Private email; appears to be same problem ----- Forwarded message from Jeff Chimene -----
Date: Fri, 17 Jul 2009 10:44:59 -0700
From: Jeff Chimene
To: "Steve M. Robbins" <st...@sumost.ca>
Subject: Re: XMille segfault
On 07/16/2009 09:58 PM, Steve M. Robbins wrote:
> Hi Jeff,
>
> I wasn't aware that xmille segfaults reliably.
>
> On Thu, Jul 16, 2009 at 05:06:54PM -0700, Jeff Chimene wrote:
>
>> As you no doubt know, XMILLE segfaults quite reliably. I was going to
>> compile it w/ the debugger and try and track down where it's happening
>> to send a patch.
>>
>> Other than eliminating the "optimize" switch and using the "-g" switch,
>> are there any other changes that the makefile needs to compile w/ debug?
>
> No, that sounds sufficient.
>
> -Steve
Hi Steve,
The segfault occurs in the following IF test in comps.c:onecard():
onecard(pp)
reg PLAY *pp; {
reg CARD bat, spd, card;
bat = pp->battle;
spd = pp->speed;
card = -1;
if (pp->can_go || ((isrepair(bat) || bat == C_STOP
|| spd == C_LIMIT) && Numseen[S_RIGHT_WAY] != 0)
|| Numseen[safety(bat)] != 0)
<snip>
I factored the IF (pp->can_go ...) test into its own function:
buggy(PLAY *pp, CARD bat, CARD spd) {
if (pp->can_go) { return TRUE; }
if (Numseen[safety(bat)] != 0) { return TRUE; }
if (Numseen[S_RIGHT_WAY] != 0) {
if (isrepair(bat)) { return TRUE; }
if (C_STOP == bat) { return TRUE; }
if (C_LIMIT == spd) { return TRUE; }
}
return FALSE;
}
The segfault occurs on the following test:
Program received signal SIGSEGV, Segmentation fault.
0x0804ab13 in buggy (pp=0x80677e0, bat=-1, spd=9) at comp.c:324
324 if (Numseen[safety(bat)] != 0) { return TRUE; }
(gdb) p bat
$1 = -1
types.c:safety() expects a CARD:
safety(card)
reg CARD card; {
<snip>
However, in init.c:init() we see the following:
pp->battle = C_INIT; /* C_INIT is not a valid CARD */
Sure enough, after a few rounds the program segfaults:
Hardware watchpoint 2: Player[0]->battle
Old value = 13
New value = -1
init () at init.c:39
39 pp->new_speed = FALSE;
(gdb) x pp
0x80677e0 <Player>: 0x00000000
(gdb) c
Continuing.
====================
Hardware watchpoint 3: Player[1]->battle
Old value = 13
New value = -1
init () at init.c:39
39 pp->new_speed = FALSE;
(gdb) x pp
0x8067824 <Player+68>: 0x00000000
(gdb) c
Continuing.
====================
Program received signal SIGSEGV, Segmentation fault.
0x0804ab13 in buggy (pp=0x80677e0, bat=-1, spd=-1) at comp.c:324
324 if (Numseen[safety(bat)] != 0) { return TRUE; }
As we see, the initialization of Player[0]->battle to -1 causes the
segfault.
Perhaps adding a range check to Player[*]->battle might resolve the problem?
Cheers,
jec
----- End forwarded message -----
signature.asc
Description: Digital signature
