Complete.Org: Mailing Lists: Archives: freeciv-dev: August 2004:
[Freeciv-Dev] (PR#9877) Reproducable crash with Freeciv compiled from cu 		Home

[Freeciv-Dev] (PR#9877) Reproducable crash with Freeciv compiled from cu

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: undisclosed-recipients: ;
Subject: [Freeciv-Dev] (PR#9877) Reproducable crash with Freeciv compiled from current CVS HEAD (20040830 1700 UTC)
From: "Tim Kosse" <tim.kosse@xxxxxx>
Date: Mon, 30 Aug 2004 11:42:47 -0700
Reply-to: rt@xxxxxxxxxxx 
<URL: http://rt.freeciv.org/Ticket/Display.html?id=9877 >

Hi,

testing current CVS Version, Freeciv did crash very frequently. The 
location of the crash changed each time.

I did run valgrind --tool=memcheck on the server and valgrind did output 
the following reproducable:

Invalid write of size 1
   ai_data_turn_init (aidata.c:101)
   begin_phase (srv_main.c:489)
   main_loop (srv_main.c:1430)
   srv_main (srv_main.c:1549)
Address 0x1BB13125 is 13 bytes after a block of size 24 alloc'd
   malloc (vb_replace_malloc.c:131)
   fc_real_malloc (mem.c:79)
   create_danger_segment (path_finding.c:730)
   danger_iterate_map (path_finding.c:897)

The line in question in aidata.c is:
ai->threats.ocean[-continent] = TRUE;

I did add some debugging code around it, the value of continent is -1 
when valgrind reports the problem.

So obviously the ai code is writing to the wrong memory location 
somehow. Unfortunately I'm not familiar enough with the freeciv code to 
fix this and submit a patch.

I've attached a savegame which shows the problem. After loading it, just 
fortify all active units. When the round ends, valgrind will show the 
error message. If not using valgrind, Freeciv will crash afterwards with 
a high percentage.

Regards,
Tim Kosse

Attachment: crash.sav.gz
Description: GNU Zip compressed data

[Prev in Thread] Current Thread [Next in Thread]