Corrupted double-linked list in convert_string()
freeciv version S3_2 5b1c381c52654194b3e355cf7d5ea7eb36edf918 $ opt/freeciv-3.2-20240226/bin/freeciv-gtk4 3: Migrating options from gtk3.22 to gtk4 client 3: Loading tileset "hexemplio". 1: (freeciv-gtk4:120226): Gtk-CRITICAL **: 03:48:43.472: Unable to collect the value for property “valuenow”: Invalid numeric value corrupted double-linked list Aborted (core dumped) Core was generated by `opt/freeciv-3.2-20240226/bin/freeciv-gtk4'. Program terminated with signal SIGABRT, Aborted. #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 Downloading source file /usr/src/debug/glibc/glibc/nptl/pthread_kill.c 44 return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0; [Current thread is 1 (Thread 0x7fa854a13980 (LWP 120226))] (gdb) bt full #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 tid = <optimized out> ret = 0 pd = <optimized out> old_mask = {__val = {140359531233282}} ret = <optimized out> #1 0x00007fa8564ab393 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78 #2 0x00007fa85645a6c8 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 ret = <optimized out> #3 0x00007fa8564424b8 in __GI_abort () at abort.c:79 save_stage = 1 act = {__sigaction_handler = {sa_handler = 0x20, sa_sigaction = 0x20}, sa_mask = {__val = {0, 0, 0, 0, 140360990378400, 140360990378401, 140360999794522, 140723140835984, 10508762578611600896, 140723140835984, 140723140836560, 140723140836080, 4, 0, 140360999912881, 140723140836080}}, sa_flags = 1468630191, sa_restorer = 0x0} #4 0x00007fa856443395 in __libc_message_impl (fmt=fmt@entry=0x7fa8565bb2ea "%s\n") at ../sysdeps/posix/libc_fatal.c:132 ap = {{gp_offset = 16, fp_offset = 0, overflow_arg_area = 0x7ffca8d23be0, reg_save_area = 0x7ffca8d23b70}} fd = 2 iov = {{iov_base = 0x7fa8565b8ffe, iov_len = 28}, {iov_base = 0x7fa8565bb2ec, iov_len = 1}, {iov_base = 0x6314525abe60, iov_len = 140360979018504}, {iov_base = 0x7ffca8d23aa8, iov_len = 140361000050960}, {iov_base = 0x7ffca8d23a90, iov_len = 140359531233280}, {iov_base = 0x631400000003, iov_len = 140360978549595}, {iov_base = 0x1c, iov_len = 108938650518448}} iovcnt = <optimized out> total = <optimized out> cp = <optimized out> #5 0x00007fa8564b52a7 in malloc_printerr (str=str@entry=0x7fa8565b8ffe "corrupted double-linked list") at malloc.c:5772 #6 0x00007fa8564b5de4 in unlink_chunk (p=p@entry=0x631456b713f0, av=<optimized out>) at malloc.c:1617 fd = <optimized out> bk = <optimized out> #7 0x00007fa8564b5f2b in malloc_consolidate (av=av@entry=0x7fa8565f6ac0 <main_arena>) at malloc.c:4868 fb = 0x7fa8565f6ad8 <main_arena+24> maxfb = 0x7fa8565f6b18 <main_arena+88> p = 0x631456b713f0 nextp = 0x631455e76210 unsorted_bin = 0x7fa8565f6b20 <main_arena+96> first_unsorted = <optimized out> nextchunk = 0x631456b71470 size = 128 nextsize = 112 prevsize = <optimized out> nextinuse = <optimized out> #8 0x00007fa8564b8578 in _int_malloc (av=av@entry=0x7fa8565f6ac0 <main_arena>, bytes=bytes@entry=32640) at malloc.c:4041 nb = <optimized out> idx = 117 bin = <optimized out> victim = <optimized out> size = <optimized out> victim_index = <optimized out> remainder = <optimized out> remainder_size = <optimized out> block = <optimized out> bit = <optimized out> map = <optimized out> fwd = <optimized out> bck = <optimized out> tcache_unsorted_count = <optimized out> tcache_nb = <optimized out> tc_idx = <optimized out> return_cached = <optimized out> __PRETTY_FUNCTION__ = "_int_malloc" #9 0x00007fa8564b97ed in __GI___libc_malloc (bytes=bytes@entry=32640) at malloc.c:3336 ar_ptr = 0x7fa8565f6ac0 <main_arena> victim = <optimized out> tbytes = <optimized out> tc_idx = <optimized out> __PRETTY_FUNCTION__ = "__libc_malloc" #10 0x00007fa856444663 in __GI___gconv_open (conv_spec=conv_spec@entry=0x7ffca8d23d80, handle=handle@entry=0x7ffca8d23d78, flags=flags@entry=0) at gconv_open.c:127 size = 32640 steps = 0x63144190be70 nsteps = 2 result = 0x6314559f21a0 cnt = 0 res = 0 conv_flags = 0 translit = <optimized out> tocode = <optimized out> fromcode = <optimized out> #11 0x00007fa856444148 in iconv_open (tocode=tocode@entry=0x7ffca8d23e60 "UTF-8", fromcode=fromcode@entry=0x63143e7d32a6 "UTF-8") at iconv_open.c:39 cd = 0x63143e78c9e3 <fc_snprintf+151> conv_spec = {fromcode = 0x631455582ea0 "UTF-8//", tocode = 0x631456cb4be0 "UTF-8//", translit = false, ignore = false} --Type <RET> for more, q to quit, c to continue without paging--c res = <optimized out> #12 0x000063143e75fea8 in convert_string (text=text@entry=0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]", from=from@entry=0x63143e7d32a6 "UTF-8", to=to@entry=0x7ffca8d23e60 "UTF-8", buf=buf@entry=0x0, bufsz=bufsz@entry=0) at fciconv.c:202 cd = <optimized out> from_len = <optimized out> to_len = <optimized out> alloc = <optimized out> #13 0x000063143e7605cc in data_to_internal_string_malloc (text=0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]") at fciconv.c:341 encoding1 = 0x63143e7d32a6 "UTF-8" encoding = 0x7ffca8d23e60 "UTF-8" #14 0x000063143e312e36 in get_conv (dst=0x7ffca8d23f60 "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]", ndst=1536, src=<optimized out>, nsrc=<optimized out>) at client_main.c:193 out = <optimized out> ret = <optimized out> len = <optimized out> #15 0x000063143e7c81b5 in dio_get_string_raw (din=din@entry=0x7ffca8d23f40, dest=dest@entry=0x7ffca8d23f60 "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]", max_dest_size=max_dest_size@entry=1536) at dataio_raw.c:856 c = 0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]" offset = 65 remaining = 68 __FUNCTION__ = "dio_get_string_raw" #16 0x000063143e5ec349 in receive_packet_chat_msg_100 (pc=0x63143eb45d60 <client>) at packets_gen.c:11266 fields = {vec = "\005"} old = 0x6314427281f0 hash = 0x631442567158 din = {src = 0x6314427b07d0, src_size = 73, current = 5} packet_buf = {message = "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]\000Atakullakulla.[/c]\000lakulla.[/c]\000u live, or be crushed.[/c]\000\000[/c]\000ities?[/c]\000gainst the Danish green [l tgt=\"tile\" x=34 y=41]Archers[/l] [id:"..., tile = -1, event = E_TREATY_CEASEFIRE, turn = 43, phase = 0, conn_id = -1} real_packet = 0x7ffca8d23f60 __FUNCTION__ = "receive_packet_chat_msg_100" #17 0x000063143e7caeb1 in get_packet_from_connection_raw (pc=0x63143eb45d60 <client>, ptype=ptype@entry=0x7ffca8d24634) at packets.c:586 len_read = 73 whole_packet_len = 73 utype = {type = PACKET_CHAT_MSG, itype = 25} din = {src = 0x6314427b07d0, src_size = 536, current = 4} compressed_packet = <optimized out> header_size = 0 data = <optimized out> receive_handler = 0x63143e5ebde8 <receive_packet_chat_msg_100> __FUNCTION__ = "get_packet_from_connection_raw" #18 0x000063143e3216a5 in input_from_server (fd=<optimized out>) at clinet.c:422 type = PACKET_CHAT_MSG packet = <optimized out> nb = <optimized out> __FUNCTION__ = "input_from_server" #19 0x000063143e30ac46 in get_net_input (source=<optimized out>, condition=<optimized out>, data=<optimized out>) at gui_main.c:2281 #20 0x00007fa856d34f69 in g_main_dispatch (context=0x631440b26c80) at ../glib/glib/gmain.c:3476 dispatch = 0x7fa856d91c60 <g_io_unix_dispatch> prev_source = 0x0 begin_time_nsec = 22906611692169 was_in_call = 0 user_data = 0x0 callback = 0x63143e30ac36 <get_net_input> cb_funcs = 0x7fa856e25380 <g_source_callback_funcs> cb_data = 0x631441fa6870 need_destroy = <optimized out> source = 0x631442718df0 current = 0x631440d165b0 i = 0 __func__ = "g_main_dispatch" #21 0x00007fa856d933a7 in g_main_context_dispatch_unlocked (context=0x631440b26c80) at ../glib/glib/gmain.c:4284 #22 g_main_context_iterate_unlocked.isra.0 (context=context@entry=0x631440b26c80, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4349 max_priority = 200 timeout = 0 some_ready = 1 nfds = 3 allocated_nfds = 3 fds = 0x631440cd2ab0 begin_time_nsec = 22906611688039 #23 0x00007fa856d33162 in g_main_context_iteration (context=context@entry=0x631440b26c80, may_block=may_block@entry=1) at ../glib/glib/gmain.c:4414 retval = <optimized out> #24 0x00007fa856f06b66 in g_application_run (application=0x631440ca64d0, argc=argc@entry=0, argv=argv@entry=0x0) at ../glib/gio/gapplication.c:2577 arguments = 0x631440cd2ab0 status = 0 context = 0x631440b26c80 acquired_context = <optimized out> __func__ = "g_application_run" #25 0x000063143e30c874 in ui_main (argc=argc@entry=1, argv=argv@entry=0x7ffca8d24c08) at gui_main.c:1923 __FUNCTION__ = "ui_main" #26 0x000063143e3150c4 in client_main (argc=1, argv=0x7ffca8d24c08, postpone_tileset=postpone_tileset@entry=false) at client_main.c:699 i = 1 loglevel = LOG_NORMAL ui_options = <optimized out> ui_separator = <optimized out> option = <optimized out> fatal_assertions = -1 aii = <optimized out> uret = <optimized out> #27 0x000063143e30c544 in main (argc=<optimized out>, argv=<optimized out>) at gui_main.c:1735
freeciv version S3_2 5b1c381c52654194b3e355cf7d5ea7eb36edf918 $ opt/freeciv-3.2-20240226/bin/freeciv-gtk4 3: Migrating options from gtk3.22 to gtk4 client 3: Loading tileset "hexemplio". 1: (freeciv-gtk4:120226): Gtk-CRITICAL **: 03:48:43.472: Unable to collect the value for property “valuenow”: Invalid numeric value corrupted double-linked list Aborted (core dumped) Core was generated by `opt/freeciv-3.2-20240226/bin/freeciv-gtk4'. Program terminated with signal SIGABRT, Aborted. #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 Downloading source file /usr/src/debug/glibc/glibc/nptl/pthread_kill.c 44 return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0; [Current thread is 1 (Thread 0x7fa854a13980 (LWP 120226))] (gdb) bt full #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 tid = <optimized out> ret = 0 pd = <optimized out> old_mask = {__val = {140359531233282}} ret = <optimized out> #1 0x00007fa8564ab393 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78 #2 0x00007fa85645a6c8 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 ret = <optimized out> #3 0x00007fa8564424b8 in __GI_abort () at abort.c:79 save_stage = 1 act = {__sigaction_handler = {sa_handler = 0x20, sa_sigaction = 0x20}, sa_mask = {__val = {0, 0, 0, 0, 140360990378400, 140360990378401, 140360999794522, 140723140835984, 10508762578611600896, 140723140835984, 140723140836560, 140723140836080, 4, 0, 140360999912881, 140723140836080}}, sa_flags = 1468630191, sa_restorer = 0x0} #4 0x00007fa856443395 in __libc_message_impl (fmt=fmt@entry=0x7fa8565bb2ea "%s\n") at ../sysdeps/posix/libc_fatal.c:132 ap = {{gp_offset = 16, fp_offset = 0, overflow_arg_area = 0x7ffca8d23be0, reg_save_area = 0x7ffca8d23b70}} fd = 2 iov = {{iov_base = 0x7fa8565b8ffe, iov_len = 28}, {iov_base = 0x7fa8565bb2ec, iov_len = 1}, {iov_base = 0x6314525abe60, iov_len = 140360979018504}, {iov_base = 0x7ffca8d23aa8, iov_len = 140361000050960}, {iov_base = 0x7ffca8d23a90, iov_len = 140359531233280}, {iov_base = 0x631400000003, iov_len = 140360978549595}, {iov_base = 0x1c, iov_len = 108938650518448}} iovcnt = <optimized out> total = <optimized out> cp = <optimized out> #5 0x00007fa8564b52a7 in malloc_printerr (str=str@entry=0x7fa8565b8ffe "corrupted double-linked list") at malloc.c:5772 #6 0x00007fa8564b5de4 in unlink_chunk (p=p@entry=0x631456b713f0, av=<optimized out>) at malloc.c:1617 fd = <optimized out> bk = <optimized out> #7 0x00007fa8564b5f2b in malloc_consolidate (av=av@entry=0x7fa8565f6ac0 <main_arena>) at malloc.c:4868 fb = 0x7fa8565f6ad8 <main_arena+24> maxfb = 0x7fa8565f6b18 <main_arena+88> p = 0x631456b713f0 nextp = 0x631455e76210 unsorted_bin = 0x7fa8565f6b20 <main_arena+96> first_unsorted = <optimized out> nextchunk = 0x631456b71470 size = 128 nextsize = 112 prevsize = <optimized out> nextinuse = <optimized out> #8 0x00007fa8564b8578 in _int_malloc (av=av@entry=0x7fa8565f6ac0 <main_arena>, bytes=bytes@entry=32640) at malloc.c:4041 nb = <optimized out> idx = 117 bin = <optimized out> victim = <optimized out> size = <optimized out> victim_index = <optimized out> remainder = <optimized out> remainder_size = <optimized out> block = <optimized out> bit = <optimized out> map = <optimized out> fwd = <optimized out> bck = <optimized out> tcache_unsorted_count = <optimized out> tcache_nb = <optimized out> tc_idx = <optimized out> return_cached = <optimized out> __PRETTY_FUNCTION__ = "_int_malloc" #9 0x00007fa8564b97ed in __GI___libc_malloc (bytes=bytes@entry=32640) at malloc.c:3336 ar_ptr = 0x7fa8565f6ac0 <main_arena> victim = <optimized out> tbytes = <optimized out> tc_idx = <optimized out> __PRETTY_FUNCTION__ = "__libc_malloc" #10 0x00007fa856444663 in __GI___gconv_open (conv_spec=conv_spec@entry=0x7ffca8d23d80, handle=handle@entry=0x7ffca8d23d78, flags=flags@entry=0) at gconv_open.c:127 size = 32640 steps = 0x63144190be70 nsteps = 2 result = 0x6314559f21a0 cnt = 0 res = 0 conv_flags = 0 translit = <optimized out> tocode = <optimized out> fromcode = <optimized out> #11 0x00007fa856444148 in iconv_open (tocode=tocode@entry=0x7ffca8d23e60 "UTF-8", fromcode=fromcode@entry=0x63143e7d32a6 "UTF-8") at iconv_open.c:39 cd = 0x63143e78c9e3 <fc_snprintf+151> conv_spec = {fromcode = 0x631455582ea0 "UTF-8//", tocode = 0x631456cb4be0 "UTF-8//", translit = false, ignore = false} --Type <RET> for more, q to quit, c to continue without paging--c res = <optimized out> #12 0x000063143e75fea8 in convert_string (text=text@entry=0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]", from=from@entry=0x63143e7d32a6 "UTF-8", to=to@entry=0x7ffca8d23e60 "UTF-8", buf=buf@entry=0x0, bufsz=bufsz@entry=0) at fciconv.c:202 cd = <optimized out> from_len = <optimized out> to_len = <optimized out> alloc = <optimized out> #13 0x000063143e7605cc in data_to_internal_string_malloc (text=0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]") at fciconv.c:341 encoding1 = 0x63143e7d32a6 "UTF-8" encoding = 0x7ffca8d23e60 "UTF-8" #14 0x000063143e312e36 in get_conv (dst=0x7ffca8d23f60 "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]", ndst=1536, src=<optimized out>, nsrc=<optimized out>) at client_main.c:193 out = <optimized out> ret = <optimized out> len = <optimized out> #15 0x000063143e7c81b5 in dio_get_string_raw (din=din@entry=0x7ffca8d23f40, dest=dest@entry=0x7ffca8d23f60 "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]", max_dest_size=max_dest_size@entry=1536) at dataio_raw.c:856 c = 0x6314427b07d5 "[c fg=\"#8B0000\"]A treaty containing 1 clause was agreed upon.[/c]" offset = 65 remaining = 68 __FUNCTION__ = "dio_get_string_raw" #16 0x000063143e5ec349 in receive_packet_chat_msg_100 (pc=0x63143eb45d60 <client>) at packets_gen.c:11266 fields = {vec = "\005"} old = 0x6314427281f0 hash = 0x631442567158 din = {src = 0x6314427b07d0, src_size = 73, current = 5} packet_buf = {message = "[c fg=\"#8B0000\"]You agree on a cease-fire with Sukarno.[/c]\000Atakullakulla.[/c]\000lakulla.[/c]\000u live, or be crushed.[/c]\000\000[/c]\000ities?[/c]\000gainst the Danish green [l tgt=\"tile\" x=34 y=41]Archers[/l] [id:"..., tile = -1, event = E_TREATY_CEASEFIRE, turn = 43, phase = 0, conn_id = -1} real_packet = 0x7ffca8d23f60 __FUNCTION__ = "receive_packet_chat_msg_100" #17 0x000063143e7caeb1 in get_packet_from_connection_raw (pc=0x63143eb45d60 <client>, ptype=ptype@entry=0x7ffca8d24634) at packets.c:586 len_read = 73 whole_packet_len = 73 utype = {type = PACKET_CHAT_MSG, itype = 25} din = {src = 0x6314427b07d0, src_size = 536, current = 4} compressed_packet = <optimized out> header_size = 0 data = <optimized out> receive_handler = 0x63143e5ebde8 <receive_packet_chat_msg_100> __FUNCTION__ = "get_packet_from_connection_raw" #18 0x000063143e3216a5 in input_from_server (fd=<optimized out>) at clinet.c:422 type = PACKET_CHAT_MSG packet = <optimized out> nb = <optimized out> __FUNCTION__ = "input_from_server" #19 0x000063143e30ac46 in get_net_input (source=<optimized out>, condition=<optimized out>, data=<optimized out>) at gui_main.c:2281 #20 0x00007fa856d34f69 in g_main_dispatch (context=0x631440b26c80) at ../glib/glib/gmain.c:3476 dispatch = 0x7fa856d91c60 <g_io_unix_dispatch> prev_source = 0x0 begin_time_nsec = 22906611692169 was_in_call = 0 user_data = 0x0 callback = 0x63143e30ac36 <get_net_input> cb_funcs = 0x7fa856e25380 <g_source_callback_funcs> cb_data = 0x631441fa6870 need_destroy = <optimized out> source = 0x631442718df0 current = 0x631440d165b0 i = 0 __func__ = "g_main_dispatch" #21 0x00007fa856d933a7 in g_main_context_dispatch_unlocked (context=0x631440b26c80) at ../glib/glib/gmain.c:4284 #22 g_main_context_iterate_unlocked.isra.0 (context=context@entry=0x631440b26c80, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4349 max_priority = 200 timeout = 0 some_ready = 1 nfds = 3 allocated_nfds = 3 fds = 0x631440cd2ab0 begin_time_nsec = 22906611688039 #23 0x00007fa856d33162 in g_main_context_iteration (context=context@entry=0x631440b26c80, may_block=may_block@entry=1) at ../glib/glib/gmain.c:4414 retval = <optimized out> #24 0x00007fa856f06b66 in g_application_run (application=0x631440ca64d0, argc=argc@entry=0, argv=argv@entry=0x0) at ../glib/gio/gapplication.c:2577 arguments = 0x631440cd2ab0 status = 0 context = 0x631440b26c80 acquired_context = <optimized out> __func__ = "g_application_run" #25 0x000063143e30c874 in ui_main (argc=argc@entry=1, argv=argv@entry=0x7ffca8d24c08) at gui_main.c:1923 __FUNCTION__ = "ui_main" #26 0x000063143e3150c4 in client_main (argc=1, argv=0x7ffca8d24c08, postpone_tileset=postpone_tileset@entry=false) at client_main.c:699 i = 1 loglevel = LOG_NORMAL ui_options = <optimized out> ui_separator = <optimized out> option = <optimized out> fatal_assertions = -1 aii = <optimized out> uret = <optimized out> #27 0x000063143e30c544 in main (argc=<optimized out>, argv=<optimized out>) at gui_main.c:1735