Package: chromium
Version: 0.9.12-12
Severity: Important
Ok. Try #3. This time without the attachments. If this works, I'll send
a link to the core dumps later:
Chromium segfaults when you quickly grab powerups. It should not do
that. Sarge, etch and vanilla (plus modest hacks to get vanilla
to compile) versions are affected. Here are the steps to reproduce:
1) Edit the maxLevel line in ~/.chromium to say "maxLevel 10". This
isn't strictly necessary, but there are more powerups at higher levels.
2) Start chromium. Warp to level 10. Set difficulty higher if you can
handle it. There are more power ups at higher difficulty levels.
3) Play. Keep playing until segfault. Sometimes, it only takes minutes,
sometimes you can actually beat the entire level without segfaulting.
The best way to segfault is to get two or more powerups at virtually
the exact same time, like when one is on top of another.
The above steps are easier to reproduce if you have infinite lives.
Unfortunately, there isn't an easy way to do that. I had to edit the
source code. With infinite lives, I could set the level to 10, and the
difficulty to impossible. That guy was serious when he said impossible.
But there are lots of powerups, and I can segfault in minutes every
time.
Try as I might, I just couldn't find the bug. The code looks good,
despite it's distinct lack of comments. I've attached a couple of core
dumps. Both of these dumps look the same to me. They are each 28 Megs.
I've bzipped them for up/download, and the bzip2s are each 4 Megs. Here
is an excerpt of one of the core dumps:
Core was generated by `chromium'.
Program terminated with signal 11, Segmentation fault.
#0 0x00000041 in ?? ()
(gdb) backtrace
#0 0x00000041 in ?? ()
#1 0x0806d519 in ScreenItemAdd::killScreenItem (this=0x820cbc8,
del=0x871d330) at ScreenItemAdd.cpp:118
#2 0x0806c908 in PowerUps::remove (this=0x81af190, pwr=0x871d330) at
PowerUps.cpp:165
#3 0x0805b941 in HeroAircraft::checkForPowerUps (this=0x81c7f18,
powerUps=0x81af190) at HeroAircraft.cpp:664
#4 0x08067d56 in MainGL::drawGameGL (this=0x8170998) at MainGL.cpp:171
#5 0x08067e93 in MainGL::drawGL (this=0x8170998) at MainGL.cpp:125
#6 0x08065b01 in MainSDL::run (this=0x80a54a8) at MainSDL.cpp:120
#7 0x08076805 in main (argc=1, argv=0xbfcf3774) at main.cpp:149
(gdb)
I indented the second lines for readability.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
