| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
|---|---|---|---|---|---|---|---|---|---|
| 0005473 | Spring engine | AI | public | 2017-02-13 13:54 | 2017-02-13 22:37 | ||||
| Reporter | Google_Frog | ||||||||
| Assigned To | abma | ||||||||
| Priority | normal | Severity | crash | Reproducibility | have not tried | ||||
| Status | closed | Resolution | not fixable | ||||||
| Product Version | 103.0 +git | ||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0005473: 103.0.1-588-gab2f239 circuit AI interface crash | ||||||||
| Description | Infolog: https://github.com/ZeroK-RTS/CrashReports/issues/92 I'm not sure if this is circuit or engine so I am reporting here. I see many circuit crashes, this one is notable in that it occurs at the start of the game and no warnings are produced prior to the crash. | ||||||||
| Tags | No tags attached. | ||||||||
| Checked infolog.txt for Errors | |||||||||
| Attached Files |
| ||||||||
 Relationships |
|||||||||||
|
|||||||||||
 Relationships |
| Notes |
|
|
Kloot (developer) 2017-02-13 13:57 Last edited: 2017-02-13 14:21 |
this is the strange GuiHandler crash I keep seeing but can never reproduce: rts/Game/UI/GuiHandler.cpp:2978 rts/Game/UI/GuiHandler.cpp:2585 rts/Game/Game.cpp:1310 rts/Game/Game.cpp:1270 rts/System/SpringApp.cpp:857 rts/System/Main.cpp:48 rts/System/Main.cpp:109 if a line like "AI\Skirmish\CircuitAIHard32\0.9.11.b\SkirmishAI.dll [0x000676A6]" shows up in the trace, then it was the AI that crashed. |
|
abma (administrator) 2017-02-13 19:48 |
=13790==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6190035cf570 at pc 0x7ff1b0330dd9 bp 0x7ffdbcd3a700 sp 0x7ffdbcd3a6f8 READ of size 4 at 0x6190035cf570 thread T0 (spring-main) #0 0x7ff1b0330dd8 in circuit::CCircuitDef::Init(circuit::CCircuitAI*) AI/Skirmish/CircuitAI/src/circuit/unit/CircuitDef.cpp:482 #1 0x7ff1b037c56b in circuit::CCircuitAI::InitUnitDefs(float&) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:1160 #2 0x7ff1b0376a61 in circuit::CCircuitAI::Init(int, SSkirmishAICallback const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:466 0000003 0x7ff1b037181d in circuit::CCircuitAI::HandleGameEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:143 0000004 0x7ff1b03711d4 in circuit::CCircuitAI::HandleEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:113 0000005 0x7ff1b03d2af2 in handleEvent AI/Skirmish/CircuitAI/src/AIExport.cpp:75 #6 0xf6e768 in CSkirmishAILibrary::HandleEvent(int, int, void const*) const rts/ExternalAI/SkirmishAILibrary.cpp:94 #7 0xf769be in CSkirmishAIWrapper::HandleEvent(int, void const*) const rts/ExternalAI/SkirmishAIWrapper.cpp:463 #8 0xf73e59 in CSkirmishAIWrapper::Init() rts/ExternalAI/SkirmishAIWrapper.cpp:220 #9 0xf15b9b in CEngineOutHandler::CreateSkirmishAI(unsigned long) rts/ExternalAI/EngineOutHandler.cpp:568 0000010 0xf5e9ce in CSkirmishAIHandler::CreateLocalSkirmishAI(unsigned long) rts/ExternalAI/SkirmishAIHandler.cpp:187 #11 0x62836f in CGame::LoadSkirmishAIs() rts/Game/Game.cpp:709 0000012 0x6249c0 in CGame::LoadGame(std::string const&, bool) rts/Game/Game.cpp:418 0000013 0x68f023 in CLoadScreen::Init() rts/Game/LoadScreen.cpp:134 0000014 0x68fb6e in CLoadScreen::CreateInstance(std::string const&, std::string const&, ILoadSaveHandler*) rts/Game/LoadScreen.cpp:207 #15 0x6a8a05 in CPreGame::UpdateClientNet() rts/Game/PreGame.cpp:342 #16 0x6a7408 in CPreGame::Update() rts/Game/PreGame.cpp:171 #17 0xe16f6f in SpringApp::Update() rts/System/SpringApp.cpp:862 #18 0xe1715c in SpringApp::Run() rts/System/SpringApp.cpp:892 #19 0xde3b75 in Run(int, char**) rts/System/Main.cpp:48 0000020 0xde47f4 in main rts/System/Main.cpp:109 #21 0x7ff1eabd9b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44) #22 0x5d52b6 (/mnt/tmp/home/dev/spring/develop/spring+0x5d52b6) 0x6190035cf570 is located 16 bytes to the left of 960-byte region [0x6190035cf580,0x6190035cf940) allocated by thread T0 (spring-main) here: #0 0x7ff1eeee4fff in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54fff) #1 0x7ff1b02c0667 in __gnu_cxx::new_allocator<circuit::STerrainMapImmobileType>::allocate(unsigned long, void const*) /usr/include/c++/4.9/ext/new_allocator.h:104 #2 0x7ff1b02bde6f in std::allocator_traits<std::allocator<circuit::STerrainMapImmobileType> >::allocate(std::allocator<circuit::STerrainMapImmobileType>&, unsigned long) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x53de6f) 0000003 0x7ff1b02b9d49 in std::_Vector_base<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::_M_allocate(unsigned long) /usr/include/c++/4.9/bits/stl_vector.h:170 0000004 0x7ff1b02b4e75 in void std::vector<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::_M_emplace_back_aux<circuit::STerrainMapImmobileType const&>(circuit::STerrainMapImmobileType const&) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x534e75) 0000005 0x7ff1b02b029b in std::vector<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::push_back(circuit::STerrainMapImmobileType const&) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x53029b) #6 0x7ff1b02a1c2b in circuit::CTerrainData::Init(circuit::CCircuitAI*) AI/Skirmish/CircuitAI/src/circuit/terrain/TerrainData.cpp:238 #7 0x7ff1b037bd6a in circuit::CCircuitAI::InitUnitDefs(float&) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:1135 #8 0x7ff1b0376a61 in circuit::CCircuitAI::Init(int, SSkirmishAICallback const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:466 #9 0x7ff1b037181d in circuit::CCircuitAI::HandleGameEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:143 0000010 0x7ff1b03711d4 in circuit::CCircuitAI::HandleEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:113 #11 0x7ff1b03d2af2 in handleEvent AI/Skirmish/CircuitAI/src/AIExport.cpp:75 0000012 0xf6e768 in CSkirmishAILibrary::HandleEvent(int, int, void const*) const rts/ExternalAI/SkirmishAILibrary.cpp:94 0000013 0xf769be in CSkirmishAIWrapper::HandleEvent(int, void const*) const rts/ExternalAI/SkirmishAIWrapper.cpp:463 0000014 0xf73e59 in CSkirmishAIWrapper::Init() rts/ExternalAI/SkirmishAIWrapper.cpp:220 #15 0xf15b9b in CEngineOutHandler::CreateSkirmishAI(unsigned long) rts/ExternalAI/EngineOutHandler.cpp:568 #16 0xf5e9ce in CSkirmishAIHandler::CreateLocalSkirmishAI(unsigned long) rts/ExternalAI/SkirmishAIHandler.cpp:187 #17 0x62836f in CGame::LoadSkirmishAIs() rts/Game/Game.cpp:709 #18 0x6249c0 in CGame::LoadGame(std::string const&, bool) rts/Game/Game.cpp:418 #19 0x68f023 in CLoadScreen::Init() rts/Game/LoadScreen.cpp:134 0000020 0x68fb6e in CLoadScreen::CreateInstance(std::string const&, std::string const&, ILoadSaveHandler*) rts/Game/LoadScreen.cpp:207 #21 0x6a8a05 in CPreGame::UpdateClientNet() rts/Game/PreGame.cpp:342 #22 0x6a7408 in CPreGame::Update() rts/Game/PreGame.cpp:171 #23 0xe16f6f in SpringApp::Update() rts/System/SpringApp.cpp:862 0000024 0xe1715c in SpringApp::Run() rts/System/SpringApp.cpp:892 #25 0xde3b75 in Run(int, char**) rts/System/Main.cpp:48 0000026 0xde47f4 in main rts/System/Main.cpp:109 0000027 0x7ff1eabd9b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44) SUMMARY: AddressSanitizer: heap-buffer-overflow AI/Skirmish/CircuitAI/src/circuit/unit/CircuitDef.cpp:482 circuit::CCircuitDef::Init(circuit::CCircuitAI*) Shadow bytes around the buggy address: 0x0c32806b1e50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c32806b1e60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c32806b1e70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c32806b1e80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c32806b1e90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c32806b1ea0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa]fa 0x0c32806b1eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32806b1ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32806b1ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32806b1ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32806b1ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Contiguous container OOB:fc ASan internal: fe ==13790==ABORTING |
|
abma (administrator) 2017-02-13 19:48 |
looks like a bug in circuit AI |
| Notes |
| Issue History |
|||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2017-02-13 13:54 | Google_Frog | New Issue | |
| 2017-02-13 13:57 | Kloot | Note Added: 0017299 | |
| 2017-02-13 13:58 | Kloot | Relationship added | related to 0005451 |
| 2017-02-13 14:21 | Kloot | Note Edited: 0017299 | View Revisions |
| 2017-02-13 19:48 | abma | Assigned To | => abma |
| 2017-02-13 19:48 | abma | Status | new => closed |
| 2017-02-13 19:48 | abma | Resolution | open => fixed |
| 2017-02-13 19:48 | abma | Note Added: 0017307 | |
| 2017-02-13 19:48 | abma | Resolution | fixed => not fixable |
| 2017-02-13 19:48 | abma | Note Added: 0017308 | |
| 2017-02-13 22:37 | Kloot | Relationship added | has duplicate 0005466 |
| Issue History |