<URL: http://bugs.freeciv.org/Ticket/Display.html?id=40176 >
On 01/04/2008, Marko Lindqvist wrote:
> #1 0x000000000040be1c in sq_map_distance (tile0=0x1400000000,
As interesting value of tile0 indicates...
> #2 0x000000000048f1f4 in map_claim_border (ptile=0xbfb1b8, powner=0x896100)
> at ../../../src.patched/server/maphand.c:1931
> dsite = (struct vision_site *) 0xb37ef0
...dsite points to random data.
I'm quite sure this is because vision site has been freed.
Several player tiles point to same vision site. AFAICT possible other
pointers to vision site are not considered when one tile decides to
free() it. I have to admit that I really don't understand the logic of
tiles free()ing vision site in some situations and not free()ing in
other situations before they lose its address.
Anyway, after I tried to simply comment out vision site free(),
crashing stopped (obviously there is big memory leak instead).
This should be fixable simply by adding ref_count for vision sites.
Freeciv-dev mailing list