factorio-bot
factorio-bot copied to clipboard
Windfisch
spurious crash in pathfinding
Only occurs sometimes, not really reproducible. Addresses did not resolve to source code lines.
Scheduler::recalculate()
=================================================================
==2832==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdb4e53b58 at pc 0x563ae0c41ea5 bp 0x7ffdb4e52ff0 sp 0x7ffdb4e52fe8
READ of size 8 at 0x7ffdb4e53b58 thread T0
#0 0x563ae0c41ea4 (/home/flo/factorio-bot/bot+0x86fea4)
#1 0x563ae0c487d1 (/home/flo/factorio-bot/bot+0x8767d1)
#2 0x563ae0c3b598 (/home/flo/factorio-bot/bot+0x869598)
#3 0x563ae0c36c56 (/home/flo/factorio-bot/bot+0x864c56)
#4 0x563ae0c3611d (/home/flo/factorio-bot/bot+0x86411d)
#5 0x563ae0dd380b (/home/flo/factorio-bot/bot+0xa0180b)
#6 0x563ae0dad69c (/home/flo/factorio-bot/bot+0x9db69c)
#7 0x563ae0d99d99 (/home/flo/factorio-bot/bot+0x9c7d99)
#8 0x563ae0d97d4a (/home/flo/factorio-bot/bot+0x9c5d4a)
#9 0x563ae0f172df (/home/flo/factorio-bot/bot+0xb452df)
#10 0x7f440e62f222 (/usr/lib/libc.so.6+0x24222)
#11 0x563ae09facbd (/home/flo/factorio-bot/bot+0x628cbd)
Address 0x7ffdb4e53b58 is located in stack of thread T0 at offset 888 in frame
#0 0x563ae0c3626f (/home/flo/factorio-bot/bot+0x86426f)
This frame has 38 object(s):
[32, 40) 'point.i'
[64, 72) 'ref.tmp8.i'
[96, 480) 'log' (line 88)
[544, 576) 'ref.tmp' (line 88)
[608, 609) 'ref.tmp1' (line 88)
[624, 640) 'view_area' (line 94)
[656, 760) 'view' (line 97)
[800, 808) 'ref.tmp43' (line 97)
[832, 872) 'openlist' (line 102) <== Memory access at offset 888 overflows this variable
[912, 913) 'ref.tmp56' (line 102) <== Memory access at offset 888 underflows this variable
[928, 984) 'needs_cleanup' (line 104)
[1024, 1040) 'ref.tmp69' (line 106)
[1056, 1064) 'ref.tmp94' (line 107)
[1088, 1104) 'current' (line 112)
[1120, 1136) 'agg.tmp125'
[1152, 1168) 'agg.tmp135'
[1184, 1192) 'p' (line 123)
[1216, 1256) 'agg.tmp176'
[1296, 1336) 'agg.tmp179'
[1376, 1416) '__begin3' (line 136)
[1456, 1496) '__end3' (line 136)
[1536, 1544) 'pos197' (line 136)
[1568, 1600) 'ref.tmp205' (line 136)
[1632, 1696) 'steps' (line 147)
[1728, 1736) 'successor' (line 152)
[1760, 1768) 'ref.tmp625' (line 184)
[1792, 1800) 'ref.tmp646' (line 187)
[1824, 1840) 'ref.tmp647' (line 187)
[1856, 1864) 'ref.tmp675' (line 191)
[1888, 1904) 'ref.tmp690' (line 193)
[1920, 1936) 'ref.tmp706' (line 197)
[1952, 1960) 'ref.tmp725' (line 198)
[1984, 2024) '__begin1' (line 206)
[2064, 2104) '__end1' (line 206)
[2144, 2152) 'ref.tmp784' (line 208)
[2176, 2184) 'ref.tmp838' (line 213)
[2208, 2216) 'ref.tmp841' (line 213)
[2240, 2256) 'ref.tmp842' (line 213)
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow (/home/flo/factorio-bot/bot+0x86fea4)
Shadow bytes around the buggy address:
0x1000369c2710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1000369c2720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x1000369c2730: 00 00 00 00 00 00 00 00 f2 f2 f2 f2 f2 f2 f2 f2
0x1000369c2740: f8 f8 f8 f8 f2 f2 f2 f2 f8 f2 00 00 f2 f2 00 00
0x1000369c2750: 00 00 00 00 00 00 00 00 00 00 00 f2 f2 f2 f2 f2
=>0x1000369c2760: f8 f2 f2 f2 00 00 00 00 00 f2 f2[f2]f2 f2 f8 f2
0x1000369c2770: 00 00 00 00 00 00 00 f2 f2 f2 f2 f2 f8 f8 f2 f2
0x1000369c2780: f8 f2 f2 f2 00 00 f2 f2 00 00 f2 f2 00 00 f2 f2
0x1000369c2790: f8 f2 f2 f2 00 00 00 00 00 f2 f2 f2 f2 f2 00 00
0x1000369c27a0: 00 00 00 f2 f2 f2 f2 f2 f8 f8 f8 f8 f8 f2 f2 f2
0x1000369c27b0: f2 f2 f8 f8 f8 f8 f8 f2 f2 f2 f2 f2 f8 f2 f2 f2
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==2832==ABORTING
