[Freeciv-Dev] [bug #21160] Stack overflow if "Team pooled research" is disabled with some human team players

Sat, 07 Dec 2013 07:03:52 -0800 

Update of bug #21160 (project freeciv):

                  Status:                    None => Confirmed              
        Operating System:       Microsoft Windows => Any                    
                 Summary: Stack overflow if "Team pooled reserch" is disabled
with some human team players => Stack overflow if "Team pooled research" is
disabled with some human team players

    _______________________________________________________

Follow-up Comment #3:

Reproduced with 2.4.0 on Linux. I get a segmentation fault rather than
explicit stack overflow, but it's clear we have some recursion gone mad.

Head of S2_4 behaves similarly.


#0  0x00000000004f3a40 in conn_compression_flush (pconn=0x870440) at
packets.c:117
        compressed_size = 524829
        error = <optimised out>
        compressed = 0x7fff315bc8b0 <Address 0x7fff315bc8b0 out of bounds>
        __FUNCTION__ = "conn_compression_flush"
#1  0x00000000004f3e08 in send_packet_data (pc=0x870440, data=0x7fff3163cc10
"", len=10) at packets.c:220
        old_size = 524283
        size = 10
        result = 0
        packet_type = <optimised out>
        __FUNCTION__ = "send_packet_data"
#2  0x000000000051b590 in send_packet_player_info_100 (pc=0x870440,
packet=0x7fff3163dc60) at packets_gen.c:12854
        size = 10
        real_packet = 0x7fff3163dc60
        fields = {vec = "\bH\000\006"}
        old = <optimised out>
        differ = <optimised out>
        hash = <optimised out>
        different = <optimised out>
        buffer =
"\000\n3\bH\000\006\000\001WP\000\000\000\000\000`\314c1\377\177\000\000\000\020\000\000\000\000\000\000\064\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\377\377\377",
'\000' <repeats 12 times>, "\020B\372\002", '\000' <repeats 11 times>,
"\001\000\064\031\001[c fg=\"#8B0000\"]Technology goal is
Writing.[/c]\000\000\000\000\000B\r`\000\000\000\000\000\000\377\377\377H\000\006\000\377\377\377\377\377\377\377\377c\000\000\000\000\000\000\000\330\320c1\377\177\000\000\064\000\000\000\000\000\000\000\374\201\247\237\375\177\000\000\000\377\377\377",
'\000' <repeats 12 times>, ";\r`\000\000\000\000\000
\000\000\000\000\000\000\000\000\064\031\001[c f\374\201\247\237\375\177"...
        dout = {dest = 0x7fff3163cc10, dest_size = 4096, used = 10, current =
2, too_short = false}
        __FUNCTION__ = "send_packet_player_info_100"
#3  0x000000000045c888 in send_player_info_c_real (src=0x2e7bb30,
dest=<optimised out>) at plrhand.c:821
        pconn_iter = 0x0
        pconn = 0x870440
        info = {playerno = 1, name = "Taka\000\000\000\000\000\000\000\000
\200\350\002\000\000\000\000\234\r\220", '\000' <repeats 13 times>"\340,
\317\027\003\000\000\000\000 \200\350\002", username =
"taka\000\304\337\061\377\177\000\000\000\001\000\000\000\000\000\000\032|@\000\000\000\000\000\330\334c1\377\177\000\000\340\317\027\003\000\000\000\000\241\r`",
score = 23, is_male = true, was_created = false, government = 1,
target_government = -1, real_embassy = {true, false, true, true, true, true,
false <repeats 122 times>}, city_style = 1, nation = 392, team = 0, is_ready =
true, phase_done = false, nturns_idle = 0, is_alive = true, gold = 46, tax =
40, science = 60, luxury = 0, bulbs_last_turn = 5, bulbs_researched = 6,
techs_researched = 7, researching = 87, science_cost = 100, future_tech = 0,
tech_goal = 87, is_connected = true, revolution_finishes = -1, ai = false,
ai_skill_level = 0, barbarian_type = 0, gives_shared_vision = {vec = "=",
'\000' <repeats 14 times>}, inventions = "20200000012001", '0' <repeats 21
times>, "20000000001202000000100000011", '0' <repeats 17 times>,
"1000021\000\000\000\000W\000\000\000d\000\000\000\000\000\000\000W\000\000\000\001\000\000\000\377\377\377\377",
'\000' <repeats 12 times>, "=", '\000' <repeats 15 times>,
"202000000120\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000\001",
love = {1 <repeats 128 times>}, color_red = 255, color_green = 255, color_blue
= 0, wonders = {0 <repeats 21 times>, 258, 0 <repeats 178 times>}}
        __FUNCTION__ = "send_player_info_c_real"
#4  0x000000000041de49 in handle_player_tech_goal (pplayer=0x2e7bb30,
tech_goal=87) at techtools.c:1073
No locals.
#5  0x000000000041decf in handle_player_tech_goal (pplayer=0x2e74940,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e7bb30
        _pslot = 0x1f16088
#6  0x000000000041decf in handle_player_tech_goal (pplayer=0x2e49dd0,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e74940
        _pslot = 0x1f16080
[...lots of stack omitted...]
#168988 0x000000000041decf in handle_player_tech_goal (pplayer=0x2e7bb30,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e49dd0
        _pslot = 0x1f16098
#168989 0x000000000041decf in handle_player_tech_goal (pplayer=0x2e74940,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e7bb30
        _pslot = 0x1f16088
#168990 0x000000000041decf in handle_player_tech_goal (pplayer=0x2e49dd0,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e74940
        _pslot = 0x1f16080
#168991 0x000000000041decf in handle_player_tech_goal (pplayer=0x2e7bb30,
tech_goal=87) at techtools.c:1080
        aplayer = 0x2e49dd0
        _pslot = 0x1f16098
#168992 0x000000000045408d in server_handle_packet (type=<optimised out>,
packet=<optimised out>, pplayer=<optimised out>, pconn=<optimised out>) at
hand_gen.c:134
No locals.
#168993 0x000000000040ae94 in server_packet_input (pconn=0x870440,
packet=<optimised out>, type=56) at srv_main.c:1615
        pplayer = 0x2e7bb30
        __FUNCTION__ = "server_packet_input"
#168994 0x0000000000481b9c in incoming_client_packets (pconn=<optimised out>)
at sernet.c:457
        command_ok = <optimised out>
        packet = {data = 0x2835c80, type = PACKET_PLAYER_TECH_GOAL}
#168995 server_sniff_all_input () at sernet.c:834
        pconn = 0x870440
        nb = <optimised out>
        i = <optimised out>
        s = <optimised out>
        max_desc = 6
        readfs = {fds_bits = {64, 0 <repeats 15 times>}}
        writefs = {fds_bits = {0 <repeats 16 times>}}
        exceptfs = {fds_bits = {0 <repeats 16 times>}}
        tv = {tv_sec = 0, tv_usec = 994094}
        __FUNCTION__ = "server_sniff_all_input"
#168996 0x000000000040cd1d in srv_running () at srv_main.c:2310
        save_counter = 1
        i = <optimised out>
        is_new_turn = true
        skip_mapimg = false
        eot_timer = 0x28345e0
        need_send_pending_events = false
#168997 srv_main () at srv_main.c:2770
        __FUNCTION__ = "srv_main"
#168998 0x00000000004060eb in main (argc=<optimised out>, argv=0x7fff31dfcbc8)
at civserver.c:453
        inx = 3
        showhelp = <optimised out>
        showvers = <optimised out>
        option = <optimised out>
        __FUNCTION__ = "main"


    _______________________________________________________

Reply to this item at:

  <http://gna.org/bugs/?21160>

_______________________________________________
  Message sent via/by Gna!
  http://gna.org/


_______________________________________________
Freeciv-dev mailing list
[email protected]
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to