Opened 3 years ago

Closed 3 years ago

#6039 closed defect (fixed)

DivByZero Crash in PickSpawnPoint

Reported by: Zack Owned by: wraitii
Priority: Should Have Milestone: Alpha 25
Component: Core engine Keywords:
Cc: Patch:

Description

This occurred while I was playing, so I regrettably don't have reproducible steps. I do have a stacktrace that might allow us to track down the issue.

The relevant portion: 

Exception Type:        EXC_ARITHMETIC (SIGFPE)
Exception Codes:       EXC_I386_DIV (divide by zero)
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Floating point exception: 8
Termination Reason:    Namespace SIGNAL, Code 0x8
Terminating Process:   exc handler [3586]

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.wildfiregames.0ad         	0x0000000100083deb CCmpFootprint::PickSpawnPoint(unsigned int) const + 587
1   com.wildfiregames.0ad         	0x00000001000e2d82 bool ScriptInterface::callMethodConst<CFixedVector3D, unsigned int, &(class_ICmpFootprint), ICmpFootprint, &(ICmpFootprint::PickSpawnPoint(unsigned int) const)>(JSContext*, unsigned int, JS::Value*) + 258
2   ???                           	0x0000000111f66a8e 0 + 4596329102
3   ???                           	0x000060001bf28398 0 + 105553585144728
4   ???                           	0x0000000111f685d5 0 + 4596336085
5   ???                           	0x000060001bfe2720 0 + 105553585907488
6   ???                           	0x000000010566a811 0 + 4385581073
7   com.wildfiregames.0ad         	0x000000010089a4b8 EnterBaseline(JSContext*, js::jit::EnterJitData&) + 232

From examining the code (at least at the version mirrored to GitHub) my inferance is a division by zero is only possible if:

  • cmpSpawnedObstruction->GetSize() is 0
  • halfSize.X is 0
  • halfSize.Y is 0
  • distX == -r

Before I pursue it further I thought I should check if this is already a known or solved issue.

Change History (3)

comment:1 by Freagarach, 3 years ago

Hi and thanks for the report :)

What version are you using? A23b, the latest trunk (from either GitHub or SVN) or the release candidate of A24? Also, is the problem reproducible? If you replay the replay, do you get the same exception? Either way, could you please upload the replay here?

comment:2 by wraitii, 3 years ago

Milestone: BacklogAlpha 25

A23b but the code still exists unchanged in A24. Requires the obstruction to have size 0 (it crashes L197 int rows = std::max(1, (m_MaxSpawnDistance / gap).ToInt_RoundToInfinity());)

I presume you were playing with a mod?

comment:3 by wraitii, 3 years ago

Owner: set to wraitii
Resolution: fixed
Status: newclosed

In 24945:

Fix division by 0 error in PickSpawnPoint

The spawn code should not assume that obstructions will never be 0-sized.

Reported by: Zack

Fixes #6039

Differential Revision: https://code.wildfiregames.com/D3583

Note: See TracTickets for help on using tickets.