Bug#896924: extremetuxracer: segfault when reaching end of certain courses

Andreas Eriksson andreas.eriksson at gmail.com
Thu Apr 26 00:17:10 BST 2018 

Package: extremetuxracer
Version: 0.7.4-1
Severity: normal

extremetuxracer segfaults sometimes when reaching the end of a course. It
does not happen every time, and it appears more likely to happen on some
courses than on others. Specifically on the course "who says penguins can't
fly" it happens over 50% of the time, and there are a couple of others
where it happens almost as often. On most courses it only happens very
rarely.

Speculation: Maybe it's related to the speed you're going at when reaching
the end, since the courses it seems to happen more often on are ones where
you tend to go faster.

I tried rebuilding the package with optimizations disabled to see what the
values that are optimized out in the backtrace are, and found that the bug
does not trigger when optimizations are disabled. As such I'm only able to
provide a backtrace from a build with optimizations enabled. (I'm sure that
will be "fun" to track down).

Steps to reproduce:
1. Start game in practice mode
2. Play course "who says penguin's can't fly" until the end.
3. If crash wasn't triggered repeat step 2 until it does.

I'm running debian sid on an amd64 system. Let me know if you need any more
info from me or if you're having trouble reproducing.

Terminal output and backtrace:

(gdb) run
Starting program: /usr/games/etr
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

----------- Extreme Tux Racer 0.7.4 ----------------
----------- (C) 2010-2016 Extreme Tuxracer Team  --------

[New Thread 0x7fffeeb30700 (LWP 6594)]
[Thread 0x7fffeeb30700 (LWP 6594) exited]
[New Thread 0x7fffe7fff700 (LWP 6595)]
[Thread 0x7fffe7fff700 (LWP 6595) exited]
[New Thread 0x7fffe7fff700 (LWP 6596)]
[New Thread 0x7fffd77fe700 (LWP 6597)]
[New Thread 0x7fffd6da7700 (LWP 6598)]
[Thread 0x7fffd6da7700 (LWP 6598) exited]
[New Thread 0x7fffd6da7700 (LWP 6600)]

Thread 1 "etr" received signal SIGSEGV, Segmentation fault.
__memmove_sse2_unaligned_erms () at
../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:308
308    ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S: No such
file or directory.
(gdb) bt full
#0  __memmove_sse2_unaligned_erms () at
../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:308
No locals.
#1  0x00007ffff6debd92 in std::char_traits<char>::copy (__n=5,
__s2=<optimized out>, __s1=<optimized out>) at
/build/gcc-8-Pe1Bpv/gcc-8-8-20180425/build/x86_64-linux-gnu/libstdc++-v3/include/bits/char_traits.h:350
No locals.
#2  std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >::_S_copy (__n=5, __s=<optimized out>, __d=<optimized
out>)
    at
/build/gcc-8-Pe1Bpv/gcc-8-8-20180425/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:340
No locals.
#3  std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >::_M_assign (this=this at entry=0x5555571e4810,
__str="Bunny")
    at
/build/gcc-8-Pe1Bpv/gcc-8-8-20180425/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:272
        __rsize = 5
        __capacity = <optimized out>
#4  0x00005555555a45a2 in std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> >::assign (__str="Bunny",
this=0x5555571e4810) at /usr/include/c++/7/bits/basic_string.h:1347
No locals.
#5  std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >::operator= (__str="Bunny", this=0x5555571e4810) at
/usr/include/c++/7/bits/basic_string.h:685
No locals.
#6  TScore::operator= (this=<optimized out>) at score.h:27
No locals.
#7  CScore::AddScore(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&,
std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, TScore&&) (
    this=this at entry=0x5555557d8a60 <Score>, group=...,
course="penguins_cant_fly", score=score at entry=<unknown type in
/usr/lib/debug/.build-id/18/76d0e03ad1a75dc42adec4e20b60ef25ac06e2.debug,
CU 0x601fbb, DIE 0x655d3b>)
    at score.cpp:53
        num = <optimized out>
        pos = <optimized out>
        lastpos = <optimized out>
        val = <optimized out>
#8  0x00005555555a4e95 in CScore::AddScore(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&,
std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > const&, TScore&&) (score=<unknown type in
/usr/lib/debug/.build-id/18/76d0e03ad1a75dc42adec4e20b60ef25ac06e2.debug,
CU 0x601fbb, DIE 0x64f082>, course=..., group=..., this=0x5555557d8a60
<Score>) at score.cpp:158
No locals.
#9  CScore::CalcRaceResult (this=0x5555557d8a60 <Score>) at score.cpp:158
        herringpt = 220
        timept = <optimized out>
#10 0x0000555555583c6c in CGameOver::Enter (this=<optimized out>) at
game_over.cpp:147
No locals.
#11 0x00005555555acfe5 in State::Manager::EnterNextState
(this=0x5555557d8d00 <State::manager>) at states.cpp:52
No locals.
#12 State::Manager::Run (this=0x5555557d8d00 <State::manager>,
entranceState=...) at states.cpp:39
No locals.
#13 0x000055555555fa90 in main (argc=1, argv=0x7fffffffe788) at main.cpp:90
No locals.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-games-devel/attachments/20180426/2549f3b2/attachment-0001.html>

More information about the Pkg-games-devel mailing list