Bug 5077 - Segfault in MSG_WriteBits()
Status: RESOLVED FIXED
Alias: None
Product: ioquake3
Classification: Unclassified
Component: Platform
Version: GIT MASTER
Hardware: SGI IRIX
: P3 normal
Assignee: Zachary J. Slater
QA Contact: ioquake3 bugzilla mailing list
URL:
Depends on:
Blocks:
 
Reported: 2011-07-13 19:15 EDT by ioquake
Modified: 2011-07-16 21:42:25 EDT
1 user (show)

See Also:


Description ioquake 2011-07-13 19:15:32 EDT 
ioquake3 crashes when attempting to connect to the internal server. Compiler was mipspro 7.4.4. Both debug and release binaries crash. Source is svn revision 2080.

loaded crash from bots/crash_t.c
Process 79979: Regions overlap: PIOCMAP returned bad data.region 36 addr 0xd900000 size 0x1e8000 mflags 0x3100dregion 37 addr 0xdad8000 size 0x8000 mflags 0x12087 ignoring later region 
Process 79979: Regions overlap: PIOCMAP returned bad data.region 36 addr 0xd900000 size 0x1e8000 mflags 0x3100dregion 37 addr 0xdad8000 size 0x8000 mflags 0x12087 ignoring later region 
Process 79979: Regions overlap: PIOCMAP returned bad data.region 36 addr 0xd900000 size 0x1e8000 mflags 0x3100dregion 37 addr 0xdad8000 size 0x8000 mflags 0x12087 ignoring later region 
Process 79979: Regions overlap: PIOCMAP returned bad data.region 36 addr 0xd900000 size 0x1e8000 mflags 0x3100dregion 37 addr 0xdad8000 size 0x8000 mflags 0x12087 ignoring later region 
Process 79979 (ioquake3.mips) stopped on signal SIGBUS: Bus error (handler sig_fixup_mask) at [MSG_WriteBits:154 +0x14,0x1008670c]
 154  *ip = LittleLong(value);
(dbx) where thread all

Thread 0x10000
>  0 MSG_WriteBits(msg = 0x7ffe9eb0, value = 0, bits = 32) ["/usr/people/canavan/src/quake3/trunk/code/qcommon/msg.c":154, 0x1008670c]
   1 MSG_WriteLong(sb = 0x7ffe9eb0, c = 0) ["/usr/people/canavan/src/quake3/trunk/code/qcommon/msg.c":290, 0x10086de0]
   2 Netchan_Transmit(chan = 0x105e455c, length = 294, data = 0x7ffee5a0 = "\252[U\r\335*0\017v\204\302\0204{\0239\366\030\023\373b\026\245\360\330\3601\006\236G\260cq10\360<\202]b\211\311\023\016;:v\304\223\205\035{\217=\235N\307\362\030x\n\363\216\275\237\216=\232\275\004\303<\306\001\031\262\260#\274#\330\245c\034\214\347\322\243\331K0\314c\034\220!\v;\302;\202]:\226\205\361<\302~4{\t\206y\214\0032daGxG\260K\307\2620\236\...") ["/usr/people/canavan/src/quake3/trunk/code/qcommon/net_chan.c":210, 0x1008adb4]
   3 CL_Netchan_Transmit(chan = 0x105e455c, msg = 0x7ffea4d8) ["/usr/people/canavan/src/quake3/trunk/code/client/cl_net_chan.c":160, 0x1004ce68]
   4 CL_WritePacket() ["/usr/people/canavan/src/quake3/trunk/code/client/cl_input.c":926, 0x1003c520]
   5 CL_SendCmd() ["/usr/people/canavan/src/quake3/trunk/code/client/cl_input.c":958, 0x1003c618]
   6 CL_Frame(msec = 200) ["/usr/people/canavan/src/quake3/trunk/code/client/cl_main.c":2931, 0x100478ec]
   7 Com_Frame() ["/usr/people/canavan/src/quake3/trunk/code/qcommon/common.c":3253, 0x1007504c]
   8 main(argc = 1, argv = 0x7fff2ef4) ["/usr/people/canavan/src/quake3/trunk/code/sys/sys_main.c":587, 0x10175c84]
   9 __start() ["/xlv55/kudzu-apr12/work/irix/lib/libc/libc_n32_M4/csu/crt1text.s":177, 0x100288c8]

Thread 0x10001
>  0 __nanosleep(0x1760bed8, 0x1760bed0, 0x10001, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/xlv41/6.5.30m/work/irix/lib/libc/libc_n32_M4/sys/nanosleep.s":15, 0xfabf048]
   1 _nanosleep(0x1760bed8, 0x1760bed0, 0x10001, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/xlv41/6.5.30m/work/irix/lib/libc/libc_n32_M4/sys/nanosleepSCI.c":29, 0xfabf0f4]
   2 SDL_Delay(0x1760bed8, 0x1760bed0, 0x10001, 0x25e1524, 0x5622, 0x0, 0x0, 0x175e5790) ["/usr/people/canavan/src/SDL/SDL-1.2.14/src/timer/unix/SDL_systimer.c":118, 0x25d32e8]
   3 AL_WaitAudio(0x175e4e00, 0x1760bed0, 0x10001, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/usr/people/canavan/src/SDL/SDL-1.2.14/src/audio/dmedia/SDL_irixaudio.c":112, 0x25b5f0c]
   4 SDL_RunAudio(0x175e4e00, 0x0, 0x0, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/usr/people/canavan/src/SDL/SDL-1.2.14/src/audio/SDL_audio.c":222, 0x257ccd4]
   5 SDL_RunThread(0x0, 0x1760bed0, 0x10001, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/usr/people/canavan/src/SDL/SDL-1.2.14/src/thread/SDL_thread.c":204, 0x258aeec]
   6 RunThread(0x1760bed8, 0x1760bed0, 0x10001, 0x10000000, 0x5622, 0x0, 0x0, 0x175e5790) ["/usr/people/canavan/src/SDL/SDL-1.2.14/src/thread/pthread/SDL_systhread.c":47, 0x25d215c]
   7 _SGIPT_pt_start() ["/xlv41/6.5.30m/work/eoe/lib/libpthread/libpthread_n32_M3/pt.c":813, 0xc08d42c]
Comment 1 Thilo Schulz 2011-07-14 15:20:52 EDT 
I'm sorry, I cannot debug this. I don't have a mips architecture or compiler. You can reopen the bug when you have a working patch!
Comment 2 Thilo Schulz 2011-07-14 16:20:31 EDT 
Another question: Is this bug introduced in a particular revision of ioquake3?
Comment 3 ioquake 2011-07-14 18:09:57 EDT 
The segfault is introduced in r2075, specifically the changes in the files listed below:

code/client/cl_main.c
code/qcommon/common.c
code/qcommon/net_chan.c
code/qcommon/qcommon.h
code/server/server.h
code/server/sv_client.c
Comment 4 Thilo Schulz 2011-07-14 19:15:47 EDT 
Alright. That might be some indication, but really, I'm baffled. Is there a way you can provide me a shell to debug this?
Comment 5 Thilo Schulz 2011-07-15 19:10:51 EDT 
Also, please try the latest SVN revision, the bug might be fixed there!
Comment 6 ioquake 2011-07-16 11:38:56 EDT 
I'm afaraid the problem is still present in r2085. I can provide an ssh account to a similar machine, if you give me an ssh key and we can agree on a time when you want to access it, since this box is usually turned off..
Comment 7 Thilo Schulz 2011-07-16 12:01:51 EDT 
Heute Abend, 22:30 Uhr?
Comment 8 ioquake 2011-07-16 12:08:13 EDT 
I'll leave the box running, but I can't guarantee that I'll be there. If you send me your ssh key, I'll see  to that you can login there vi ssh as thilo@raq.zapto.org on port 2222
Comment 9 ioquake 2011-07-16 13:36:50 EDT 
Good news, I'll be there at 22:30 MEST.
Comment 10 Thilo Schulz 2011-07-16 16:40:44 EDT 
Okay! http://thilo.tjps.eu/id_rsa.pub
Comment 11 Thilo Schulz 2011-07-16 16:41:18 EDT 
Oh, can you come to irc or any other IM? irc.freenode.org channel #ioquake3
Comment 12 ioquake 2011-07-16 16:47:57 EDT 
Your key is installed and should be working.

I'll have to install an IRC client first, that will take a few minutes.
Comment 13 Thilo Schulz 2011-07-16 21:42:25 EDT 
Fixed r2086. Problem was unaligned integer access which results in SIGBUS on IRIX