Segmentation Fault while casting Lightning Bolt on Ghost in the Graveyard

[kamiccolo]

Casting Lightning Bolt on a Ghost in the Graveyard causes Segmentation Fault.

Backtrace:

#0  0x000000000041a752 in Surface::SetPixel4 (this=0x9750a0 <Display::Get()::inside>, x=-342, y=0, color=65535)
    at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:509
#1  0x000000000041a990 in Surface::SetPixel (this=0x9750a0 <Display::Get()::inside>, x=-342, y=0, pixel=65535)
    at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:552
#2  0x000000000041d7ac in Surface::DrawLine (this=0x9750a0 <Display::Get()::inside>, p1=..., p2=..., color=...)
    at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:1207
#3  0x00000000004c7e9d in RedrawSparksEffects (src=..., dst=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4205
#4  0x00000000004c8158 in Battle::Interface::RedrawTroopWithFrameAnimation (this=0xb07150, b=..., icn=599, m82=126, pain=true)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4256
#5  0x00000000004c4c9e in Battle::Interface::RedrawActionLightningBoltSpell (this=0xb07150, target=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:3513
#6  0x00000000004c161c in Battle::Interface::RedrawActionSpellCastPart1 (this=0xb07150, spell=..., dst=54, caster=0xd6caf0, name="Ranloo", targets=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:2915
#7  0x0000000000482b62 in Battle::Arena::ApplyActionSpellDefaults (this=0x7fffffffd4d0, cmd=..., spell=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:697
#8  0x000000000048059d in Battle::Arena::ApplyActionSpellCast (this=0x7fffffffd4d0, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:168
#9  0x0000000000480364 in Battle::Arena::ApplyAction (this=0x7fffffffd4d0, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:95
#10 0x0000000000488cfd in Battle::Arena::TurnTroop (this=0x7fffffffd4d0, current_troop=0xad80d0)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:358
#11 0x000000000048939c in Battle::Arena::Turns (this=0x7fffffffd4d0) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:446
#12 0x00000000004cec44 in Battle::Loader (army1=..., army2=..., mapsindex=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_main.cpp:79
#13 0x00000000005a7813 in BattleHeroWithMonster (hero=..., army=..., dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:778
#14 0x00000000005b3bd8 in ActionToCaptureObject (hero=..., obj=192, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:2334
#15 0x00000000005b32c9 in ActionToAbandoneMine (hero=..., obj=192, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:2249
#16 0x00000000005a7452 in Heroes::Action (this=0xd6caf0, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:652
#17 0x00000000005ce2c4 in Heroes::MoveStep (hero=..., index_from=1698, index_to=1699, newpos=true)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:489
#18 0x00000000005ce557 in Heroes::MoveStep (this=0xd6caf0, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:533
#19 0x00000000005cf792 in Heroes::Move (this=0xd6caf0, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:849
#20 0x000000000057763b in Interface::Basic::HumanTurn (this=0x9759a0 <Interface::Basic::Get()::basic>, isload=true)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:912
#21 0x000000000057624e in Interface::Basic::StartGame (this=0x9759a0 <Interface::Basic::Get()::basic>)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:585
#22 0x00000000005737ec in Game::StartGame () at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:72
#23 0x000000000055935e in main (argc=1, argv=0x7fffffffe128) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/fheroes2.cpp:291

Yet, another backtrace from casting Lightning Bolt on Dwarves:

#0  0x00007ffff666c428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffff666e02a in __GI_abort () at abort.c:89
#2  0x00007ffff6faf84d in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3  0x00007ffff6fad6b6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffff6fad701 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5  0x00007ffff6fad919 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6  0x000000000040e6cd in Error::Except (func=0x67ddf0 <Surface::SetPixel(int, int, unsigned int) const::__FUNCTION__> "SetPixel", 
    message=0x19fba50 "out of range: x: 800, y: 462, width: 800, height: 600") at /home/zilvinas/Compile/fheroes2enh/src/engine/error.cpp:29
#7  0x000000000041aaab in Surface::SetPixel (this=0x9750a0 <Display::Get()::inside>, x=800, y=462, pixel=65535)
    at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:562
#8  0x000000000041d7ac in Surface::DrawLine (this=0x9750a0 <Display::Get()::inside>, p1=..., p2=..., color=...)
    at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:1207
#9  0x00000000004c7e9d in RedrawSparksEffects (src=..., dst=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4205
#10 0x00000000004c8158 in Battle::Interface::RedrawTroopWithFrameAnimation (this=0x1639fd0, b=..., icn=599, m82=126, pain=true)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4256
#11 0x00000000004c4c9e in Battle::Interface::RedrawActionLightningBoltSpell (this=0x1639fd0, target=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:3513
#12 0x00000000004c161c in Battle::Interface::RedrawActionSpellCastPart1 (this=0x1639fd0, spell=..., dst=54, caster=0xd6cad0, name="Ranloo", targets=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:2915
#13 0x0000000000482b62 in Battle::Arena::ApplyActionSpellDefaults (this=0x7fffffffd660, cmd=..., spell=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:697
#14 0x000000000048059d in Battle::Arena::ApplyActionSpellCast (this=0x7fffffffd660, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:168
#15 0x0000000000480364 in Battle::Arena::ApplyAction (this=0x7fffffffd660, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:95
#16 0x0000000000488cfd in Battle::Arena::TurnTroop (this=0x7fffffffd660, current_troop=0x160d7c0)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:358
#17 0x000000000048939c in Battle::Arena::Turns (this=0x7fffffffd660) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:446
#18 0x00000000004cec44 in Battle::Loader (army1=..., army2=..., mapsindex=1185) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_main.cpp:79
#19 0x00000000005a7813 in BattleHeroWithMonster (hero=..., army=..., dst_index=1185) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:778
#20 0x00000000005a82b7 in ActionToMonster (hero=..., obj=152, dst_index=1185) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:883
#21 0x00000000005a7151 in Heroes::Action (this=0xd6cad0, dst_index=1185) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:506
#22 0x000000000059b74d in RedrawGameAreaAndHeroAttackMonster (hero=..., dst=1185) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes.cpp:1504
#23 0x000000000059b881 in Heroes::ActionNewPosition (this=0xd6cad0) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes.cpp:1523
#24 0x000000000059bef1 in Heroes::Move2Dest (this=0xd6cad0, dst_index=@0x7fffffffdce0: 1258, skip_action=false)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes.cpp:1640
#25 0x00000000005ce24b in Heroes::MoveStep (hero=..., index_from=1259, index_to=1258, newpos=true)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:481
#26 0x00000000005ce557 in Heroes::MoveStep (this=0xd6cad0, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:533
#27 0x00000000005cf792 in Heroes::Move (this=0xd6cad0, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:849
#28 0x000000000057763b in Interface::Basic::HumanTurn (this=0x9759a0 <Interface::Basic::Get()::basic>, isload=false)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:912
#29 0x000000000057624e in Interface::Basic::StartGame (this=0x9759a0 <Interface::Basic::Get()::basic>)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:585
#30 0x00000000005737ec in Game::StartGame () at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:72
#31 0x000000000055935e in main (argc=1, argv=0x7fffffffe128) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/fheroes2.cpp:291

Also, save file next to the graveyard. To reproduce, enter it and cast lightning bolt:
https://drive.google.com/open?id=1jBq8fS8rjBBoCSIQ3F3_46EL9F_QpDnW

[ciplogic]

There is a randomization on Thunderbolt so the fix is to bound check the drawing on surface. Probably in future there should be "drawPixelSafe" and "drawPixelFast" and ThunderBolt should use "drawPixelSafe"

Please update to master (or to this revision) and report back if the issue is fixed.

Thank you @kamiccolo for bug report.

Fix commit: 1336208

[kamiccolo]

The issue still persists :( It feels like color overflowing as well:

#0  0x000000000041a792 in Surface::SetPixel4 (this=0x9761c0 <Display::Get()::inside>, x=2053, y=1199, color=3993042943) at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:509
#1  0x000000000041d3f8 in Surface::drawPixel (this=0x9761c0 <Display::Get()::inside>, x=2053, y=1199, brightness=0.933349609, col=65535) at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:1110
#2  0x000000000041d6c3 in Surface::drawAALine (this=0x9761c0 <Display::Get()::inside>, x0=608, y0=297, x1=20864, y1=12942, col=...) at /home/zilvinas/Compile/fheroes2enh/src/engine/surface.cpp:1182
#3  0x00000000004c7fbf in RedrawSparksEffects (src=..., dst=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4205
#4  0x00000000004c827a in Battle::Interface::RedrawTroopWithFrameAnimation (this=0xb501d0, b=..., icn=599, m82=126, pain=true) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:4256
#5  0x00000000004c4d7e in Battle::Interface::RedrawActionLightningBoltSpell (this=0xb501d0, target=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:3513
#6  0x00000000004c16fc in Battle::Interface::RedrawActionSpellCastPart1 (this=0xb501d0, spell=..., dst=54, caster=0xd6e970, name="Ranloo", targets=...)
    at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_interface.cpp:2915
#7  0x0000000000482c42 in Battle::Arena::ApplyActionSpellDefaults (this=0x7fffffffd4b0, cmd=..., spell=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:697
#8  0x000000000048067d in Battle::Arena::ApplyActionSpellCast (this=0x7fffffffd4b0, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:168
#9  0x0000000000480444 in Battle::Arena::ApplyAction (this=0x7fffffffd4b0, cmd=...) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_action.cpp:95
#10 0x0000000000488ddd in Battle::Arena::TurnTroop (this=0x7fffffffd4b0, current_troop=0xafbe70) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:358
#11 0x000000000048947c in Battle::Arena::Turns (this=0x7fffffffd4b0) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_arena.cpp:446
#12 0x00000000004ced66 in Battle::Loader (army1=..., army2=..., mapsindex=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/battle/battle_main.cpp:79
#13 0x00000000005a7a0b in BattleHeroWithMonster (hero=..., army=..., dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:778
#14 0x00000000005b3dd0 in ActionToCaptureObject (hero=..., obj=192, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:2334
#15 0x00000000005b34c1 in ActionToAbandoneMine (hero=..., obj=192, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:2249
#16 0x00000000005a764a in Heroes::Action (this=0xd6e970, dst_index=1699) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_action.cpp:652
#17 0x00000000005ce4bc in Heroes::MoveStep (hero=..., index_from=1698, index_to=1699, newpos=true) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:489
#18 0x00000000005ce74f in Heroes::MoveStep (this=0xd6e970, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:533
#19 0x00000000005cf98a in Heroes::Move (this=0xd6e970, fast=false) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/heroes/heroes_move.cpp:849
#20 0x0000000000577833 in Interface::Basic::HumanTurn (this=0x976ac0 <Interface::Basic::Get()::basic>, isload=true) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:912
#21 0x0000000000576446 in Interface::Basic::StartGame (this=0x976ac0 <Interface::Basic::Get()::basic>) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:585
#22 0x00000000005739e4 in Game::StartGame () at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/game_startgame.cpp:72
#23 0x00000000005594b6 in main (argc=1, argv=0x7fffffffe128) at /home/zilvinas/Compile/fheroes2enh/src/fheroes2/game/fheroes2.cpp:307

[ciplogic]

I will fix it this evening with the "setPixelSafe".

[kamiccolo]

Mhm. I'm not sure if that's the problem.

Point interpolated = pointLerp(start, endPoint, pos);
interpolated.x += Rand::Get(-20, 20); 
interpolated.y += Rand::Get(-20, 20);

Becomes {x = -10090, y = 21899} for some weird reason o_0 So, drawPoints in populateSpark() gets fishy values.

EDIT:
Of course, Rand::Get() is casting to uint32_t...

[ciplogic]

It looks fixed now. Can you test it by taking 'master' branch again?

[kamiccolo]

Well, the master is quite messed up at the moment... ;)

/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp: In function ‘int IMG_SavePNG_RW(SDL_RWops*, SDL_Surface*, int)’:
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:310:1: error: jump to label ‘savedone’ [-fpermissive]
 savedone: /* clean up and return */
 ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:102:14: note:   from here
         goto savedone;
              ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:118:22: note:   crosses initialization of ‘SDL_PixelFormat* fmt’
     SDL_PixelFormat* fmt = surf->format;
                      ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:310:1: error: jump to label ‘savedone’ [-fpermissive]
 savedone: /* clean up and return */
 ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:94:14: note:   from here
         goto savedone;
              ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:118:22: note:   crosses initialization of ‘SDL_PixelFormat* fmt’
     SDL_PixelFormat* fmt = surf->format;
                      ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:310:1: error: jump to label ‘savedone’ [-fpermissive]
 savedone: /* clean up and return */
 ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:88:14: note:   from here
         goto savedone;
              ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:118:22: note:   crosses initialization of ‘SDL_PixelFormat* fmt’
     SDL_PixelFormat* fmt = surf->format;
                      ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:310:1: error: jump to label ‘savedone’ [-fpermissive]
 savedone: /* clean up and return */
 ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:81:14: note:   from here
         goto savedone;
              ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:118:22: note:   crosses initialization of ‘SDL_PixelFormat* fmt’
     SDL_PixelFormat* fmt = surf->format;
                      ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:310:1: error: jump to label ‘savedone’ [-fpermissive]
 savedone: /* clean up and return */
 ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:74:14: note:   from here
         goto savedone; /* Nothing to do. */
              ^
/home/zilvinas/Compile/fheroes2enh/src/engine/IMG_savepng.cpp:118:22: note:   crosses initialization of ‘SDL_PixelFormat* fmt’
     SDL_PixelFormat* fmt = surf->format;
                      ^
CMakeFiles/fheroes2.dir/build.make:278: recipe for target 'CMakeFiles/fheroes2.dir/src/engine/IMG_savepng.cpp.o' failed
make[2]: *** [CMakeFiles/fheroes2.dir/src/engine/IMG_savepng.cpp.o] Error 1
make[2]: *** Waiting for unfinished jobs....