View Single Post
Old April 21, 2015, 07:34  
myshkin
Angband Devteam member
 
Join Date: Apr 2007
Posts: 334
myshkin is on a distinguished road
Quote:
Originally Posted by Ingwe Ingweron View Post
Angband 4.0 dev 9f6ea01

I think I have another replicable battle crash. Fighting Medusa, use the arrows of Slay Evil, inscribed @f1=g, and target her with the "*" key and "n" thereafter. Usually, within the first few shots, if not the first shot, there's a crash. This is on MacOSX. Attachment 1214 "f1*t (1st shot successful) n (CRASH)"
I was able to reproduce this crash on OS X, but not on Linux. Again the kind struct is garbled. I think the OS-specific issues are simply that the memory allocators behave somewhat differently. Near as I can tell, what happens on OS X:
  • The first arrow fires and lands at the feet of the player.
  • The second arrow fires and tries to land at the feet of the player. ranged_helper() calls drop_near(), which calls floor_carry(), to carry this out.
  • floor_carry() notices that the grid contains an object with which it can combine its drop argument (the second arrow), and calls object_absorb() to make them a single stack.
  • Unfortunately, object_absorb() calls object_delete() on the second arrow after creating the stack of two arrows.
  • Back in drop_near(), we check to see whether the item is ignored, in order to determine whether to say, "You feel something roll beneath your feet." ignore_item_ok() on the second arrow fails, as it eventually tries to access the flavor of the object, cleared away by object_delete().

Code:
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x000000010006d2d7 in object_flavor_is_aware (obj=0x108931a98) at obj-identify.c:170
170		return obj->kind->aware;
(gdb) bt
#0  0x000000010006d2d7 in object_flavor_is_aware (obj=0x108931a98) at obj-identify.c:170
#1  0x0000000100071910 in object_is_ignored (obj=0x108931a98) at obj-ignore.c:545
#2  0x0000000100071a82 in ignore_item_ok (obj=0x108931a98) at obj-ignore.c:579
#3  0x000000010007cf5e in drop_near (c=0x10895e6d8, j_ptr=0x108931a98, chance=35, y=31, x=101, verbose=true) at obj-pile.c:871
#4  0x0000000100091ba1 in ranged_helper (obj=0x10895e5a8, dir=5, range=12, shots=2, attack=0x1000910c0 <make_ranged_shot>) at player-attack.c:641
#5  0x00000001000910ba in do_cmd_fire (cmd=0x100167fb0) at player-attack.c:759
myshkin is offline   Reply With Quote