bugFreeciv - Bugs: bug #22047, Crash in...

 
 
Show feedback again

bug #22047: Crash in gtk_text_layout_get_cursor_locations() on "Connect to network game"

Submitted by:  Jacob Nevins <jtn>
Submitted on:  Sun 18 May 2014 11:58:01 AM UTC  
 
Category: client-gtk-2.0Severity: 3 - Normal
Priority: 5 - NormalStatus: Fixed
Assigned to: NoneOpen/Closed: Closed
Release: trunk r24892Operating System: GNU/Linux
Planned Release: 2.5.0, 2.6.0

Add a New Comment (Rich MarkupRich Markup):
   

You are not logged in

Please log in, so followups can be emailed to you.

 

Sat 12 Jul 2014 02:09:43 PM UTC, comment #4:

Cannot reproduce on 20 trials with trunk r25504.

Closing on the assumption this was caused by the Gtk thread-safety issue fixed by bug #22108.

Jacob Nevins <jtn>
Project Administrator
Sat 24 May 2014 09:48:44 AM UTC, comment #3:

New, slightly different symptom with trunk r24941.

Main thread is as before, but in this case metaserver thread is busy doing something Gtk-y too.
I guess it might just be a coincidence and not evidence of threading trouble; normally the "double free or corruption" message from the main thread is followed by an abort (signal 6), but here it looks like the metaserver thread segfaulted; I guess that the metaserver thread happened to blunder into an unsafe pointer before the main thread could finish aborting (it didn't produce the usual backtrace/memory map dump either). Only seen once.

Main thread:

Metaserver thread:

Console:

Jacob Nevins <jtn>
Project Administrator
Mon 19 May 2014 09:02:24 PM UTC, comment #2:

Also seen with S2_5 r24899 (at least the first symptom).
Not reproduced any trouble with S2_4.

Jacob Nevins <jtn>
Project Administrator
Sun 18 May 2014 12:04:44 PM UTC, comment #1:

> The metaserver thread appears quiescent

Erm, what I've been assuming to be the metaserver thread -- it might be something else (there are no Freeciv symbols in the backtrace so it probably is something else, on reflection).

Jacob Nevins <jtn>
Project Administrator
Sun 18 May 2014 11:58:01 AM UTC, original submission:

(Found while verifying fix for bug #21896.)

Trunk code on Ubuntu 12.04 amd64: start client/freeciv-gtk2; press Alt-O for "connect to network game". Crashed immediately in 8 of 17 trials.

The crash details differ (just a segfault, "double free or corruption", etc), but the function gtk_text_layout_get_cursor_locations() is always in the backtrace (so may be the same as bug #21575).

The metaserver thread appears quiescent (in ppoll()) in all the coredumps, so this isn't as obviously a thread-safety issue as bug #21896 was.

Not tried branches other than trunk.

Some backtraces (main thread):


Most common symptom: seen in 7 of 8 crashes.


Seen once. In this case the console showed

Jacob Nevins <jtn>
Project Administrator

 

(Note: upload size limit is set to 1024 kB, after insertion of the required escape characters.)

Attach File(s):
   
   
Comment:
   

No files currently attached

 

Depends on the following items: None found

Items that depend on this one: None found

 

Carbon-Copy List
  • -unavailable- added by jtn (Submitted the item)
  •  

    Do you think this task is very important?
    If so, you can click here to add your encouragement to it.
    This task has 0 encouragements so far.

    Only logged-in users can vote.

     

    Please enter the title of George Orwell's famous dystopian book (it's a date):

     

     

    Follow 3 latest changes.

    Date Changed By Updated Field Previous Value => Replaced By
    Sat 12 Jul 2014 02:09:43 PM UTCjtnStatusNone=>Fixed
      Open/ClosedOpen=>Closed
    Mon 19 May 2014 09:02:24 PM UTCjtnPlanned Release2.6.0=>2.5.0, 2.6.0
    Show feedback again

    Back to the top


    Powered by Savane 3.1-cleanup