Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Out of bounds index in submap::set_radiation #36811

Closed
hexagonrecursion opened this issue Jan 8, 2020 · 3 comments · Fixed by #36903
Closed

Out of bounds index in submap::set_radiation #36811

hexagonrecursion opened this issue Jan 8, 2020 · 3 comments · Fixed by #36903

Comments

@hexagonrecursion
Copy link
Contributor 

src/submap.h:100:13: runtime error: index 12 out of bounds for type 'int [12]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/submap.h:100:13 in 

(lldb) bt
* thread #1, name = 'cataclysm-tiles', stop reason = Out of bounds index
    frame #0: 0x000000000216db50 cataclysm-tiles`__ubsan_on_report
    frame #1: 0x000000000216812d cataclysm-tiles`__ubsan::Diag::~Diag() + 669
    frame #2: 0x0000000002169792 cataclysm-tiles`handleOutOfBoundsImpl(__ubsan::OutOfBoundsData*, unsigned long, __ubsan::ReportOptions) + 450
    frame #3: 0x000000000216d3d5 cataclysm-tiles`__ubsan_handle_out_of_bounds + 37
    frame #4: 0x00000000042a1355 cataclysm-tiles`submap::set_radiation(this=0x000062a0006a8200, p=<unavailable>, radiation=0) at submap.h:100:27
    frame #5: 0x0000000005966b47 cataclysm-tiles`submap::load(this=0x000062a0006a8200, jsin=0x00007ffffffbac00, member_name=<read memory from 0x7fff00000000 failed (0 of 8 bytes read)>, rubpow_update=<unavailable>) at savegame_json.cpp:3806:17
    frame #6: 0x00000000043e1faa cataclysm-tiles`mapbuffer::deserialize(this=<unavailable>, jsin=0x00007ffffffbac00) at mapbuffer.cpp:302:21
    frame #7: 0x00000000043ec379 cataclysm-tiles`void std::_Bind<void (mapbuffer::* (mapbuffer*, std::_Placeholder<1>))(JsonIn&)>::__call<void, JsonIn&, 0ul, 1ul>(this=0x0000603000e6a670, __args=0x00007ffffffbab40, (null)=<unavailable>) at functional:400:11
    frame #8: 0x00000000043ec134 cataclysm-tiles`void std::_Bind<void (mapbuffer::* (mapbuffer*, std::_Placeholder<1>))(JsonIn&)>::operator(this=0x0000603000e6a670, __args=<unavailable>)<JsonIn&, void>(JsonIn&) at functional:482:17
    frame #9: 0x00000000029aa928 cataclysm-tiles`read_from_file_optional_json(this=<unavailable>, fin=0x00007ffffffbacc0)> const&)::$_2::operator()(std::istream&) const at cata_utility.cpp:468:9
    frame #10: 0x00000000029a6a8b cataclysm-tiles`read_from_file(path="./save/Holabird/maps/2.4.0/90.154.0.map", reader=0x00007ffffffbb060)> const&) at cata_utility.cpp:427:9
    frame #11: 0x00000000029a78c7 cataclysm-tiles`read_from_file_optional_json(path=<unavailable>, reader=0x00007ffffffbb420)> const&) at cata_utility.cpp:466:12
    frame #12: 0x00000000043df52c cataclysm-tiles`mapbuffer::unserialize_submaps(this=<unavailable>, p=0x00007ffffffbb6e0) at mapbuffer.cpp:268:10
    frame #13: 0x00000000043dea0a cataclysm-tiles`mapbuffer::lookup_submap(this=0x00000000134dbba0, p=0x00007ffffffbb6e0) at mapbuffer.cpp:107:20
    frame #14: 0x000000000425643e cataclysm-tiles`map::loadn(this=0x00007ffffffbc040, grid=0x00007ffffffbbde0, update_vehicles=<unavailable>) at map.cpp:6537:32
    frame #15: 0x00000000042aaa74 cataclysm-tiles`map::loadn(this=0x00007ffffffbc040, grid=0x00007ffffffbbf00, update_vehicles=<unavailable>) at map.h:1462:17
    frame #16: 0x0000000004250314 cataclysm-tiles`map::load(this=0x00007ffffffbc040, w=0x00007fff00000000, update_vehicle=<unavailable>) at map.cpp:6266:13
    frame #17: 0x0000000005b63471 cataclysm-tiles`start_location::prepare_map(this=0x000062a000030200, omtstart=0x00007ffffffbc4d0) const at start_location.cpp:219:18
    frame #18: 0x00000000033881a8 cataclysm-tiles`game::start_game(this=0x00006190000c1c80) at game.cpp:713:15
    frame #19: 0x00000000041afb2a cataclysm-tiles`main_menu::new_character_tab(this=0x00007fffffffdb70) at main_menu.cpp:805:29
    frame #20: 0x00000000041ab41f cataclysm-tiles`main_menu::opening_screen(this=<unavailable>) at main_menu.cpp:539:37
    frame #21: 0x000000000418f5ba cataclysm-tiles`main(argc=<unavailable>, argv=0x00007fffffffe0c8) at main.cpp:683:23
    frame #22: 0x00007ffff78d5f43 libc.so.6`__libc_start_main(main=(cataclysm-tiles`main at main.cpp:135), argc=1, argv=0x00007fffffffe0c8, init=<unavailable>, fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007fffffffe0b8) at libc-start.c:308:16
    frame #23: 0x0000000002054a6e cataclysm-tiles`_start + 46

Steps To Reproduce

Steps to reproduce the behavior:

  1. Compile with clang UndefinedBehaviorSanitizer
  2. Start a new game via "custom character". Note: for some reason starting via "play now (fixed scenario)" does not trigger this bug.
  3. Tab to the last tab and confirm character creation

Expected behavior

This is undefined behavior and should be avoided.

Versions and configuration

  • OS: Linux
    • OS Version: Fedora 30
  • Game Version: 0.D-11025-g9fe2e72d43 [64-bit]
  • Graphics Version: Tiles
  • Mods loaded: [
    Dark Days Ahead [dda],
    Disable NPC Needs [no_npc_food]
    ]
@hexagonrecursion
Copy link
Contributor Author

This might have the same cause as #36570.
The the following fails to reproduce the issue:

  1. Compile with clang UndefinedBehaviorSanitizer
  2. Start a new game via "custom character". Note: for some reason starting via "play now (fixed scenario)" does not trigger this bug.
  3. Tab to the last tab
  4. use a debugger to set player x position to 0
  5. confirm character creation

@hexagonrecursion
Copy link
Contributor Author

hexagonrecursion commented Jan 8, 2020
edited
Loading

This can also happen when loading a save

(lldb) bt
* thread #1, name = 'cataclysm-tiles', stop reason = Out of bounds index
  * frame #0: 0x000000000216db50 cataclysm-tiles`__ubsan_on_report
    frame #1: 0x000000000216812d cataclysm-tiles`__ubsan::Diag::~Diag() + 669
    frame #2: 0x0000000002169792 cataclysm-tiles`handleOutOfBoundsImpl(__ubsan::OutOfBoundsData*, unsigned long, __ubsan::ReportOptions) + 450
    frame #3: 0x000000000216d3d5 cataclysm-tiles`__ubsan_handle_out_of_bounds + 37
    frame #4: 0x00000000042a1355 cataclysm-tiles`submap::set_radiation(this=0x000062a000864200, p=<unavailable>, radiation=0) at submap.h:100:27
    frame #5: 0x0000000005966b47 cataclysm-tiles`submap::load(this=0x000062a000864200, jsin=0x00007ffffffd8ba0, member_name=<read memory from 0x7fff00000000 failed (0 of 8 bytes read)>, rubpow_update=<unavailable>) at savegame_json.cpp:3806:17
    frame #6: 0x00000000043e1faa cataclysm-tiles`mapbuffer::deserialize(this=<unavailable>, jsin=0x00007ffffffd8ba0) at mapbuffer.cpp:302:21
    frame #7: 0x00000000043ec379 cataclysm-tiles`void std::_Bind<void (mapbuffer::* (mapbuffer*, std::_Placeholder<1>))(JsonIn&)>::__call<void, JsonIn&, 0ul, 1ul>(this=0x000060300022dce0, __args=0x00007ffffffd8ae0, (null)=<unavailable>) at functional:400:11
    frame #8: 0x00000000043ec134 cataclysm-tiles`void std::_Bind<void (mapbuffer::* (mapbuffer*, std::_Placeholder<1>))(JsonIn&)>::operator(this=0x000060300022dce0, __args=<unavailable>)<JsonIn&, void>(JsonIn&) at functional:482:17
    frame #9: 0x00000000029aa928 cataclysm-tiles`read_from_file_optional_json(this=<unavailable>, fin=0x00007ffffffd8c60)> const&)::$_2::operator()(std::istream&) const at cata_utility.cpp:468:9
    frame #10: 0x00000000029a6a8b cataclysm-tiles`read_from_file(path="./save/Holabird/maps/0.1.0/21.49.0.map", reader=0x00007ffffffd9000)> const&) at cata_utility.cpp:427:9
    frame #11: 0x00000000029a78c7 cataclysm-tiles`read_from_file_optional_json(path=<unavailable>, reader=0x00007ffffffd93c0)> const&) at cata_utility.cpp:466:12
    frame #12: 0x00000000043df52c cataclysm-tiles`mapbuffer::unserialize_submaps(this=<unavailable>, p=0x00007ffffffd9680) at mapbuffer.cpp:268:10
    frame #13: 0x00000000043dea0a cataclysm-tiles`mapbuffer::lookup_submap(this=0x00000000134dbba0, p=0x00007ffffffd9680) at mapbuffer.cpp:107:20
    frame #14: 0x000000000425643e cataclysm-tiles`map::loadn(this=0x0000617000003c00, grid=0x00007ffffffd9d40, update_vehicles=<unavailable>) at map.cpp:6537:32
    frame #15: 0x00000000042aabd0 cataclysm-tiles`map::loadn(this=<unavailable>, grid=0x00007ffffffd9ea0, update_vehicles=<unavailable>) at map.h:1453:21
    frame #16: 0x0000000004250314 cataclysm-tiles`map::load(this=0x0000617000003c00, w=0x00007fff00000000, update_vehicle=<unavailable>) at map.cpp:6266:13
    frame #17: 0x0000000005892370 cataclysm-tiles`game::unserialize(this=0x00006190000c1c80, fin=0x00007ffffffda2b0) at savegame.cpp:187:9
    frame #18: 0x000000000352aa49 cataclysm-tiles`void std::_Bind<void (game::* (game*, std::_Placeholder<1>))(std::istream&)>::__call<void, std::istream&, 0ul, 1ul>(this=0x000060300108d540, __args=0x00007ffffffdb820, (null)=<unavailable>) at functional:400:11
    frame #19: 0x000000000352a804 cataclysm-tiles`void std::_Bind<void (game::* (game*, std::_Placeholder<1>))(std::istream&)>::operator(this=0x000060300108d540, __args=<unavailable>)<std::istream&, void>(std::istream&) at functional:482:17
    frame #20: 0x00000000029a6a8b cataclysm-tiles`read_from_file(path="./save/Holabird/#Um9kZ2VyICdIZWlyJyBCbGFja2J1cm4=.sav", reader=0x00007ffffffe2570)> const&) at cata_utility.cpp:427:9
    frame #21: 0x00000000033d6fa6 cataclysm-tiles`game::load(this=0x00006190000c1c80, name=0x0000608000d8cae0) at game.cpp:2667:10
    frame #22: 0x00000000041b5289 cataclysm-tiles`main_menu::load_character_tab(this=<unavailable>, transfer=<unavailable>) at main_menu.cpp:1065:24
    frame #23: 0x00000000041ab435 cataclysm-tiles`main_menu::opening_screen(this=<unavailable>) at main_menu.cpp:542:37
    frame #24: 0x000000000418f5ba cataclysm-tiles`main(argc=<unavailable>, argv=0x00007fffffffe0c8) at main.cpp:683:23
    frame #25: 0x00007ffff78d5f43 libc.so.6`__libc_start_main(main=(cataclysm-tiles`main at main.cpp:135), argc=1, argv=0x00007fffffffe0c8, init=<unavailable>, fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007fffffffe0b8) at libc-start.c:308:16
    frame #26: 0x0000000002054a6e cataclysm-tiles`_start + 46

Will attach a save file later.

@hexagonrecursion
Copy link
Contributor Author

Example save file:
test5.zip

To reproduce the above trace:

  1. Compile with clang UBSan
  2. load the save

Steps to generate a save that triggers this issue:

  1. Start a new game via "play now (fixed scenario)"
  2. Save the game

@BevapDin BevapDin mentioned this issue Jan 10, 2020
Merged
@weekly-digest weekly-digest bot mentioned this issue Jan 12, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix loading submap radiation. BevapDin/Cataclysm-DDA
1 participant
@hexagonrecursion