Package: libc6 Version: 2.3.1-17 Severity: normal Tags: upstream while playing xblast[1], the program fails irregular with a segfault.
Here is a sample output of xblast started in gdb:
----------------------------->8-----------------------
Program received signal SIGSEGV, Segmentation fault.
0x4014d417 in mallopt () from /lib/libc.so.6
(gdb) bt
#0 0x4014d417 in mallopt () from /lib/libc.so.6
#1 0x4014ce37 in mallopt () from /lib/libc.so.6
#2 0x4014c0fc in malloc () from /lib/libc.so.6
#3 0x0804b0ec in ReadPpmFile (path=0x80823c0 "image/block",
filename=0x8080644 "score_right_up", width=0xbffffa94, height=0xbffffa90)
at util.c:464
#4 0x0807a3f3 in ReadCchPixmap (path=0x80823c0 "image/block",
filename=0x8080644 "score_right_up", fg=0, bg=23323, add=0)
at x11c_image.c:292
#5 0x0807be18 in GUI_LoadBlockCch (id=0, name=0x8080644 "score_right_up",
fg=0, bg=23323, add=0) at x11c_tile.c:226
#6 0x0804e2db in ConfigScoreGraphics (data=0x80806c0) at map.c:306
#7 0x0804d28c in ShowScoreBoard (lastTeam=0, maxNumWins=4, numPlayers=2,
playerStat=0x811daa0, timeOut=XBTrue) at intro.c:799
#8 0x0805e0e9 in RunClientGame (hostType=XBPH_Client1) at game_client.c:337
#9 0x0804a766 in main (argc=1, argv=0xbffffd44) at xblast.c:98
----------------------------->8-----------------------
I don't think, it's important, but util.c:464ff [2] are:
if (NULL == (ppm = malloc (nPixel * sizeof(char) ) ) ) {
goto Error;
}
Repeating the test, the segfault happens not always in
malloc/ReadPpmFile but always in mallopt.
The last game ended in
#0 0x4014e2a9 in mallopt () from /lib/libc.so.6
#1 0x4014d281 in free () from /lib/libc.so.6
#2 0x08054e4a in DelExplosion (ptr=0x81651e8) at bomb.c:571
...
The game before died in a calloc.
As in most cases the error occurs in malloc, i think, that's not a
problem of xblast but of libc.
On Solaris this problem didn't occur until now. On a Gentoo linux
maschine with the same version of libc (i.e. 2.3.1), xblast segfaults,
too. (On that maschine exists no gdb and I didn't feel like installing
it - so _maybe_ it's an other reason there.)
I don't dare to debug the memory functions of libc, so I deliver no
patch.
Maybe this has something to do with bug #202969? I'm not sure, because
`my' error occurs in mallopt, not in free or malloc directly. Moreover
I'm not able to reproduce the bug starting gimp and repeatedly open the
open dialog.
Setting (as described in [3]) LANG=en_US or defining LC_COLLATE didn't
help.
Regards
Uwe
[1] from package:
http://luc.saillard.free.fr/XBlast-TNT/debian/xblast-tnt_2.38-pl4-1_i386.deb
[2] supposing the package was build using
http://luc.saillard.free.fr/XBlast-TNT/sources/XBlast-TNT-2.38-pl4.tar.bz2
[3] http://lists.debian.org/debian-gtk-gnome/2003/debian-gtk-gnome-200307/msg00128.html
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux cepheus 2.4.21-ac1 #1 Tue Jun 17 11:42:40 CEST 2003 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database
routines [gl
-- no debconf information
--
Uwe Zeisberger
$ dc << EOF
[d1-d1<a]sa99d1<a1[rdn555760928P*pz1<a]salax
EOF
pgp00000.pgp
Description: PGP signature
