[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-freedink] Bugreport and Patch for fixing segfault when loading game
From: |
Christian Ludwig |
Subject: |
[Bug-freedink] Bugreport and Patch for fixing segfault when loading games (modern compiler) |
Date: |
Sat, 2 Jan 2016 21:55:36 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 |
Hello Freedink-team,
here is a bug-report with fix for version 108.4.
When using modern compilers (with optimizations turned on) one gets a
segfault if one tries to load a saved game. Or as always with undefined
behaviour: it can occur with a certain probability.
Fix:
very short version:
===================
--- freedink-108.4/src/dinkc.c 2014-10-17 17:15:09.000000000 +0200
+++ rpmbuild/SOURCES/freedink-108.4/src/dinkc.c 2016-01-02
21:25:45.000000000 +0100
@@ -63,7 +63,7 @@
int lifespan;
unsigned long timer;
};
-static struct call_back callback[MAX_CALLBACKS];
+static struct call_back callback[MAX_CALLBACKS+1];
/* TODO: Used 1->100 in the game, should it be MAX_CALLBACKS+1 ? */
/* DinkC script buffer */
longer explanation:
===================
Modern compiler (like gcc 5.3.1 under Fedora 23) use the undefined
behaviour like in dinkc.c kill_all_scripts_for_real
for (k = 1; k <= MAX_CALLBACKS; k++)
{
callback[k].active = 0;
}
and overwrite (memory layout with optimization) the "bindings" variable
in dinkc_bindings.c. [Yes, it took me a while of debugging, to see this.]
more detailed explanation:
==========================
Attempt to load game with original version:
[debug] Stopped cd
[debug] Killed script start-2. (num 1)
[debug] Killed script start-1. (num 2)
[debug] Killed script start-2. (num 3)
[debug] Killed script start-4. (num 4)
[info ] World data loaded.
[info ] loading tilescreens...
[info ] Done with tilescreens...
[info ] LOADING main
[debug] Temp thingie is C
[info ] Loading script STORY/MAIN.C.. (slot 1)
[debug] Reading from disk...
[debug] Script main is entered at 3:12 (offset 49).
Program received signal SIGSEGV, Segmentation fault.
0x0000555555586f97 in safe_hasher ()
#0 0x0000555555586f97 in safe_hasher ()
#1 0x00005555555874df in hash_lookup ()
#2 0x0000555555560b31 in dinkc_bindings_lookup ()
#3 0x000055555556950e in process_line ()
#4 0x000055555555bf50 in run_script ()
#5 0x000055555556d22e in load_game ()
#6 0x000055555555df12 in dc_load_game ()
#7 0x000055555556a4a6 in process_line ()
#8 0x000055555555bf50 in run_script ()
#9 0x0000555555584703 in process_talk ()
#10 0x0000555555586a44 in updateFrame ()
#11 0x0000555555559585 in main ()
because safe_hasher wants to read table->n_buckets and because
table==bindings is pointing somewhere.
Hope this helps to improve this cool game.
Bye
C. Ludwig
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug-freedink] Bugreport and Patch for fixing segfault when loading games (modern compiler),
Christian Ludwig <=