Opened 10 years ago

Closed 10 years ago

#2784 closed defect (fixed)

[ATLAS] WaterManager crash in CreateWaveMeshes, when creating new map

Reported by: historic_bruno Owned by: ben
Priority: Release Blocker Milestone: Alpha 17
Component: Core engine Keywords:
Cc: wraitii Patch:

Description

Easiest steps to reproduce (Win 7/64):

  1. Start Atlas
  2. Load Peloponnese map
  3. Create new blank map *crash*

It seems to greatly exceed the bounds of m_BlurredNormalMap, in the following case it is accessing index 131859, of what is only a 66049-element array. 

>	pyrogenesis_dbg.exe!WaterManager::CreateWaveMeshes()  Line 633 + 0x46 bytes	C++
 	pyrogenesis_dbg.exe!CCmpTerrain::ReloadTerrain(bool ReloadWater=true)  Line 146	C++
 	pyrogenesis_dbg.exe!CMapReader::ApplyTerrainData()  Line 309 + 0x1c bytes	C++
 	pyrogenesis_dbg.exe!MemFunThunk<CMapReader>(void * param=0x17f2edf0, double __formal=99.589862221108518)  Line 60 + 0xf bytes	C++
 	pyrogenesis_dbg.exe!LDR_ProgressiveLoad(double time_budget=100.00000000000000, wchar_t * description=0x0484f3e8, unsigned int max_chars=100, int * progress_percent=0x0484f3dc)  Line 228 + 0x1d bytes	C++
 	pyrogenesis_dbg.exe!LDR_NonprogressiveLoad()  Line 318 + 0x22 bytes	C++
 	pyrogenesis_dbg.exe!`anonymous namespace'::StartGame(const CScriptValRooted & attrs={...})  Line 74	C++
 	pyrogenesis_dbg.exe!AtlasMessage::fLoadMap(AtlasMessage::mLoadMap * msg=0x2a1b1c10)  Line 146 + 0x43 bytes	C++
 	pyrogenesis_dbg.exe!AtlasMessage::fLoadMap_wrapper(AtlasMessage::IMessage * msg=0x2a1b1c10)  Line 129 + 0x62 bytes	C++
 	pyrogenesis_dbg.exe!RunEngine(void * data=0x0026f8f4)  Line 174 + 0x19 bytes	C++
 	pyrogenesis_dbg.exe!thread_start(void * param=0x004a9508)  Line 624 + 0x9 bytes	C++
 	msvcr100d.dll!_callthreadstartex()  Line 314 + 0xf bytes	C
 	msvcr100d.dll!_threadstartex(void * ptd=0x00b88a10)  Line 297	C
 	kernel32.dll!@BaseThreadInitThunk@12()  + 0x12 bytes	
 	ntdll.dll!___RtlUserThreadStart@8()  + 0x27 bytes	
 	ntdll.dll!__RtlUserThreadStart@8()  + 0x1b bytes

Locals: 

		nb	1	int
+		pos	{X=1102.0000 Y=2048.0000 }	CVector2D
+		posMinus	{X=1112.8002 Y=46.228760 }	CVector2D
+		posPlus	{X=1102.0000 Y=2046.0000 }	CVector2D
		localOutmost	1.4901161e-007	float
		a	0	unsigned int
+		lastPerp	{X=0.00000000 Y=0.00000000 }	CVector2D
+		shoreWave	0xcccccccc {m_VBvertices=??? m_AABB={...} m_Width=??? ...}	WaveObject *
		avgDepth	0.00000000	float
+		perp	{X=1.0000000 Y=0.00000000 }	CVector2D
		outmost	0.00000000	float
+		firstPerp	{X=1.0000000 Y=0.00000000 }	CVector2D
+		this	0x03d0af40 {m_WaterTexture=0x03d0af40 m_NormalMap=0x03d0b120 m_WindStrength=0x1ba05bd8 ...}	WaterManager * const
		width	14	unsigned int
		sign	1	int
		j	0	unsigned int
		i	1	unsigned int
		a	13	unsigned int
		i	57	unsigned int
		z	513	unsigned int
		i	793	unsigned int
+		vertices	[0]()	std::vector<SWavesVertex,std::allocator<SWavesVertex> >
+		terrain	0x16e3a108 {m_MapSize=257 m_MapSizePatches=16 m_Patches=0x13bf0044 ...}	CTerrain *
+		CoastalPointsSet	[0]()	std::set<int,std::less<int>,std::allocator<int> >
		diff	4.5999999	float
+		around	0x00e92cf0 around	const int [8][2]
		SideSize	514	unsigned int
		waveSizes	14	unsigned int
+		water_indices	[546](0,9,1,9,10,1,1,10,2,10,11,2,2,11,3,11,12,3,3,12,4,12,13,4,4,13,5,13,14,5,5,14,6,14,15,6,6,15,7,15,16,7,9,18,10,18,19,10,10,19,11,19,20,11,11,20,12,20,21,12,12,21,13,21,22,13,13,22,14,22,23,14,14,23,15,23,24,15,15,24,16,24,25,16,18,27,19,27,28,19,19,28,20,28,29,20,20,29,21,29,30,21,21,30,22,30,31,22,22,31,23,31,32,23,23,32,24,32,33,24,24,33,25,33,34,25,27,36,28,36,37,28,28,37,29,37,38,29,29,38,30,38,39,30,30,39,31,39,40,31,31,40,32,40,41,32,32,41,33,41,42,33,33,42,34,42,43,34,36,45,37,45,46,37,37,46,38,46,47,38,38,47,39,47,48,39,39,48,40,48,49,40,40,49,41,49,50,41,41,50,42,50,51,42,42,51,43,51,52,43,45,54,46,54,55,46,46,55,47,55,56,47,47,56,48,56,57,48,48,57,49,57,58,49,49,58,50,58,59,50,50,59,51,59,60,51,51,60,52,60,61,52,54,63,55,63,64,55,55,64,56,64,65,56,56,65,57,65,66,57,57,66,58,66,67,58,58,67,59,67,68,59,59,68,60,68,69,60,60,69,61,69,70,61,63,72,64,72,73,64,64,73,65,73,74,65,65,74,66,74,75,66,66,75,67,75,76,67,67,76,68,76,77,68,68,77,69,77,78,69,69,78,70,78,79,70,72,81,73,81,82,73,73,82,74,82,83,74,74,83,75,83,84,75,75,84,76,84,85,76,76,85,77,85,86,77,77,86,78,86,87,78,78,87,79,87,88,79,81,90,82,90,91,82,82,91,83,91,92,83,83,92,84,92,93,84,84,93,85,93,94,85,85,94,86,94,95,86,86,95,87,95,96,87,87,96,88,96,97,88,90,99,91,99,100,91,91,100,92,100,101,92,92,101,93,101,102,93,93,102,94,102,103,94,94,103,95,103,104,95,95,104,96,104,105,96,96,105,97,105,106,97,99,108,100,108,109,100,100,109,101,109,110,101,101,110,102,110,111,102,102,111,103,111,112,103,103,112,104,112,113,104,104,113,105,113,114,105,105,114,106,114,115,106,108,117,109,117,118,109,109,118,110,118,119,110,110,119,111,119,120,111,111,120,112,120,121,112,112,121,113,121,122,113,113,122,114,122,123,114,114,123,115,123,124,115)	std::vector<unsigned short,std::allocator<unsigned short> >

Change History (2)

comment:1 by historic_bruno, 10 years ago

The problem was that the variable CoastalPointsChains was a member of the WaterManager class but wasn't cleared with the other state when loading a new map. I have made it a local variable to CreateWaveMeshes instead, though the original intent is ambiguous.

This could possibly fix similar crashes and issues when loading new maps or working in Atlas.

comment:2 by ben, 10 years ago

Owner: set to ben
Resolution: fixed
Status: newclosed

In 15715:

Fixes incorrect reuse of a member variable in WaterManager, caused a crash when starting a new map in Atlas after loading a water map. Fixes #2784.
Fixes likely mem leaks from not cleaning up vertex buffer allocations

Note: See TracTickets for help on using tickets.