freeciv segfaults when opening city dialog

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

freeciv segfaults when opening city dialog

Florian Obser
no idea when this started...

(gdb) bt
#0  0x00001b119089bc2c in _pixops_composite ()
   from /usr/local/lib/libgdk_pixbuf-2.0.so.3200.0
#1  0x00001b11908937e7 in gdk_pixbuf_composite ()
   from /usr/local/lib/libgdk_pixbuf-2.0.so.3200.0
#2  0x00001b0f615d75e5 in unit_select_dialog_update_real ()
   from /usr/local/bin/freeciv-gtk2
#3  0x00001b0f6154d1e0 in real_science_report_dialog_update ()
   from /usr/local/bin/freeciv-gtk2
#4  0x00001b11ba19bff3 in gtk_tree_view_column_cell_set_cell_data ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#5  0x00001b11ba19403b in validate_row ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#6  0x00001b11ba195024 in do_validate_rows ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#7  0x00001b11ba1953c7 in gtk_tree_view_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#8  0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#9  0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#10 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#11 0x00001b121862359d in g_signal_emit_by_name ()
---Type <return> to continue, or q <return> to quit---
   from /usr/local/lib/libgobject-2.0.so.4200.2
#12 0x00001b11ba0fa988 in compute_base_dimension ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#13 0x00001b11ba0faa61 in compute_dimension ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#14 0x00001b11ba0fab98 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#15 0x00001b11ba0efaae in gtk_scrolled_window_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#16 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#17 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#18 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#19 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#20 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#21 0x00001b11ba11795c in gtk_table_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#22 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
---Type <return> to continue, or q <return> to quit---
#23 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#24 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#25 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#26 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#27 0x00001b11b9fd2946 in gtk_box_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#28 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#29 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#30 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#31 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#32 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#33 0x00001b11b9fd2946 in gtk_box_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#34 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
---Type <return> to continue, or q <return> to quit---
   from /usr/local/lib/libgobject-2.0.so.4200.2
#35 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#36 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#37 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#38 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#39 0x00001b11ba0aebc0 in gtk_notebook_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#40 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#41 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#42 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#43 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#44 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#45 0x00001b11b9fd2946 in gtk_box_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
---Type <return> to continue, or q <return> to quit---
#46 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#47 0x00001b121860a0e7 in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#48 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#49 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#50 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#51 0x00001b11ba1b9060 in gtk_window_size_request ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#52 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#53 0x00001b121860a03d in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#54 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#55 0x00001b121862359d in g_signal_emit_by_name ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#56 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#57 0x00001b11ba1b9494 in gtk_window_compute_configure_request ()
---Type <return> to continue, or q <return> to quit---
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#58 0x00001b11ba1c2fec in gtk_window_show ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#59 0x00001b121860a03d in _g_closure_invoke_va ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#60 0x00001b1218622486 in g_signal_emit_valist ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#61 0x00001b1218623681 in g_signal_emit ()
   from /usr/local/lib/libgobject-2.0.so.4200.2
#62 0x00001b11ba1b2e76 in gtk_widget_show ()
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#63 0x00001b0f615b8aef in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
#64 0x00001b0f615aa67a in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
#65 0x00001b0f615aae13 in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
#66 0x00001b0f61526a6e in __register_frame_info ()
   from /usr/local/bin/freeciv-gtk2
#67 0x00001b117eb5e452 in g_main_context_dispatch ()
   from /usr/local/lib/libglib-2.0.so.4200.2
#68 0x00001b117eb605db in g_main_context_iterate ()
   from /usr/local/lib/libglib-2.0.so.4200.2
#69 0x00001b117eb61555 in g_main_loop_run ()
   from /usr/local/lib/libglib-2.0.so.4200.2
#70 0x00001b11ba087cb1 in gtk_main ()
---Type <return> to continue, or q <return> to quit---
   from /usr/local/lib/libgtk-x11-2.0.so.2400.0
#71 0x00001b0f6152a23c in quit_gtk_main () from /usr/local/bin/freeciv-gtk2
#72 0x00001b0f61555ae2 in real_science_report_dialog_update ()
   from /usr/local/bin/freeciv-gtk2
#73 0x00001b0f61526301 in ?? () from /usr/local/bin/freeciv-gtk2
#74 0x0000000000000000 in ?? ()

OpenBSD 5.9-beta (GENERIC.MP) #1825: Tue Jan 12 22:14:04 MST 2016
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8357658624 (7970MB)
avail mem = 8100220928 (7724MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe0010 (78 entries)
bios0: vendor LENOVO version "6QET61WW (1.31 )" date 10/26/2010
bios0: LENOVO 3680K84
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET ASF! SLIC BOOT SSDT TCPA SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) EXP5(S4) EHC1(S3) EHC2(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.41 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 132MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 5 (application processor)
cpu3: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 2, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 13 (EXP1)
acpiprt3 at acpi0: bus -1 (EXP2)
acpiprt4 at acpi0: bus -1 (EXP3)
acpiprt5 at acpi0: bus 5 (EXP4)
acpiprt6 at acpi0: bus 2 (EXP5)
acpicpu0 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
acpicpu1 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
acpicpu2 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
acpicpu3 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
acpipwrres0 at acpi0: PUBS, resource for EHC1, EHC2
acpitz0 at acpi0: critical temperature is 100 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model "42T4694" serial  1027 type LION oem "SANYO"
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: GDCK not docked (0)
cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2400, 2399, 2266, 2133, 1999, 1866, 1733, 1599, 1466, 1333, 1199 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core Host" rev 0x02
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics" rev 0x02
drm0 at inteldrm0
intagp0 at inteldrm0
agp0 at intagp0: aperture at 0xd0000000, size 0x10000000
inteldrm0: msi
inteldrm0: 1280x800
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel 3400 MEI" rev 0x06 at pci0 dev 22 function 0 not configured
em0 at pci0 dev 25 function 0 "Intel 82577LM" rev 0x06: msi, address f0:de:f1:3f:5a:48
ehci0 at pci0 dev 26 function 0 "Intel 3400 USB" rev 0x06: apic 1 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 3400 HD Audio" rev 0x06: msi
azalia0: codecs: Conexant/0x5069, Intel/0x2804, using Conexant/0x5069
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 3400 PCIE" rev 0x06: msi
pci1 at ppb0 bus 13
ppb1 at pci0 dev 28 function 3 "Intel 3400 PCIE" rev 0x06: msi
pci2 at ppb1 bus 5
ppb2 at pci0 dev 28 function 4 "Intel 3400 PCIE" rev 0x06: msi
pci3 at ppb2 bus 2
iwn0 at pci3 dev 0 function 0 "Intel Centrino Ultimate-N 6300" rev 0x35: msi, MIMO 3T3R, MoW, address 00:24:d7:86:d7:e8
ehci1 at pci0 dev 29 function 0 "Intel 3400 USB" rev 0x06: apic 1 int 19
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xa6
pci4 at ppb3 bus 14
pcib0 at pci0 dev 31 function 0 "Intel QM57 LPC" rev 0x06
ahci0 at pci0 dev 31 function 2 "Intel 3400 AHCI" rev 0x06: msi, AHCI 1.3
ahci0: port 0: 3.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: <ATA, INTEL SSDSC2CW24, 400i> SCSI3 0/direct fixed naa.5001517bb2a84bfe
sd0: 228936MB, 512 bytes/sector, 468862128 sectors, thin
ichiic0 at pci0 dev 31 function 3 "Intel 3400 SMBus" rev 0x06: apic 1 int 23
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-10600 SO-DIMM
spdmem1 at iic0 addr 0x51: 4GB DDR3 SDRAM PC3-10600 SO-DIMM
itherm0 at pci0 dev 31 function 6 "Intel 3400 Thermal" rev 0x06
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
aps0 at isa0 port 0x1600/31
pci5 at mainbus0 bus 255
pchb1 at pci5 dev 0 function 0 "Intel QuickPath" rev 0x02
pchb2 at pci5 dev 0 function 1 "Intel QuickPath" rev 0x02
pchb3 at pci5 dev 2 function 0 "Intel QPI Link" rev 0x02
pchb4 at pci5 dev 2 function 1 "Intel QPI Physical" rev 0x02
pchb5 at pci5 dev 2 function 2 "Intel Reserved" rev 0x02
pchb6 at pci5 dev 2 function 3 "Intel Reserved" rev 0x02
uhub2 at uhub0 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
ugen0 at uhub2 port 3 "UPEK Biometric Coprocessor" rev 1.01/0.02 addr 3
ugen1 at uhub2 port 4 "Broadcom Corp Broadcom Bluetooth Device" rev 2.00/3.60 addr 4
uvideo0 at uhub2 port 6 configuration 1 interface 0 "Chicony Electronics Co., Ltd. Integrated Camera" rev 2.00/23.45 addr 5
video0 at uvideo0
uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
ugen2 at uhub3 port 4 "Qualcomm Incorporated Qualcomm Gobi 2000" rev 2.00/0.02 addr 3
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (3d36e729d049658a.a) swap on sd0b dump on sd0b


--
I'm not entirely sure you are real.

Reply | Threaded
Open this post in threaded view
|

Re: freeciv segfaults when opening city dialog

Stuart Henderson-6
On 2016/01/16 20:23, Florian Obser wrote:
> no idea when this started...

pirofti ran into this as well but I couldn't repeat it.

malloc flags might be part of the puzzle, we could probably also do
with a backtrace with at least gdk-pixbuf and freeciv, if not also
gtk+2, built with 'DEBUG="-O0 -g"'

> (gdb) bt
> #0  0x00001b119089bc2c in _pixops_composite ()
>    from /usr/local/lib/libgdk_pixbuf-2.0.so.3200.0
> #1  0x00001b11908937e7 in gdk_pixbuf_composite ()
>    from /usr/local/lib/libgdk_pixbuf-2.0.so.3200.0
> #2  0x00001b0f615d75e5 in unit_select_dialog_update_real ()
>    from /usr/local/bin/freeciv-gtk2
> #3  0x00001b0f6154d1e0 in real_science_report_dialog_update ()
>    from /usr/local/bin/freeciv-gtk2
> #4  0x00001b11ba19bff3 in gtk_tree_view_column_cell_set_cell_data ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #5  0x00001b11ba19403b in validate_row ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #6  0x00001b11ba195024 in do_validate_rows ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #7  0x00001b11ba1953c7 in gtk_tree_view_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #8  0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #9  0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #10 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #11 0x00001b121862359d in g_signal_emit_by_name ()
> ---Type <return> to continue, or q <return> to quit---
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #12 0x00001b11ba0fa988 in compute_base_dimension ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #13 0x00001b11ba0faa61 in compute_dimension ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #14 0x00001b11ba0fab98 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #15 0x00001b11ba0efaae in gtk_scrolled_window_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #16 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #17 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #18 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #19 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #20 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #21 0x00001b11ba11795c in gtk_table_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #22 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> ---Type <return> to continue, or q <return> to quit---
> #23 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #24 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #25 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #26 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #27 0x00001b11b9fd2946 in gtk_box_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #28 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #29 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #30 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #31 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #32 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #33 0x00001b11b9fd2946 in gtk_box_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #34 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
> ---Type <return> to continue, or q <return> to quit---
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #35 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #36 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #37 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #38 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #39 0x00001b11ba0aebc0 in gtk_notebook_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #40 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #41 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #42 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #43 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #44 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #45 0x00001b11b9fd2946 in gtk_box_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> ---Type <return> to continue, or q <return> to quit---
> #46 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #47 0x00001b121860a0e7 in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #48 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #49 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #50 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #51 0x00001b11ba1b9060 in gtk_window_size_request ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #52 0x00001b121860b93e in g_cclosure_marshal_VOID__BOXEDv ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #53 0x00001b121860a03d in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #54 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #55 0x00001b121862359d in g_signal_emit_by_name ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #56 0x00001b11ba0fabd0 in _gtk_size_group_compute_requisition ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #57 0x00001b11ba1b9494 in gtk_window_compute_configure_request ()
> ---Type <return> to continue, or q <return> to quit---
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #58 0x00001b11ba1c2fec in gtk_window_show ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #59 0x00001b121860a03d in _g_closure_invoke_va ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #60 0x00001b1218622486 in g_signal_emit_valist ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #61 0x00001b1218623681 in g_signal_emit ()
>    from /usr/local/lib/libgobject-2.0.so.4200.2
> #62 0x00001b11ba1b2e76 in gtk_widget_show ()
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #63 0x00001b0f615b8aef in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
> #64 0x00001b0f615aa67a in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
> #65 0x00001b0f615aae13 in destroy_reqtree () from /usr/local/bin/freeciv-gtk2
> #66 0x00001b0f61526a6e in __register_frame_info ()
>    from /usr/local/bin/freeciv-gtk2
> #67 0x00001b117eb5e452 in g_main_context_dispatch ()
>    from /usr/local/lib/libglib-2.0.so.4200.2
> #68 0x00001b117eb605db in g_main_context_iterate ()
>    from /usr/local/lib/libglib-2.0.so.4200.2
> #69 0x00001b117eb61555 in g_main_loop_run ()
>    from /usr/local/lib/libglib-2.0.so.4200.2
> #70 0x00001b11ba087cb1 in gtk_main ()
> ---Type <return> to continue, or q <return> to quit---
>    from /usr/local/lib/libgtk-x11-2.0.so.2400.0
> #71 0x00001b0f6152a23c in quit_gtk_main () from /usr/local/bin/freeciv-gtk2
> #72 0x00001b0f61555ae2 in real_science_report_dialog_update ()
>    from /usr/local/bin/freeciv-gtk2
> #73 0x00001b0f61526301 in ?? () from /usr/local/bin/freeciv-gtk2
> #74 0x0000000000000000 in ?? ()
>
> OpenBSD 5.9-beta (GENERIC.MP) #1825: Tue Jan 12 22:14:04 MST 2016
>     [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 8357658624 (7970MB)
> avail mem = 8100220928 (7724MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe0010 (78 entries)
> bios0: vendor LENOVO version "6QET61WW (1.31 )" date 10/26/2010
> bios0: LENOVO 3680K84
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET ASF! SLIC BOOT SSDT TCPA SSDT SSDT SSDT
> acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) EXP5(S4) EHC1(S3) EHC2(S3) HDEF(S4)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpiec0 at acpi0
> acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.41 MHz
> cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
> cpu0: 256KB 64b/line 8-way L2 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 132MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
> cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
> cpu1: 256KB 64b/line 8-way L2 cache
> cpu1: smt 1, core 0, package 0
> cpu2 at mainbus0: apid 4 (application processor)
> cpu2: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
> cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
> cpu2: 256KB 64b/line 8-way L2 cache
> cpu2: smt 0, core 2, package 0
> cpu3 at mainbus0: apid 5 (application processor)
> cpu3: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2659.99 MHz
> cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
> cpu3: 256KB 64b/line 8-way L2 cache
> cpu3: smt 1, core 2, package 0
> ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 20, 24 pins
> ioapic0: misconfigured as apic 2, remapped to apid 1
> acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
> acpihpet0 at acpi0: 14318179 Hz
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus -1 (PEG_)
> acpiprt2 at acpi0: bus 13 (EXP1)
> acpiprt3 at acpi0: bus -1 (EXP2)
> acpiprt4 at acpi0: bus -1 (EXP3)
> acpiprt5 at acpi0: bus 5 (EXP4)
> acpiprt6 at acpi0: bus 2 (EXP5)
> acpicpu0 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
> acpicpu1 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
> acpicpu2 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
> acpicpu3 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS
> acpipwrres0 at acpi0: PUBS, resource for EHC1, EHC2
> acpitz0 at acpi0: critical temperature is 100 degC
> acpibtn0 at acpi0: LID_
> acpibtn1 at acpi0: SLPB
> acpibat0 at acpi0: BAT0 model "42T4694" serial  1027 type LION oem "SANYO"
> acpibat1 at acpi0: BAT1 not present
> acpiac0 at acpi0: AC unit online
> acpithinkpad0 at acpi0
> acpidock0 at acpi0: GDCK not docked (0)
> cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2400, 2399, 2266, 2133, 1999, 1866, 1733, 1599, 1466, 1333, 1199 MHz
> pci0 at mainbus0 bus 0
> pchb0 at pci0 dev 0 function 0 "Intel Core Host" rev 0x02
> inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics" rev 0x02
> drm0 at inteldrm0
> intagp0 at inteldrm0
> agp0 at intagp0: aperture at 0xd0000000, size 0x10000000
> inteldrm0: msi
> inteldrm0: 1280x800
> wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
> wsdisplay0: screen 1-5 added (std, vt100 emulation)
> "Intel 3400 MEI" rev 0x06 at pci0 dev 22 function 0 not configured
> em0 at pci0 dev 25 function 0 "Intel 82577LM" rev 0x06: msi, address f0:de:f1:3f:5a:48
> ehci0 at pci0 dev 26 function 0 "Intel 3400 USB" rev 0x06: apic 1 int 23
> usb0 at ehci0: USB revision 2.0
> uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
> azalia0 at pci0 dev 27 function 0 "Intel 3400 HD Audio" rev 0x06: msi
> azalia0: codecs: Conexant/0x5069, Intel/0x2804, using Conexant/0x5069
> audio0 at azalia0
> ppb0 at pci0 dev 28 function 0 "Intel 3400 PCIE" rev 0x06: msi
> pci1 at ppb0 bus 13
> ppb1 at pci0 dev 28 function 3 "Intel 3400 PCIE" rev 0x06: msi
> pci2 at ppb1 bus 5
> ppb2 at pci0 dev 28 function 4 "Intel 3400 PCIE" rev 0x06: msi
> pci3 at ppb2 bus 2
> iwn0 at pci3 dev 0 function 0 "Intel Centrino Ultimate-N 6300" rev 0x35: msi, MIMO 3T3R, MoW, address 00:24:d7:86:d7:e8
> ehci1 at pci0 dev 29 function 0 "Intel 3400 USB" rev 0x06: apic 1 int 19
> usb1 at ehci1: USB revision 2.0
> uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
> ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xa6
> pci4 at ppb3 bus 14
> pcib0 at pci0 dev 31 function 0 "Intel QM57 LPC" rev 0x06
> ahci0 at pci0 dev 31 function 2 "Intel 3400 AHCI" rev 0x06: msi, AHCI 1.3
> ahci0: port 0: 3.0Gb/s
> scsibus1 at ahci0: 32 targets
> sd0 at scsibus1 targ 0 lun 0: <ATA, INTEL SSDSC2CW24, 400i> SCSI3 0/direct fixed naa.5001517bb2a84bfe
> sd0: 228936MB, 512 bytes/sector, 468862128 sectors, thin
> ichiic0 at pci0 dev 31 function 3 "Intel 3400 SMBus" rev 0x06: apic 1 int 23
> iic0 at ichiic0
> spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-10600 SO-DIMM
> spdmem1 at iic0 addr 0x51: 4GB DDR3 SDRAM PC3-10600 SO-DIMM
> itherm0 at pci0 dev 31 function 6 "Intel 3400 Thermal" rev 0x06
> isa0 at pcib0
> isadma0 at isa0
> pckbc0 at isa0 port 0x60/5 irq 1 irq 12
> pckbd0 at pckbc0 (kbd slot)
> wskbd0 at pckbd0: console keyboard, using wsdisplay0
> pms0 at pckbc0 (aux slot)
> wsmouse0 at pms0 mux 0
> pcppi0 at isa0 port 0x61
> spkr0 at pcppi0
> aps0 at isa0 port 0x1600/31
> pci5 at mainbus0 bus 255
> pchb1 at pci5 dev 0 function 0 "Intel QuickPath" rev 0x02
> pchb2 at pci5 dev 0 function 1 "Intel QuickPath" rev 0x02
> pchb3 at pci5 dev 2 function 0 "Intel QPI Link" rev 0x02
> pchb4 at pci5 dev 2 function 1 "Intel QPI Physical" rev 0x02
> pchb5 at pci5 dev 2 function 2 "Intel Reserved" rev 0x02
> pchb6 at pci5 dev 2 function 3 "Intel Reserved" rev 0x02
> uhub2 at uhub0 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
> ugen0 at uhub2 port 3 "UPEK Biometric Coprocessor" rev 1.01/0.02 addr 3
> ugen1 at uhub2 port 4 "Broadcom Corp Broadcom Bluetooth Device" rev 2.00/3.60 addr 4
> uvideo0 at uhub2 port 6 configuration 1 interface 0 "Chicony Electronics Co., Ltd. Integrated Camera" rev 2.00/23.45 addr 5
> video0 at uvideo0
> uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
> ugen2 at uhub3 port 4 "Qualcomm Incorporated Qualcomm Gobi 2000" rev 2.00/0.02 addr 3
> vscsi0 at root
> scsibus2 at vscsi0: 256 targets
> softraid0 at root
> scsibus3 at softraid0: 256 targets
> root on sd0a (3d36e729d049658a.a) swap on sd0b dump on sd0b
>
>
> --
> I'm not entirely sure you are real.
>

Reply | Threaded
Open this post in threaded view
|

Re: freeciv segfaults when opening city dialog

Florian Obser
On Sat, Jan 16, 2016 at 09:29:26PM +0000, Stuart Henderson wrote:
> On 2016/01/16 20:23, Florian Obser wrote:
> > no idea when this started...
>
> pirofti ran into this as well but I couldn't repeat it.
>
> malloc flags might be part of the puzzle, we could probably also do

no malloc flags

> with a backtrace with at least gdk-pixbuf and freeciv, if not also
> gtk+2, built with 'DEBUG="-O0 -g"'

rebuild everything with -O0 -g, now it no longer crashes :/

--
I'm not entirely sure you are real.

Reply | Threaded
Open this post in threaded view
|

Re: freeciv segfaults when opening city dialog

Ingo Schwarze
Hi Florian,

Florian Obser wrote on Sun, Jan 17, 2016 at 02:17:50PM +0000:
> On Sat, Jan 16, 2016 at 09:29:26PM +0000, Stuart Henderson wrote:
>> On 2016/01/16 20:23, Florian Obser wrote:

>>> no idea when this started...

>> pirofti ran into this as well but I couldn't repeat it.
>> malloc flags might be part of the puzzle, we could probably also do

> no malloc flags

>> with a backtrace with at least gdk-pixbuf and freeciv, if not also
>> gtk+2, built with 'DEBUG="-O0 -g"'

> rebuild everything with -O0 -g, now it no longer crashes :/

Let's assume the bugs are in freeciv, not in the lower-level libs.
So don't use non-standard gdk-pixbuf and gtk+2, only build freeciv
itself with 'DEBUG="-O0 -g"'.  Even then, it crashes much more rarely,
confirming the suspicion that freeciv itself is the main offender.

But in that setup, it still crashes, though much more rarely,
and not only when opening the city dialog, but in various situations.

It is quite hard to debug.

The gdk-pixbuf interface is large, only documented in HTML, rarely
specifying validity constraints.  Below it, there are layers upon
layers of abstraction, so it's hard to figure out which input is
valid and which isn't.

It is used by freeciv code in similar style:  Layers upon layers
of abstraction, but not documented at all, using different conventions
for specifying offsets.

I'm not surprised at all that this code is prone to buffer overflows
and underflows.

Yours,
  Ingo