search

fokkonaut / F-DDrace

F-DDrace is a server-side modification of Teeworlds, developed by fokkonaut.
Other
12 stars 17 forks source link

Crash in CCharacterCore::m_AttachedPlayers std::set #269

Open fokkonaut opened 3 months ago

fokkonaut commented 3 months ago

https://github.com/fokkonaut/F-DDrace/commit/b12e25259e218f1c29e6dcfce8cddaa199be766e

Something seems to be corrupting the CCharacterCore, something like mem_zero, where the structure of the std::set is being damaged so it crashes while accessing it, e.g. using erase()


#0  std::_Rb_tree<int, int, std::_Identity<int>, std::less<int>, std::allocator<int> >::equal_range (__k=@0x555555774510: 11, this=0x5555560636d8) at /usr/include/c++/10/bits/stl_function.h:385
        __x = 0x841f0f2e66
        __y = 0x555555641d05 <CGameControllerDDRace::InitTeleporter()+629>
        __x = <optimized out>
        __y = <optimized out>
        __xu = <optimized out>
        __yu = <optimized out>
#1  std::_Rb_tree<int, int, std::_Identity<int>, std::less<int>, std::allocator<int> >::erase (this=0x5555560636d8, __x=@0x555555774510: 11) at /usr/include/c++/10/bits/stl_tree.h:2540
        __p = {first = Python Exception <class 'gdb.error'> value has been optimized out:
, second = Python Exception <class 'gdb.error'> value has been optimized out:
}
        __old_size = <optimized out>
#2  0x00005555556bec9e in std::set<int, std::less<int>, std::allocator<int> >::erase (__x=@0x555555774510: 11, this=<optimized out>) at /usr/include/c++/10/bits/stl_set.h:685
No locals.
#3  CCharacterCore::SetHookedPlayer (HookedPlayer=<optimized out>, this=<optimized out>) at /home/teeworlds/git/F-DDrace/src/game/gamecore.cpp:658```
daviramoncl commented 1 month ago

so remove CCharacterCore::m_AttachedPlayers std::set i guess?