#5496 closed defect (fixed)
UnitMotion PathResult Stack smash on A24.
Reported by: | Freagarach | Owned by: | wraitii |
---|---|---|---|
Priority: | Release Blocker | Milestone: | Alpha 24 |
Component: | Core engine | Keywords: | regression |
Cc: | Patch: |
Description
Got an error recently (revision 22454):
*** stack smashing detected ***: <unknown> terminated Thread 1 "pyrogenesis" received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff3029801 in __GI_abort () at abort.c:79 #2 0x00007ffff3072897 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff319f988 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:181 #3 0x00007ffff311dcd1 in __GI___fortify_fail_abort (need_backtrace=need_backtrace@entry=false, msg=msg@entry=0x7ffff319f966 "stack smashing detected") at fortify_fail.c:33 #4 0x00007ffff311dc92 in __stack_chk_fail () at stack_chk_fail.c:29 #5 0x000055555572dff4 in PathGoal::RectContainsGoal (this=this@entry=0x7fffffffbff4, x0=..., z0=..., x1=..., z1=...) at ../../../source/simulation2/helpers/PathGoal.cpp:292 #6 0x00005555557214c9 in HierarchicalPathfinder::MakeGoalReachable (this=this@entry=0x55555b33e8e0, i0=<optimised out>, j0=<optimised out>, goal=..., passClass=passClass@entry=4) at ../../../source/simulation2/helpers/HierarchicalPathfinder.cpp:614 #7 0x0000555555727cdd in LongPathfinder::ComputeJPSPath (this=0x55555b33f970, hierPath=..., x0=..., z0=..., origGoal=..., passClass=<optimised out>, path=...) at ../../../source/simulation2/helpers/LongPathfinder.cpp:750 #8 0x000055555572b28b in LongPathfinder::ComputePath (this=<optimised out>, hierPath=..., x0=..., z0=..., origGoal=..., passClass=<optimised out>, path=...) at ../../../source/simulation2/helpers/LongPathfinder.cpp:1005 #9 0x000055555568cc42 in CCmpPathfinder::ComputePath (ret=..., passClass=<optimised out>, goal=..., z0=..., x0=..., this=0x55555b32fc80) at ../../../source/simulation2/components/CCmpPathfinder.cpp:709 #10 CCmpPathfinder::ProcessLongRequests (this=this@entry=0x55555b32fc80, longRequests=std::vector of length 1, capacity 1 = {...}) at ../../../source/simulation2/components/CCmpPathfinder.cpp:759 #11 0x000055555568d37f in CCmpPathfinder::FinishAsyncRequests (this=0x55555b32fc80) at ../../../source/simulation2/components/CCmpPathfinder.cpp:748 #12 0x00005555556063bb in CSimulation2Impl::UpdateComponents (simContext=..., turnLengthFixed=..., turnLengthFixed@entry=..., commands=std::vector of length 0, capacity 0) at ../../../source/simulation2/Simulation2.cpp:544 #13 0x000055555560ca91 in CSimulation2Impl::Update (this=0x55555adce210, turnLength=<optimised out>, commands=std::vector of length 0, capacity 0) at ../../../source/simulation2/Simulation2.cpp:402 #14 0x000055555560f00f in CSimulation2::Update (this=<optimised out>, turnLength=<optimised out>, commands=std::vector of length 0, capacity 0) at ../../../source/simulation2/Simulation2.cpp:761 #15 0x0000555555651bb7 in CTurnManager::Update (this=<optimised out>, simFrameLength=<optimised out>, maxTurns=1) at ../../../source/simulation2/system/TurnManager.cpp:163 #16 0x00005555557b6627 in CGame::Update (this=0x555557537f80, deltaRealTime=0.049666278064250946, doInterpolate=<optimised out>) at ../../../source/ps/Game.cpp:397 #17 0x00005555555b489e in Frame () at ../../../source/main.cpp:393 #18 RunGameOrAtlas (argc=<optimised out>, argv=<optimised out>) at ../../../source/main.cpp:629 #19 0x00005555555a3437 in main (argc=1, argv=0x7fffffffe038) at ../../../source/main.cpp:675
Reproducible for me in non-visual replay mode, see attachment.
Attachments (2)
Change History (10)
by , 5 years ago
Attachment: | commands.txt added |
---|
by , 5 years ago
Attachment: | commands.2.txt added |
---|
comment:1 by , 5 years ago
It doesn't crash on my system, but the PathGoal in question has completely garbage value, so this indicates it gets corrupted somewhere.
Thanks for reporting, I'll investigate and fix.
comment:2 by , 5 years ago
With r22455 on unix/gcc 9 I get for both replays this segfault:
Thread 1 "pyrogenesis" received signal SIGSEGV, Segmentation fault. PathGoal::RectContainsGoal (this=this@entry=0x7fffffffcbc4, x0=..., z0=..., x1=..., z1=...) at ../../../source/simulation2/helpers/PathGoal.cpp:251 251 switch (type) (gdb) info stack #0 PathGoal::RectContainsGoal (this=this@entry=0x7fffffffcbc4, x0=..., z0=..., x1=..., z1=...) at ../../../source/simulation2/helpers/PathGoal.cpp:251 #1 0x000055555574f570 in HierarchicalPathfinder::MakeGoalReachable (this=this@entry=0x5555566a6d60, i0=<optimized out>, j0=<optimized out>, goal=..., passClass=passClass@entry=4) at ../../../source/simulation2/helpers/HierarchicalPathfinder.cpp:614 #2 0x00005555557559e0 in LongPathfinder::ComputeJPSPath (this=0x555556693810, hierPath=..., x0=..., z0=..., origGoal=..., passClass=<optimized out>, path=...) at ../../../source/simulation2/helpers/LongPathfinder.cpp:750 #3 0x0000555555758c3b in LongPathfinder::ComputePath (this=<optimized out>, hierPath=..., x0=..., z0=..., origGoal=..., passClass=<optimized out>, path=...) at ../../../source/simulation2/helpers/LongPathfinder.cpp:1005 #4 0x00005555556c443a in CCmpPathfinder::ComputePath (ret=..., passClass=<optimized out>, goal=..., z0=..., x0=..., this=0x555556697ef0) at /usr/include/c++/9.1.0/bits/unique_ptr.h:357 #5 CCmpPathfinder::ProcessLongRequests (this=0x555556697ef0, longRequests=std::vector of length 1, capacity 1 = {...}) at ../../../source/simulation2/components/CCmpPathfinder.cpp:759 #6 0x00005555556c4b60 in CCmpPathfinder::FinishAsyncRequests (this=0x555556697ef0) at ../../../source/simulation2/components/CCmpPathfinder.cpp:748 #7 0x0000555555643e74 in CSimulation2Impl::UpdateComponents (simContext=..., turnLengthFixed=..., commands=std::vector of length 0, capacity 1) at ../../../source/simulation2/Simulation2.cpp:544 #8 0x000055555564cdf1 in CSimulation2Impl::Update (this=0x555555edc9d0, turnLength=<optimized out>, commands=std::vector of length 0, capacity 1) at ../../../source/simulation2/Simulation2.cpp:402 #9 0x0000555555845a3c in CReplayPlayer::Replay (this=0x7fffffffe360, serializationtest=<optimized out>, rejointestturn=<optimized out>, ooslog=<optimized out>, testHashFull=true, testHashQuick=false) at ../../../source/ps/Game.h:184 #10 0x00005555555f89f4 in RunGameOrAtlas (argc=<optimized out>, argv=<optimized out>) at /usr/include/c++/9.1.0/bits/allocator.h:153 #11 0x00005555555eae7a in main (argc=3, argv=0x7fffffffe8d8) at ../../../source/main.cpp:675
comment:3 by , 5 years ago
The crash happens because UnitMotion requests a long path, and PathResult sends a "MoveFailed" message, which calls StopMoving(), making the call here return garbage since the goal computation fails.
Phab:D1907 also exhibits this problem. Two fixes:
- PathResult should check if there is still a move request when computing a path - this doesn't fix this particular case but it is sane.
- Calls to ComputeGoal should check if it succeeded, implemented in Phab:D2063
comment:4 by , 5 years ago
Revision that introduced the issue is r22450, which changed UpdateFinalGoal - which did nothing in case MoveRequest was voided and thus m_FinalGoal was presumably still valid - to ComputeGoal.
comment:5 by , 5 years ago
comment:7 by , 5 years ago
Keywords: | regression added |
---|
comment:8 by , 4 years ago
Summary: | Stack smash on A24. → UnitMotion PathResult Stack smash on A24. |
---|
Another replay.