3.5.0: Double free or corruption in SDL

**takkaria** · December 26, 2013, 12:45

Originally posted by schuay

Hi,

I actually wanted to create a bug on the tracker but there was no 'Register' button to be found anywhere.

On Arch, 3.5.0 causes:

Code:

*** Error in `/usr/bin/angband': double free or corruption (fasttop): 0x0000000000863980 ***

when started with -msdl. SDL versions:

local/sdl 1.2.15-5
local/sdl_ttf 2.0.11-2

Backtrace (without debugging symbols):

Code:

(gdb) bt
#0  0x00007ffff669c319 in raise () from /usr/lib/libc.so.6
#1  0x00007ffff669d718 in abort () from /usr/lib/libc.so.6
#2  0x00007ffff66d9da4 in __libc_message () from /usr/lib/libc.so.6
#3  0x00007ffff66df56e in malloc_printerr () from /usr/lib/libc.so.6
#4  0x00007ffff66e0247 in _int_free () from /usr/lib/libc.so.6
#5  0x00007ffff6f6699c in TTF_CloseFont () from /usr/lib/libSDL_ttf-2.0.so.0
#6  0x000000000055311b in ?? ()
#7  0x000000000055a40b in ?? ()
#8  0x000000000055a79b in ?? ()
#9  0x000000000054d1d9 in ?? ()
#10 0x00007ffff6688b05 in __libc_start_main () from /usr/lib/libc.so.6
#11 0x00000000004043b9 in ?? ()

Our build process: https://projects.archlinux.org/svnto...ckages/angband

Is that straight after starting it, or when you exit? We get reports of this kind of stuff on SDL sometimes but they're hard to reproduce.

Also, Angband doesn't depend on libglade - hasn't for ages.

**Nick** · December 26, 2013, 12:51

Thanks for the report.

As far as I know, this has not turned up before; there was a bug a while ago with .wav sound files in SDL, but I believe that has gone since they were changed to mp3s.

Is the build process you linked just an example? It says it's for 3.4.1.

If you (or anyone) could get a backtrace with debugging symbols on Arch, that would be helpful.

**schuay** · December 26, 2013, 13:04

Originally posted by takkaria

Is that straight after starting it, or when you exit?

See the new backtrace below.

Originally posted by takkaria

Also, Angband doesn't depend on libglade - hasn't for ages.

Thanks I'll fix that.

Is the build process you linked just an example? It says it's for 3.4.1.

The 3.5.0 one is not released yet, but so far there are no changes other than 3.4.1->3.5.0 and the md5sums.

If you (or anyone) could get a backtrace with debugging symbols on Arch, that would be helpful.

Code:

(gdb) bt
#0  0x00007ffff669c319 in raise () from /usr/lib/libc.so.6
#1  0x00007ffff669d718 in abort () from /usr/lib/libc.so.6
#2  0x00007ffff66d9da4 in __libc_message () from /usr/lib/libc.so.6
#3  0x00007ffff66df56e in malloc_printerr () from /usr/lib/libc.so.6
#4  0x00007ffff66e0247 in _int_free () from /usr/lib/libc.so.6
#5  0x00007ffff6f6699c in TTF_CloseFont () from /usr/lib/libSDL_ttf-2.0.so.0
#6  0x000000000055311b in sdl_CheckFont (fontname=0x59bc80 "6x10x.fon", width=0x7fffffffe090, height=0x7fffffffe08c) at main-sdl.c:457
#7  0x000000000055a40b in init_sdl_local () at main-sdl.c:3636
#8  0x000000000055a79b in init_sdl (argc=1, argv=0x7fffffffe5f8) at main-sdl.c:3753
#9  0x000000000054d1d9 in main (argc=1, argv=0x7fffffffe5f8) at main.c:571

**Nick** · December 26, 2013, 13:18

This thread indicates that this may be an SDL bug.

**schuay** · December 26, 2013, 13:24

Right that seems to be it

**PowerWyrm** · January 6, 2014, 14:53

Just hit the same problem with my variant: suddenly, the SDL client stopped working. The reason is a bug in FreeType 2.5.2. To fix the problem, either build your SDL port with FreeType 2.5.0.1, or get the source of the 2.5.2 tag, apply the diff from issue #40997 from the git repository and recompile. It worked perfectly for me.

3.5.0: Double free or corruption in SDL

3.5.0: Double free or corruption in SDL

Comment

Comment

Comment

Comment

Comment

Comment