Bug 319356

Summary:	KJumpingCube crashes in 2-player-game on winning condition
Product:	[Applications] kjumpingcube	Reporter:	Martin Walch <walch.martin>
Component:	general	Assignee:	Ian Wadham <iandw.au>
Status:	RESOLVED FIXED
Severity:	crash	CC:	kde-games-bugs
Priority:	NOR
Version:	2.0
Target Milestone:	---
Platform:	Compiled Sources
OS:	Linux
Latest Commit:	http://commits.kde.org/kjumpingcube/2aead7b5bd31acf6379f5cbec36b76607ffe67c5	Version Fixed In:	2.0 (KDE SC 4.10.4)
Sentry Crash Report:

Description Martin Walch 2013-05-05 11:55:05 UTC

Application: kjumpingcube (2.0)
KDE Platform Version: 4.10.2 (Compiled from sources)
Qt Version: 4.8.4
Operating System: Linux 3.8.5-gentoo-gnu x86_64
Distribution: "NAME=Gentoo"

-- Information about the crash:
- What I was doing when the application crashed:
Given this match in a field of size 3x3. I list the moves as coordinates from 0 to 2 in x and y direction, with the upper left corner being (0,0):
(0,2), (2,0)
(0,1), (2,1)
(0,1), (2,1)
(0,0), (2,2)
(1,0), (1,2)
(1,0), (1,2)
(1,1), (2,2)
[crash]

- Custom settings of the application:
Field size 3x3, 2 player game (i. e. no AI), not sure whether the other options have an impact.

The crash can be reproduced every time.

-- Backtrace:
Application: KJumpingCube (kjumpingcube), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[KCrash Handler]
#6  *__GI___libc_free (mem=0x3800000000) at malloc.c:2968
#7  0x000000000041c3a0 in AI_Main::dumpStats (this=0x7a12e8) at /var/tmp/portage/kde-base/kjumpingcube-4.10.2/work/kjumpingcube-4.10.2/ai_main.cpp:649
#8  0x0000000000413044 in KCubeBoxWidget::nextMoveStep (this=0x7a11e0) at /var/tmp/portage/kde-base/kjumpingcube-4.10.2/work/kjumpingcube-4.10.2/kcubeboxwidget.cpp:1080
#9  0x0000000000413224 in KCubeBoxWidget::continueCascade (this=0x7a11e0) at /var/tmp/portage/kde-base/kjumpingcube-4.10.2/work/kjumpingcube-4.10.2/kcubeboxwidget.cpp:902
#10 0x00007fdec74707b5 in QMetaObject::activate (sender=<optimized out>, m=<optimized out>, local_signal_index=<optimized out>, argv=0x7fdec62a8620 <main_arena>) at kernel/qobject.cpp:3539
#11 0x00007fdec746c4a9 in QObject::event (this=0x7bc090, e=0x0) at kernel/qobject.cpp:1156
#12 0x00007fdec678b04c in QApplicationPrivate::notify_helper (this=0x676160, receiver=0x7bc090, e=0x7fff40cd6f80) at kernel/qapplication.cpp:4562
#13 0x00007fdec6791c14 in QApplication::notify (this=0x7fff40cd72f0, receiver=<optimized out>, e=0x7fff40cd6f80) at kernel/qapplication.cpp:3944
#14 0x00007fdec81b6056 in KApplication::notify (this=0x7fff40cd72f0, receiver=0x7bc090, event=0x7fff40cd6f80) at /var/tmp/portage/kde-base/kdelibs-4.10.2/work/kdelibs-4.10.2/kdeui/kernel/kapplication.cpp:311
#15 0x00007fdec74599ac in QCoreApplication::notifyInternal (this=0x7fff40cd72f0, receiver=0x7bc090, event=0x7fff40cd6f80) at kernel/qcoreapplication.cpp:946
#16 0x00007fdec748e652 in sendEvent (event=<optimized out>, receiver=<optimized out>) at kernel/qcoreapplication.h:231
#17 QTimerInfoList::activateTimers (this=0x679270) at kernel/qeventdispatcher_unix.cpp:622
#18 0x00007fdec748b8fd in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:186
#19 0x00007fdec748b921 in idleTimerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:233
#20 0x00007fdec1a83df5 in g_main_dispatch (context=<optimized out>) at gmain.c:2539
#21 g_main_context_dispatch (context=<optimized out>) at gmain.c:3075
#22 0x00007fdec1a864fd in g_main_context_iterate (context=0x6775e0, block=<optimized out>, dispatch=<optimized out>, self=<optimized out>) at gmain.c:3146
#23 0x00007fdec1a8656b in g_main_context_iteration (context=0x6775e0, may_block=1) at gmain.c:3207
#24 0x00007fdec748b5e5 in QEventDispatcherGlib::processEvents (this=0x64fca0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#25 0x00007fdec683f3e2 in QGuiEventDispatcherGlib::processEvents (this=0x3800000000, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#26 0x00007fdec74584e8 in QEventLoop::processEvents (this=<optimized out>, flags=<error reading variable: DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjunction with DW_OP_piece or DW_OP_bit_piece.>) at kernel/qeventloop.cpp:149
#27 0x00007fdec7458975 in QEventLoop::exec (this=0x7fff40cd7230, flags=<error reading variable: DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjunction with DW_OP_piece or DW_OP_bit_piece.>) at kernel/qeventloop.cpp:204
#28 0x00007fdec745e843 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1218
#29 0x00000000004196f4 in main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/portage/kde-base/kjumpingcube-4.10.2/work/kjumpingcube-4.10.2/main.cpp:60

Reported using DrKonqi

Comment 1 Ian Wadham 2013-05-06 04:58:25 UTC

This sequence of moves works for me most of the time (player 2 wins), but sometimes it crashes.  Also, both players have one or more opportunities to win earlier in the game and those alternative scenarios mostly work for me but sometimes crash.

Comment 2 Ian Wadham 2013-05-10 06:51:28 UTC

Git commit a3d9f5f2eb3a0cc2ecea1511bcec9d554c3d88e9 by Ian Wadham.
Committed on 10/05/2013 at 08:31.
Pushed by ianw into branch 'KDE/4.10'.

M  +1    -16   ai_main.cpp

http://commits.kde.org/kjumpingcube/a3d9f5f2eb3a0cc2ecea1511bcec9d554c3d88e9

Comment 3 Ian Wadham 2013-05-10 06:53:10 UTC

Git commit 2aead7b5bd31acf6379f5cbec36b76607ffe67c5 by Ian Wadham.
Committed on 10/05/2013 at 08:31.
Pushed by ianw into branch 'master'.

M  +1    -16   ai_main.cpp

http://commits.kde.org/kjumpingcube/2aead7b5bd31acf6379f5cbec36b76607ffe67c5

Comment 4 Ian Wadham 2013-05-10 07:04:27 UTC

In a person-v-person game the array m_maxValues, used in AI_Main::dumpStats(), was not getting allocated by the AI, so an attempt to delete it caused a crash at the end of the game.  The fix removes the debug code that caused the problem.