77170 – klickety crashes on startup

Bug 77170 - klickety crashes on startup

Summary: klickety crashes on startup

Status:	RESOLVED FIXED

Alias:	None

Product:	klickety
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Hadacek Nicolas

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-03-10 11:24 UTC by toojays
Modified:	2004-03-11 04:19 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Patch (1.24 KB, patch) 2004-03-10 16:54 UTC, Hadacek Nicolas	Details
klickety patch (1.25 KB, patch) 2004-03-10 17:00 UTC, Hadacek Nicolas	Details
ksirtet + kfouleggs patch (2.71 KB, patch) 2004-03-10 17:07 UTC, Hadacek Nicolas	Details
Show Obsolete (1) View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description toojays 2004-03-10 11:24:11 UTC

Version:            (using KDE KDE 3.2.0)
Installed from:    Compiled From Sources
Compiler:          gcc (GCC) 3.3.2 20031218 (Gentoo Linux 3.3.2-r5, propolice-3.3-7) CFLAGS="-g -march=athlon-xp -msse -mfpmath=sse -mmmx -m3dnow -maccumulate-outgoing-args -momit-leaf-frame-pointer -O3 -pipe"
OS:          Linux

Klickety is my girlfriend's favourite game, and she used to play it all the time, but now it crashes immediately on startup. I don't know what I've done to break it, but I've tried re-emerging qt, kdelibs, kdegames, all to no avail. Here is the backtrace:

Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 19384)]
0x415995b8 in waitpid () from /lib/libpthread.so.0
#0  0x415995b8 in waitpid () from /lib/libpthread.so.0
#1  0x408f4454 in __JCR_LIST__ () from /usr/kde/3.2/lib/libkdecore.so.4
#2  0x4083a6ad in KCrash::defaultCrashHandler(int) (sig=11) at kcrash.cpp:246
#3  0x41598383 in __pthread_sighandler (signo=11, ctx=
      {gs = 7, __gsh = 0, fs = 0, __fsh = 0, es = 43, __esh = 0, ds = 43, __dsh = 0, edi = 3221222112, esi = 3221222096, ebp = 3221221784, esp = 3221221724, ebx = 1093466916, edx = 188, ecx = 0, eax = 188, trapno = 14, err = 4, eip = 1098227875, cs = 35, __csh = 0, eflags = 66118, esp_at_signal = 3221221724, ss = 43, __ssh = 0, fpstate = 0xbfffeee0, oldmask = 2147483648, cr2 = 188})
    at sighandler.c:39
#4  <signal handler called>
#5  strlen () at ../sysdeps/i386/i486/strlen.S:69
#6  0x410269ea in internalLatin1ToUnicode (
    str=0xbc <Address 0xbc out of bounds>, len=0xbffff1bc, maxlen=4294967295)
    at tools/qstring.cpp:1186
#7  0x41027389 in QString (this=0xbffff210, 
    str=0xbc <Address 0xbc out of bounds>) at tools/qstring.cpp:1495
#8  0x40c5ebef in QColor (this=0xbffff2c0, 
    name=0xbc <Address 0xbc out of bounds>) at kernel/qcolor.cpp:397
#9  0x08056822 in KLPieceInfo::defaultColor(unsigned) const (this=0xbffff480, 
    i=188) at piece.h:29
#10 0x080684f7 in BasePrefs (this=0x8169918) at baseprefs.cpp:55
#11 0x08067167 in BasePrefs::self() () at baseprefs.cpp:16
#12 0x0805ca5f in BasePrefs::fadeColor() () at baseprefs.h:39
#13 0x0805c7f8 in BaseField::settingsChanged() (this=0x814aeec)
    at field.cpp:160
#14 0x08059543 in Field (this=0x814ae78, parent=0x81364f8) at field.cpp:39
#15 0x0805a606 in KLFactory::createInterface(QWidget*) (this=0xbffff490, 
    parent=0xbc) at main.h:19
#16 0x0805ac49 in BaseMainWindow (this=0x81364f8, __vtt_parm=0xbc)
    at main.cpp:47
#17 0x0805a23a in KLMainWindow (this=0x81364f8) at main.cpp:53
#18 0x0805a36d in main (argc=188, argv=0xbc) at main.cpp:70


The parts I found interesting were at frames 8, 9 and 10. I'll start with frame 10: line 55 of baseprefs.cpp, at least on my system (this is autogenerated, yeah?) says:

itemColor = new KConfigSkeleton::ItemColor( currentGroup(), "color #5", mColor[5], Piece::info().defaultColor(5) );

Now KLPieceInfo::DEFAULT_COLORS only has 5 entries, so the call to KLPieceInfo::defaultColor goes out of bounds of that array.

That said, I find it weird that for stack frame 9, gdb is reporting i=188. Surely it is supposed to be five? But both i=188 and i=5 are not valid, given the size of the DEFAULT_COLORS array.

Can someone who is intimate with kdegames/klickety please point me in the right direction to solve this bug? I have a few other ideas to explore (reduce compiler optimisations, look at what is in baseprefs.cpp on my powerbook (because it works there)), but maybe someone else has a better idea.

Thanks.

Comment 1 Hadacek Nicolas 2004-03-10 16:54:12 UTC

Created attachment 5112 [details]
Patch

Comment 2 Hadacek Nicolas 2004-03-10 16:54:55 UTC

you've been doing a nice job debugging that; I have the same conclusions that you !!

well try to apply the attached patch... it seems like someone has messed up things when porting to the new configuration mechanism (and has been feeling bas about it: see the comment in libksirtet1.kcfg in libksirtet/base/)

Comment 3 Hadacek Nicolas 2004-03-10 17:00:12 UTC

Created attachment 5113 [details]
klickety patch

let's make a patch that compiles and is correct :)

Comment 4 Hadacek Nicolas 2004-03-10 17:07:57 UTC

Created attachment 5114 [details]
ksirtet + kfouleggs patch

same patch for ksirtet and kfouleggs

Comment 5 toojays 2004-03-11 00:34:52 UTC

There is a bug in attachment 5113 [details]: KLPiece::defaultColor should be KLPieceInfo::defaultColor. Then this does indeed fix the crash.

Thanks Hadacek.

Comment 6 Hadacek Nicolas 2004-03-11 04:19:42 UTC

fix in HEAD and in KDE 3.2 branch.

thanks a lot!