Version: 3.5.5 (using KDE KDE 3.5.5) Installed from: Debian testing/unstable Packages OS: Linux Occasionally knetwalk crashes. I think I have tracked it down to when .kde/share/config/knetwalkrc has existed during exactly won game. If I delete knetwalkrc, I can play one game I think, then it crashes on the next. I have reproduced it a couple of times. Based on the backtrace and the code, it seems that 447 if ( score.type()==Won ) { 448 const QMemArray<uint> &sh = _histogram; 449 for (uint i=1; i<histoSize(); i++) 450 if ( i==sh.size() || score.score()<sh[i] ) { 451 item(histoName(i))->increment(_id); 452 break; 453 } 454 } in libkdegames/highscore/kexthighscore_internal.cpp is the bad part Backtrace follows here - I have also a full strace if wanted. I put the bit I might find interesting here: 4480 ioctl(5, FIONREAD, [0]) = 0 4480 write(6, "\0", 1) = 1 4480 time([1163023941]) = 1163023941 4480 gettimeofday({1163023941, 616853}, NULL) = 0 4480 write(2, "QGArray::at: Absolute index 4 ou"..., 43) = 43 4480 --- SIGSEGV (Segmentation fault) @ 0 (0) --- 4480 rt_sigaction(SIGALRM, {SIG_DFL}, {SIG_DFL Backtrace Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread -1233353024 (LWP 5027)] [KCrash handler] #9 0xb7eef0db in KExtHighscore::PlayerInfos::submitScore (this=0x80994b8, score=@0xbfeab880) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/libkdegames/highscore/kexthighscore_internal.cpp:450 #10 0xb7ef41bc in KExtHighscore::ManagerPrivate::submitScore (this=0x809a438, ascore=@0xbfeab91c, widget=0x80b6078, askIfAnonymous=true) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/libkdegames/highscore/kexthighscore_internal.cpp:804 #11 0xb7ef7c15 in KExtHighscore::submitScore (score=@0xbfeab91c, widget=0x80b6078) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/libkdegames/highscore/kexthighscore.cpp:67 #12 0x08052a14 in MainWindow::rotate (this=0x80b6078, index=22, toleft=true) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/knetwalk/src/mainwindow.cpp:382 #13 0x08052a71 in MainWindow::lClicked (this=0x80b6078, index=22) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/knetwalk/src/mainwindow.cpp:334 #14 0x08053b47 in MainWindow::qt_invoke (this=0x80b6078, _id=75, _o=0xbfeaba48) at ./mainwindow.moc:110 #15 0xb7497cb3 in QObject::activate_signal (this=0x81055e8, clist=0x80f7180, o=0xbfeaba48) at kernel/qobject.cpp:2356 #16 0xb74985ba in QObject::activate_signal (this=0x81055e8, signal=2, param=22) at kernel/qobject.cpp:2449 #17 0x08050384 in Cell::lClicked (this=0x81055e8, t0=22) at ./cell.moc:95 #18 0xb74ccb87 in QWidget::mouseDoubleClickEvent (this=0x81055e8, e=0xbfeabea4) at kernel/qwidget.cpp:5064 #19 0xb74ce693 in QWidget::event (this=0x81055e8, e=0xbfeabea4) at kernel/qwidget.cpp:4708 #20 0xb742fbd6 in QApplication::internalNotify (this=0xbfeac470, receiver=0x81055e8, e=0xbfeabea4) at kernel/qapplication.cpp:2635 #21 0xb7431d79 in QApplication::notify (this=0xbfeac470, receiver=0x81055e8, e=0xbfeabea4) at kernel/qapplication.cpp:2421 #22 0xb7dfce6e in KApplication::notify (this=0xbfeac470, receiver=0x81055e8, event=0xbfeabea4) at /home/sid-user/kdelibs/kdelibs-3.5.5/./kdecore/kapplication.cpp:550 #23 0xb73c3445 in QApplication::sendSpontaneousEvent (receiver=0x81055e8, event=0xbfeabea4) at kernel/qapplication.h:523 #24 0xb73c20df in QETWidget::translateMouseEvent (this=0x81055e8, event=0xbfeac2d8) at kernel/qapplication_x11.cpp:4301 #25 0xb73c0660 in QApplication::x11ProcessEvent (this=0xbfeac470, event=0xbfeac2d8) at kernel/qapplication_x11.cpp:3478 #26 0xb73d6cb2 in QEventLoop::processEvents (this=0x808fd58, flags=4) at kernel/qeventloop_x11.cpp:192 #27 0xb744a129 in QEventLoop::enterLoop (this=0x808fd58) at kernel/qeventloop.cpp:198 #28 0xb7449f4a in QEventLoop::exec (this=0x808fd58) at kernel/qeventloop.cpp:145 #29 0xb743176f in QApplication::exec (this=0xbfeac470) at kernel/qapplication.cpp:2758 #30 0x08054bac in main (argc=) at /tmp/buildd/kdegames-3.5.5/build-tree/kdegames-3.5.5/knetwalk/src/main.cpp:70 #31 0xb6dfdea8 in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6 #32 0x0804fc51 in _start () at ../sysdeps/i386/elf/start.S:119
This is also debian #388619 (http://bugs.debian.org/nnnn) and 383442 347757 361514 /Sune
and sometimes I can only reproduce it when there is no knetwalkrc :/ /Sune
I can't reproduce it, but here is what could be happening as far as I can tell: knetwalk never calls setScoreHistogram() on it's Manager subclass object, so createHistoItems() is never called on the PlayerInfos object. Therefore, _histogram has size 0, but _bound is never initialized anywhere. If _bound happens to be 0, PlayerInfos::histoSize() will return 1. So, in the code snippet reported above, i is 0 and sh.size() is 0, so we call item(histoName(0))->increment(_id) In histoName(0), we pass the Q_ASSERT (which looks buggy - I think it should be Q_ASSERT( i<sh.size() || (!_bound && i==sh.size()) ); , as right now it always passes if _bound is true, no matter what i is). Again, i == sh.size() so we return QString("nb scores greater that %1").arg(sh[-1]); Even if this doesn't crash, we now lookup "nb scores greater than X" using findIndex(), but it doesn't exist, since createHistoItems() was never called, so it returns -1. This should trigger kdError(11002) and then return the item at(-1). Finally, we call the ->increment(_id) function on the non-existent item at index -1. Anyway, this is mostly speculation, since I can't reproduce the crash, but it seems possible for this to happen from looking at the code.
Created attachment 18474 [details] patch to hopefully fix knetwalk crash Hopefully this patch fixes the knetwalk crash. I haven't tested it, as I can't reproduce the crash anyway, so it is only based on code analysis.
I have tried the proposed patch from jdmetz - and I have until now been unable to reproduce the crash. /Sune
Actually, looking at the code this morning, it doesn't seem that that could be the cause of the crash, as the loop runs from (uint i=1; i<histoSize(); i++). I don't see how histoSize() could possibly be greater than 1 in this case, and even with histoSize() == 1, the inside of the loop should never be executed.
My knetwalk crashes on game won, if I haven't selected a type of game at start. Starting knetwalk with the appropriate option solves this.
For your information: I cannot reproduce the crash with KNetwalk 1.0 on KDE 3.5.7... Is it fixed?
I cannot reproduce it either. steps I done : remove ~/.kde/share/config/knetwalkrc run knetwalk (in easy mode :p) win the game quit knetwalk run knetwalk win the game quit knetwalk => no crash so far. using kde 3.5.7 Could you try if the bug is reproductible for you please ?
Is fixed downstream so can probably be closed now.
*** Bug has been marked as fixed ***.