I experience a segmentation fault crash when restoring some specific save files on rogue. I'm not entirely aware of the circumstances. The bug seems to be same as it appeared on red hat: https://bugzilla.redhat.com/show_bug.cgi?id=560790. I've attached a saved file that reproduces the issue. Reproducible: Always, given some specific save game states (always reproducible with the attached save game). Steps to reproduce: 1- emerge =games-roguelike/rogue-5.4.4 2- copy the attachment to any place on the file system, e.g. ~/rogue.save 3- run: rogue ~/rogue.save 4- Expectation: the saved game state is loaded and the game keeps running. What actually happens: the game crashes with a segfault. Here is the gdb backtrace: File name: rogue.save Program received signal SIGSEGV, Segmentation fault. 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x00000000004054e6 in do_daemons (flag=1) at daemon.c:112 #2 0x0000000000403bdd in command () at command.c:37 #3 0x0000000000409083 in playit () at main.c:280 #4 0x00000000004132f8 in restore (file=0x7fffffffe158 "rogue.save", envp=0x7fffffffde70) at save.c:264 #5 0x0000000000408bd7 in main (argc=2, argv=0x7fffffffde58, envp=0x7fffffffde70) at main.c:105 (gdb) I've looked at the source code, and the bug seems to occur because of a NULL function pointer on do_daemons() (daemon.c:112). The problem can be traced back to what appears to be a misplaced 'if' on function rs_read_daemons() (state.c:1116). The following patch seemingly fixes the problem: --- state.c 2011-12-24 14:01:35.823741694 -0200 +++ state2.c 2011-12-24 14:01:31.639880420 -0200 @@ -1111,13 +1111,12 @@ default:d_list[i].d_func = NULL; break; } - } - - if (d_list[i].d_func == NULL) - { - d_list[i].d_type = 0; - d_list[i].d_arg = 0; - d_list[i].d_time = 0; + if (d_list[i].d_func == NULL) + { + d_list[i].d_type = 0; + d_list[i].d_arg = 0; + d_list[i].d_time = 0; + } } return(READSTAT);
Created attachment 305099 [details, diff] proposed fix
Created attachment 305101 [details] save game that reproduces the bug
*** Bug 407977 has been marked as a duplicate of this bug. ***
Package removed.