View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0001602Spring engineGeneralpublic2009-08-27 22:182010-01-17 17:07
Reporterdizekat Assigned Totvo  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version0.80.2.0 
Fixed in Version0.81.0.0 
Summary0001602: Segfault, with replay causing the segfault.
DescriptionAs summary says. Everyone else in game also crashed.
TagsNo tags attached.
Attached Files
crash.sdf (Attachment missing)
Checked infolog.txt for Errors

Relationships

related to 0001750 resolvedtvo segfault in LosMap 

Activities

imbaczek

2009-08-27 22:33

reporter   ~0004010

Last edited: 2009-08-27 22:34

 replay didn't crash in the same point you did, but it did crash on exit:

[ 71804] [[LOeT]Meatme (replay)] Spectators: Time_Bomb has half dizekats energy, but double the metall :D
[ 72050] [kiki (replay)] dont forget reclaiming when you give metal income
[ 73039] End of demo reached
[ 73208] Game has ended
[ 73816] Spring 0.80.2.0 (0.80.2-0-ged79d6b{@}-cmake-mingw32) has crashed.
[ 73816] Exception: Access violation (0xc0000005)
[ 73816] Exception Address: 0x009fff93
[ 73816] DLL information:
[ 73816] 0x00400000 spring
[ 73816] 0x7c900000 ntdll
[ 73816] 0x7c800000 kernel32
[ 73816] 0x10000000 DevIL
[ 73816] 0x77c00000 MSVCRT
[ 73816] 0x01bf0000 ILU
[ 73816] 0x77dc0000 ADVAPI32
[ 73816] 0x77e70000 RPCRT4
[ 73816] 0x77fe0000 Secur32
[ 73816] 0x5c8f0000 GLU32
[ 73816] 0x5f190000 OPENGL32
[ 73816] 0x77f10000 GDI32
[ 73816] 0x7e360000 USER32
[ 73816] 0x736f0000 DDRAW
[ 73816] 0x73b50000 DCIMAN32
[ 73816] 0x76c80000 IMAGEHLP
[ 73816] 0x6fbc0000 mingwm10
[ 73816] 0x7c9c0000 SHELL32
[ 73816] 0x77f60000 SHLWAPI
[ 73816] 0x71a50000 WS2_32
[ 73816] 0x71a40000 WS2HELP
[ 73816] 0x6e940000 libgcc_s_dw2-1
[ 73816] 0x01c10000 SDL
[ 73816] 0x76b20000 WINMM
[ 73816] 0x7c340000 MSVCR71
[ 73816] 0x66fc0000 freetype6
[ 73816] 0x61b80000 zlib1
[ 73816] 0x6ed80000 glew32
[ 73816] 0x6b180000 vorbisfile
[ 73816] 0x63e00000 vorbis
[ 73816] 0x01c60000 ogg
[ 73816] 0x01c80000 OpenAL32
[ 73816] 0x76360000 IMM32
[ 73816] 0x773c0000 comctl32
[ 73816] 0x5d520000 comctl32
[ 73816] 0x5b1d0000 uxtheme
[ 73816] 0x746d0000 MSCTF
[ 73816] 0x10d00000 GameHook
[ 73816] 0x027d0000 lgscroll
[ 73816] 0x78130000 MSVCR80
[ 73816] 0x77680000 NTMARTA
[ 73816] 0x774d0000 ole32
[ 73816] 0x71ba0000 SAMLIB
[ 73816] 0x76f50000 WLDAP32
[ 73816] 0x75180000 msctfime
[ 73816] 0x77110000 OLEAUT32
[ 73816] 0x69030000 atioglxx
[ 73816] 0x77bf0000 VERSION
[ 73816] 0x02bf0000 atiadlxx
[ 73816] 0x77910000 SETUPAPI
[ 73816] 0x76c20000 WINTRUST
[ 73816] 0x77a70000 CRYPT32
[ 73816] 0x77b10000 MSASN1
[ 73816] 0x72cb0000 wdmaud
[ 73816] 0x72ca0000 msacm32
[ 73816] 0x77bd0000 MSACM32
[ 73816] 0x77bc0000 midimap
[ 73816] 0x73ea0000 dsound
[ 73816] 0x76fc0000 CLBCATQ
[ 73816] 0x77040000 COMRes
[ 73816] 0x5ef80000 KsUser
[ 73816] 0x058e0000 wrap_oal
[ 73816] 0x59bc0000 DBGHELP
[ 73816] Stacktrace:
[ 73816] (0) E:\gry\Spring-svn\spring.exe [0x009FFF93]
[ 73816] (1) E:\gry\Spring-svn\spring.exe [0x0067547F]
[ 73816] (2) E:\gry\Spring-svn\spring.exe [0x00403E23]
[ 73816] (3) E:\gry\Spring-svn\spring.exe [0x0041073A]
[ 73816] (4) E:\gry\Spring-svn\spring.exe [0x007E7C14]
[ 73816] (5) E:\gry\Spring-svn\spring.exe [0x007EE3F3]
[ 73816] (6) E:\gry\Spring-svn\spring.exe [0x007E6415]
[ 73816] (7) E:\gry\Spring-svn\spring.exe [0x007E68E6]
[ 73816] (8) E:\gry\Spring-svn\spring.exe [0x0086AEE8]
[ 73816] (9) E:\gry\Spring-svn\spring.exe [0x0040124B]
[ 73816] (10) E:\gry\Spring-svn\spring.exe [0x004012B8]
[ 73816] (11) C:\WINDOWS\system32\kernel32.dll(RegisterWaitForInputIdle+0x49) [0x7C817077]

/home/mingw_cross_env-mingw_gcc440/usr/bin/../lib/gcc/i386-mingw32msvc/4.4.0/include/c++/bits/stl_tree.h:970
/home/mingw_cross_env-mingw_gcc440/usr/bin/../lib/gcc/i386-mingw32msvc/4.4.0/include/c++/bits/stl_construct.h:97 [_Destroy]
/home/mingw_cross_env-mingw_gcc440/usr/bin/../lib/gcc/i386-mingw32msvc/4.4.0/include/c++/bits/stl_construct.h:123 [_Destroy]
/home/mingw_cross_env-mingw_gcc440/usr/bin/../lib/gcc/i386-mingw32msvc/4.4.0/include/c++/bits/stl_vector.h:313 [~vector]
rts/Sim/Features/FeatureHandler.cpp:163 [~CFeatureHandler]
rts/System/Util.h:67 [SafeDelete]
rts/Game/Game.cpp:580 [~CGame]
rts/System/SpringApp.cpp:1084
rts/System/SpringApp.cpp:978
rts/System/Main.cpp:68 [Run(int, char**)]
rts/System/Main.cpp:142 [WinMain@16]
dyncast.cc:0
DataDirLocater.cpp:0
DataDirLocater.cpp:0
UNTRANSLATED: C:\WINDOWS\system32\kernel32.dll(RegisterWaitForInputIdle+0x49) [0x7C817077]
--
 profile=default file=http://springrts.com/mantis/view.php?id=1602 buildsys=cmake toolchain=mingw32 auto=yes vcs=git rev=0.80.2-0-ged79d6b tag=0.80.2 links=yes

imbaczek

2009-08-29 14:22

reporter   ~0004016

USE_MMGR=1 release build results in

(gdb) bt
#0 0x009770b6 in CLosMap::At ()
#1 0x00893142 in CLosHandler::InLos ()
#2 0x0071af21 in CUnit::CalcLosStatus ()
0000003 0x008ec3d7 in CUnit::UpdateLosStatus ()
0000004 0x0071b162 in CUnit::SlowUpdate ()
0000005 0x00734e92 in CUnitHandler::Update ()
#6 0x00420912 in CGame::SimFrame ()
#7 0x00421edd in CGame::ClientReadNet ()
#8 0x0041d48c in CGame::Update ()
#9 0x007d3f7a in SpringApp::Update ()
0000010 0x007d4330 in SpringApp::Run ()
#11 0x007c3511 in Run ()
0000012 0x007c3829 in WinMain@16 ()
0000013 0x00834c88 in main ()
(gdb)

unfortunately, no more debug infos (wrong build type...)

Kloot

2009-08-29 18:06

developer   ~0004020

I got a different SEGV at 40:34

0x08393f9a in CFeatureHandler::Update (this=0xcc33ab8) at rts/Sim/Features/FeatureHandler.cpp:490
490 CFeatureSet::iterator it = activeFeatures.find(toBeRemoved.back());
(gdb) bt
#0 0x08393f9a in CFeatureHandler::Update (this=0xcc33ab8) at rts/Sim/Features/FeatureHandler.cpp:490
#1 0x087b7d09 in CGame::SimFrame (this=0xb928f58) at rts/Game/Game.cpp:3438
#2 0x087befaa in CGame::ClientReadNet (this=0xb928f58) at rts/Game/Game.cpp:3726
0000003 0x087c25ac in CGame::Update (this=0xb928f58) at rts/Game/Game.cpp:2740
0000004 0x0853a039 in SpringApp::Update (this=0xbfbf1fe0) at rts/System/SpringApp.cpp:835
0000005 0x0854203d in SpringApp::Run (this=0xbfbf1fe0, argc=2, argv=0xbfbf20c4) at rts/System/SpringApp.cpp:959
#6 0x08537740 in Run (argc=2, argv=0xbfbf20c4) at rts/System/Main.cpp:115
#7 0x085377a3 in main (argc=2, argv=0xbfbf20c4) at rts/System/Main.cpp:132

(gdb) p gs->frameNum
$1 = 73039

(gdb) p toBeRemoved
$4 = {<std::_List_base<int, std::allocator<int> >> = {_M_impl = {<std::allocator<std::_List_node<int> >> = {<__gnu_cxx::new_allocator<std::_List_node<int> >> = {<No data fields>}, <No data fields>}, _M_node = {
        _M_next = 0x696, _M_prev = 0x697}}}, <No data fields>}


Of course, if toBeRemoved is empty then accessing .back() is undefined, but the surrounding code explicitly guards against this so it looks bogus.

tvo

2010-01-17 17:07

reporter   ~0004504

I bet this was caused by CQuadField memory corruption. See 0001750.

Issue History

Date Modified Username Field Change
2009-08-27 22:18 dizekat New Issue
2009-08-27 22:18 dizekat File Added: crash.sdf
2009-08-27 22:33 imbaczek Note Added: 0004010
2009-08-27 22:34 imbaczek Note Edited: 0004010
2009-08-29 14:22 imbaczek Note Added: 0004016
2009-08-29 18:06 Kloot Note Added: 0004020
2010-01-17 16:46 tvo Relationship added related to 0001750
2010-01-17 17:07 tvo Note Added: 0004504
2010-01-17 17:07 tvo Status new => resolved
2010-01-17 17:07 tvo Fixed in Version => 0.81.0.0
2010-01-17 17:07 tvo Resolution open => fixed
2010-01-17 17:07 tvo Assigned To => tvo