Dwarf Fortress Bug Tracker - Dwarf Fortress
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0003072Dwarf FortressMiscellaneous Crashespublic2010-08-19 14:272012-04-01 17:51
Reportervyznev 
Assigned ToFootkerchief 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionduplicate 
Platformi686OSLinuxOS VersionUbuntu 10.04
Product Version0.31.12 
Target VersionFixed in Version 
Summary0003072: Reproducible segmentation fault when choosing fortress location
DescriptionI recently generated a world which causes DF to invariably crash (segfault) whenever I scroll about halfway down the map on the "Choose Fortress Location" screen.

There shouldn't be anything particularly odd about the world itself; I used the SMALL_ISLAND preset and only adjusted erosion iterations down from 250 to 50 and minimum number of volcanoes up from 1 to 5 (I think). The only changes I'd made to DF prior to worldgen were a few init.txt changes and the installation of a graphical tileset and graphics set; the crash is also reproducible on a clean install of DF.

I will try to attach a bzipped copy of the world for testing if this bug tracker lets me.
Steps To ReproduceUnpack df_31_12_linux.tar.bz2 and extract the world into the data/save folder. Start DF, start a new game in Dwarf Fortress mode and try to scroll down on the map. DF should crash about halfway down.
Additional InformationOn the most recent test, DF emitted the following output when it crashed:

*** glibc detected *** ./libs/Dwarf_Fortress: double free or corruption (fasttop): 0x0a7a9fa0 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(+0x6b591)[0x3d9591]
/lib/tls/i686/cmov/libc.so.6(+0x6cde8)[0x3dade8]
/lib/tls/i686/cmov/libc.so.6(cfree+0x6d)[0x3ddecd]
/usr/lib/nvidia-current/tls/libnvidia-tls.so.1(+0xb20)[0x1e9b20]
/usr/lib/libX11.so.6(_XEventsQueued+0x56)[0x63ce356]
/usr/lib/libX11.so.6(_XFlush+0x49)[0x63ce3e9]
/usr/lib/libX11.so.6(XFlush+0x31)[0x63a6101]
/usr/lib/libSDL-1.2.so.0(+0x363be)[0x79e3be]
/usr/lib/libSDL-1.2.so.0(+0x39768)[0x7a1768]
/usr/lib/libSDL-1.2.so.0(+0x3aa2b)[0x7a2a2b]
/usr/lib/libSDL-1.2.so.0(SDL_PumpEvents+0x3d)[0x77337d]
/usr/lib/libSDL-1.2.so.0(SDL_PollEvent+0x17)[0x773807]
/var/home/ilmari/df_linux/libs/libgraphics.so(_ZN9enablerst13eventLoop_SDLEv+0xc2)[0x8ef762]
======= Memory map: ========
00110000-00134000 r-xp 00000000 08:11 898596 /lib/tls/i686/cmov/libm-2.11.1.so
00134000-00135000 r--p 00023000 08:11 898596 /lib/tls/i686/cmov/libm-2.11.1.so
00135000-00136000 rw-p 00024000 08:11 898596 /lib/tls/i686/cmov/libm-2.11.1.so
00136000-0014b000 r-xp 00000000 08:11 898606 /lib/tls/i686/cmov/libpthread-2.11.1.so
0014b000-0014c000 r--p 00014000 08:11 898606 /lib/tls/i686/cmov/libpthread-2.11.1.so
0014c000-0014d000 rw-p 00015000 08:11 898606 /lib/tls/i686/cmov/libpthread-2.11.1.so
0014d000-0014f000 rw-p 00000000 00:00 0
0014f000-00156000 r-xp 00000000 08:11 898608 /lib/tls/i686/cmov/librt-2.11.1.so
00156000-00157000 r--p 00006000 08:11 898608 /lib/tls/i686/cmov/librt-2.11.1.so
00157000-00158000 rw-p 00007000 08:11 898608 /lib/tls/i686/cmov/librt-2.11.1.so
00158000-0015a000 r-xp 00000000 08:11 898594 /lib/tls/i686/cmov/libdl-2.11.1.so
0015a000-0015b000 r--p 00001000 08:11 898594 /lib/tls/i686/cmov/libdl-2.11.1.so
0015b000-0015c000 rw-p 00002000 08:11 898594 /lib/tls/i686/cmov/libdl-2.11.1.so
0015c000-001cf000 r-xp 00000000 08:11 1176913 /usr/lib/libdirectfb-1.2.so.0.8.0
001cf000-001d0000 ---p 00073000 08:11 1176913 /usr/lib/libdirectfb-1.2.so.0.8.0
001d0000-001d1000 r--p 00073000 08:11 1176913 /usr/lib/libdirectfb-1.2.so.0.8.0
001d1000-001d2000 rw-p 00074000 08:11 1176913 /usr/lib/libdirectfb-1.2.so.0.8.0
001d2000-001d3000 rw-p 00000000 00:00 0
001d3000-001e7000 r-xp 00000000 08:11 1176765 /usr/lib/libdirect-1.2.so.0.8.0
001e7000-001e8000 r--p 00013000 08:11 1176765 /usr/lib/libdirect-1.2.so.0.8.0
001e8000-001e9000 rw-p 00014000 08:11 1176765 /usr/lib/libdirect-1.2.so.0.8.0
001e9000-001ea000 r-xp 00000000 08:11 1762881 /usr/lib/nvidia-current/tls/libnvidia-tls.so.195.36.24
001ea000-001eb000 rw-p 00000000 08:11 1762881 /usr/lib/nvidia-current/tls/libnvidia-tls.so.195.36.24
001ec000-001f9000 r-xp 00000000 08:13 3868757 /var/home/ilmari/df_linux/libs/libgcc_s.so.1
001f9000-001fa000 r--p 0000c000 08:13 3868757 /var/home/ilmari/df_linux/libs/libgcc_s.so.1
001fa000-001fb000 rw-p 0000d000 08:13 3868757 /var/home/ilmari/df_linux/libs/libgcc_s.so.1
001fb000-00206000 r-xp 00000000 08:11 1175967 /usr/lib/libSDL_image-1.2.so.0.8.2
00206000-00207000 r--p 0000a000 08:11 1175967 /usr/lib/libSDL_image-1.2.so.0.8.2
00207000-00208000 rw-p 0000b000 08:11 1175967 /usr/lib/libSDL_image-1.2.so.0.8.2
00208000-00218000 rw-p 00000000 00:00 0
00218000-00226000 r-xp 00000000 08:11 1176788 /usr/lib/libXext.so.6.4.0
00226000-00227000 r--p 0000d000 08:11 1176788 /usr/lib/libXext.so.6.4.0
00227000-00228000 rw-p 0000e000 08:11 1176788 /usr/lib/libXext.so.6.4.0
00228000-00230000 r-xp 00000000 08:11 1175785 /usr/lib/libXrender.so.1.3.0
00230000-00231000 r--p 00007000 08:11 1175785 /usr/lib/libXrender.so.1.3.0
00231000-00232000 rw-p 00008000 08:11 1175785 /usr/lib/libXrender.so.1.3.0
00232000-00234000 r-xp 00000000 08:11 1177346 /usr/lib/libXinerama.so.1.0.0
00234000-00235000 r--p 00001000 08:11 1177346 /usr/lib/libXinerama.so.1.0.0
00235000-00236000 rw-p 00002000 08:11 1177346 /usr/lib/libXinerama.so.1.0.0
00236000-00242000 r-xp 00000000 08:11 1176768 /usr/lib/libXi.so.6.1.0
00242000-00243000 r--p 0000c000 08:11 1176768 /usr/lib/libXi.so.6.1.0
00243000-00244000 rw-p 0000d000 08:11 1176768 /usr/lib/libXi.so.6.1.0
00244000-0024a000 r-xp 00000000 08:11 1176965 /usr/lib/libXrandr.so.2.2.0
0024a000-0024b000 r--p 00005000 08:11 1176965 /usr/lib/libXrandr.so.2.2.0
0024b000-0024c000 rw-p 00006000 08:11 1176965 /usr/lib/libXrandr.so.2.2.0
0024c000-00254000 r-xp 00000000 08:11 1176417 /usr/lib/libXcursor.so.1.0.2
00254000-00255000 r--p 00007000 08:11 1176417 /usr/lib/libXcursor.so.1.0.2
00255000-00256000 rw-p 00008000 08:11 1176417 /usr/lib/libXcursor.so.1.0.2
00256000-0026e000 r-xp 00000000 08:11 1178657 /usr/lib/libgdk_pixbuf-2.0.so.0.2000.1
0026e000-0026f000 r--p 00017000 08:11 1178657 /usr/lib/libgdk_pixbuf-2.0.so.0.2000.1
0026f000-00270000 rw-p 00018000 08:11 1178657 /usr/lib/libgdk_pixbuf-2.0.so.0.2000.1
00270000-0027a000 r-xp 00000000 08:11 1179489 /usr/lib/libpangocairo-1.0.so.0.2800.0
0027a000-0027b000 r--p 00009000 08:11 1179489 /usr/lib/libpangocairo-1.0.so.0.2800.0
0027b000-0027c000 rw-p 0000a000 08:11 1179489 /usr/lib/libpangocairo-1.0.so.0.2800.0
0027c000-0027e000 r-xp 00000000 08:11 1176261 /usr/lib/libXcomposite.so.1.0.0
0027e000-0027f000 r--p 00001000 08:11 1176261 /usr/lib/libXcomposite.so.1.0.0
0027f000-00280000 rw-p 00002000 08:11 1176261 /usr/lib/libXcomposite.so.1.0.0
00280000-00363000 r-xp 00000000 08:13 3868754 /var/home/ilmari/df_linux/libs/libstdc++.so.6
00363000-00367000 r--p 000e3000 08:13 3868754 /var/home/ilmari/df_linux/libs/libstdc++.so.6
00367000-00368000 rw-p 000e7000 08:13 3868754 /var/home/ilmari/df_linux/libs/libstdc++.so.6
00368000-0036e000 rw-p 00000000 00:00 0
0036e000-004c1000 r-xp 00000000 08:11 898590 /lib/tls/i686/cmov/libc-2.11.1.so
004c1000-004c2000 ---p 00153000 08:11 898590 /lib/tls/i686/cmov/libc-2.11.1.so
004c2000-004c4000 r--p 00153000 08:11 898590 /lib/tls/i686/cmov/libc-2.11.1.so
004c4000-004c5000 rw-p 00155000 08:11 898590 /lib/tls/i686/cmov/libc-2.11.1.so
004c5000-004c8000 rw-p 00000000 00:00 0
004c8000-004e1000 r-xp 00000000 08:11 1175327 /usr/lib/libatk-1.0.so.0.3009.1
004e1000-004e2000 ---p 00019000 08:11 1175327 /usr/lib/libatk-1.0.so.0.3009.1
004e2000-004e3000 r--p 00019000 08:11 1175327 /usr/lib/libatk-1.0.so.0.3009.1
004e3000-004e4000 rw-p 0001a000 08:11 1175327 /usr/lib/libatk-1.0.so.0.3009.1
004e4000-004e7000 r-xp 00000000 08:11 1176734 /usr/lib/libgmodule-2.0.so.0.2400.1
004e7000-004e8000 r--p 00002000 08:11 1176734 /usr/lib/libgmodule-2.0.so.0.2400.1Aborted

I also tried running DF under gdb, but without debug symbols I wasn't able to get a meaningful stack trace.
TagsNo tags attached.
Relationships
duplicate of 0005077resolved Toady One Browsing world gen map causes corrupted feature files 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2010-08-19 14:27vyznevNew Issue
2010-08-19 14:27vyznevIssue Monitored: vyznev
2010-08-19 14:37vyznevNote Added: 0011934
2010-08-19 17:56Logical2uNote Added: 0011939
2010-09-01 12:53vyznevNote Added: 0012308
2010-09-01 13:01vyznevNote Added: 0012310
2010-09-01 13:21vyznevNote Added: 0012311
2010-09-01 13:22vyznevNote Edited: 0012311bug_revision_view_page.php?bugnote_id=0012311#r4790
2012-03-31 17:43dree12Note Added: 0021963
2012-03-31 17:44dree12Note Edited: 0021963bug_revision_view_page.php?bugnote_id=0021963#r8168
2012-03-31 17:44dree12Issue Monitored: dree12
2012-04-01 09:23FootkerchiefNote Added: 0021989
2012-04-01 09:23FootkerchiefRelationship addedduplicate of 0005077
2012-04-01 09:23FootkerchiefStatusnew => resolved
2012-04-01 09:23FootkerchiefResolutionopen => duplicate
2012-04-01 09:23FootkerchiefAssigned To => Footkerchief
2012-04-01 17:51dree12Issue End Monitor: dree12

Notes
(0011934)
vyznev   
2010-08-19 14:37   
I couldn't find any way to attach the world directly to this bug report, so I uploaded it to http://dffd.wimbli.com/file.php?id=2973 [^] instead.
(0011939)
Logical2u   
2010-08-19 17:56   
The world generation parameters would be more helpful, please upload them to a service like Pastebin.
(0012308)
vyznev   
2010-09-01 12:53   
The params seem to have been these: http://vyznev.net/misc/region2-world_gen_param.txt [^]

However, when I regen the world using these setting (either on the DF I originally genned it on or on a virgin install), it doesn't seem crash anymore. Apparently the save is corrupted in some way, triggering the crash. (I'm not sure what might've corrupted it, though; I don't recall having any data corruption issues on this computer before.)

A quick diff -r says:
Binary files region1/unit-0.dat and region2/unit-0.dat differ
Binary files region1/unit-100.dat and region2/unit-100.dat differ
Binary files region1/unit-109.dat and region2/unit-109.dat differ
Binary files region1/unit-112.dat and region2/unit-112.dat differ
Binary files region1/unit-114.dat and region2/unit-114.dat differ
Binary files region1/unit-116.dat and region2/unit-116.dat differ
Binary files region1/unit-67.dat and region2/unit-67.dat differ
Binary files region1/unit-68.dat and region2/unit-68.dat differ
Binary files region1/unit-70.dat and region2/unit-70.dat differ
Binary files region1/unit-80.dat and region2/unit-80.dat differ
Binary files region1/unit-89.dat and region2/unit-89.dat differ
Binary files region1/unit-95.dat and region2/unit-95.dat differ
Binary files region1/world.dat and region2/world.dat differ

Comparing the file sizes, I get:
unit-0.dat: OK = 35677, bad = 35480
unit-100.dat: OK = 15399, bad = 15420
unit-109.dat: OK = 12649, bad = 12689
unit-112.dat: OK = 99254, bad = 99154
unit-114.dat: OK = 81728, bad = 81632
unit-116.dat: OK = 88167, bad = 88187
unit-67.dat: OK = 89626, bad = 89822
unit-68.dat: OK = 15446, bad = 15886
unit-70.dat: OK = 25511, bad = 25536
unit-80.dat: OK = 18582, bad = 18618
unit-89.dat: OK = 9416, bad = 9438
unit-95.dat: OK = 4235, bad = 4419
world.dat: OK = 9913705, bad = 9913976

Without a binary diff tool or any way to parse the .dat files, though, I'm not sure what else to do to diagnose this further.
(0012310)
vyznev   
2010-09-01 13:01   
...I also noticed that the crashing version has these extra files:

Only in region2: feature-1-5.dat
Only in region2: feature-1-6.dat
Only in region2: feature-1-7.dat
Only in region2: feature-2-3.dat
Only in region2: feature-2-4.dat
Only in region2: feature-2-5.dat
Only in region2: feature-2-6.dat
Only in region2: feature-2-7.dat
Only in region2: feature-2-8.dat
Only in region2: feature-3-3.dat
Only in region2: feature-3-4.dat
Only in region2: feature-3-5.dat
Only in region2: feature-3-6.dat
Only in region2: feature-3-7.dat
Only in region2: feature-3-8.dat
Only in region2: feature-4-3.dat
Only in region2: feature-4-4.dat
Only in region2: feature-4-5.dat
Only in region2: feature-4-6.dat
Only in region2: feature-4-7.dat
Only in region2: feature-5-3.dat
Only in region2: feature-5-4.dat
Only in region2: feature-5-5.dat
Only in region2: feature-5-6.dat
Only in region2: feature-5-7.dat
Only in region2: feature-5-8.dat
Only in region2: feature-6-3.dat
Only in region2: feature-6-4.dat
Only in region2: feature-6-5.dat
Only in region2: feature-6-6.dat
Only in region2: feature-6-8.dat
Only in region2: feature-7-3.dat
Only in region2: feature-7-4.dat
Only in region2: feature-7-5.dat
Only in region2: feature-7-6.dat
Only in region2: feature-8-4.dat
Only in region2: feature-8-5.dat
Only in region2: feature-8-6.dat
Only in region2: feature-8-7.dat
Only in region2: feature-9-6.dat
Only in region2: feature-9-7.dat

Indeed, I just tried to simply delete these files from the save folder, and it seems this fixes the crash(!). However, I don't understand the DF save format enough to know what these files are actually supposed to be for.
(0012311)
vyznev   
2010-09-01 13:21   
(edited on: 2010-09-01 13:22)
I did some testing by deleting various subsets of the feature-*.dat files, trying to see if I could narrow down which ones were causing the crash. However, it seems that each (or at least most) of them corresponds to a particular map region that one needs to view to make the game crash, so I was unable to significantly narrow it down. I did observe that e.g. feature-3-3.dat alone is sufficient (but not necessary) to reproduce the crash using the exact steps given above.
(0021963)
dree12   
2012-03-31 17:43   
(edited on: 2012-03-31 17:44)
Recently, some feature corruption bugs have been fixed (0005077 in particular). It might be useful to check this old bug.
(0021989)
Footkerchief   
2012-04-01 09:23   
Good call, it is indeed corrupted.