Complete.Org: Mailing Lists: Archives: freeciv-dev: June 2004:
[Freeciv-Dev] Re: (PR#8975) cm clear_cache() called before build_cache3( 		Home

[Freeciv-Dev] Re: (PR#8975) cm clear_cache() called before build_cache3(

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: use_less@xxxxxxxxxxx
Subject: [Freeciv-Dev] Re: (PR#8975) cm clear_cache() called before build_cache3()
From: "Jason Short" <jdorje@xxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 13 Jun 2004 13:57:11 -0700
Reply-to: rt@xxxxxxxxxxx 
<URL: http://rt.freeciv.org/Ticket/Display.html?id=8975 >

James Canete wrote:
> <URL: http://rt.freeciv.org/Ticket/Display.html?id=8975 >
> 
>>[jdorje - Sun Jun 13 16:33:42 2004]:
>>
>>
>>But without the assert added in there is no NULL dereference.  The 
>>pointer is NULL but it's never dereferenced.
> 
> Doesn't this line in clear_cache() dereference it?
>       if (!cache3.results[i].combinations[j].is_valid) {
> 
> That's assuming MAX_FIELDS_USED and MAX_COMBINATIONS are both nonzero,
> though.  MAX_COMBINATIONS is #define'd to 150, and MAX_FIELDS_USED is
> #define'd to (CITY_TILES - 1).

CITY_TILES is 0 at this point.

(Which means MAX_COMBINATIONS is -1, which would probably give problems 
if we actually tried to realloc cache3.results.  Of course you guys 
wanted to remove the -1 from MAX_COMBINATIONS, so this wouldn't be a 
problem.)

But this means that the above line should never be executed.

Can you get a crash without the assertion you added?  If so what is it?

> Also, it seems like PR#8977 crashes in exactly the same place.

Yes, but with a different history.  In this case cache3.results is 
_somehow_ reset to NULL even though CITY_TILES remains at 21.  I don't 
see how this is possible.

jason
[Prev in Thread] Current Thread [Next in Thread]