Trunk is currently broken when playing music and switching between the "base" and "mp" mods, see ticket:57.

This revision fixes ticket:57. We (Buginator, EvilGuru and Giel) decided to use the fix suggested in ticket:57 for now and to use [wiki:Proposal:ModMounting] on a later date. I.e. fix the problem now (however dirty the solution may be), and implement a properly designed one later on, instead of letting trunk remain broken until said proposal is worked out in enough detail.

This revision fixes bug #11847, bug #11875, bug #11898, bug #11976, bug #11989, bug #12017, bug #12250 and bug #12280.

Patch by Buginator and myself

(Browse SVN revision 6028)

What do you mean by bogus handle?

All it sends in to physfs is a path string. Sure, our code attempts to remove paths from the search path that have not been added, but should this cause problems internally in physfs?

This does not appear to be a PhysicsFS bug. I get the crash in PhysicsFS 1.0 and 1.1.

- Start program (svn-5944)
- "Single Player"
- "Start Skirmish Game"
- "Start Hosting Game"
- "Click when ready"

Crashes reliably with both physfs 1.0 and 1.1

It looks like the game is passing a bogus handle to PhysicsFS for closing. Here's Valgrind on 1.1:

==28626== Invalid read of size 8
==28626== at 0x550FD77: freeDirInfo (physfs.c:604)
==28626== by 0x550FE30: PHYSFS_removeFromSearchPath (physfs.c:1006)
==28626== by 0x4CAC53: rebuildSearchPath (init.c:271)
==28626== by 0x4CAA91: rebuildSearchPath (init.c:240)
==28626== by 0x4DF1AA: levLoadData (levels.c:676)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xb41c960 is not stack'd, malloc'd or (recently) free'd
==28626==
==28626== Invalid read of size 8
==28626== at 0x550FD77: freeDirInfo (physfs.c:604)
==28626== by 0x550FE30: PHYSFS_removeFromSearchPath (physfs.c:1006)
==28626== by 0x4CACC7: rebuildSearchPath (init.c:279)
==28626== by 0x4CAA91: rebuildSearchPath (init.c:240)
==28626== by 0x4DF1AA: levLoadData (levels.c:676)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xb41c960 is not stack'd, malloc'd or (recently) free'd
==28626==
==28626== Invalid read of size 8
==28626== at 0x550FD77: freeDirInfo (physfs.c:604)
==28626== by 0x550FE30: PHYSFS_removeFromSearchPath (physfs.c:1006)
==28626== by 0x4CB0FF: rebuildSearchPath (init.c:357)
==28626== by 0x4CAA91: rebuildSearchPath (init.c:240)
==28626== by 0x4DF1AA: levLoadData (levels.c:676)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xb41c960 is not stack'd, malloc'd or (recently) free'd
==28626==
==28626== Invalid read of size 8
==28626== at 0x550FD77: freeDirInfo (physfs.c:604)
==28626== by 0x550FE30: PHYSFS_removeFromSearchPath (physfs.c:1006)
==28626== by 0x4CAF9C: rebuildSearchPath (init.c:330)
==28626== by 0x4DF1AA: levLoadData (levels.c:676)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xb41c960 is not stack'd, malloc'd or (recently) free'd
==28626==
==28626== Invalid read of size 4
==28626== at 0x620DEA1: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x621139B: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x620DBC0: alDeleteSources (in /usr/lib/libopenal.so.0.0.0)
==28626== by 0x5C4874: sound_DestroyStream (openal_track.c:1049)
==28626== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==28626== by 0x5C3792: sound_Update (openal_track.c:280)
==28626== by 0x5C21A0: audio_Update (audio.c:577)
==28626== by 0x55934A: loadingScreenCallback (wrappers.c:311)
==28626== by 0x626E01: resDoResLoadCallback (frameresource.c:62)
==28626== by 0x626BE9: resLoadFile (frameresource.c:525)
==28626== by 0x62AAC2: res_parse (resource_parser.y:120)
==28626== by 0x6261FC: resLoad (frameresource.c:121)
==28626== by 0x4DF2F5: levLoadData (levels.c:719)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xa929804 is 4 bytes before a block of size 0 alloc'd
==28626== at 0x4C22FAB: malloc (vg_replace_malloc.c:207)
==28626== by 0x620AF7C: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x620B189: alSourceUnqueueBuffers (in /usr/lib/libopenal.so.0.0.0)
==28626== by 0x5C4846: sound_DestroyStream (openal_track.c:1041)
==28626== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==28626== by 0x5C3792: sound_Update (openal_track.c:280)
==28626== by 0x5C21A0: audio_Update (audio.c:577)
==28626== by 0x55934A: loadingScreenCallback (wrappers.c:311)
==28626== by 0x626E01: resDoResLoadCallback (frameresource.c:62)
==28626== by 0x626BE9: resLoadFile (frameresource.c:525)
==28626== by 0x62AAC2: res_parse (resource_parser.y:120)
==28626== by 0x6261FC: resLoad (frameresource.c:121)
==28626== by 0x4DF2F5: levLoadData (levels.c:719)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626==
==28626== Invalid read of size 2
==28626== at 0x5513F6C: ZIP_fileClose (zip.c:405)
==28626== by 0x550E548: closeHandleInOpenList (physfs.c:1707)
==28626== by 0x550E9BE: PHYSFS_close (physfs.c:1736)
==28626== by 0x5C4898: sound_DestroyStream (openal_track.c:1056)
==28626== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==28626== by 0x5C3792: sound_Update (openal_track.c:280)
==28626== by 0x5C21A0: audio_Update (audio.c:577)
==28626== by 0x55934A: loadingScreenCallback (wrappers.c:311)
==28626== by 0x626E01: resDoResLoadCallback (frameresource.c:62)
==28626== by 0x626BE9: resLoadFile (frameresource.c:525)
==28626== by 0x62AAC2: res_parse (resource_parser.y:120)
==28626== by 0x6261FC: resLoad (frameresource.c:121)
==28626== by 0x4DF2F5: levLoadData (levels.c:719)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626== Address 0xaaa5204 is 3,476 bytes inside a block of size 32,768 free'd
==28626== at 0x4C22B2E: free (vg_replace_malloc.c:323)
==28626== by 0x7D06D33: inflateEnd (in /usr/lib/libz.so.1.2.3.3)
==28626== by 0x572D759: png_read_destroy (in /usr/lib/libpng12.so.0.15.0)
==28626== by 0x572D8A3: png_destroy_read_struct (in /usr/lib/libpng12.so.0.15.0)
==28626== by 0x61EF2D: PNGReadCleanup (png_util.c:59)
==28626== by 0x61EEBE: iV_loadImage_PNG (png_util.c:168)
==28626== by 0x551162: texLoad (texture.c:220)
==28626== by 0x4909B6: dataTERTILESLoad (data.c:720)
==28626== by 0x626B3C: resLoadFile (frameresource.c:509)
==28626== by 0x62AAC2: res_parse (resource_parser.y:120)
==28626== by 0x6261FC: resLoad (frameresource.c:121)
==28626== by 0x4DF2F5: levLoadData (levels.c:719)
==28626== by 0x4E4F56: startGameLoop (main.c:555)
==28626== by 0x4E52F3: runTitleLoop (main.c:707)
==28626== by 0x4E551C: mainLoop (main.c:825)
==28626== by 0x4E58EF: main (main.c:979)
==28626==
==28626== Thread 3:
==28626== Invalid read of size 2
==28626== at 0x6212B0B: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x620A876: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x620A374: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x621202A: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x50F03F6: start_thread (in /lib/libpthread-2.7.so)
==28626== by 0x6DE2B2C: clone (in /lib/libc-2.7.so)
==28626== Address 0xabbcfc8 is 0 bytes inside a block of size 4,096 free'd
==28626== at 0x4C22B2E: free (vg_replace_malloc.c:323)
==28626== by 0x620DEBC: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x621139B: (within /usr/lib/libopenal.so.0.0.0)
==28626== by 0x620DBC0: alDeleteSources (in /usr/lib/libopenal.so.0.0.0)
==28626== by 0x5C4874: sound_DestroyStream (openal_track.c:1049)
==28626== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==28626== by 0x5C3792: sound_Update (openal_track.c:280)
==28626== by 0x5C30D4: cdAudio_Stop (cdaudio.c:159)
==28626== by 0x5C2D5D: cdAudio_Close (cdaudio.c:61)
==28626== by 0x4CB39D: systemShutdown (init.c:468)
==28626== by 0x6D4010F: exit (in /lib/libc-2.7.so)
==28626== by 0x6D291CA: (below main) (in /lib/libc-2.7.so)
==28626==

This is with PhysicsFS 1.1 ... it looks like we might be handling this better internally, so the crash moves elsewhere (note the game's logging of resLoadFile problem...).

==22317==
==22317== Invalid read of size 4
==22317== at 0x6223EA1: (within /usr/lib/libopenal.so.0.0.0)
==22317== by 0x622739B: (within /usr/lib/libopenal.so.0.0.0)
==22317== by 0x6223BC0: alDeleteSources (in /usr/lib/libopenal.so.0.0.0)
==22317== by 0x5C4874: sound_DestroyStream (openal_track.c:1049)
==22317== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==22317== by 0x5C3792: sound_Update (openal_track.c:280)
==22317== by 0x5C21A0: audio_Update (audio.c:577)
==22317== by 0x55934A: loadingScreenCallback (wrappers.c:311)
==22317== by 0x626E01: resDoResLoadCallback (frameresource.c:62)
==22317== by 0x626BE9: resLoadFile (frameresource.c:525)
==22317== by 0x62AAC2: res_parse (resource_parser.y:120)
==22317== by 0x6261FC: resLoad (frameresource.c:121)
==22317== by 0x4DF2F5: levLoadData (levels.c:719)
==22317== by 0x4E4F56: startGameLoop (main.c:555)
==22317== by 0x4E52F3: runTitleLoop (main.c:707)
==22317== by 0x4E551C: mainLoop (main.c:825)
==22317== by 0x4E58EF: main (main.c:979)
==22317== Address 0xa8a8ff4 is 4 bytes before a block of size 0 alloc'd
==22317== at 0x4C22FAB: malloc (vg_replace_malloc.c:207)
==22317== by 0x6220F7C: (within /usr/lib/libopenal.so.0.0.0)
==22317== by 0x6221189: alSourceUnqueueBuffers (in /usr/lib/libopenal.so.0.0.0)
==22317== by 0x5C4846: sound_DestroyStream (openal_track.c:1041)
==22317== by 0x5C4934: sound_UpdateStreams (openal_track.c:1094)
==22317== by 0x5C3792: sound_Update (openal_track.c:280)
==22317== by 0x5C21A0: audio_Update (audio.c:577)
==22317== by 0x55934A: loadingScreenCallback (wrappers.c:311)
==22317== by 0x626E01: resDoResLoadCallback (frameresource.c:62)
==22317== by 0x626BE9: resLoadFile (frameresource.c:525)
==22317== by 0x62AAC2: res_parse (resource_parser.y:120)
==22317== by 0x6261FC: resLoad (frameresource.c:121)
==22317== by 0x4DF2F5: levLoadData (levels.c:719)
==22317== by 0x4E4F56: startGameLoop (main.c:555)
==22317== by 0x4E52F3: runTitleLoop (main.c:707)
==22317== by 0x4E551C: mainLoop (main.c:825)
==22317== by 0x4E58EF: main (main.c:979)
error |000000000002: [scrv_error] VLO parse error: Construct component CyborgSpade not found at line 86, text: 'CyborgSpade'
error |000000000002: [dataScriptLoadVals] Script rules.vlo did not compile
error |000000000002: [resLoadFile] resLoadFile: The load function for resource type "SCRIPTVAL" failed for file "rules.vlo"
error |000000000002: [resLoad] resLoad: failed to parse wrf/multi/skirmish4.wrf
error |000000000002: [startGameLoop] Shutting down after failure
==22317==
==22317== Invalid read of size 8
==22317== at 0x5E6E1A: scriptFreeCode (script.c:83)
==22317== by 0x491015: dataScriptRelease (data.c:952)
==22317== by 0x627922: resReleaseAllData (frameresource.c:863)
==22317== by 0x627856: resReleaseAll (frameresource.c:834)
==22317== by 0x4CB345: systemShutdown (init.c:458)
==22317== by 0x6D5610F: exit (in /lib/libc-2.7.so)
==22317== by 0x4E4F87: startGameLoop (main.c:558)
==22317== by 0x4E52F3: runTitleLoop (main.c:707)
==22317== by 0x4E551C: mainLoop (main.c:825)
==22317== by 0x4E58EF: main (main.c:979)
==22317== Address 0x8 is not stack'd, malloc'd or (recently) free'd
No function contains program counter for selected frame.
Saved dump file to '/tmp/warzone2100.gdmp'

I haven't dug into PhysicsFS or Warzone for the specific issue, but it seems like if it didn't crash with physfs 1.0 for you, it was a lucky accident of memory layout.

If this proves to be a PhysicsFS bug after all, please feel free to email me directly (icculus@icculus.org) and I'll follow up further.

Thanks,
--ryan.

NOTE: I'm using PhysicsFS 1.0 as well.

Debian currently hasn't yet provided an updated PhysicsFS package for 1.1.1.

I will try testing 1.1.1 and if it fails on my system I'll notify the Debian maintainer(s) of the PhysicsFS package by creating a bugreport telling them that 1.1.1 is "bugged".

PS Is there any bugreport on PhysicsFS indicating that 1.1.1 is "bugged"? I can't check right now, because it seems like icculus.org is down.

The segfault in scriptFreeCode seems to be caused by something trying to free one script twice. Though because it is all a bit fuzzy and hidden behind some layers of indirection I do not yet know who is doing it and why.

So the final segfault is maybe not caused by the bug itself, but by another bug in the script loading code, which does not handle a failed script-compilation very well.

My "echo > ~/.warzone2100-2.1/music/music.wpl" hack does not work anymore it seems... But Buggies "cp data/base/music/* ~/.warzone2100-2.1/music/" hack does still work... Weird...

Same issue.

error : [scrv_error] VLO parse error: Construct component CyborgSpade not found at line 86, text: 'CyborgSpade'
error : [dataScriptLoadVals] Script rules.vlo did not compile
error : [resLoadFile] resLoadFile: The load function for resource type "SCRIPTVAL" failed for file "rules.vlo"
error : [resLoad] resLoad: failed to parse wrf/multi/skirmish4.wrf
error : [startGameLoop] Shutting down after failure

(file #4452)

It seems that if we have the .ogg files in the base/music directory, instead of the configdir/music directory, we crash, with very strange errors.

Pull down a clean copy of trunk, then after you make it, cd to where-ever, makedir whatever, and then run warzone via:
--configdir fullPathTo/whatever --window
and it should crash everytime.

Then move the .ogg files from base\music\*.ogg to whatever\music, and all is fine now, when run with the same args.

Haven't yet found out why.

--Buginator