Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent segfault on unload_activity_actor #70575

Merged
merged 1 commit into from
Jan 1, 2024
Merged

Prevent segfault on unload_activity_actor #70575

merged 1 commit into from
Jan 1, 2024

Conversation

inogenous
Copy link
Contributor

Summary

Bugfixes "Prevent segfault on unload_activity_actor"

Purpose of change

Describe the solution

Previous segfault being fixed:

 #0  __gnu_cxx::__atomic_add_dispatch () at /usr/include/c++/13/ext/atomicity.h:111
 #1  std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_add_ref_copy () at /usr/include/c++/13/bits/shared_ptr_base.h:152
 #2  0x00005652b2df5540 in std::shared_ptr<item_location::impl>::shared_ptr () at /usr/include/c++/13/bits/shared_ptr.h:204
 #3  item_location::item_location () at src/item_location.h:30
 #4  item_location::impl::item_in_container::item_in_container () at src/item_location.cpp:612
 #5  item_location::item_location () at src/item_location.cpp:767
 #6  0x00005652b27fa6b1 in unload_activity_actor::unload () at src/activity_actor.cpp:3232
 #7  0x00005652b32eed69 in player_activity::do_turn () at src/player_activity.cpp:383
 #8  0x00005652b2b553e7 in do_turn () at src/do_turn.cpp:487
 #9  0x00005652b25ea589 in main () at src/main.cpp:798

The problem before was that the reference to target in unload_activity_actor::unload was an invalid reference. This was caused by:

  1. unload_activity_actor::finish calls act.set_to_null().
  2. That sets the player activity to null type (=no current activity)
  3. unload_activity_actor::unload is static, and takes target as a reference.
  4. ::unload calls Character::add_or_drop_with_msg which leads to call chain: liquid_handler::consume_liquid -> get_liquid_target -> choose_adjacent -> choose_direction -> temp_hide_advanced_inv -> advanced_inventory::temp_hide -> advanced_inventory::do_return_entry
  5. advanced_inventory::do_return_entry assigns a new ACT_ADV_INVENTORY activity. This invalidates the previous unload_activity_actor because of pt 2 above.
  6. When static method unload_activity_actor::unload resumes after its call to add_or_drop_with_msg, the reference to target is invalid because of pt 5.

This commit attempt to fix the issue with invalidated target reference by copying its value before invalidating the activity.

Describe alternatives you've considered

Testing

Additional context

@inogenous
Prevent segfault on unload_activity_actor
398f701 
Prevents segfault that previously happened when pouring liquid to ground
from AIM using "examine" menu.

Previous segfault being fixed:
```
 #0  __gnu_cxx::__atomic_add_dispatch () at /usr/include/c++/13/ext/atomicity.h:111
 CleverRaven#1  std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_add_ref_copy () at /usr/include/c++/13/bits/shared_ptr_base.h:152
 CleverRaven#2  0x00005652b2df5540 in std::shared_ptr<item_location::impl>::shared_ptr () at /usr/include/c++/13/bits/shared_ptr.h:204
 CleverRaven#3  item_location::item_location () at src/item_location.h:30
 CleverRaven#4  item_location::impl::item_in_container::item_in_container () at src/item_location.cpp:612
 CleverRaven#5  item_location::item_location () at src/item_location.cpp:767
 CleverRaven#6  0x00005652b27fa6b1 in unload_activity_actor::unload () at src/activity_actor.cpp:3232
 CleverRaven#7  0x00005652b32eed69 in player_activity::do_turn () at src/player_activity.cpp:383
 CleverRaven#8  0x00005652b2b553e7 in do_turn () at src/do_turn.cpp:487
 CleverRaven#9  0x00005652b25ea589 in main () at src/main.cpp:798
```

The problem before was that the reference to `target` in
`unload_activity_actor::unload` was an invalid reference. This was
caused by:
  1. `unload_activity_actor::finish` calls `act.set_to_null()`.
  2. That sets the player activity to `null` type (=no current activity)
  3. `unload_activity_actor::unload` is `static`, and takes `target` as
     a reference.
  4. `::unload` calls `Character::add_or_drop_with_msg` which leads to
     call chain: `liquid_handler::consume_liquid` -> `get_liquid_target`
     -> `choose_adjacent` -> `choose_direction`
     -> `temp_hide_advanced_inv` -> `advanced_inventory::temp_hide`
     -> `advanced_inventory::do_return_entry`
  5. `advanced_inventory::do_return_entry` assigns a new
     `ACT_ADV_INVENTORY` activity. This invalidates the previous
     `unload_activity_actor` because of pt 2 above.
  6. When static method `unload_activity_actor::unload` resumes after
     its call to `add_or_drop_with_msg`, the reference to `target` is
     invalid because of pt 5.

This commit attempt to fix the issue with invalidated `target` reference
by copying its value before invalidating the activity.
@github-actions github-actions bot added [C++] Changes (can be) made in C++. Previously named `Code` <Bugfix> This is a fix for a bug (or closes open issue) astyled astyled PR, label is assigned by github actions json-styled JSON lint passed, label assigned by github actions labels Jan 1, 2024
@akrieger
Copy link
Member

akrieger commented Jan 1, 2024

Ew that set to null blows away the actor.

@akrieger akrieger merged commit 46cb5e4 into CleverRaven:master Jan 1, 2024
26 of 27 checks passed
@github-actions github-actions bot added the BasicBuildPassed This PR builds correctly, label assigned by github actions label Jan 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
astyled astyled PR, label is assigned by github actions BasicBuildPassed This PR builds correctly, label assigned by github actions <Bugfix> This is a fix for a bug (or closes open issue) [C++] Changes (can be) made in C++. Previously named `Code` json-styled JSON lint passed, label assigned by github actions
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Segfault when unloading a gallon jug of rotten milk
2 participants
@inogenous @akrieger