search

elunna / NerfHack

The official rewrite of Hack'EM rebased on NetHack 3.7
3 stars 0 forks source link

floor sanity no_charge obj not inside tended shop! 60b0007b8050 floor: 2 uncursed +'s {10} #15

Open elunna opened 10 months ago

elunna commented 10 months ago

Found while fuzzing, no rr recording.

Suddenly, the dungeon collapses.
floor sanity no_charge obj not inside tended shop! 60b0007b8050 floor: 2 uncursed +'s {10}
  Generating more information you may report:

(gdb) bt
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=140737339570112)
    at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (signo=6, threadid=140737339570112)
    at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=140737339570112, signo=signo@entry=6)
    at ./nptl/pthread_kill.c:89
#3  0x00007ffff7282476 in __GI_raise (sig=sig@entry=6)
    at ../sysdeps/posix/raise.c:26
#4  0x00007ffff72687f3 in __GI_abort () at ./stdlib/abort.c:79
#5  0x0000555555943e82 in NH_abort (
    why=0x7fffffffd1f0 "floor sanity no_charge obj not inside tended shop! 60b0007b8050 floor: 2 uncursed +'s {10}") at end.c:212
#6  0x0000555555946c31 in panic (str=0x555556031e20 "%s") at end.c:946
#7  0x0000555555bec7c4 in impossible (
    s=0x555555fd0e20 "%s no_charge obj not inside tended shop! %s %s: %s")
    at pline.c:532
#8  0x0000555555a99f7b in insane_object (obj=0x60b0007b8050, 
    fmt=0x555555fd0e20 "%s no_charge obj not inside tended shop! %s %s: %s", 
    mesg=0x555555fd0540 "floor sanity", mon=0x0) at mkobj.c:3162
#9  0x0000555555a9919d in shop_obj_sanity (obj=0x60b0007b8050, 
    mesg=0x555555fd0540 "floor sanity") at mkobj.c:3041
#10 0x0000555555a98489 in objlist_sanity (objlist=0x60b0002a9540, wheretype=1, 
    mesg=0x555555fd0540 "floor sanity") at mkobj.c:2935
#11 0x0000555555a9774f in obj_sanity_check () at mkobj.c:2838
#12 0x00005555558021d8 in sanity_check () at cmd.c:4278
#13 0x0000555555769ad9 in moveloop_core () at allmain.c:184
#14 0x000055555576c478 in moveloop (resuming=0 '\000') at allmain.c:574
#15 0x0000555555e71241 in main (argc=4, argv=0x7fffffffe4a8)
    at ../sys/unix/unixmain.c:310

(gdb) p gt.toplines
$1 = "It's solid stone.", '\000' <repeats 282 times>

(gdb) p *obj
$2 = {nobj = 0x60b000b7e8f0, v = {v_nexthere = 0x0, v_ocontainer = 0x0, 
    v_ocarry = 0x0}, cobj = 0x0, o_id = 5569303, ox = 73, oy = 4, otyp = 285, 
  owt = 10, quan = 2, spe = 90 'Z', oclass = 7 '\a', invlet = 68 'D', 
  oartifact = 0 '\000', where = 1 '\001', timed = 0, cursed = 0, blessed = 0, 
  unpaid = 0, no_charge = 1, known = 1, dknown = 1, bknown = 1, rknown = 1, 
  oeroded = 0, oeroded2 = 0, oerodeproof = 0, olocked = 0, obroken = 0, 
  otrapped = 0, recharged = 0, lamplit = 0, globby = 0, greased = 0, 
  nomerge = 0, how_lost = 2, in_use = 0, bypass = 0, cknown = 0, lknown = 0, 
  pickup_prev = 0, ghostly = 0, corpsenm = -1, usecount = 0, oeaten = 0, 
  age = 5842376, owornmask = 0, lua_ref_cnt = 0, omigr_from_dnum = 0, 
  omigr_from_dlevel = 0, oextra = 0x0}
(gdb) 

Obj appears to be a slime mold