WareList: 5 items of 39 left.
WareList: 312 items of 42 left.
WareList: 90 items of 43 left.
WareList: 15 items of 6 left.
WareList: 7 items of 8 left.
WareList: 7 items of 9 left.
WareList: 15 items of 11 left.
WareList: 10 items of 13 left.
WareList: 7 items of 14 left.
WareList: 15 items of 28 left.
WareList: 10 items of 38 left.
WareList: 21 items of 3 left.
WareList: 1 items of 5 left.
WareList: 1 items of 6 left.
WareList: 95 items of 8 left.
WareList: 1 items of 11 left.
WareList: 20 items of 13 left.
WareList: 63 items of 14 left.
WareList: 1 items of 17 left.
WareList: 28 items of 19 left.
WareList: 1 items of 20 left.
WareList: 1 items of 22 left.
WareList: 33 items of 24 left.
WareList: 58 items of 26 left.
WareList: 6 items of 27 left.
WareList: 7 items of 28 left.
WareList: 1 items of 30 left.
WareList: 2 items of 32 left.
WareList: 8 items of 33 left.
WareList: 3 items of 34 left.
WareList: 65 items of 35 left.
WareList: 1 items of 36 left.
WareList: 196 items of 38 left.
WareList: 146 items of 39 left.
WareList: 9 items of 3 left.
WareList: 15 items of 11 left.
WareList: 1 items of 17 left.
WareList: 1 items of 22 left.
WareList: 11 items of 24 left.
WareList: 21 items of 26 left.
WareList: 5 items of 27 left.
WareList: 1 items of 30 left.
WareList: 5 items of 33 left.
WareList: 14 items of 35 left.
WareList: 1 items of 36 left.
WareList: 19 items of 38 left.
WareList: 19 items of 39 left.
Game: Reading Preload Data ... done
Game: Reading Game Class Data ... done
Game: Reading Map Data ... No version file found
Parsing world bobs...
Parsing global bobs in world...
Parsing map gen info...
 done
Game: Reading Player Info ... Compatibility ware "flax"="thatchreed" loaded.
Registering script: (tribe_barbarians,sc00_headquarters_medium)
Registering script: (tribe_barbarians,sc01_citadel_village)
Registering script: (tribe_empire,sc00_headquarters_medium)
Registering script: (tribe_empire,sc01_castle_village)
Registering script: (tribe_atlanteans,sc00_headquarters_medium)
Registering script: (tribe_atlanteans,sc01_castle_village)
 done
Game: Reading Map Data Complete!
Reading Elemental Data ... done!
 Reading Player Names And Tribe Data ... done!
 Reading Port Spaces Data ... done!
 Reading Heights Data ... done!
 Reading Terrain Data ... done!
 Reading Map Objects ... done
Reading Player Start Position Data ... done!
 Reading Resources Data ... done!
 Reading Map Extra Data ... done!
 Reading Allowed Worker Types Data ... done!
 Reading Allowed Building Types Data ... done!
 Reading Node Ownership Data ... done!
 Reading Exploration Data ... done!
 Reading AreaWatchers Data ... done!
 Reading Flag Data ... done!
 Reading Road Data ... done!
 Reading Building Data ... done!
 Reading Flagdata Data ... done!
 Reading Roaddata Data ... done!
 Reading Buildingdata Data ... done!
 Second and third phase loading Map Objects ... done
Reading Players View Data ... Vision check successful for player 1
Vision check successful for player 2
Vision check successful for player 3
Vision check successful for player 4
Vision check successful for player 5
Vision check successful for player 6
Vision check successful for player 7
done!
 Reading Player Message Data ... done!
 Reading Objective Data ... done!
 Reading Scripting Data ... done!
 Game: Reading Map Data Complete done!
Game: Reading Player Economies Info ... done
Game: Reading Command Queue Data ... done
Game: Enqueuing comands to expire player's messages ... done
Game: Reading Interactive Player Data ... done
Done reloading the game from replay
Replay writer has started
[sync] Reset
load_animations took 8,920000 seconds
ComputerPlayer(2): initializing (1)
ComputerPlayer(3): initializing (1)
ComputerPlayer(4): initializing (0)
ComputerPlayer(5): initializing (2)
ComputerPlayer(6): initializing (1)
ComputerPlayer(7): initializing (1)
Autosave: initialized

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5de31f8 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(gdb) up
#1 0x00000000005c08a4 in Widelands::Cmd_Queue::run_queue (this=0x7fffffffa138, interval=<optimized out>, game_time_var=@0x7fffffff9f50: 77929620) at /tmp/buildd/widelands-17/src/logic/cmd_queue.cc:125
125 /tmp/buildd/widelands-17/src/logic/cmd_queue.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#2 0x00000000005a30df in think (this=0x7fffffff9ef0) at /tmp/buildd/widelands-17/src/logic/game.cc:614
614 /tmp/buildd/widelands-17/src/logic/game.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#3 Widelands::Game::think (this=0x7fffffff9ef0) at /tmp/buildd/widelands-17/src/logic/game.cc:607
607 in /tmp/buildd/widelands-17/src/logic/game.cc
(gdb) up
#4 0x000000000059e2f0 in Interactive_Base::think (this=0x21a1a10) at /tmp/buildd/widelands-17/src/wui/interactive_base.cc:344
344 /tmp/buildd/widelands-17/src/wui/interactive_base.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#5 0x000000000057ead3 in Interactive_Player::think (this=0x21a1a10) at /tmp/buildd/widelands-17/src/wui/interactive_player.cc:256
256 /tmp/buildd/widelands-17/src/wui/interactive_player.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#6 0x00000000006cd289 in do_think (this=0x21a1a10) at /tmp/buildd/widelands-17/src/ui_basic/panel.cc:570
570 /tmp/buildd/widelands-17/src/ui_basic/panel.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#7 UI::Panel::run (this=0x21a1a10) at /tmp/buildd/widelands-17/src/ui_basic/panel.cc:174
174 in /tmp/buildd/widelands-17/src/ui_basic/panel.cc
(gdb) up
#8 0x00000000005a8add in run (loader_ui=0x7fffffff9dd0, this=0x7fffffff9ef0, start_game_type=<optimized out>) at /tmp/buildd/widelands-17/src/logic/game.cc:566
566 /tmp/buildd/widelands-17/src/logic/game.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#9 Widelands::Game::run_load_game (this=0x7fffffff9ef0, filename=...) at /tmp/buildd/widelands-17/src/logic/game.cc:415
415 in /tmp/buildd/widelands-17/src/logic/game.cc
(gdb) up
#10 0x0000000000549efd in WLApplication::load_game (this=this@entry=0xb54380) at /tmp/buildd/widelands-17/src/wlapplication.cc:2026
2026 /tmp/buildd/widelands-17/src/wlapplication.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
#11 0x000000000054a70c in WLApplication::mainmenu_singleplayer (this=this@entry=0xb54380) at /tmp/buildd/widelands-17/src/wlapplication.cc:1609
1609 in /tmp/buildd/widelands-17/src/wlapplication.cc
(gdb) up
#12 0x000000000054af08 in WLApplication::mainmenu (this=this@entry=0xb54380) at /tmp/buildd/widelands-17/src/wlapplication.cc:1527
1527 in /tmp/buildd/widelands-17/src/wlapplication.cc
(gdb) up
#13 0x000000000054b41a in WLApplication::run (this=0xb54380) at /tmp/buildd/widelands-17/src/wlapplication.cc:454
454 in /tmp/buildd/widelands-17/src/wlapplication.cc
(gdb) up
#14 0x0000000000540529 in main (argc=1, argv=0x7fffffffe398) at /tmp/buildd/widelands-17/src/main.cc:101
101 /tmp/buildd/widelands-17/src/main.cc: Datei oder Verzeichnis nicht gefunden.
(gdb) up
Initial frame selected; you cannot go up.
(gdb)

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/dash

Versions of packages widelands depends on:
ii fonts-freefont-ttf [ttf-freefont] 20120503-1
ii libboost-signals1.49.0 1.49.0-3
ii libc6 2.13-33
ii libgcc1 1:4.7.0-8
ii libgl1-mesa-glx [libgl1] 8.0.2-2
ii libglew1.7 1.7.0-3
ii liblua5.1-0 5.1.5-2
ii libpng12-0 1.2.49-1
ii libsdl-gfx1.2-4 2.0.23-1
ii libsdl-image1.2 1.2.12-2
ii libsdl-mixer1.2 1.2.12-2
ii libsdl-net1.2 1.2.8-2
ii libsdl-ttf2.0-0 2.0.11-2
ii libsdl1.2debian 1.2.15-3
ii libstdc++6 4.7.0-8
ii ttf-freefont 20120503-1
ii widelands-data 1:17-3
ii zlib1g 1:1.2.7.dfsg-11+b1

widelands recommends no packages.

widelands suggests no packages.

-- no debconf information

Related branches

Jens Beyer (qcumber-some) wrote :

Does not crash on my system with current trunk.

Would it be possible for you to test a current trunk build?

Jens Beyer (qcumber-some) wrote :

Tested with Build17, also doesn't crash.

I tried about 5 starts each with trunk and b17. How often does it crash for you? How much tries are needed usually?

Hans Joachim Desserud (hjd) wrote :

Hi Jürgen, welcome to Launchpad and thanks for forwarding this issue.

I have not been able to reproduce this crash either on a Debian Sid system (not entirely up to date, but still). I tried with both latest trunk and build 17 available in Debian five times each without observing a crash. I was running on i386, not amd64 though.

tags: added: crash savegame
Changed in widelands:
importance: Undecided → Medium
Changed in widelands (Debian):
status: Unknown → New
Jürgen Kosel (juergen-kosel) wrote :

Sorry,
I had accidently uploaded the wrong savedgame.

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have just downloaded the sources from bazar. And compiled the HEAD.
But within 3 attempts, wideland didn't crash.

With wideland provided in Debian Wheezy, it crashes in 3 of 4 attempts.
So I should recompile with the sources used in Debian Whezzy.

I am new to bazar. So could somebody please give me a description how to checkout wideland sources v17 from bazar?

Greetings
  Juergen

Hans Joachim Desserud (hjd) wrote :

To checkout build17:
bzr branch lp:widelands/build17

PS. The branch pages here on Launchpad includes the command to check out the branch in question at the top ( in this case https://code.launchpad.net/~widelands-dev/widelands/build-17)

Hans Joachim Desserud (hjd) wrote :

I have still not been able to reproduce the crash with the savegame from comment #5, though that was (as mentioned above) on a 32bit system.

Btw, for compiling build17 you will probably need the patch from bug 976551 to build with gcc 4.7. This patch was not included in build17, but is in the Debian build.

Since you weren't able to reproduce the crash with latest trunk, that got me thinking though. Debian adds a few patches to the package before compiling it, so the two major differences between Wheezy's build17 and latest trunk would be the development done in trunk since AND the patches in Debian. If you are not able to reproduce this issue with build17 you compile yourself, could you try applying the Debian patches and see whether they make a difference? (They are located in the *.debian.tar.gz in the patches/ directory near the bottom of this page http://packages.debian.org/source/unstable/widelands)

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have recompiled wideland with the debian patches:
tar -xzf widelands_17-3.debian.tar.gz
dpkg-buildpackage -us -b
sudo dpkg -i widelands_17-3_amd64.deb widelands-data_17-3_all.deb widelands-dbg_17-3_amd64.deb

Finally, wideland still crashes with segmentation fault (see attachment).

The location, were the segfault occurs:
  while (current_cmds.size()) { /// in the current TRUNK, this is replaced with while (!current_cmds.empty()) {
   Command & c = *current_cmds.top().cmd;
   if (game_time_var < c.duetime())
    break;

   current_cmds.pop();
   -- m_ncmds;
   assert(game_time_var == c.duetime());

   if (dynamic_cast<GameLogicCommand *>(&c)) { /// THIS dynamic_cast segfaults
    StreamWrite & ss = m_game.syncstream();
    static uint8_t const tag[] = {0xde, 0xad, 0x00};
    ss.Data(tag, 3); // provide an easy-to-find pattern as debugging aid
    ss.Unsigned32(c.duetime());
    ss.Unsigned32(c.id());
   }

   c.execute (m_game);

   delete &c;
  }

Nasenbaer (nasenbaer) wrote :

Well so the problem (or at least the trigger for the problem) must lie somewhere inside the patches of debian.

After taking a closer look at the changes they made, I did not find any change that could have an influence on the code that failes for you.

However, they change the compiler flags with they "dbg_symbols" patch:

Index: widelands-17~rc1/CMakeLists.txt
===================================================================
--- widelands-17~rc1.orig/CMakeLists.txt 2012-04-02 10:34:26.000000000 +0200
+++ widelands-17~rc1/CMakeLists.txt 2012-04-11 14:52:24.000000000 +0200
@@ -221,10 +221,10 @@
     IF (WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.1" OR WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.2")
         message("Detected gcc ${WLBUILD_COMPILERVERSION_REP}")
         message("Suffering from gcc bug, disabling -O3")
- set (CMAKE_CXX_FLAGS_RELEASE "-O2 -DNDEBUG" CACHE STRING "Set by widelands CMakeLists.txt" FORCE)
+ set (CMAKE_CXX_FLAGS_RELEASE "-g -O2 -DNDEBUG" CACHE STRING "Set by widelands CMakeLists.txt" FORCE)
     ELSE (WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.1" OR WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.2")
         #This line is the default and should be preserved.
- set (CMAKE_CXX_FLAGS_RELEASE "-O3 -DNDEBUG" CACHE STRING "Set by widelands CMakeLists.txt" FORCE)
+ set (CMAKE_CXX_FLAGS_RELEASE "-g -O3 -DNDEBUG" CACHE STRING "Set by widelands CMakeLists.txt" FORCE)
     ENDIF (WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.1" OR WLBUILD_COMPILERVERSION_REP STREQUAL "4.5.2")
 ENDIF (${CMAKE_COMPILER_IS_GNUCXX})

I have to admit, I have no idea, if this might be the problem, but as we already faced some strange problems concerning gcc and optimization, maybe the additional flag mixes something up?

By the way: did you all (Jürgen, Jens, Hans Joachim) use a release build for testing?
Jürgen, the recompiled build17 version with the patches from Debian - have you build it in debug or release mode?

Maybe this bug is only reproduceable in Widelands Release builds and due to some new optimization mix ups of gcc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

On 20.07.2012 10:53, Nasenbaer wrote:
> Well so the problem (or at least the trigger for the problem) must
> lie somewhere inside the patches of debian.

I don't believe so. Because if I look at file src/logic/cmd_queue.cc
method int32_t Cmd_Queue::run_queue(int32_t const interval, int32_t &
game_time_var)

in build-17 line 116:
- - while (current_cmds.size()) {

in trunk line 116:
+ while (!current_cmds.empty()) {

So I guess, that somebody has already fixed this bug.

> I have to admit, I have no idea, if this might be the problem, but
> as we already faced some strange problems concerning gcc and
> optimization, maybe the additional flag mixes something up?

If I look at the differences above, I could imagine, that 32-bit
variant did something ugly to some own memory. Which is difficult to
recognize. But for 64-bit variant changes are much better that the
memory is not own space...

>
>
> By the way: did you all (Jürgen, Jens, Hans Joachim) use a release
> build for testing? Jürgen, the recompiled build17 version with the
> patches from Debian - have you build it in debug or release mode?

I have simply called Debian "dpkg-buildpackge", which builds
everything automatically, as the Debian Package Maintainer has done.

Greetings
 Juergen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFQCY1/5JgLPmj5988RAv+lAJ0ZrnLswwQ0qWxmWxQJ7waHk0Q+OgCdGVUk
WN9ktaXjzz9D9quMa4/3pPA=
=76rR
-----END PGP SIGNATURE-----

Hans Joachim Desserud (hjd) wrote :

>in build-17 line 116:
>- - while (current_cmds.size()) {
>
>in trunk line 116:
>+ while (!current_cmds.empty()) {
>
>So I guess, that somebody has already fixed this bug.

That would be me, though it was changed for completely different reasons and the two lines should anyways have the exact same effect. Therefore I doubt this has had any impact beyond a microscopic performance gain. Also, if the cast is failing, I would rather suspect that it is whatever is stored in current_cmds which is the root of the problem (or likely whatever sets it).

Debian build17 and latest trunk have two main differences. Trunk adds the recent changes, but doesn't include the Debian-specific patches. So even if it works when you compiled latest trunk, we don't know which of these differences fixed the problem. I'm very curious what the result would be in build17 without the Debian patches, or alternatively trunk with them. I guess simply building build17 is the most straight-forward one, as at least the gcc4.7 patch would be in both trunk and Debian, and I don't know if any of the others would need any tweaking. Could you please try that?

Nasenbaer: After not being able to reproduce with up latest trunk, I tried with the build17 from the Debian repositories. Though as I mentioned, the 32bit version which might be unaffected for all I know. Espescially if it turns out to be something like a compilation issue which is likely to be architecture specific.

Jürgen Kosel (juergen-kosel) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Am 24.07.2012 21:41, schrieb Hans Joachim Desserud:
>> in build-17 line 116: - - while (current_cmds.size()) {
>>
>> in trunk line 116: + while (!current_cmds.empty()) {
>>
>> So I guess, that somebody has already fixed this bug.
>
> That would be me, though it was changed for completely different
> reasons and the two lines should anyways have the exact same
> effect. Therefore I doubt this has had any impact beyond a
> microscopic performance gain. Also, if the cast is failing, I would
> rather suspect that it is whatever is stored in current_cmds which
> is the root of the problem (or likely whatever sets it).
>

I have now modified the code as following before build with debian
patches:
bzr diff
=== modified file 'src/logic/cmd_queue.cc'
- --- src/logic/cmd_queue.cc 2012-02-15 21:25:34 +0000
+++ src/logic/cmd_queue.cc 2012-07-25 16:23:19 +0000
@@ -114,6 +114,7 @@
   std::priority_queue<cmditem> & current_cmds = m_cmds[game_time_var
% CMD_QUEUE_BUCKET_SIZE];

   while (current_cmds.size()) {
+ assert(!current_cmds.empty());
    Command & c = *current_cmds.top().cmd;
    if (game_time_var < c.duetime())
     break;

The inserted assertion doesn't fail. But there is still the segfault
still occurs on AMD64. So I agree, that the use of the empty() is not
the fix.

> Debian build17 and latest trunk have two main differences. Trunk
> adds the recent changes, but doesn't include the Debian-specific
> patches. So even if it works when you compiled latest trunk, we
> don't know which of these differences fixed the problem. I'm very
> curious what the result would be in build17 without the Debian
> patches, or alternatively trunk with them. I guess simply building
> build17 is the most straight-forward one, as at least the gcc4.7
> patch would be in both trunk and Debian, and I don't know if any of
> the others would need any tweaking. Could you please try that?

I will do soon...

Greetings
 Juergen

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFQECWi5JgLPmj5988RApUsAKDWUioLM5p1ezRN/cY/PJlYKwy4lwCeNdyb
9le5lbsYIrfN7OBIHyhCRDU=
=QHR9
-----END PGP SIGNATURE-----

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have now recompiled widelands without the debian patches. But with the following modifications:

bzr diff
=== modified file 'src/logic/cmd_queue.cc'
--- src/logic/cmd_queue.cc 2012-02-15 21:25:34 +0000
+++ src/logic/cmd_queue.cc 2012-07-25 16:23:19 +0000
@@ -114,6 +114,7 @@
   std::priority_queue<cmditem> & current_cmds = m_cmds[game_time_var % CMD_QUEUE_BUCKET_SIZE];

   while (current_cmds.size()) {
+ assert(!current_cmds.empty());
    Command & c = *current_cmds.top().cmd;
    if (game_time_var < c.duetime())
     break;

=== modified file 'src/main.cc'
--- src/main.cc 2012-02-15 21:25:34 +0000
+++ src/main.cc 2012-07-25 17:01:03 +0000
@@ -36,6 +36,8 @@
 #include <fcntl.h>
 #endif

+#include <unistd.h>
+
 using std::cerr;
 using std::endl;
 using std::flush;

Also without the Debian patches, the segfault occurs!

Greetings
  Juergen

Hans Joachim Desserud (hjd) wrote :

Ok, I was finally able to reproduce this on a 64bit Ubuntu 12.04 system with a self-compiled build17 (Release). Though it only happened once out of 10+ attempts for unknown reasons.

According to the reporter, this should be fixed in latest trunk, but as it happens so rarely here I don't know. (It might even have started happening more rarely)

It would be really nice if someone had the time to try to pin down exactly which commit which made the issue go away (using binary search or something to avoid going through each and every). As no one set out to fix this explicitly it might regress in the future without anyone knowing what have happened, if we don't know what caused the problem in the first place.

Changed in widelands:
status: New → Confirmed
Jürgen Kosel (juergen-kosel) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Am 26.07.2012 19:37, schrieb Hans Joachim Desserud:
> Ok, I was finally able to reproduce this on a 64bit Ubuntu 12.04
> system with a self-compiled build17 (Release). Though it only
> happened once out of 10+ attempts for unknown reasons.

for me it happens in 3 of 4 attempts.
Maybe it is related to which map position I have moved the view,
- - or that I do nothing than waiting.

>
> According to the reporter, this should be fixed in latest trunk,
> but as it happens so rarely here I don't know. (It might even have
> started happening more rarely)
>
> It would be really nice if someone had the time to try to pin down
> exactly which commit which made the issue go away (using binary
> search or something to avoid going through each and every). As no
> one set out to fix this explicitly it might regress in the future
> without anyone knowing what have happened, if we don't know what
> caused the problem in the first place.

Does bzr provide something similar to git bisect?
(Importing widelands (with git clone bzr::lp:widelands) into git takes
a lot of time. And then it fails.)

Greetings
 Juergen

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFQEZni5JgLPmj5988RArGAAJ0S1yjTOueECwzchYclqQPzG6MINQCguRef
KcC6yY7XTT5cxTOvZX9USSU=
=ySXM
-----END PGP SIGNATURE-----

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have now made the following discovery:
If I move the view to the location of the screen shot (or close to it), the segfault occurs.
If the view remains at the save location, than I don't see the segfault.

Maybe this helps to reproduce the problem.

Greetings
  Juergen

Nasenbaer (nasenbaer) wrote :

Sorry :(. I still can't reproduce here on my 32bit system.
Maybe someone with a 64-bit system has to take care of it. :-/

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have now started with bisect.
But in the meantime I hade replaced the X11 NVIDIA driver with noveau. Which had the effect, that the problem become invisible... Until I also replaced compiz with metacity.
I would expect that these X11 software shouldn't have influence on wideland, except (CPU) _time_.
I should also mention, that my PC is a dual core. Maybe there is some kind of race condition.
Which could also mean, that the problem maybe still be hidden in the trunk.

Greetings
  Juergen

Jürgen Kosel (juergen-kosel) wrote :

Hello,

I have now reproduced the problem with a commit close to the HEAD of trunk:
<email address hidden>

Which means, that the problem is not solved!
Only the probability to reproduce it has been decreased.

What I have also observed is the following:
1. The segmentation fault occurs always in the mement when the carrier takes the fish, for carring to the arena.
2. It helps to reproduce the problem if you move the view with the cursor keys.

Greetings
  Juergen

Hans Joachim Desserud (hjd) wrote :

Not much should have changed between that commit and latest trunk, so it was no surprise that I was able to reproduce it in r6421. Note that this was a debug build, so it is not a release-only issue at least.

One thing which seems very odd to me is that I only seem to be able to reproduce this the first time I attempt it. Subsequent attempts, like reloading the savegame, or quiting restarting Widelands does not trigger the crash.

Changed in widelands (Debian):
status: New → Confirmed
Jürgen Kosel (juergen-kosel) wrote :

Hello,

there was recently an update of libstdc++ in Debian to version 4.7.1-7
But even after the update of this libary, the bug is still reproducible.

Greetings
  Juergen

Nicolai Hähnle (nha) wrote :

After a few attempts I have been able to see this bug myself. I tried to summarize the key facts in the description. Given that the bug is non-deterministic, my guess is some form of memory corruption.

description: updated
description: updated
Nicolai Hähnle (nha) wrote :

Evidence for my previous guess from a gdb session of the crash -- in my case, the assertion at line cmd_queue.cc:123 is triggered:

(gdb) up
#4 0x0000000000ae2333 in Widelands::Cmd_Queue::run_queue (this=0x7fffffffad38, interval=40, game_time_var=@0x7fffffffab40: 77929620)
    at /home/nha/dev/widelands/repo/fixes/src/logic/cmd_queue.cc:123
123 assert(game_time_var == c.duetime());
(gdb) print game_time_var
$1 = (int32_t &) @0x7fffffffab40: 77929620
(gdb) print c
$2 = (Widelands::Command &) @0x84f6b91: {_vptr.Command = 0x940000000000de94, m_duetime = -670784228}

Observe the broken vptr of the command as well as the obviously corrupt m_duetime. The "only" problem now is to figure out where this memory corruption happens.

Nicolai Hähnle (nha) on 2013-02-10
Changed in widelands:
assignee: nobody → Nicolai Hähnle (nha)
status: Confirmed → In Progress
Nicolai Hähnle (nha) wrote :

Valgrind uncovered a definite memory corruption in Worker::run_scout. The problem is that the reference to the State object can become invalid during the call to start_task_scout(), and then freed memory is overwritten. This can mess with the memory management structures and cause cascading failures later on. After changing the code to fix this, I can no longer reproduce the crash, so I guess this was indeed the culprit. Note that if this was indeed the cause of the crash, then it relied on very subtle details of the memory layout, which would explain why the problem hasn't been reproducible on 32-bit systems.

SirVer (sirver) wrote :

Nice catch! I lack the persistence to debug with valgrind - it is sooo slow.

Nicolai Hähnle (nha) wrote :

Fix committed to trunk in bzr6508.

Changed in widelands:
status: In Progress → Fix Committed
Nicolai Hähnle (nha) on 2013-02-12
Changed in widelands:
milestone: none → build18-rc1
Hans Joachim Desserud (hjd) wrote :

>The problem is that the reference to the State object can become invalid during the call to start_task_scout(), and then freed memory is overwritten.

Nice detective work. :) Could you comment on why it was so hard to reproduce? Is it because the scouts pick their path at random and then they would only occasionally pick the path leading to an invalid State?

Nicolai Hähnle (nha) wrote :

My intuition is that it depends on how memory was laid out on the heap, which can depend on all sorts of operating system dependent decisions. It was actually fairly easily reproducible for me, for example (happening more than 50% of the time). Depending on the layout of the heap, the overwritten region of memory might have been entirely benign.

Jürgen Kosel (juergen-kosel) wrote :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Am 11.02.2013 22:24, schrieb Nicolai Hähnle:
> Fix committed to trunk in bzr6508.
>
> ** Changed in: widelands Status: In Progress => Fix Committed
>

I have tried to reproduce the failure. But it doesn't occured anymore.

Thanks
 Juergen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFRGoh65JgLPmj5988RAjnCAJ9nC+ojiPHiZCU8gZeBusaWR/DDggCfXeCD
HhcNh+ULpcCrNX9L/JPoB3Y=
=13HP
-----END PGP SIGNATURE-----

Nicolai Hähnle (nha) wrote :

Jürgen: Thank you for following up on this!

SirVer (sirver) wrote :

Released in build-18 rc1.

Changed in widelands:
status: Fix Committed → Fix Released
Changed in widelands (Debian):
status: Confirmed → Fix Released
Changed in widelands (Debian):
status: Fix Released → Confirmed
Changed in widelands (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.