Update of bug #19800 (project freeciv):

                 Summary: Server crash after reading "multiplayer.serv" or
"civ.serv" => Server crash after reading "multiplayer.serv" or "civ2.serv"

    _______________________________________________________

Follow-up Comment #4:

The calls to ai_data_init() and ai_data_close() look balanced.

However, the second significant valgrind error ("Invalid write of size 4") is
relevant, I think.

When ai_data_init() is called for a player, it allocates ai->government_want
according to the government_count() in force at the time.

It looks like ai_data_init() is only called when a player is first created.
I'm guessing the problem is that if a player exists over a ruleset reload,
that player's government_want remains sized for the old ruleset.

It looks like ai_data_default() is called to reinitialise the player on
ruleset reload, but that doesn't reallocate ai->government_want. However it
does memset it, based on the *new* government_count().

Since the civ2 and multiplayer rulesets have an extra government compared to
the classic ruleset (Fundamentalism), that memset will overrun.

Is the fix simply to reallocate government_want in ai_data_default() rather
than ai_data_init()?
I'll leave this for someone else...

(The other valgrind error looks unrelated -- although player data applicable
to long-gone rulesets is also implicated -- so I've raised it as bug #19814.)

    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?19800>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to