Bug #1993

Engine segfault in R_SkinFrame_MarkUsed

Added by MrBougo 3 months ago.

Status:NewStart date:06/15/2014
Priority:NormalDue date:
Assignee:divVerent% Done:


Target version:-


In the current state of div0-stable (commit bad4613, funny enough), the engine has been reported to segfault on a Linux system. Here's the backtrace:

    Program received signal SIGSEGV, Segmentation fault.
    0x000000000050949b in R_SkinFrame_MarkUsed (skinframe=0x100000000) at ../../../gl_rmain.c:3189
    3189            skinframe->loadsequence = r_skinframe.loadsequence;
    (gdb) bt
    #0  0x000000000050949b in R_SkinFrame_MarkUsed (skinframe=0x100000000) at ../../../gl_rmain.c:3189
    #1  0x0000000000595731 in mod_newmap () at ../../../model_shared.c:114
    #2  0x00000000006021d7 in R_Modules_NewMap () at r_modules.c:99
    #3  0x0000000000453316 in CL_SetupWorldModel () at ../../../cl_parse.c:498
    #4  0x00000000004540b5 in CL_BeginDownloads (aborteddownload=false) at ../../../cl_parse.c:1178
    #5  0x0000000000493258 in Cmd_ExecuteString (text=text@entry=0x7fffffff9f20 "cl_begindownloads", lockmutex=false, src=src_command) at ../../../cmd.c:1936
    #6  0x0000000000493601 in Cbuf_Execute () at ../../../cmd.c:361
    #7  0x0000000000493a95 in Cbuf_Frame () at ../../../cmd.c:383
    #8  0x000000000053d207 in Host_Main () at ../../../host.c:781
    #9  0x0000000000405403 in main (argc=2, argv=0x7fffffffe598) at ../../../sys_sdl.c:223

The bug appears to be reproducible on the user's machine and usually appears after some time playing, but I could not reproduce it myself.

After instructing the user to revert to commit 20149b4 (that is one keyboard handler commit and two IBSP commits back), the segfault disappeared.

Bug was reported by Grunt on #xonotic, QuakeNet, around 9pm CEST. I notified divVerent and LordHavoc on IRC shortly after.

Also available in: Atom PDF