Nothing entered.
[http://sourceforge.net/p/ufoai/bugs/3024 Item 3024] imported from sourceforge.net tracker on 2013-01-28 19:58:38
When I enter into terror mission the game crashes.
(gdb)bt full
#0 Com_Parse (data_p=0x7fffffff9e18) at src/shared/parse.c:125
c = <value optimized out>
len = 0
data = 0x10f6c6d87 <Address 0x10f6c6d87 out of bounds>
#1 0x00000000004a3544 in CMod_LoadEntityString (
name=0x7fffffffa050 "village/vil_craft_ufo_harvester", day=qtrue, sX=-16,
sY=-32, sZ=0 '\000', mapData=<value optimized out>,
mapTiles=0x7fffeb2b3b40) at src/common/bsp.c:630
model = 0x0
token = <value optimized out>
es = 0x10f6c6d87 <Address 0x10f6c6d87 out of bounds>
keyname = "P\240\377\377\377\177\000\000o\240\377\377\377\177\000\000\217\240\377\377\377\177\000\000P\240\377\377\377\177\000\000\217\240\377\377\377\177", '\000' <repeats 42 times>, "\006\000\000\000\004\000\000\000(\000\000\000\377\177\000\000\000\000\377\377\377\177\000\000\000\000\000\000\000\000\000\000\020\237\377\377\377\177\000\000\300\235\377\377\377\177\000\000\374\b\001\352\377\177\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\340\235\377\377\377\177\000\000\377\377\377\377\000\000\000\000О\377\377\377\177\000\000\001\000\000\000\000\000\000\000@\204\265\364\377\177\000\000\000\000\000\000\000\000\000\000C\227S\000\000\000\000\000\300\311\363\001\000\000\000\000\300\341\215\364\377\177\000\000\001\200\255\373\377\177\000\000\300\311\363\001\000\000\000\000\300\311\363\001\000\000\000\000\300\311\363\001\000\000\000"
v = {8.95535993e-38, 0, 8.95536386e-38}
day=qtrue, sX=-16, sY=-32, sZ=0 '\000', mapData=<value optimized out>,
mapTiles=0x7fffeb2b3b40) at src/common/bsp.c:843
filename = "maps/village/vil_craft_ufo_harvester.bsp\000\000\000\000\000\000\000\000\005\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377"
checksum = 1295923224
buf = 0xf6c6d88 "IBSPN"
i = <value optimized out>
length = <value optimized out>
header = {ident = 1347633737, version = 78, lumps = {{
fileofs = 4294967295, filelen = 12398}, {fileofs = 144,
filelen = 40520}, {fileofs = 105248, filelen = 50328}, {
fileofs = 3658968, filelen = 407997}, {fileofs = 205904,
filelen = 74900}, {fileofs = 280804, filelen = 40464}, {
fileofs = 321268, filelen = 52620}, {fileofs = 482056,
filelen = 1588453}, {fileofs = 2070512, filelen = 1588453}, {
fileofs = 40664, filelen = 64584}, {fileofs = 393412,
filelen = 1838}, {fileofs = 441844, filelen = 27396}, {
fileofs = 395252, filelen = 46592}, {fileofs = 469240,
filelen = 12816}, {fileofs = 373888, filelen = 5760}, {
fileofs = 379648, filelen = 13764}, {fileofs = 155576,
filelen = 50328}}}
shift = {-512, -1024, 0}
base = <value optimized out>
tile = 0x7fffeb2b3b40
#3 0x00000000004a4558 in CM_LoadMap (
tiles=0x7fffea01091e " +c01 +craft_drop_firebird +c04 +s07 +s02 +s02 +s02 +s02 +s07 +s02 +s07 +c01 +d04 +r03 +d06 +d04 +d04 +d07 +d06 +d02 +d06 +d02 +d03 +d02 +d03 +d03 +d05 +d05 +d05", day=qtrue,
pos=0x7fffea012205 " 8 0 0 -16 16 0 -32 -16 0 -16 -32 0 24 -32 0 -16 0 0 -8 0 0 0 0 0 24 0 0 -32 -32 0 -24 -32 0 -32 0 0 -32 -24 0 -24 -24 0 24 -24 0 24 -16 0 -16 -8 0 -8 -8 0 24 -8 0 -16 8 0 -8 8 0 0 8 0 24 8 0 -24 24 0"...,
mapData=0x7fffea053b20, mapTiles=0x7fffeb2b3b40) at src/common/bsp.c:1011
sh = {-16, -32, 0}
token = <value optimized out>
name = "village/vil_craft_ufo_harvester\000h\324\332\016\000\000\000\000\243\243J\000\000\000\000\000\220۟\016\000\000\000\000\020\272\377\377\004\000\000"
base = "village/vil_\000\000\000\000\b\000\000\000\000\000\000\000\370\200L\000\000\000\000\000\005\000\000\000\000\000\000\000x\371\216\r\000\000\000\000\374\b\001\352\377\177\000\000\324\373\216\r\000\000\000"
#4 0x00000000004c2561 in SV_Map (day=qtrue,
levelstring=0x7fffffffba10 "+village", assembly=<value optimized out>)
at src/server/sv_init.c:174
i = <value optimized out>
checksum = 0
map = 0x7fffea0108fc "-village/vil_ +craft_ufo_harvester +c01 +craft_drop_firebird +c04 +s07 +s02 +s02 +s02 +s02 +s07 +s02 +s07 +c01 +d04 +r03 +d06 +d04 +d04 +d07 +d06 +d02 +d06 +d02 +d03 +d02 +d03 +d03 +d05 +d05 +d05"
pos = 0x7fffea0121fc "-16 -32 0 8 0 0 -16 16 0 -32 -16 0 -16 -32 0 24 -32 0 -16 0 0 -8 0 0 0 0 0 24 0 0 -32 -32 0 -24 -32 0 -32 0 0 -32 -24 0 -24 -24 0 24 -24 0 24 -16 0 -16 -8 0 -8 -8 0 24 -8 0 -16 8 0 -8 8 0 0 8 0 24 8 0"...
randomMap = 0xd8ef978
cl = 0x0
#5 0x00000000004c0ebf in SV_Map_f () at src/server/sv_ccmds.c:179
assembly = 0x7fffffffa110 "commercial"
bufMap = "+village\000\276\377\377\377\177\000\000\020@3\351\377\177\000\000\017ж\360\377\177\000\000\000\000\000\000\000\000\000\000\006\000\000\000\377\177\000\000w\003", '\000' <repeats 14 times>"\200, \004\000\000\000\000\000\000\024\000\000\000\377\177\000\000\020\000\000\000\377\177\000\000\020\000\000\000\000P\230 \000\000\000\000\004\300`C", '\000' <repeats 12 times>, "\001\000\000\000\001\000\000\000\377\177\000\000\001\000\000\000\377\177\000\000\373\230\242\360\377\177\000\000\000\000\000\000\377\177\000\000\006\000\000\000\377\177\000\000w\003\000\000\377\177\000\000\000\000\000\000\377\177\000\000\200\004\000\000\000\000\000\000\024\000\000\000\377\177\000\000\000\000\000\000\377\177\000\000\001\000\000\000\377\177\000\000Г\375\366\377\177\000\000\300\273\377\377\377\177", '\000' <repeats 18 times>, " \000\000\000\060\000\000\000\300\275\377\377\377\177\000\000\000\275\377\377\377\177"...
bufAssembly = "commercial", '\000' <repeats 798 times>"\240, \244\377\377\377\177\000\000\240\244\377\377\377\177\000\000\220\244\377\377K\001\000\000\000\000\000\000\000\000\000\000\300\244\377\377\377\177\000\000\300\244\377\377\377\177\000\000\260\244\377\377K\001\000\000\000\000\000\000\000\000\000\000@\001\000\000%\000\000\000\200\061\000\000\000\000\000\000\030\036S\364\377\177\000\000\000\000\000\000\000\000\000\000K\001\000\000\000\000\000\000\000\000\001\000\000\000\000\000\200\061\000\000\000\000\000\000\235\000\000\000\000\000\000\000\035\061\000\000\000\000\000\000\036\000\000\000\000\000\000\000\200\061\000\000\000\000\000\000\200\245\377\377\377\177\000\000dpU\364\377\177\000\000\000\000\001\000\000\000\000\000\025\000\000\000\030\000\000\000\024\000\000\000\025\000\000\000\240\245\377\377\377\177\000\000\235\000\000\000\000\000\000\000\035\061\000\000\034\000\000\000\224\002\000\000\000\000\000\000\337\003\000\000\000\000\000\000\343"...
day = qtrue
#6 0x000000000049ff21 in Cbuf_Execute () at src/common/cmd.c:248
text = 0x8bf100 "map day +village commercial\n\ntercept_ready_update\neoscape;\nnge geoscape;\nmusic_change geoscape;\n\n_change geoscape;\n\nange geoscape;\n it\n\nversion\n\n\nild popup_tipoftheday main;check_cvars;\nh_child popup_"...
quotes = <value optimized out>
i = <value optimized out>
line = "map day +village commercial", '\000' <repeats 509 times>, "\032v\216\366\377\177\000\000\000\000\000\000\000\000\000\000!\003\214\366\377\177\000\000\020\340\357\367\377\177\000\000\000Ŵ\004\000\000\000\000\020\223\276\004\000\000\000\000\320z\300\004", '\000' <repeats 12 times>, "\032v\216\366\377\177\000\000\020\340\357\367\377\177\000\000!\003\214\366\377\177\000\000\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\b\326\377\377\377\177\000\000\000\000\000@\000\000\000\000(6\a@\000\000\000\000\000\000\000@\000\000\000\000X\223\276\004\000\000\000\000[\a\226\360\377\177\000\000\020\223\276\004\000\000\000\000IӜ\360\377\177\000\000\300i}\361\377\177\001\000\240\\\264\366\377\177\000\000\001\000\000\000\000\000\000\000X\326\377\377\377\177\000\000\001\000\000\000\000\000\000\000X\223\276\004\000\000\000\000Й\262"...
#7 0x0000000000412540 in CL_SendCommand () at src/client/cl_main.c:1079
No locals.
#8 0x00000000004a8fb1 in tick_timer (now=194949, data=0x7879e88)
at src/common/common.c:1275
timer = 0x7879e88
old_interval = 20
lateness = 0
#9 0x00000000004a9217 in Qcommon_Frame () at src/common/common.c:1426
time_to_next = <value optimized out>
event = 0xeec4588
#10 0x00000000004fc816 in main (argc=<value optimized out>,
argv=<value optimized out>) at src/ports/linux/linux_main.c:55
No locals.
===== Comments Ported from Sourceforge =====
====== o01eg (2011-10-01 12:26:25) ======
====== o01eg (2011-10-01 15:09:09) ======
It's look as wrong value in l->fileofs in CMod_LoadEntityString
(gdb) p *l
$6 = {fileofs = 4294967295, filelen = 12398}
====== tlh2000 (2011-10-02 09:01:11) ======
can you maybe attach your maps/village/vil_craft_ufo_harvester.bsp (zip it, or upload it somewhere else if it's too big)
did you compile this on your own? or did you use the maps-sync script?
====== tlh2000 (2011-10-02 09:18:54) ======
btw. is this reproducible for you? which rev was it? and what is your architecture?
====== tlh2000 (2011-10-02 09:21:00) ======
btw. the overflow is that a -1L was stored in the lump offset value (which is a uint32_t)
====== tlh2000 (2011-10-02 09:34:19) ======
ah, rev is c46156ee8f703205764734e3beb421192e6 (removing it from the title now)
====== tlh2000 (2011-10-02 09:35:26) ======
the segfault should be fixed in d970b2ee700441611809bd1847250ae8a4b360eb
the overflow should be fixed in 771c4dabeec25f9b0aa611d7306f177dee218e09
====== o01eg (2011-10-02 09:59:40) ======
Update and recompile maps/village/vil_craft_ufo_harvester
"tiles: -village/vil_ +craft_ufo_harvester +c01 +craft_drop_firebird +c04 +s07 +s02 +s07 +s07 +s02 +c01 +s02 +s01 +d07 +d05 +d05 +d03 +d07 +d02 +d03 +r01 +d03 +d07 +d02 +d05
pos: -24 -32 0 -8 8 0 -32 -8 0 16 -24 0 -24 -32 0 16 -32 0 24 -32 0 -32 -32 0 -32 8 0 -24 8 0 8 8 0 16 8 0 -32 -24 0 -32 -16 0 -8 0 0 0 0 0 -32 16 0 -32 24 0 8 0 0 16 -8 0 8 16 0 16 16 0 8 24 0 16 24 0
tiles: 24
CM_LoadMap: "-village/vil_ +craft_ufo_harvester +c01 +craft_drop_firebird +c04 +s07 +s02 +s07 +s07 +s02 +c01 +s02 +s01 +d07 +d05 +d05 +d03 +d07 +d02 +d03 +r01 +d03 +d07 +d02 +d05" "-24 -32 0 -8 8 0 -32 -8 0 16 -24 0 -24 -32 0 16 -32 0 24 -32 0 -32 -32 0 -32 8 0 -24 8 0 8 8 0 16 8 0 -32 -24 0 -32 -16 0 -8 0 0 0 0 0 -32 16 0 -32 24 0 8 0 0 16 -8 0 8 16 0 16 16 0 8 24 0 16 24 0"
[New Thread 0x7fffde60d700 (LWP 9014)]
[Thread 0x7fffde60d700 (LWP 9014) exited]
[New Thread 0x7fffde60d700 (LWP 9015)]
[Thread 0x7fffde60d700 (LWP 9015) exited]
Error: Invalid bsp header found (lump overflow)
[Thread 0x7fffdee0e700 (LWP 9012) exited]
Program exited with code 01."
====== o01eg (2011-10-02 10:33:01) ======
OK, fixed.
![[avatar]](/bugs/avatars/user_small.png)
You are not logged in
UFO: Alien Invasion /
Closed
Bug report #3024
SIGSEGV on loading map
