Project

Profile

Help

HostedRedmine.com has moved to the Planio platform. All logins and passwords remained the same. All users will be able to login and use Redmine just as before. Read more...

Bug #863841

open

Index out of bound in unit.c (S3_0, UBSan, clang9)

Added by Chippo Elder about 4 years ago. Updated about 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
gui-qt
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

I got the following UBSan error while running the qt client.

unit.c:2404:13: runtime error: index -1 out of bounds for type 'const struct unit_list_link *[5]'

I don't know what I was doing when it happened and I've only seen it once.

Actions #1

Updated by Jacob Nevins about 4 years ago

If you're running with UBSan routinely, it's useful to have something like UBSAN_OPTIONS=print_stacktrace=1 in the environment to get more info when random failures like this occur.

Actions #2

Updated by Chippo Elder about 4 years ago

Tx.

Setting that env var on both the qt client and the server has triggered a stack trace on both ends, at the same time.

On the server:

> unit.c:2404:13: runtime error: index -1 out of bounds for type 'const struct unit_list_link *[5]'
    #0 0xc6d552 in cargo_iter_next /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/unit.c:2404:13
    #1 0x542001 in iterator_next /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/../utility/iterator.h:40:3
    #2 0x529928 in unit_move /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/unittools.c:3702:3
    #3 0x7e268b in unit_move_handling /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/unithand.c:3942:5
    #4 0x524314 in execute_orders /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/unittools.c:4286:13
    #5 0x7e932a in handle_unit_orders /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/unithand.c:5051:10
    #6 0x650d34 in server_handle_packet /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/hand_gen.c:162:5
    #7 0x4db18d in server_packet_input /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/srv_main.c:2028:8
    #8 0x7a4620 in incoming_client_packets /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/sernet.c:464:18
    #9 0x7a1b11 in server_sniff_all_input /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/sernet.c:861:11
    #10 0x4e1da4 in srv_running /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/srv_main.c:2795:14
    #11 0x4de96c in srv_main /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/srv_main.c:3370:7
    #12 0x4ce0ef in main /home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/civserver.c:481:3
    #13 0x7f10cf8351e2 in __libc_start_main /build/glibc-t7JzpG/glibc-2.30/csu/../csu/libc-start.c:308:16
    #14 0x42428d in _start (/home/chippo/Downloads/git_clones/freeciv/freeciv-30/server/freeciv-server+0x42428d)

On the qt client side:

unit.c:2404:13: runtime error: index -1 out of bounds for type 'const struct unit_list_link *[5]'
    #0 0xec69d2 in cargo_iter_next /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/unit.c:2404:13
    #1 0xec64a1 in iterator_next /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/../utility/iterator.h:40:3
    #2 0xeb96bd in unit_cargo_depth /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/unit.c:2339:8
    #3 0xf73b39 in pft_fill_unit_default_parameter /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/aicore/pf_tools.c:797:28
    #4 0xf737d1 in pft_fill_unit_parameter /home/chippo/Downloads/git_clones/freeciv/freeciv-30/common/aicore/pf_tools.c:848:3
    #5 0x580fcb in goto_fill_parameter_base /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/goto.c:884:3
    #6 0x57763c in goto_fill_parameter_full /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/goto.c:919:3
    #7 0x57742a in enter_goto_state /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/goto.c:997:5
    #8 0x55480e in request_unit_goto /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/control.c:1149:5
    #9 0x55f2d7 in key_unit_goto /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/control.c:3116:3
    #10 0x98784a in mr_menu::slot_unit_goto() /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/gui-qt/menu.cpp:2948:3
    #11 0x9b159d in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (mr_menu::*)()>::call(void (mr_menu::*)(), mr_menu*, void**) /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:152:13
    #12 0x9b1440 in void QtPrivate::FunctionPointer<void (mr_menu::*)()>::call<QtPrivate::List<>, void>(void (mr_menu::*)(), mr_menu*, void**) /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:185:13
    #13 0x9b1210 in QtPrivate::QSlotObject<void (mr_menu::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:414:17
    #14 0x7fe12b2db557 in QMetaObject::activate(QObject*, int, int, void**) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2b1557)
    #15 0x7fe12aaf5405 in QAction::triggered(bool) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x164405)
    #16 0x7fe12aaf7ac1 in QAction::activate(QAction::ActionEvent) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x166ac1)
    #17 0x7fe12aaf838e in QAction::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16738e)
    #18 0x7fe12aafba85 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16aa85)
    #19 0x7fe12ab04dff in QApplication::notify(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x173dff)
    #20 0x7fe12b2afa29 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x285a29)
    #21 0x7fe12b6c1f9d in QShortcutMap::dispatchEvent(QKeyEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x150f9d)
    #22 0x7fe12b6c2082 in QShortcutMap::tryShortcut(QKeyEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x151082)
    #23 0x7fe12b676ad1 in QWindowSystemInterface::handleShortcutEvent(QWindow*, unsigned long, int, QFlags<Qt::KeyboardModifier>, unsigned int, unsigned int, unsigned int, QString const&, bool, unsigned short) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x105ad1)
    #24 0x7fe12b694000 in QGuiApplicationPrivate::processKeyEvent(QWindowSystemInterfacePrivate::KeyEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x123000)
    #25 0x7fe12b6995e0 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x1285e0)
    #26 0x7fe12b67326a in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x10226a)
    #27 0x7fe1235c528d  (/usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5+0x7928d)
    #28 0x7fe12870584c in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5184c)
    #29 0x7fe128705acf  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51acf)
    #30 0x7fe128705b72 in g_main_context_iteration (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51b72)
    #31 0x7fe12b307634 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2dd634)
    #32 0x7fe12b2ae5ca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2845ca)
    #33 0x7fe12b2b6335 in QCoreApplication::exec() (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x28c335)
    #34 0x8621b4 in fc_client::fc_main(QApplication*) /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/gui-qt/fc_client.cpp:257:3
    #35 0x534202 in qtg_ui_main(int, char**) /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/gui-qt/gui_main.cpp:183:17
    #36 0x5339d9 in ui_main /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/gui_interface.c:59:3
    #37 0x53bb32 in client_main /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/client_main.c:685:3
    #38 0x533ec2 in main /home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/gui-qt/gui_main.cpp:104:10
    #39 0x7fe12a4aa1e2 in __libc_start_main /build/glibc-t7JzpG/glibc-2.30/csu/../csu/libc-start.c:308:16
    #40 0x489a7d in _start (/home/chippo/Downloads/git_clones/freeciv/freeciv-30/client/freeciv-qt+0x489a7d)

Also available in: Atom PDF