Horrible heap error when running Psychophbia

Bugs that have been resolved.

Moderator: Graf Zahl

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Horrible heap error when running Psychophbia

Post by milasudril » Tue Aug 02, 2016 19:15

This bug is in the latest official gzdoom:

1. Load psychophobia 2.25 with doom2
2. Create a new game (Choose Act I, and enter map01)
3. Exit game

Bang, The heap was corrupted by a Cyberdaemon! There is no problem when running code compiled in debug mode. I should run valgrind now, but valgrind + intense computer game is not a pleasant experience :-(. What I can get, is that there is a heap corruption when I click Cancel in the startup dialog.

Command line: ~/Hämtningar/gzdoom/build/gzdoom -file ../wads/PsychoPhobia/PsychoPhobia.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_decorate.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_nature.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_gibs.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_weapons.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_projectiles.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_pickups.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_ammo.pk3 ../wads/PsychoPhobia/PsychoPhobia_3d_monster/*.* ../wads/PsychoPhobia/PsychoPhobia_HiResFont.pk3 ../wads/PsychoPhobia/PsychoPhobia_HiResTex.pk3

Dump:

*** Error in `/home/torbjorr/Hämtningar/gzdoom/build/gzdoom': corrupted double-linked list: 0x000000000479f8c0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x77725)[0x7ffff4cd3725]
/lib/x86_64-linux-gnu/libc.so.6(+0x805b7)[0x7ffff4cdc5b7]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7ffff4cdfabc]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z15P_FreeLevelDatav+0x226)[0x8582c6]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom[0x858770]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z10call_termsv+0x22)[0x52f562]
/lib/x86_64-linux-gnu/libc.so.6(+0x39fe8)[0x7ffff4c95fe8]
/lib/x86_64-linux-gnu/libc.so.6(+0x3a035)[0x7ffff4c96035]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_ZN8HQnX_asm7hq2x_32EPiPhiii+0x0)[0x535220]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_ZN9DQuitMenu12HandleResultEb+0x35)[0x5e6f65]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_ZN15DMessageBoxMenu9MenuEventEib+0x129)[0x5e7149]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z11M_ResponderP7event_t+0x288)[0x5d9c48]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z15D_ProcessEventsv+0x30)[0x72d4f0]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z9NetUpdatev+0xca)[0x73613a]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z10TryRunTicsv+0x4a)[0x7385aa]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z10D_DoomLoopv+0x135)[0x72edf5]
[New Thread 0x7fffca613700 (LWP 12036)]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_Z10D_DoomMainv+0x1639)[0x730f79]
[Thread 0x7fffca613700 (LWP 12036) exited]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(main+0x189)[0x517b49]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7ffff4c7c830]
/home/torbjorr/Hämtningar/gzdoom/build/gzdoom(_start+0x29)[0x529eb9]
======= Memory map: ========
00400000-00ba5000 r-xp 00000000 08:06 32572713 /home/torbjorr/Hämtningar/gzdoom/build/gzdoom
00da4000-00da5000 r-xp 007a4000 08:06 32572713 /home/torbjorr/Hämtningar/gzdoom/build/gzdoom
00da5000-00dbc000 rwxp 007a5000 08:06 32572713 /home/torbjorr/Hämtningar/gzdoom/build/gzdoom
00dbc000-11f5c000 rwxp 00000000 00:00 0 [heap]
7fffb8000000-7fffb8021000 rwxp 00000000 00:00 0
7fffb8021000-7fffbc000000 ---p 00000000 00:00 0
7fffc0000000-7fffc0021000 rwxp 00000000 00:00 0
7fffc0021000-7fffc4000000 ---p 00000000 00:00 0
7fffc59c8000-7fffc5bc8000 rwxs 13b91f000 00:06 625 /dev/nvidiactl
7fffc5bc8000-7fffc81ee000 rwxs ccfcf000 00:06 625 /dev/nvidiactl
7fffc8b13000-7fffc8f13000 rwxs 9df65000 00:06 625 /dev/nvidiactl
7fffc9313000-7fffc9413000 rwxs 182fe2000 00:06 625 /dev/nvidiactl
7fffc9813000-7fffc9c13000 rwxs 1605cd000 00:06 625 /dev/nvidiactl
7fffc9c13000-7fffc9e13000 rwxs 1b9736000 00:06 625 /dev/nvidiactl
7fffc9e13000-7fffc9e14000 ---p 00000000 00:00 0
7fffc9e14000-7fffca614000 rwxp 00000000 00:00 0
7fffca614000-7fffca814000 rwxs 16044d000 00:06 625 /dev/nvidiactl
7fffca814000-7fffca894000 rwxs cddf5000 00:06 625 /dev/nvidiactl
7fffca914000-7fffca994000 rwxs 2f090000 00:06 625 /dev/nvidiactl
7fffcaa94000-7fffcaab4000 rwxs e8120000 00:06 626 /dev/nvidia0
7fffcaab4000-7fffcaaf4000 rwxs 1b8e46000 00:06 625 /dev/nvidiactl
7fffcaaf4000-7fffcab14000 rwxs 19b5c0000 00:06 625 /dev/nvidiactl
7fffcab14000-7fffcab54000 rwxs 1987ed000 00:06 625 /dev/nvidiactl
7fffcab54000-7fffcab94000 rwxs 1c0e40000 00:06 625 /dev/nvidiactl
7fffcab94000-7fffcac98000 rwxs 1ff451000 00:06 625 /dev/nvidiactl
7fffcac98000-7fffcac99000 ---p 00000000 00:00 0
7fffcac99000-7fffcb499000 rwxp 00000000 00:00 0
7fffcb499000-7fffcc81f000 r-xp 00000000 08:05 2564188 /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.364.19
7fffcc81f000-7fffcc83f000 rwxp 01386000 08:05 2564188 /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.364.19
7fffcc83f000-7fffccbe1000 r-xp 013a6000 08:05 2564188 /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.364.19
7fffccbe1000-7fffccde1000 ---p 01748000 08:05 2564188 /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.364.19
7fffccde1000-7fffcd1c3000 rwxp 01748000 08:05 2564188 /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.364.19
7fffcd1c3000-7fffcd1da000 rwxp 00000000 00:00 0
7fffcd1da000-7fffcd1db000 ---p 00000000 00:00 0
7fffcd1db000-7fffdc000000 rwxp 00000000 00:00 0
7fffdc000000-7fffdc022000 rwxp 00000000 00:00 0
7fffdc022000-7fffe0000000 ---p 00000000 00:00 0
7fffe0000000-7fffe0021000 rwxp 00000000 00:00 0
7fffe0021000-7fffe4000000 ---p 00000000 00:00 0
7fffe4000000-7fffe4021000 rwxp 00000000 00:00 0
7fffe4021000-7fffe8000000 ---p 00000000 00:00 0
7fffe8005000-7fffe8008000 r-xp 00000000 08:05 2621910 /usr/lib/x86_64-linux-gnu/tls/libnvidia-tls.so.364.19
7fffe8008000-7fffe8208000 ---p 00003000 08:05 2621910 /usr/lib/x86_64-linux-gnu/tls/libnvidia-tls.so.364.19
7fffe8208000-7fffe8209000 rwxp 00003000 08:05 2621910 /usr/lib/x86_64-linux-gnu/tls/libnvidia-tls.so.364.19
7fffe8209000-7fffe82d1000 r-xp 00000000 08:05 2564674 /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.364.19
7fffe82d1000-7fffe8305000 rwxp 000c8000 08:05 2564674 /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.364.19
7fffe8305000-7fffe8318000 r-xp 000fc000 08:05 2564674 /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.364.19
7fffe8318000-7fffe8518000 ---p 0010f000 08:05 2564674 /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.364.19
7fffe8518000-7fffe8540000 rwxp 0010f000 08:05 2564674 /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.364.19
7fffe8540000-7fffe8547000 rwxp 00000000 00:00 0
7fffe854b000-7fffe855e000 rwxs 1c0d9a000 00:06 625 /dev/nvidiactl
7fffe855e000-7fffe855f000 rwxs 1c0d99000 00:06 625 /dev/nvidiactl
7fffe855f000-7fffe8563000 rwxs 1c0da1000 00:06 625 /dev/nvidiactl
7fffe8563000-7fffe8564000 rwxs eff68000 00:06 626 /dev/nvidia0
7fffe8564000-7fffe8565000 rwxs eff67000 00:06 626 /dev/nvidia0
7fffe8565000-7fffe8585000 rwxs 208e67000 00:06 625 /dev/nvidiactl
7fffe8585000-7fffe8586000 ---p 00000000 00:00 0
7fffe8586000-7fffe8686000 rwxp 00000000 00:00 0
7fffe8686000-7fffe8687000 ---p 00000000 00:00 0
7fffe8687000-7fffe8e87000 rwxp 00000000 00:00 0
7fffe8e87000-7fffe8ef0000 r-xp 00000000 08:05 2565458 /usr/lib/x86_64-linux-gnu/libopenal.so.1.16.0
7fffe8ef0000-7fffe90ef000 ---p 00069000 08:05 2565458 /usr/lib/x86_64-linux-gnu/libopenal.so.1.16.0
7fffe90ef000-7fffe90f3000 r-xp 00068000 08:05 2565458 /usr/lib/x86_64-linux-gnu/libopenal.so.1.16.0
7fffe90f3000-7fffe90f4000 rwxp 0006c000 08:05 2565458 /usr/lib/x86_64-linux-gnu/libopenal.so.1.16.0
7fffe90f4000-7fffe90f7000 rwxp 00000000 00:00 0
7fffe90f7000-7fffe90f8000 rwxs eff66000 00:06 626 /dev/nvidia0
7fffe9118000-7fffe9119000 rwxs 14730f000 00:06 625 /dev/nvidiactl
7fffe9119000-7fffe911a000 rwxs f6060000 00:06 626 /dev/nvidia0
7fffe911a000-7fffe911b000 ---p 00000000 00:00 0
7fffe911b000-7fffe9122000 rwxp 00000000 00:00 0
7fffe9122000-7fffe912a000 rwxs 00000000 00:05 63766562 /SYSV000003ea (deleted)
7fffe912a000-7fffe9132000 rwxs 00000000 00:06 498 /dev/snd/pcmC0D0p
7fffe9132000-7fffe9133000 rwxs 81000000 00:06 498 /dev/snd/pcmC0D0p
7fffe9133000-7fffe9134000 r-xs 80000000 00:06 498 /dev/snd/pcmC0D0p
7fffe9134000-7fffe9135000 rwxs 00000000 00:05 63733793 /SYSV000003e9 (deleted)
7fffe9135000-7fffe9195000 rwxs 00000000 00:05 64389152 /SYSV00000000 (deleted)
7fffe9195000-7fffe9215000 rwxs 00000000 00:05 64356378 /SYSV00000000 (deleted)
7fffe9215000-7fffe921a000 r-xp 00000000 08:05 2678916 /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so
7fffe921a000-7fffe9419000 ---p 00005000 08:05 2678916 /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so
7fffe9419000-7fffe941a000 r-xp 00004000 08:05 2678916 /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so
7fffe941a000-7fffe941b000 rwxp 00005000 08:05 2678916 /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so
7fffe941b000-7fffe943f000 r-xs 00000000 08:05 2704885 /usr/share/mime/mime.cache
7fffe943f000-7fffe9463000 r-xs 00000000 08:05 2704885 /usr/share/mime/mime.cache
7fffe9463000-7fffe9465000 r-xs 00000000 08:06 22356575 /home/torbjorr/.local/share/mime/mime.cache
7fffe9465000-7fffe9466000 ---p 00000000 00:00 0
7fffe9466000-7fffe9c66000 rwxp 00000000 00:00 0
7fffe9c66000-7fffe9c67000 ---p 00000000 00:00 0
7fffe9c67000-7fffea467000 rwxp 00000000 00:00 0
7fffea467000-7fffea49d000 r-xp 00000000 08:05 2605073 /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so
7fffea49d000-7fffea69d000 ---p 00036000 08:05 2605073 /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so
7fffea69d000-7fffea6a2000 r-xp 00036000 08:05 2605073 /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so
7fffea6a2000-7fffea6a3000 rwxp 0003b000 08:05 2605073 /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so
7fffea6a3000-7fffea6d3000 r-xp 00000000 08:05 2695175 /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so
7fffea6d3000-7fffea8d2000 ---p 00030000 08:05 2695175 /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so
7fffea8d2000-7fffea8d3000 r-xp 0002f000 08:05 2695175 /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so
7fffea8d3000-7fffea8d4000 rwxp 00030000 08:05 2695175 /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so
7fffea8d4000-7fffea8d5000 rwxp 00000000 00:00 0
7fffea8d5000-7fffea8f1000 r-xp 00000000 08:05 2736412 /usr/share/icons/oxygen/icon-theme.cache
7fffea8f1000-7fffea90d000 r-xp 00000000 08:05 2736412 /usr/share/icons/oxygen/icon-theme.cache
7fffea90d000-7fffea917000 r-xp 00000000 08:05 2712132 /usr/share/icons/hicolor/icon-theme.cache
7fffea917000-7fffea921000 r-xp 00000000 08:05 2712132 /usr/share/icons/hicolor/icon-theme.cache
7fffea921000-7fffea93d000 r-xp 00000000 08:05 2809895 /usr/share/icons/gnome/icon-theme.cache
7fffea93d000-7fffea959000 r-xp 00000000 08:05 2809895 /usr/share/icons/gnome/icon-theme.cache
7fffea959000-7fffea98b000 r-xp 00000000 08:05 2908757 /usr/share/icons/elementary-xfce/icon-theme.cache
7fffea98b000-7fffea9bd000 r-xp 00000000 08:05 2908757 /usr/share/icons/elementary-xfce/icon-theme.cache
7fffea9bd000-7fffeab13000 r-xp 00000000 08:05 2853708 /usr/share/fonts/opentype/andika/Andika-R.ttf
7fffeab13000-7fffeab1a000 r-xs 00000000 08:05 1696076 /var/cache/fontconfig/4be9850f182b35c1350b6bbf2e42601c-le64.cache-6
7fffeab1a000-7fffeab1c000 r-xs 00000000 08:05 1696872 /var/cache/fontconfig/30a99c4256905863f7aa12b5e873c27c-le64.cache-6
7fffeab1c000-7fffeab1d000 r-xs 00000000 08:05 1696871 /var/cache/fontconfig/087e1975ba9a574b140bb1df193bf770-le64.cache-6
7fffeab1d000-7fffeab1e000 r-xs 00000000 08:05 1696024 /var/cache/fontconfig/588a141f52a60807c04143aedc63e678-le64.cache-6
7fffeab1e000-7fffeab22000 r-xs 00000000 08:05 1696869 /var/cache/fontconfig/6aa41aa22e18b8fa06a12da28ea9c28b-le64.cache-6
7fffeab22000-7fffeab2d000 r-xs 00000000 08:05 1695983 /var/cache/fontconfig/945677eb7aeaf62f1d50efc3fb3ec7d8-le64.cache-6
7fffeab2d000-7fffeab2f000 r-xs 00000000 08:05 1696867 /var/cache/fontconfig/99e8ed0e538f840c565b6ed5dad60d56-le64.cache-6
7fffeab2f000-7fffeab34000 r-xs 00000000 08:05 1696866 /var/cache/fontconfig/0fafd173547752dce4dee1a69e0b3c95-le64.cache-6
7fffeab34000-7fffeab3d000 r-xs 00000000 08:05 1696846 /var/cache/fontconfig/a6d8cf8e4ec09cdbc8633c31745a07dd-le64.cache-6
7fffeab3d000-7fffeab43000 r-xs 00000000 08:05 1696845 /var/cache/fontconfig/2cd17615ca594fa2959ae173292e504c-le64.cache-6
7fffeab43000-7fffeab44000 r-xs 00000000 08:05 1696844 /var/cache/fontconfig/0d8c3b2ac0904cb8a57a757ad11a4a08-le64.cache-6
7fffeab44000-7fffeab48000 r-xs 00000000 08:05 1696843 /var/cache/fontconfig/6d41288fd70b0be22e8c3a91e032eec0-le64.cache-6
7fffeab48000-7fffeab4c000 r-xs 00000000 08:05 1696837 /var/cache/fontconfig/de156ccd2eddbdc19d37a45b8b2aac9c-le64.cache-6
7fffeab4c000-7fffeab61000 r-xs 00000000 08:05 1696836 /var/cache/fontconfig/04aabc0a78ac019cf9454389977116d2-le64.cache-6
7fffeab61000-7fffeab62000 r-xs 00000000 08:05 1696834 /var/cache/fontconfig/1ac9eb803944fde146138c791f5cc56a-le64.cache-6
7fffeab62000-7fffeab66000 r-xs 00000000 08:05 1696833 /var/cache/fontconfig/385c0604a188198f04d133e54aba7fe7-le64.cache-6
7fffeab66000-7fffeab67000 r-xs 00000000 08:05 1696832 /var/cache/fontconfig/9c956a7723ca69a44b382d9179c9802f-le64.cache-6
7fffeab67000-7fffeab68000 r-xs 00000000 08:05 1696831 /var/cache/fontconfig/dc05db6664285cc2f12bf69c139ae4c3-le64.cache-6
7fffeab68000-7fffeab6d000 r-xs 00000000 08:05 1696829 /var/cache/fontconfig/3c2b2f076767bdd705880766223c98f6-le64.cache-6
7fffeab6d000-7fffeab70000 r-xs 00000000 08:05 1696828 /var/cache/fontconfig/767a8244fc0220cfb567a839d0392e0b-le64.cache-6
7fffeab70000-7fffeab72000 r-xs 00000000 08:05 1696827 /var/cache/fontconfig/69fb4bbe1b2fa860e172a32ebf28505c-le64.cache-6
7fffeab72000-7fffeab73000 r-xs 00000000 08:05 1696826 /var/cache/fontconfig/4794a0821666d79190d59a36cb4f44b5-le64.cache-6
7fffeab73000-7fffeab74000 r-xs 00000000 08:05 1696825 /var/cache/fontconfig/ae264eae987e8da830dbed7bcf8e306d-le64.cache-6
7fffeab74000-7fffeab75000 r-xs 00000000 08:05 1696824 /var/cache/fontconfig/9eae20f1ff8cc0a7d125749e875856bd-le64.cache-6
7fffeab75000-7fffeab9c000 r-xs 00000000 08:05 1696823 /var/cache/fontconfig/0bd3dc0958fa2205aaaa8ebb13e2872b-le64.cache-6
7fffeab9c000-7fffeab9f000 r-xs 00000000 08:05 1696822 /var/cache/fontconfig/bf2c1853a9e9b00bb02fe2e9bcf1e201-le64.cache-6
7fffeab9f000-7fffeaba4000 r-xs 00000000 08:05 1696821 /var/cache/fontconfig/8801497958630a81b71ace7c5f9b32a8-le64.cache-6
7fffeaba4000-7fffeabdf000 r-xs 00000000 08:05 1696820 /var/cache/fontconfig/365b55f210c0a22e9a19e35191240f32-le64.cache-6
7fffeabdf000-7fffeabe3000 r-xs 00000000 08:05 1696819 /var/cache/fontconfig/c57959a16110560c8d0fcea73374aeeb-le64.cache-6
7fffeabe3000-7fffeabe4000 r-xs 00000000 08:05 1696818 /var/cache/fontconfig/bab58bb527bb656aaa9f116d68a48d89-le64.cache-6
7fffeabe4000-7fffeabeb000 r-xs 00000000 08:05 1696814 /var/cache/fontconfig/3047814df9a2f067bd2d96a2b9c36e5a-le64.cache-6
7fffeabeb000-7fffeabf3000 r-xs 00000000 08:05 1696797 /var/cache/fontconfig/bf3b770c553c462765856025a94f1ce6-le64.cache-6
7fffeabf3000-7fffeabf4000 r-xs 00000000 08:05 1696796 /var/cache/fontconfig/56cf4f4769d0f4abc89a4895d7bd3ae1-le64.cache-6
7fffeabf4000-7fffeabf5000 r-xs 00000000 08:05 1696794 /var/cache/fontconfig/b9d506c9ac06c20b433354fa67a72993-le64.cache-6
7fffeabf5000-7fffeabfb000 r-xs 00000000 08:05 1696778 /var/cache/fontconfig/b47c4e1ecd0709278f4910c18777a504-le64.cache-6
7fffeabfb000-7fffeabfe000 r-xs 00000000 08:05 1696767 /var/cache/fontconfig/14d493b97896515cad3840ba4896e372-le64.cache-6
7fffeabfe000-7fffeac06000 r-xs 00000000 08:05 1696765 /var/cache/fontconfig/ce677e824a231659fde4a3a246a10ea3-le64.cache-6
7fffeac06000-7fffeac07000 r-xs 00000000 08:05 1696764 /var/cache/fontconfig/b68acf31ab8c3c6daeca6e2130bcfd36-le64.cache-6
7fffeac07000-7fffeac08000 r-xs 00000000 08:05 1696763 /var/cache/fontconfig/89034621ae2a8922916bb6bfa5799546-le64.cache-6
7fffeac08000-7fffeac10000 r-xs 00000000 08:05 1696760 /var/cache/fontconfig/52f7bdb7ce746bfd7eaa1985bd9cfa93-le64.cache-6
7fffeac10000-7fffeac13000 r-xs 00000000 08:05 1696757 /var/cache/fontconfig/e49e89034d371f0f9de17aab02136486-le64.cache-6
7fffeac13000-7fffeac15000 r-xs 00000000 08:05 1696756 /var/cache/fontconfig/4b14b093aebc79c320de5e86ae1d3314-le64.cache-6
7fffeac15000-7fffeac28000 r-xs 00000000 08:05 1696747 /var/cache/fontconfig/d52a8644073d54c13679302ca1180695-le64.cache-6
7fffeac28000-7fffeac29000 r-xs 00000000 08:05 1696745 /var/cache/fontconfig/68f2d919236642eff71955021bcf3e72-le64.cache-6
7fffeac29000-7fffeac2a000 r-xs 00000000 08:05 1696744 /var/cache/fontconfig/551ecf3b0e8b0bca0f25c0944f561853-le64.cache-6
7fffeac2a000-7fffeac2b000 r-xs 00000000 08:05 1696741 /var/cache/fontconfig/8a687c406b77f27d99abfeeba937fcce-le64.cache-6
7fffeac2b000-7fffeac30000 r-xs 00000000 08:05 1696739 /var/cache/fontconfig/75ad6aa2358a85f0de2c8ee4837e8227-le64.cache-6[New Thread 0x7fffca613700 (LWP 12037)]
[Thread 0x7fffca613700 (LWP 12037) exited]

Thread 1 "gzdoom" received signal SIGABRT, Aborted.
0x00007ffff4c91418 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: Filen eller katalogen finns inte.
(gdb) backtrace
#0 0x00007ffff4c91418 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff4c9301a in __GI_abort () at abort.c:89
#2 0x00007ffff4cd372a in __libc_message (do_abort=2,
fmt=fmt@entry=0x7ffff4dec6b0 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007ffff4cdc5b7 in malloc_printerr (ar_ptr=0x7ffff501fb20 <main_arena>, ptr=<optimized out>,
str=0x7ffff4de9472 "corrupted double-linked list", action=3) at malloc.c:5007
#4 _int_free (av=0x7ffff501fb20 <main_arena>, p=<optimized out>, have_lock=0) at malloc.c:4006
#5 0x00007ffff4cdfabc in __GI___libc_free (mem=<optimized out>) at malloc.c:2969
#6 0x00000000008582c6 in P_FreeLevelData() ()
#7 0x0000000000858770 in ?? ()
#8 0x000000000052f562 in call_terms() ()
#9 0x00007ffff4c95fe8 in __run_exit_handlers (status=0, listp=0x7ffff501f5f8 <__exit_funcs>,
run_list_atexit=run_list_atexit@entry=true) at exit.c:82
#10 0x00007ffff4c96035 in __GI_exit (status=<optimized out>) at exit.c:104
#11 0x0000000000535220 in ST_Endoom() ()
#12 0x00000000005e6f65 in DQuitMenu::HandleResult(bool) ()
#13 0x00000000005e7149 in DMessageBoxMenu::MenuEvent(int, bool) ()
#14 0x00000000005d9c48 in M_Responder(event_t*) ()
#15 0x000000000072d4f0 in D_ProcessEvents() ()
#16 0x000000000073613a in NetUpdate() ()
#17 0x00000000007385aa in TryRunTics() ()
#18 0x000000000072edf5 in D_DoomLoop() ()
#19 0x0000000000730f79 in D_DoomMain() ()
#20 0x0000000000517b49 in main ()

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Re: Horrible heap error when running Psychophbia

Post by milasudril » Wed Aug 03, 2016 16:29

I am on https://github.com/coelckers/gzdoom/com ... a78e89329d

And some valgrind output (GZDooom compiled in debug/windowed mode but I cannot see any function names?) No crashes just a lot of cmov warnings:

When enter the map:

==16943== Conditional jump or move depends on uninitialised value(s)
==16943== at 0x4C33D06: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16943== by 0x7755F8: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x774499: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x759976: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x75D2AF: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x7499FD: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x749D59: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x74A47D: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x74A8B9: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x74A810: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x74A810: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x74A810: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)

...


god
Degreelessness Mode ON
Picked up a small clip.
Picked up a small clip.
Picked up a small clip.
Picked up a small clip.
Picked up a small clip.
Picked up shotgun shells.

In outdoor area with rocket zombies.
outdoorarea.jpg
outdoorarea.jpg (412.24 KiB) Viewed 321 times
==16943== Conditional jump or move depends on uninitialised value(s)
==16943== at 0x7C25224: msort_with_tmp.part.0 (msort.c:83)
==16943== by 0x7C24EB6: msort_with_tmp (msort.c:45)
==16943== by 0x7C24EB6: msort_with_tmp.part.0 (msort.c:53)
==16943== by 0x7C24ECC: msort_with_tmp (msort.c:45)
==16943== by 0x7C24ECC: msort_with_tmp.part.0 (msort.c:54)
==16943== by 0x7C24EB6: msort_with_tmp (msort.c:45)
==16943== by 0x7C24EB6: msort_with_tmp.part.0 (msort.c:53)
==16943== by 0x7C24ECC: msort_with_tmp (msort.c:45)
==16943== by 0x7C24ECC: msort_with_tmp.part.0 (msort.c:54)
==16943== by 0x7C2568E: msort_with_tmp (msort.c:45)
==16943== by 0x7C2568E: qsort_r (msort.c:297)
==16943== by 0x7506F8: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x750980: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x7509D5: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x750DEF: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x770993: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==16943== by 0x770B34: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)


[why not use std::sort or std::stable_sort instead of qsort. That will save you some trouble with type-casting, and may result in a faster sort operation]

In release mode see attached log, it appears that the program only crashes in fullscreen, but valgrind gives similar errors when exiting.
Attachments
log-valgrind-fullscreen-release.txt
(300.84 KiB) Downloaded 7 times

User avatar
Graf Zahl
GZDoom Developer
GZDoom Developer
Posts: 7148
Joined: Wed Jul 20, 2005 9:48
Location: Germany
Contact:

Re: Horrible heap error when running Psychophbia

Post by Graf Zahl » Wed Aug 03, 2016 16:49

Without symbols that Valgrind log is as good as useless. I see that somewhere it compares uninitialized memory but there's nothing telling me from where it got called. The problem is not qsort but some function calling it - and I have no idea which it is.

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Re: Horrible heap error when running Psychophbia

Post by milasudril » Wed Aug 03, 2016 17:38

Two problems:

1. I did a debug build and got the qsort error. But some of the code was compiled without -g. How to setup cmake to get them.
2. The hard exit crash only appears in release mode, which has no debug symbols. Can I activate release + debug symbols?

I would really like full debug symbols + release mode. Firstly, I want the hard crash to occur. Secondly, valgrind takes you years back in performance.

For the qsort issue, I guess something in the outdoor area breaks it, because that is when the error happens. Maybe the slime pond (alpha-transparancy requires sorting).

User avatar
Graf Zahl
GZDoom Developer
GZDoom Developer
Posts: 7148
Joined: Wed Jul 20, 2005 9:48
Location: Germany
Contact:

Re: Horrible heap error when running Psychophbia

Post by Graf Zahl » Wed Aug 03, 2016 18:09

This will have to be answered by someone who knows his way around Linux. I just don't know.

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Re: Horrible heap error when running Psychophbia

Post by milasudril » Wed Aug 03, 2016 18:46

More info:

tried

cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo (which gave no direct info either)

Still bad output but try objdump -d and c++filt. I hope this gives more details.

==18608== Conditional jump or move depends on uninitialised value(s)
==18608== at 0x66B163: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==18608== by 0x3AF7050F: ???
==18608== by 0xFFEFFD41F: ???
==18608== by 0x3D058727: ???
==18608== by 0x3CA2F83F: ???
==18608== by 0x3CA2FC67: ???
==18608== by 0x66D6EE: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==18608== by 0x2938: ???

0x66D6EE => 000000000066d3a0 <_ZN6GLWall9DoHorizonEP5seg_tP8sector_tP8vertex_tS5_> => GLWall::DoHorizon(seg_t*, sector_t*, vertex_t*, vertex_t*)



==18608== Conditional jump or move depends on uninitialised value(s)
==18608== at 0x7C25224: msort_with_tmp.part.0 (msort.c:83)
==18608== by 0x7C24EB6: msort_with_tmp (msort.c:45)
==18608== by 0x7C24EB6: msort_with_tmp.part.0 (msort.c:53)
==18608== by 0x7C24ECC: msort_with_tmp (msort.c:45)
==18608== by 0x7C24ECC: msort_with_tmp.part.0 (msort.c:54)
==18608== by 0x7C2568E: msort_with_tmp (msort.c:45)
==18608== by 0x7C2568E: qsort_r (msort.c:297)
==18608== by 0x664655: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==18608== by 0x293F7BAF: ???
==18608== by 0x2BCB671F: ???

0x664655 => 00000000006645a0 <_ZN10GLDrawList14SortSpriteListEP8SortNode> => GLDrawList::SortSpriteList(SortNode*)



==18608== Conditional jump or move depends on uninitialised value(s)
==18608== at 0x4C33D06: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==18608== by 0x66B160: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)

0x66B160 => 000000000066aa60 <_ZN6GLWall9PutPortalEi> => GLWall::PutPortal(int)


==18608== Invalid read of size 8
==18608== at 0x926545: ??? (in /home/torbjorr/Hämtningar/gzdoom/build/gzdoom)
==18608== Address 0x2968a4e0 is 16 bytes inside an unallocated block of size 4,096 in arena "client"

0x926545 => 0000000000926520 <_ZN12VMFrameStack5AllocEi> => VMFrameStack::Alloc(int)

...
Many more errors of type invalid read

==18608== More than 1000 different errors detected. I'm not reporting any more.
==18608== Final error counts will be inaccurate. Go fix your program!

dpJudas
Developer
Developer
Posts: 798
Joined: Sat Jul 23, 2016 7:53

Re: Horrible heap error when running Psychophbia

Post by dpJudas » Wed Aug 03, 2016 19:06

I think if you change CMakeLists.txt line 506 from:

Code: Select all

set( CMAKE_CXX_FLAGS_RELWITHDEBINFO "${REL_CXX_FLAGS} ${CMAKE_CXX_FLAGS_RELWITHDEBINFO}" )
To this:

Code: Select all

set( CMAKE_CXX_FLAGS_RELWITHDEBINFO "${REL_CXX_FLAGS} ${CMAKE_CXX_FLAGS_RELWITHDEBINFO} -g" )
Then it will generate debug info. Or maybe you can just set the CMAKE_CXX_FLAGS_RELWITHDEBINFO environment variable to -g. I'm not sure.

Note: this was just by googling around a bit. Didn't boot into Linux to test any of this.

dpJudas
Developer
Developer
Posts: 798
Joined: Sat Jul 23, 2016 7:53

Re: Horrible heap error when running Psychophbia

Post by dpJudas » Wed Aug 03, 2016 19:12

Even better - there's a thread on the zdoom forum that explains exactly how to do what you're trying to do: http://forum.zdoom.org/viewtopic.php?f=4&t=53066

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Re: Horrible heap error when running Psychophbia

Post by milasudril » Thu Aug 04, 2016 17:46

So I got some progress. I needed to remove -s option from the link command. Then I tried again without success. BUT addr2line works, and I have found a memory bug from allocations within in name.cpp. This bug appears without loading *any* mods, when exiting the startup dialog.

valgrind ./gzdoom

Press cancel, and see the errors. Redirect valgrind output to a file

valgrind ./gzdoom 2> errors.log

Filter with awk

awk '-F[: ]' '/???.*gzdoom/ {printf $6" => ";system("echo "$6" | addr2line -e ./gzdoom");} !/???.*gzdoom/' errors.log > errors-resolved.txt

As said, no errors here in debug mode. If I am right, this is something for Randy to look at. The class appears to be used everywhere, so changes there may have a huge impact. I will come back later with the earlier issues.
Attachments
errors-resolved.txt
Resolved addresses.
(333.13 KiB) Downloaded 9 times

Edward-san
Developer
Developer
Posts: 197
Joined: Sun Nov 29, 2009 16:36

Re: Horrible heap error when running Psychophbia

Post by Edward-san » Thu Aug 04, 2016 20:33

I downloaded psychophobia and noticed that some files were missing from the command line you provided. Anyways, in my case valgrind provided this (no optimizations, damn slow), attached below. Added also my startup log, might be useful.

The first valgrind error (writev) seems to happen inside the intel driver, can't do much.
Attachments
valgrind_gzdoom_psychophobia.txt
(41.22 KiB) Downloaded 11 times
gzdoom_startup_psychophobia.txt
(7.58 KiB) Downloaded 11 times

milasudril
Posts: 64
Joined: Fri May 15, 2009 17:21

Re: Horrible heap error when running Psychophbia

Post by milasudril » Fri Aug 05, 2016 7:50

@Edward-san Did you experience anything unusual when exiting the game? I think we are talking more than one issue.

1. Uninitialized values in the OpenGL renderer [The syscall issue in the beginning has nothing to do with GZDoom].
2. Heap corruption during initialization

The second issue is for me only visible when compiling in release mode. And as I said, may be present in vanilla zdoom as well.

User avatar
Graf Zahl
GZDoom Developer
GZDoom Developer
Posts: 7148
Joined: Wed Jul 20, 2005 9:48
Location: Germany
Contact:

Re: Horrible heap error when running Psychophbia

Post by Graf Zahl » Fri Aug 05, 2016 8:35

Well, I have no idea. The sky stuff makes no sense, because the data is always memset to 0 before being initialized so I have no idea why it reports uninitialized memory and if the name stuff wasn't working we'd have one major problem that'd show sooner or later because it's used everywhere throughout the engine.
None of this could be cause of a bad crash, though.

Edward-san
Developer
Developer
Posts: 197
Joined: Sun Nov 29, 2009 16:36

Re: Horrible heap error when running Psychophbia

Post by Edward-san » Fri Aug 05, 2016 10:08

Fortunately it's possible reproduce the sky errors with normal doom2 maps. I'll try to investigate with valgrind + gdb, though I don't know much about the gl code.

User avatar
Graf Zahl
GZDoom Developer
GZDoom Developer
Posts: 7148
Joined: Wed Jul 20, 2005 9:48
Location: Germany
Contact:

Re: Horrible heap error when running Psychophbia

Post by Graf Zahl » Fri Aug 05, 2016 11:23

Knowing which value is undefined would help a lot. Unfortunately that's what Valgrind does not tell.

Edward-san
Developer
Developer
Posts: 197
Joined: Sun Nov 29, 2009 16:36

Re: Horrible heap error when running Psychophbia

Post by Edward-san » Fri Aug 05, 2016 13:01

memcmp doesn't tell me which place is undefined, so I have to use member per member comparison, unless there's an alternative..

Locked

Return to “Closed Bugs”