Follow-up Comment #12, bug #16451 (project freeciv):
I have reproduced the attached problem in S2_2 r19470 (essentially 2.2.5)
with the savegame by using valgrind, but it took something like an hour. (It
didn't show up without valgrind.)
I haven't time to try to analyse this now, but here is the backtrace from the
coredump:
#0 0x00000000004ad808 in map_distance_vector (dx=0x7feffb59c,
dy=0x7feffb598,
tile0=<value optimised out>, tile1=0xf7af6d0) at map.c:966
No locals.
#1 0x00000000004ad8c9 in real_map_distance (tile0=0xb8, tile1=0x9c)
at map.c:563
dx = 0
dy = 259716816
#2 0x00000000004ad8e5 in is_tiles_adjacent (tile0=0x7feffb59c,
tile1=0x7feffb598) at map.c:827
No locals.
#3 0x0000000000434e42 in ai_hunter_try_launch (pplayer=0x8e5ce0,
punit=<value optimised out>, target=<value optimised out>) at
aihunt.c:336
sucker = <value optimised out>
myiter = <value optimised out>
missile = 0x10a903c0
target_sanity = 17451
parameter = {start_tile = 0x10163e00, moves_left_initially = 0,
fuel_left_initially = 1, move_rate = 15, fuel = 1, owner =
0x8e5ce0,
uclass = 0x8dc3e0, unit_flags = {vec = " 00 20 00b 00 00"},
omniscience = true, turn_mode = TM_CAPPED,
get_MC = 0x51adb0 <seamove_no_bombard>, unknown_MC = 6, get_TB = 0,
get_EC = 0, can_invade_tile = 0x4fd910 <player_can_invade_tile>,
get_zoc = 0, is_pos_dangerous = 0, get_moves_left_req = 0,
get_costs = 0, data = 0x6320d70}
pfm = 0xeb155d0
#4 0x0000000000435740 in ai_hunter_manage (pplayer=<value optimised out>,
punit=<value optimised out>) at aihunt.c:530
dist1 = 8
stackcost = 75
aplayer = <value optimised out>
dist2 = 8
stackthreat = 1140
sanity_target = 17451
path = 0x6320d70
target = 0xf7af6d0
target_index = <value optimised out>
target_size = <value optimised out>
ptile = 0x1015b460
move_cost = <value optimised out>
is_virtual = false
parameter = {start_tile = 0x101723e0, moves_left_initially = 15,
fuel_left_initially = 1, move_rate = 15, fuel = 1, owner =
0x8e5ce0,
uclass = 0x8dc3e0, unit_flags = {vec = " 00 20 00b 00 00"},
omniscience = true, turn_mode = TM_CAPPED,
get_MC = 0x51adb0 <seamove_no_bombard>, unknown_MC = 6, get_TB = 0,
get_EC = 0, can_invade_tile = 0x4fd910 <player_can_invade_tile>,
get_zoc = 0, is_pos_dangerous = 0, get_moves_left_req = 0,
get_costs = 0, data = 0x1}
pfm = 0x7edff10
original_target = 0x0
original_threat = 0
original_cost = 0
__PRETTY_FUNCTION__ = "ai_hunter_manage"
#5 0x000000000042b52b in ai_manage_military (pplayer=0x8e5ce0,
punit=0x10db9190) at aiunit.c:2054
result = <value optimised out>
sanity = 38167
id = 38167
__PRETTY_FUNCTION__ = "ai_manage_military"
#6 0x000000000042d477 in ai_manage_unit (pplayer=0x8e5ce0,
punit=0x10db9190)
at aiunit.c:2275
bodyguard = <value optimised out>
is_ferry = false
__PRETTY_FUNCTION__ = "ai_manage_unit"
#7 0x000000000042dc19 in ai_manage_units (pplayer=<value optimised out>)
at aiunit.c:2381
punit = 0xf7af6d0
punit_index = 16
punit_size = 4009
#8 0x0000000000499869 in ai_do_first_activities (pplayer=0x8e5ce0)
at aihand.c:444
No locals.
#9 0x000000000040a89f in ai_start_phase (is_new_phase=true) at
srv_main.c:656
MY_i = 31
pplayer = 0x8e5ce0
#10 begin_phase (is_new_phase=true) at srv_main.c:809
No locals.
#11 0x000000000040af91 in srv_running () at srv_main.c:2027
eot_timer = 0xfdb5ac0
save_counter = 1
is_new_turn = 156
need_send_pending_events = false
__PRETTY_FUNCTION__ = "srv_running"
#12 0x000000000040c50f in srv_main () at srv_main.c:2446
No locals.
#13 0x0000000000404135 in main (argc=<value optimised out>,
argv=0x7fefffbd8)
at civserver.c:359
inx = 3
showhelp = false
showvers = false
option = 0x5f12c90 "en_GB.UTF-8"
...and the last few utterances from valgrind, in case they're useful.
==26827== Invalid read of size 8
==26827== at 0x434E35: ai_hunter_try_launch (aihunt.c:336)
==26827== by 0x43573F: ai_hunter_manage (aihunt.c:530)
==26827== by 0x42B52A: ai_manage_military (aiunit.c:2054)
==26827== by 0x42D476: ai_manage_unit (aiunit.c:2275)
==26827== by 0x42DC18: ai_manage_units (aiunit.c:2381)
==26827== by 0x499868: ai_do_first_activities (aihand.c:444)
==26827== by 0x40A89E: begin_phase (srv_main.c:656)
==26827== by 0x40AF90: srv_running (srv_main.c:2027)
==26827== by 0x40C50E: srv_main (srv_main.c:2446)
==26827== by 0x404134: main (civserver.c:359)
==26827== Address 0x10a903c8 is 8 bytes inside a block of size 264 free'd
==26827== at 0x4C270BD: free (vg_replace_malloc.c:366)
==26827== by 0x41A406: server_remove_unit (unittools.c:1525)
==26827== by 0x41E537: wipe_unit (unittools.c:1613)
==26827== by 0x492E1D: unit_attack_handling (unithand.c:1053)
==26827== by 0x493443: unit_move_handling (unithand.c:1318)
==26827== by 0x43D6DE: ai_unit_attack (aitools.c:1008)
==26827== by 0x43D8A4: ai_unit_execute_path (aitools.c:221)
==26827== by 0x43E4A5: ai_follow_path (aitools.c:436)
==26827== by 0x43E8A0: ai_unit_goto_constrained (aitools.c:510)
==26827== by 0x43E9CA: ai_unit_goto (aitools.c:834)
==26827== by 0x434E23: ai_hunter_try_launch (aihunt.c:334)
==26827== by 0x43573F: ai_hunter_manage (aihunt.c:530)
==26827==
==26827== Invalid read of size 4
==26827== at 0x4AD808: map_distance_vector (map.c:966)
==26827== by 0x4AD8C8: real_map_distance (map.c:563)
==26827== by 0x4AD8E4: is_tiles_adjacent (map.c:827)
==26827== by 0x434E41: ai_hunter_try_launch (aihunt.c:336)
==26827== by 0x43573F: ai_hunter_manage (aihunt.c:530)
==26827== by 0x42B52A: ai_manage_military (aiunit.c:2054)
==26827== by 0x42D476: ai_manage_unit (aiunit.c:2275)
==26827== by 0x42DC18: ai_manage_units (aiunit.c:2381)
==26827== by 0x499868: ai_do_first_activities (aihand.c:444)
==26827== by 0x40A89E: begin_phase (srv_main.c:656)
==26827== by 0x40AF90: srv_running (srv_main.c:2027)
==26827== by 0x40C50E: srv_main (srv_main.c:2446)
==26827== Address 0x4 is not stack'd, malloc'd or (recently) free'd
==26827==
==26827==
==26827== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==26827== Access not within mapped region at address 0x4
==26827== at 0x4AD808: map_distance_vector (map.c:966)
==26827== by 0x4AD8C8: real_map_distance (map.c:563)
==26827== by 0x4AD8E4: is_tiles_adjacent (map.c:827)
==26827== by 0x434E41: ai_hunter_try_launch (aihunt.c:336)
==26827== by 0x43573F: ai_hunter_manage (aihunt.c:530)
==26827== by 0x42B52A: ai_manage_military (aiunit.c:2054)
==26827== by 0x42D476: ai_manage_unit (aiunit.c:2275)
==26827== by 0x42DC18: ai_manage_units (aiunit.c:2381)
==26827== by 0x499868: ai_do_first_activities (aihand.c:444)
==26827== by 0x40A89E: begin_phase (srv_main.c:656)
==26827== by 0x40AF90: srv_running (srv_main.c:2027)
==26827== by 0x40C50E: srv_main (srv_main.c:2446)
==26827== If you believe this happened as a result of a stack
==26827== overflow in your program's main thread (unlikely but
==26827== possible), you can try to increase the size of the
==26827== main thread stack using the --main-stacksize= flag.
==26827== The main thread stack size used in this run was 8388608.
==26827==
==26827== HEAP SUMMARY:
==26827== in use at exit: 122,399,321 bytes in 133,626 blocks
==26827== total heap usage: 3,999,120 allocs, 3,865,494 frees,
6,402,945,145 bytes allocated
==26827==
==26827== LEAK SUMMARY:
==26827== definitely lost: 0 bytes in 0 blocks
==26827== indirectly lost: 0 bytes in 0 blocks
==26827== possibly lost: 0 bytes in 0 blocks
==26827== still reachable: 122,399,321 bytes in 133,626 blocks
==26827== suppressed: 0 bytes in 0 blocks
==26827== Rerun with --leak-check=full to see details of leaked memory
_______________________________________________________
Reply to this item at:
<http://gna.org/bugs/?16451>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev
