[pkg-fgfs-crew] Bug#766251: flightgear fails to start with *** stack smashing detected ***
Rebecca N. Palmer
rebecca_palmer at zoho.com
Tue Oct 21 19:14:30 UTC 2014
Package: flightgear-data-base
Version: 3.0.0-1
Severity: grave
Justification: renders package unusable
Control: tags -1 patch
A fresh install (no .fgfs) of amd64 flightgear in current jessie or
current sid fails to start:
Program received signal SIGABRT, Aborted.
0x00007ffff1d6f077 in __GI_raise (sig=sig at entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt full
#0 0x00007ffff1d6f077 in __GI_raise (sig=sig at entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
resultvar = 0
pid = 25441
selftid = 25441
#1 0x00007ffff1d70458 in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x3020702d77722030,
sa_sigaction = 0x3020702d77722030}, sa_mask = {__val =
{2319406791620833328, 2319389199435444272, 2314885530818453536,
2314885530818453536, 2314885530818453536, 6731583338252032800,
7378697629483820554, 3472328296331896422, 7378697629483806000,
3472609797883717222, 2337500343188860976, 3472328296227680304,
3467824696768081952, 2314885530818453536, 2314885530818453536,
140737488344416}}, sa_flags = 60, sa_restorer = 0x7fffffffd660}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007ffff1dacfb4 in __libc_message (do_abort=do_abort at entry=2,
fmt=fmt at entry=0x7ffff1e9d60b "*** %s ***: %s terminated\n") at
../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 32, fp_offset = 32767, overflow_arg_area =
0x7fffffffd670, reg_save_area = 0x7fffffffd600}}
fd = 18
on_2 = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
written = <optimized out>
#3 0x00007ffff1e300a7 in __GI___fortify_fail
(msg=msg at entry=0x7ffff1e9d5f3 "stack smashing detected") at
fortify_fail.c:31
No locals.
#4 0x00007ffff1e30070 in __stack_chk_fail () at stack_chk_fail.c:28
No locals.
#5 0x00007ffff6c99569 in simgear::PredicateExpression<int,
std::equal_to>::eval (this=0xb6d9e70, value=<optimized out>,
b=<optimized out>) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:1184
No locals.
#6 0x00007ffff70b1e72 in getValue (binding=0x7fffffffd730,
this=<optimized out>) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:126
value = true
#7 simgear::AndExpression::eval (this=0xb6da340, value=@0x7fffffffd750:
true, b=0x7fffffffd730) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:1266
i = 0
#8 0x00007ffff70afd03 in getValue (binding=0x7fffffffd730,
this=<optimized out>) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:126
value = true
#9 simgear::Technique::validateInContext (this=0xb6d9bc0, gc=<optimized
out>) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/scene/material/Technique.cxx:122
oldVal = simgear::Technique::QUERY_IN_PROGRESS
binding = {<simgear::expression::Binding> = {_vptr.Binding =
0x7ffff742e670 <vtable for
simgear::expression::FixedLengthBinding<1>+16>}, _bindings = {{typeTag =
simgear::expression::INT, val = {boolVal = false, intVal = 0, floatVal =
0, doubleVal = 0}}}}
contextId = 0
newVal = simgear::Technique::INVALID
#10 0x00007ffff51ef556 in osg::GraphicsContext::runOperations() () from
/usr/lib/x86_64-linux-gnu/libosg.so.100
No symbol table info available.
#11 0x00007ffff58a2d08 in osgViewer::ViewerBase::renderingTraversals()
() from /usr/lib/x86_64-linux-gnu/libosgViewer.so.100
No symbol table info available.
#12 0x0000000000b989ea in fgOSMainLoop() ()
No symbol table info available.
#13 0x00000000005f94ee in fgMainInit(int, char**) ()
No symbol table info available.
#14 0x00000000005a00ff in main ()
No symbol table info available.
It looks like the problem is casting simgear::ConvertExpression<double,
float>* (derived from SGExpression<double>*,
simgear/structure/SGExpression.hxx:11xx) to SGExpression<int>*:
(gdb) frame 5
#5 0x00007ffff6c99569 in simgear::PredicateExpression<int,
std::equal_to>::eval (this=0xb6d9e70, value=<optimized out>,
b=<optimized out>) at
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:1184
1184
/build/simgear-mmipqT/simgear-3.0.0/simgear/structure/SGExpression.hxx:
No such file or directory.
(gdb) print *(simgear::PredicateExpression<int, std::equal_to> *) 0xb6d9e70
$2 = {<simgear::GeneralNaryExpression<bool, int>> =
{<SGExpression<bool>> = {<simgear::Expression> = {<SGReferenced> =
{_refcount = {mValue = 1}}, _vptr.Expression = 0x7ffff6f26150 <vtable
for simgear::EqualToExpression<int>+16>}, <No data fields>},
_expressions = std::vector of length 2, capacity 2 = {{_ptr =
0xb6d9de0}, {_ptr = 0xb6d9e10}}}, _pred = {<std::binary_function<int,
int, bool>> = {<No data fields>}, <No data fields>}}
(gdb) print *(SGExpression<bool> *) 0xb6d9de0
$22 = {<simgear::Expression> = {<SGReferenced> = {_refcount = {mValue =
1}}, _vptr.Expression = 0x7ffff6f25e50 <vtable for
simgear::ConvertExpression<double, float>+16>}, <No data fields>}
This is fixed by
---
/home/rnpalmer/Debian/sourcepkgs/flightgear-data/Effects/model-combined-transparent.eff
2014-10-21 09:38:48.975690231 +0100
+++ /usr/share/games/flightgear/Effects/model-combined-transparent.eff
2014-10-21 18:06:00.895969579 +0100
@@ -12,7 +12,7 @@ and fallback to plain transparency when
<and>
<equal>
<float-property>/sim/rendering/shaders/model</float-property>
- <value type="int">0</value>
+ <value type="float">0</value>
</equal>
<or>
<less-equal>
(This change has already been made upstream as part of
https://gitorious.org/fg/fgdata/commit/7e7e0ca450bc14575c64f4fbaa4a1f97cdf6b5f8
, though they reported graphical corruption rather than an outright crash)
More information about the pkg-fgfs-crew
mailing list