Public bug reported:
Problem exists in 1.36+u20160616+dfsg1-1
It does not exist in 1.36+u20160122+dfsg1-1
It's not specific to the sv_fps variable. Others will cause it too.
sv_fps is merely a very early one to cause a crash.
It's a pointer to a structure. It goes from
value NULL,
to 0x5555561a1518
to 0x555500000015
to 0xffffffff00000015
to 0x100000015
and then crashes on deref later.
(gdb) watch sv_fps
Hardware watchpoint 1: sv_fps
(gdb) r
Starting program:
ioquake3-1.36+u20160616+dfsg1/debian/ioquake3/usr/lib/ioquake3/ioquake3
ioquake3 +set com_basegame baseoa +set fs_basepath /usr/lib/openarena
+set com_homepath .openarena +set com_legacyprotocol 71 +set
com_protocol 71 +set sv_master1 dpmaster.deathmask.net +set cl_motd 0
Hardware watchpoint 1: sv_fps
Old value = (cvar_t *) 0x0
New value = (cvar_t *) 0x5555561a1518 <cvar_indexes+2520>
SV_Init () at code/server/sv_init.c:673
673 sv_timeout = Cvar_Get ("sv_timeout", "200", CVAR_TEMP );
(gdb) disp sv_fps
1: sv_fps = (cvar_t *) 0x5555561a1518 <cvar_indexes+2520>
(gdb) c
Continuing.
Loading DLL file /usr/lib/openarena/baseoa/pak6-patch088/qagamex86_64.so
instead.
Loading DLL file: /usr/lib/openarena/baseoa/pak6-patch088/qagamex86_64.so
Sys_LoadGameDll(/usr/lib/openarena/baseoa/pak6-patch088/qagamex86_64.so) found
vmMain function at 0x7fffdce92314
------- Game Initialization -------
gamename: baseoa
gamedate: Jun 27 2016
tty]
Thread 1 "ioquake3" hit Hardware watchpoint 1: sv_fps
Old value = (cvar_t *) 0x5555561a1518 <cvar_indexes+2520>
New value = (cvar_t *) 0x555500000015
Cvar_Register (vmCvar=0x555555d34a68 <sv_fps>, varName=0x7fffdcf12242 "sv_fps",
defaultValue=0x7fffdcf12303 "20", flags=9) at code/qcommon/cvar.c:1346
1346 vmCvar->modificationCount = -1;
1: sv_fps = (cvar_t *) 0x555500000015
(gdb) n
Thread 1 "ioquake3" hit Hardware watchpoint 1: sv_fps
Old value = (cvar_t *) 0x555500000015
New value = (cvar_t *) 0xffffffff00000015
Cvar_Register (vmCvar=0x555555d34a68 <sv_fps>, varName=0x7fffdcf12242 "sv_fps",
defaultValue=0x7fffdcf12303 "20", flags=9) at code/qcommon/cvar.c:1347
1347 Cvar_Update( vmCvar );
1: sv_fps = (cvar_t *) 0xffffffff00000015
(gdb) n
Thread 1 "ioquake3" hit Hardware watchpoint 1: sv_fps
Old value = (cvar_t *) 0xffffffff00000015
New value = (cvar_t *) 0x100000015
Cvar_Update (vmCvar=0x555555d34a68 <sv_fps>) at code/qcommon/cvar.c:1375
1375 if ( strlen(cv->string)+1 > MAX_CVAR_VALUE_STRING )
1: sv_fps = (cvar_t *) 0x100000015
(gdb) c
Continuing.
Thread 1 "ioquake3" received signal SIGSEGV, Segmentation fault.
0x00005555555d23ce in SV_Frame (msec=11) at code/server/sv_main.c:1082
1082 if ( sv_fps->integer < 1 ) {
1: sv_fps = (cvar_t *) 0x100000015
** Affects: ioquake3 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1653007
Title:
yakkety ioquake3 SEGV in variable handling code
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ioquake3/+bug/1653007/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
