2019-12-12 01:44 CET

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005473Spring engineAIpublic2017-02-13 22:37
ReporterGoogle_Frog 
Assigned Toabma 
PrioritynormalSeveritycrashReproducibilityhave not tried
StatusclosedResolutionnot fixable 
Product Version103.0 +git 
Target VersionFixed in Version 
Summary0005473: 103.0.1-588-gab2f239 circuit AI interface crash
DescriptionInfolog: https://github.com/ZeroK-RTS/CrashReports/issues/92

I'm not sure if this is circuit or engine so I am reporting here. I see many circuit crashes, this one is notable in that it occurs at the start of the game and no warnings are produced prior to the crash.
TagsNo tags attached.
Checked infolog.txt for Errors
Attached Files

-Relationships
related to 0005451resolvedKloot 103.0.1-570-gcf3f016 crash near loading or game start 
has duplicate 0005466resolvedKloot 103.0.1-588-gab2f239 start of game crash 
+Relationships

-Notes

~0017299

Kloot (developer)

Last edited: 2017-02-13 14:21

View 2 revisions

this is the strange GuiHandler crash I keep seeing but can never reproduce:

rts/Game/UI/GuiHandler.cpp:2978
rts/Game/UI/GuiHandler.cpp:2585
rts/Game/Game.cpp:1310
rts/Game/Game.cpp:1270
rts/System/SpringApp.cpp:857
rts/System/Main.cpp:48
rts/System/Main.cpp:109

if a line like "AI\Skirmish\CircuitAIHard32\0.9.11.b\SkirmishAI.dll [0x000676A6]" shows up in the trace, then it was the AI that crashed.

~0017307

abma (administrator)

=13790==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6190035cf570 at pc 0x7ff1b0330dd9 bp 0x7ffdbcd3a700 sp 0x7ffdbcd3a6f8
READ of size 4 at 0x6190035cf570 thread T0 (spring-main)
    #0 0x7ff1b0330dd8 in circuit::CCircuitDef::Init(circuit::CCircuitAI*) AI/Skirmish/CircuitAI/src/circuit/unit/CircuitDef.cpp:482
    #1 0x7ff1b037c56b in circuit::CCircuitAI::InitUnitDefs(float&) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:1160
    #2 0x7ff1b0376a61 in circuit::CCircuitAI::Init(int, SSkirmishAICallback const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:466
    0000003 0x7ff1b037181d in circuit::CCircuitAI::HandleGameEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:143
    0000004 0x7ff1b03711d4 in circuit::CCircuitAI::HandleEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:113
    0000005 0x7ff1b03d2af2 in handleEvent AI/Skirmish/CircuitAI/src/AIExport.cpp:75
    #6 0xf6e768 in CSkirmishAILibrary::HandleEvent(int, int, void const*) const rts/ExternalAI/SkirmishAILibrary.cpp:94
    #7 0xf769be in CSkirmishAIWrapper::HandleEvent(int, void const*) const rts/ExternalAI/SkirmishAIWrapper.cpp:463
    #8 0xf73e59 in CSkirmishAIWrapper::Init() rts/ExternalAI/SkirmishAIWrapper.cpp:220
    #9 0xf15b9b in CEngineOutHandler::CreateSkirmishAI(unsigned long) rts/ExternalAI/EngineOutHandler.cpp:568
    0000010 0xf5e9ce in CSkirmishAIHandler::CreateLocalSkirmishAI(unsigned long) rts/ExternalAI/SkirmishAIHandler.cpp:187
    #11 0x62836f in CGame::LoadSkirmishAIs() rts/Game/Game.cpp:709
    0000012 0x6249c0 in CGame::LoadGame(std::string const&, bool) rts/Game/Game.cpp:418
    0000013 0x68f023 in CLoadScreen::Init() rts/Game/LoadScreen.cpp:134
    0000014 0x68fb6e in CLoadScreen::CreateInstance(std::string const&, std::string const&, ILoadSaveHandler*) rts/Game/LoadScreen.cpp:207
    #15 0x6a8a05 in CPreGame::UpdateClientNet() rts/Game/PreGame.cpp:342
    #16 0x6a7408 in CPreGame::Update() rts/Game/PreGame.cpp:171
    #17 0xe16f6f in SpringApp::Update() rts/System/SpringApp.cpp:862
    #18 0xe1715c in SpringApp::Run() rts/System/SpringApp.cpp:892
    #19 0xde3b75 in Run(int, char**) rts/System/Main.cpp:48
    0000020 0xde47f4 in main rts/System/Main.cpp:109
    #21 0x7ff1eabd9b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
    #22 0x5d52b6 (/mnt/tmp/home/dev/spring/develop/spring+0x5d52b6)

0x6190035cf570 is located 16 bytes to the left of 960-byte region [0x6190035cf580,0x6190035cf940)
allocated by thread T0 (spring-main) here:
    #0 0x7ff1eeee4fff in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54fff)
    #1 0x7ff1b02c0667 in __gnu_cxx::new_allocator<circuit::STerrainMapImmobileType>::allocate(unsigned long, void const*) /usr/include/c++/4.9/ext/new_allocator.h:104
    #2 0x7ff1b02bde6f in std::allocator_traits<std::allocator<circuit::STerrainMapImmobileType> >::allocate(std::allocator<circuit::STerrainMapImmobileType>&, unsigned long) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x53de6f)
    0000003 0x7ff1b02b9d49 in std::_Vector_base<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::_M_allocate(unsigned long) /usr/include/c++/4.9/bits/stl_vector.h:170
    0000004 0x7ff1b02b4e75 in void std::vector<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::_M_emplace_back_aux<circuit::STerrainMapImmobileType const&>(circuit::STerrainMapImmobileType const&) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x534e75)
    0000005 0x7ff1b02b029b in std::vector<circuit::STerrainMapImmobileType, std::allocator<circuit::STerrainMapImmobileType> >::push_back(circuit::STerrainMapImmobileType const&) (/mnt/tmp/home/dev/spring/develop/AI/Skirmish/CircuitAI/data/libSkirmishAI.so+0x53029b)
    #6 0x7ff1b02a1c2b in circuit::CTerrainData::Init(circuit::CCircuitAI*) AI/Skirmish/CircuitAI/src/circuit/terrain/TerrainData.cpp:238
    #7 0x7ff1b037bd6a in circuit::CCircuitAI::InitUnitDefs(float&) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:1135
    #8 0x7ff1b0376a61 in circuit::CCircuitAI::Init(int, SSkirmishAICallback const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:466
    #9 0x7ff1b037181d in circuit::CCircuitAI::HandleGameEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:143
    0000010 0x7ff1b03711d4 in circuit::CCircuitAI::HandleEvent(int, void const*) AI/Skirmish/CircuitAI/src/circuit/CircuitAI.cpp:113
    #11 0x7ff1b03d2af2 in handleEvent AI/Skirmish/CircuitAI/src/AIExport.cpp:75
    0000012 0xf6e768 in CSkirmishAILibrary::HandleEvent(int, int, void const*) const rts/ExternalAI/SkirmishAILibrary.cpp:94
    0000013 0xf769be in CSkirmishAIWrapper::HandleEvent(int, void const*) const rts/ExternalAI/SkirmishAIWrapper.cpp:463
    0000014 0xf73e59 in CSkirmishAIWrapper::Init() rts/ExternalAI/SkirmishAIWrapper.cpp:220
    #15 0xf15b9b in CEngineOutHandler::CreateSkirmishAI(unsigned long) rts/ExternalAI/EngineOutHandler.cpp:568
    #16 0xf5e9ce in CSkirmishAIHandler::CreateLocalSkirmishAI(unsigned long) rts/ExternalAI/SkirmishAIHandler.cpp:187
    #17 0x62836f in CGame::LoadSkirmishAIs() rts/Game/Game.cpp:709
    #18 0x6249c0 in CGame::LoadGame(std::string const&, bool) rts/Game/Game.cpp:418
    #19 0x68f023 in CLoadScreen::Init() rts/Game/LoadScreen.cpp:134
    0000020 0x68fb6e in CLoadScreen::CreateInstance(std::string const&, std::string const&, ILoadSaveHandler*) rts/Game/LoadScreen.cpp:207
    #21 0x6a8a05 in CPreGame::UpdateClientNet() rts/Game/PreGame.cpp:342
    #22 0x6a7408 in CPreGame::Update() rts/Game/PreGame.cpp:171
    #23 0xe16f6f in SpringApp::Update() rts/System/SpringApp.cpp:862
    0000024 0xe1715c in SpringApp::Run() rts/System/SpringApp.cpp:892
    #25 0xde3b75 in Run(int, char**) rts/System/Main.cpp:48
    0000026 0xde47f4 in main rts/System/Main.cpp:109
    0000027 0x7ff1eabd9b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)

SUMMARY: AddressSanitizer: heap-buffer-overflow AI/Skirmish/CircuitAI/src/circuit/unit/CircuitDef.cpp:482 circuit::CCircuitDef::Init(circuit::CCircuitAI*)
Shadow bytes around the buggy address:
  0x0c32806b1e50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32806b1e60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32806b1e70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32806b1e80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c32806b1e90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c32806b1ea0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa]fa
  0x0c32806b1eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32806b1ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32806b1ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32806b1ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c32806b1ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable: 00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone: fa
  Heap right redzone: fb
  Freed heap region: fd
  Stack left redzone: f1
  Stack mid redzone: f2
  Stack right redzone: f3
  Stack partial redzone: f4
  Stack after return: f5
  Stack use after scope: f8
  Global redzone: f9
  Global init order: f6
  Poisoned by user: f7
  Contiguous container OOB:fc
  ASan internal: fe
==13790==ABORTING

~0017308

abma (administrator)

looks like a bug in circuit AI
+Notes

-Issue History
Date Modified Username Field Change
2017-02-13 13:54 Google_Frog New Issue
2017-02-13 13:57 Kloot Note Added: 0017299
2017-02-13 13:58 Kloot Relationship added related to 0005451
2017-02-13 14:21 Kloot Note Edited: 0017299 View Revisions
2017-02-13 19:48 abma Assigned To => abma
2017-02-13 19:48 abma Status new => closed
2017-02-13 19:48 abma Resolution open => fixed
2017-02-13 19:48 abma Note Added: 0017307
2017-02-13 19:48 abma Resolution fixed => not fixable
2017-02-13 19:48 abma Note Added: 0017308
2017-02-13 22:37 Kloot Relationship added has duplicate 0005466
+Issue History