Weird segfaults of tama, when compiled with -O2

To: debian-mentors@lists.debian.org
Subject: Weird segfaults of tama, when compiled with -O2
From: Gergely Nagy <algernon@debian.org>
Date: Sun, 7 Oct 2001 20:10:12 +0200
Message-id: <[🔎] 20011007201012.D898@iluvatar>
Mail-followup-to: debian-mentors@lists.debian.org

Greetings!

I have a little problem here.. Currently, tama is compiled with -O0,
because it segfaults when it is compiled with higher optimization. I
guess I shouldn't mention how much this sucks.

Recently, I tried to debug it again (I tried it numerous times in the
past, to no avail), and made a nice typescript. The problem is, that
some might not be able to reproduce this, for version -9 (or -10?) was
compiled with -O2 and worked on some boxen, but not on mine.

I'm pretty sure it's not a HW problem, for everything else works fine,
and the error occurs at the same spot every time I check.

I'm attaching the typescript, if anyone has any idea, please share it
with me.

Thanks,
-- 
Gergely Nagy \ mhp/|8]

Script started on Sun Oct  7 19:20:54 2001

8638:algernon@iluvatar: /tmp/tama-test] dpkg-source -x tama_1.0-11.dsc
dpkg-source: extracting tama in tama-1.0

8639:algernon@iluvatar: /tmp/tama-test] cd tama-1.0/

8640:algernon@iluvatar: /tmp/tama-test/tama-1.0] ed debian/rules
4459
/-Wall/
CFLAGS		 = -ansi -pedantic -Wall -O0 -D_GNU_SOURCE
s/-O0/-O2/
p
CFLAGS		 = -ansi -pedantic -Wall -O2 -D_GNU_SOURCE
w
4459
q

8641:algernon@iluvatar: /tmp/tama-test/tama-1.0] fakeroot debian/rules binary
 DEB_BUILD_OPTIONS=debug,nostrip
test -d debian/patched || install -d debian/patched
echo "Patches applied in the Debian version of tama:" > patch-stampT
applying patch debian/patches/01-includes.dpatch... ok.
applying patch debian/patches/02-yearlog.dpatch... ok.
applying patch debian/patches/03-int-main.dpatch... ok.
applying patch debian/patches/04-sigchld.dpatch... ok.
applying patch debian/patches/05-tama.h.dpatch... ok.
applying patch debian/patches/06-deathcheck.dpatch... ok.
applying patch debian/patches/07-diplomatic-weight.dpatch... ok.
mv -f patch-stampT patch-stamp
test -e debian/control || ( echo "debian/control not found"; exit 1 )
make CFLAGS="-ansi -pedantic -Wall -O2 -D_GNU_SOURCE"
make[1]: Entering directory `/tmp/tama-test/tama-1.0'
gcc -ansi -pedantic -Wall -O2 -D_GNU_SOURCE -g -c main.c
In file included from /usr/include/unistd.h:500,
                 from main.c:90:
/usr/include/bits/confname.h:565: warning: comma at end of enumerator list
gcc -ansi -pedantic -Wall -O2 -D_GNU_SOURCE -g -c exec.c
In file included from /usr/include/unistd.h:500,
                 from exec.c:9:
/usr/include/bits/confname.h:565: warning: comma at end of enumerator list
gcc -ansi -pedantic -Wall -O2 -D_GNU_SOURCE -g -c api.c
gcc -ansi -pedantic -Wall -O2 -D_GNU_SOURCE -g -c status.c
In file included from /usr/include/unistd.h:500,
                 from status.c:14:
/usr/include/bits/confname.h:565: warning: comma at end of enumerator list
gcc -ansi -pedantic -Wall -O2 -D_GNU_SOURCE -g -c list.c
In file included from /usr/include/unistd.h:500,
                 from list.c:10:
/usr/include/bits/confname.h:565: warning: comma at end of enumerator list
gcc  -o tama main.o exec.o api.o status.o list.o
make[1]: Leaving directory `/tmp/tama-test/tama-1.0'
test -e debian/control || ( echo "debian/control not found"; exit 1 )
install -d debian/tama/usr/games debian/tama/usr/share/man/man6 \
	   debian/tama/usr/share/doc/tama debian/tama/usr/lib/menu \
	   debian/tama/etc/init.d
install -m 0755 tama debian/tama/usr/games/tamad
install -m 0755 debian/local/tama.sh debian/tama/usr/games/tama
install -m 0644 debian/local/tama.6 debian/local/tamad.6 \
		debian/tama/usr/share/man/man6/
test -e debian/control || ( echo "debian/control not found"; exit 1 )
test "x`whoami`" = "xroot" || ( echo "You must run this as root!"; exit 1 )
install -m 0644 debian/local/README.Debian \
		debian/tama/usr/share/doc/tama
install -m 0644 CHANGES debian/tama/usr/share/doc/tama/changelog
install -m 0644 debian/changelog \
		debian/tama/usr/share/doc/tama/changelog.Debian
install -m 0644 debian/local/tama.menu \
		debian/tama/usr/lib/menu/tama
install -m 0644 debian/copyright debian/tama/usr/share/doc/tama
install -m 0755 debian/local/tama.init.d \
		debian/tama/etc/init.d/tama
gzip -9f debian/tama/usr/share/man/man6/*.6 \
	 debian/tama/usr/share/doc/tama/changelog \
	 debian/tama/usr/share/doc/tama/changelog.Debian
find debian/tama -print0 2>/dev/null | xargs -0r chown \
					   --no-dereference 0.0
find  ! -type l -print 0 2>/dev/null | xargs -0r \
	chmod go=rX,u+rw,a-s
dpkg-shlibdeps -Tdebian/tama.substvars -dDepends \
		debian/tama/usr/games/tamad
install -d debian/tama/DEBIAN
install -m 0644 debian/maint/conffiles debian/tama/DEBIAN/
install -m 0755 debian/maint/postinst debian/maint/postrm \
		debian/maint/prerm debian/tama/DEBIAN/
cd debian/tama >/dev/null ;\
 find * -type f ! -regex '^DEBIAN/.*' -print0 | xargs -r0 md5sum > DEBIAN/md5sums
dpkg-gencontrol -isp -ptama -Tdebian/tama.substvars \
		-Pdebian/tama
dpkg --build debian/tama ..
dpkg-deb: building package `tama' in `../tama_1.0-11_i386.deb'.

8642:algernon@iluvatar: /tmp/tama-test/tama-1.0] cd ..

8646:algernon@iluvatar: /tmp/tama-test] dpkg -i tama_1.0-11_i386.deb
(Reading database ... 74958 files and directories currently installed.)
Preparing to replace tama 1.0-11 (using tama_1.0-11_i386.deb) ...
Stopping net tamagotchi server: tamad.
Unpacking replacement tama ...
Setting up tama (1.0-11) ...
Starting net tamagotchi server: tamad.


8647:algernon@iluvatar: /tmp/tama-test] telnet localhost 9111
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.



Hi! I am your Net Tamagotchi! I love you!!


          ***************

       *********************

     ******  *********  ******

    *******  *********  *******

    ***************************

    ***************************

     ****** *********** ******

       *****           *****

          ***************

              ********


What do you wanna call your Tamagotchi? Yamm
Tamagotchi found. Please enter password: homi
Hi! The time limit for this session is 5 minutes


     *******

   ***********

  **** *** ****

  *************

  *** ***** ***

   ***     ***

     *******


Your Tamagotchi is happy and it loves you!


Name: Yamm		Age: 19656 hours		Weight: 1228 units

An error has occured in the Net Tamagotchi server.

Please report the circumstances which caused this to ff@lagged.net

Thank you.

Connection closed by foreign host.
zsh: exit 1     telnet localhost 9111

8649:algernon@iluvatar: /tmp/tama-test] tail -8 /var/log/tama.log
Sun Oct  7 19:24:13 2001 [8208] Starting Net Tamagotchi v1.0 by Milos Glisic, mglisic@lagged.net
Sun Oct  7 19:24:13 2001 Created socket: s=3
Sun Oct  7 19:24:13 2001 Bound socket to port 9111
Sun Oct  7 19:24:13 2001 Listening for connections...
Sun Oct  7 19:24:35 2001 [8217] Accepted connection from localhost
Sun Oct  7 19:24:37 2001 [8217] Connection closed - purging session
Sun Oct  7 19:24:50 2001 [8219] `Yamm` logged in
Sun Oct  7 19:24:50 2001 Segmentation violation. Client handler exiting.

8657:algernon@iluvatar: /tmp/tama-test] # tama started on another terminal

8660:algernon@iluvatar: /tmp/tama-test] ps axu | grep tama
games     8490  0.0  0.8  1332  552 pts/2    S    19:28   0:00 /usr/games/tamad
algernon  8500  0.5  1.7  2432 1124 pts/1    S    19:28   0:00 /bin/sh /usr/games/tama
games     8502  0.0  0.8  1332  552 pts/2    S    19:28   0:00 /usr/games/tamad
algernon  8504  1.0  0.9  1616  584 pts/9    S    19:28   0:00 grep tama

8669:algernon@iluvatar: /tmp/tama-test] su -c gdb
GNU gdb 5.0.90-cvs (MI_OUT)
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu".
(gdb) attach 8502
Attaching to process 8502
0x400f5de2 in ?? ()
(gdb) symbol-file tama-1.0/tama
Reading symbols from tama-1.0/tama...done.
(gdb) continue
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x08049807 in main (argc=Cannot access memory at address 0xbf00737a
) at main.c:355
355			while(1) {
(gdb) l
350	
351			printf("%s [%d] `%s` logged in\n", logtime(), getpid(), name);
352			put("Hi! The time limit for this session is 5 minutes\n");
353			status(name, 1);
354	
355			while(1) {
356				do {
357					buf[0]='\0';
358					put("> ");
359					get(buf);
(gdb) print buf
Cannot access memory at address 0xbf007292
(gdb) print name
Cannot access memory at address 0xbf00727e
(gdb) quit
The program is running.  Quit anyway (and detach it)? (y or n) y
Detaching from program: , process 8502

8670:algernon@iluvatar: /tmp/tama-test] ps axu | grep tama
games     8490  0.0  0.8  1332  552 pts/2    S    19:28   0:00 /usr/games/tamad
algernon  8521  0.5  1.7  2432 1124 pts/1    S    19:31   0:00 /bin/sh /usr/games/tama
games     8523  0.0  0.8  1332  552 pts/2    S    19:31   0:00 /usr/games/tamad
algernon  8525  0.0  0.9  1616  584 pts/9    S    19:31   0:00 grep tama

8672:algernon@iluvatar: /tmp/tama-test] su -c gdb
GNU gdb 5.0.90-cvs (MI_OUT)
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu".
(gdb) attach 8523
Attaching to process 8523
0x400f5de2 in ?? ()
(gdb) symbol-file tama-1.0/tama
Reading symbols from tama-1.0/tama...done.
(gdb) break put
Breakpoint 1 at 0x8049049: file main.c, line 179.
(gdb) c
Continuing.

Breakpoint 1, put (buf=0x804c080 "Tamagotchi found. Please enter password: ") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) c
Continuing.

Breakpoint 1, put (buf=0x804c100 "Hi! The time limit for this session is 5 minutes\n")
    at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) l
174	/* sends output to client - extended client support */
175	void put(char *buf)
176	{
177		int ctr;
178	
179		for(ctr=0; ctr<strlen(buf); ctr++) {
180			send(s, buf+ctr, 1, 0);
181			if(buf[ctr]=='\n')
182				send(s, "\r", 1, 0);
183		}
(gdb) print buf
$1 = 0x804c100 "Hi! The time limit for this session is 5 minutes\n"
(gdb) c
Continuing.

Breakpoint 1, put (
    buf=0x804caa0 "\n     *******\n   ", '*' <repeats 11 times>, "\n  **** *** ****\n  ", '*' <repeats 13 times>, "\n  *** ***** ***\n   ***     ***\n     *******\n\nYour Tamagotchi is happy and it loves you!\n") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) l
174	/* sends output to client - extended client support */
175	void put(char *buf)
176	{
177		int ctr;
178	
179		for(ctr=0; ctr<strlen(buf); ctr++) {
180			send(s, buf+ctr, 1, 0);
181			if(buf[ctr]=='\n')
182				send(s, "\r", 1, 0);
183		}
(gdb) print buf
$2 = 0x804caa0 "\n     *******\n   ", '*' <repeats 11 times>, "\n  **** *** ****\n  ", '*' <repeats 13 times>, "\n  *** ***** ***\n   ***     ***\n     *******\n\nYour Tamagotchi is happy and it loves you!\n"
(gdb) c
Continuing.

Breakpoint 1, put (buf=0x804cbe1 "\nName: ") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) c
Continuing.

Breakpoint 1, put (buf=0xbffffc08 "Yamm") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) c
Continuing.

Breakpoint 1, put (buf=0xbffffb4c "\t\tAge: 19657 hours") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) c
Continuing.

Breakpoint 1, put (buf=0x804cbf9 "\t\tWeight: ") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) c
Continuing.

Breakpoint 1, put (buf=0xbffffb4c "1228 units\n") at main.c:179
179		for(ctr=0; ctr<strlen(buf); ctr++) {
(gdb) break status
Breakpoint 2 at 0x804b499: file status.c, line 27.
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x08049807 in main (argc=Cannot access memory at address 0xbf00737a
) at main.c:355
355			while(1) {
(gdb) quit
The program is running.  Quit anyway (and detach it)? (y or n) y
Detaching from program: , process 8523

8673:algernon@iluvatar: /tmp/tama-test] ps axu | grep tama
games     8490  0.0  0.8  1332  552 pts/2    S    19:28   0:00 /usr/games/tamad
algernon  8527  1.0  1.7  2432 1124 pts/1    S    19:32   0:00 /bin/sh /usr/games/tama
games     8529  0.0  0.8  1332  552 pts/2    S    19:32   0:00 /usr/games/tamad
algernon  8531  0.0  0.9  1616  584 pts/9    S    19:32   0:00 grep tama

8675:algernon@iluvatar: /tmp/tama-test] su -c gdb
GNU gdb 5.0.90-cvs (MI_OUT)
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu".
(gdb) attach 8529
Attaching to process 8529
0x400f5de2 in ?? ()
(gdb) symbol-file tama-1.0/tama
Reading symbols from tama-1.0/tama...done.
(gdb) break status
Breakpoint 1 at 0x804b499: file status.c, line 27.
(gdb) c
Continuing.

Breakpoint 1, status (name=0xbffffc08 "Yamm", proc=1) at status.c:27
27		diff=(time(NULL)-gettime(name))/3600;
(gdb) n
28		if((time(NULL)-getpet(name))/3600 < LONELYTIME)
(gdb) l
23	{
24		int diff, knockoff;
25		char tmp[MAXNAME];
26	
27		diff=(time(NULL)-gettime(name))/3600;
28		if((time(NULL)-getpet(name))/3600 < LONELYTIME)
29			diff--;
30	
31		if(proc > 0) {
32			if((diff-HUNGERTIME)>0) {
(gdb) display name
1: name = 0xbffffc08 "Yamm"
(gdb) n
29			diff--;
1: name = 0xbffffc08 "Yamm"
(gdb) 
31		if(proc > 0) {
1: name = 0xbffffc08 "Yamm"
(gdb) 
32			if((diff-HUNGERTIME)>0) {
1: name = 0xbffffc08 "Yamm"
(gdb) 
41		if(getweight(name)<1) {
1: name = 0xbffffc08 "Yamm"
(gdb) 
48		if(diff < HUNGERTIME) {
1: name = 0xbffffc08 "Yamm"
(gdb) 
49			if((time(NULL)-getpet(name))/3600 >= LONELYTIME)
1: name = 0xbffffc08 "Yamm"
(gdb) 
51			else put(HAPPY);
1: name = 0xbffffc08 "Yamm"
(gdb) 
52		}
1: name = 0xbffffc08 "Yamm"
(gdb) 
67			put("\nName: ");
1: name = 0xbffffc08 "Yamm"
(gdb) 
68			put(name);
1: name = 0xbffffc08 "Yamm"
(gdb) 
69			sprintf(tmp, "\t\tAge: %d hours", ((int)time(NULL)-getbirth(name))/3600);
1: name = 0xbffffc08 "Yamm"
(gdb) 
70			put(tmp);
1: name = 0xbffffc08 "Yamm"
(gdb) 
71			put("\t\tWeight: ");
1: name = 0xbffffc08 "Yamm"
(gdb) 
72			sprintf(tmp, "%d units\n", getweight(name));
1: name = 0xbffffc08 "Yamm"
(gdb) 
73			put(tmp);
1: name = 0xbffffc08 "Yamm"
(gdb) 
76	} 
1: name = 0xbffffc08 "Yamm"
(gdb) l
71			put("\t\tWeight: ");
72			sprintf(tmp, "%d units\n", getweight(name));
73			put(tmp);
74	
75		return;
76	} 
(gdb) s
main (argc=Cannot access memory at address 0xbf00737a
) at main.c:355
355			while(1) {
(gdb) quit
The program is running.  Quit anyway (and detach it)? (y or n) y
Detaching from program: , process 8529

8676:algernon@iluvatar: /tmp/tama-test] # this is where I have up. WTF is argc not accessible??

8677:algernon@iluvatar: /tmp/tama-test] 

Script done on Sun Oct  7 19:36:07 2001

Attachment: pgp_bTBXOcSTA.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Weird segfaults of tama, when compiled with -O2
  - From: Salvador Abreu <spa@debian.org>

Prev by Date: Re: Need experienced perl module maintainer for a second pair of eyes on my package
Next by Date: Re: Weird segfaults of tama, when compiled with -O2
Previous by thread: Sponsor/advocate on enbd
Next by thread: Re: Weird segfaults of tama, when compiled with -O2
Index(es):
- Date
- Thread