Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-31 06:07:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

Core/Vehicles: Fixed a crash caused by accessing freed memory

Browse Source 
Valgrind log:
==1357== Invalid read of size 8
==1357== at 0x108339C: std::_Rb_tree<signed char, std::pair<signed char const, VehicleSeat>, std::_Select1st<std::pair<signed char const, VehicleSeat> >, std::less<signed char>, std::allocator<std::pair<signed char const, VehicleSeat> > >::begin() (stl_tree.h:685)
==1357== by 0x1082B23: std::map<signed char, VehicleSeat, std::less<signed char>, std::allocator<std::pair<signed char const, VehicleSeat> > >::begin() (stl_map.h:321)
==1357== by 0x1567152: VehicleAI::CheckConditions(unsigned int) (CombatAI.cpp:330)
==1357== by 0x1566EE5: VehicleAI::UpdateAI(unsigned int) (CombatAI.cpp:285)
==1357== by 0x11A8FB3: Creature::Update(unsigned int) (Creature.cpp:543)
==1357== by 0x11BC1A2: TempSummon::Update(unsigned int) (TemporarySummon.cpp:47)
==1357== by 0x12E8194: Trinity::ObjectUpdater::Visit(GridRefManager<Creature>&) (GridNotifiersImpl.h:45)
==1357== by 0x12F31BD: void VisitorHelper<Trinity::ObjectUpdater, Creature>(Trinity::ObjectUpdater&, ContainerMapList<Creature>&) (TypeContainerVisitor.h:64)
==1357== by 0x12F2CCB: void VisitorHelper<Trinity::ObjectUpdater, Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > >(Trinity::ObjectUpdater&, ContainerMapList<TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > >&) (TypeContainerVisitor.h:70)
==1357== by 0x12F251F: void VisitorHelper<Trinity::ObjectUpdater, GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > >(Trinity::ObjectUpdater&, ContainerMapList<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >&) (TypeContainerVisitor.h:71)
==1357== by 0x12F1BA5: void VisitorHelper<Trinity::ObjectUpdater, TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >(Trinity::ObjectUpdater&, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >&) (TypeContainerVisitor.h:94)
==1357== by 0x12F0DDD: TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >::Visit(TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >&) (TypeContainerVisitor.h:105)
==1357== by 0x12EF5A0: void Grid<Player, TypeList<Player, TypeList<Creature, TypeList<Corpse, TypeList<DynamicObject, TypeNull> > > >, TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >::Visit<Trinity::ObjectUpdater>(TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >&) (Grid.h:91)
==1357== by 0x12ED766: void NGrid<8u, Player, TypeList<Player, TypeList<Creature, TypeList<Corpse, TypeList<DynamicObject, TypeNull> > > >, TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >::VisitGrid<Trinity::ObjectUpdater, TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > >(unsigned int, unsigned int, TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >&) (NGrid.h:157)
==1357== by 0x12EA2D3: void Map::Visit<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >(Cell const&, TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >&) (Map.h:701)
==1357== by 0x12DCD84: Map::VisitNearbyCellsOf(WorldObject*, TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<GameObject, TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > > > >&, TypeContainerVisitor<Trinity::ObjectUpdater, TypeMapContainer<TypeList<Player, TypeList<Creature, TypeList<Corpse, TypeList<DynamicObject, TypeNull> > > > > >&) (Map.cpp:604)
==1357== by 0x12DD045: Map::Update(unsigned int) (Map.cpp:646)
==1357== by 0x1520E03: MapUpdateRequest::call() (MapUpdater.cpp:54)
==1357== by 0x1596958: DelayExecutor::svc() (DelayExecutor.cpp:52)
==1357== by 0x5184E56: ACE_Task_Base::svc_run(void*) (in /usr/lib/libACE-6.0.3.so)
==1357== Address 0x2a849600 is 32 bytes inside a block of size 168 free'd
==1357== at 0x4C2BADC: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1357== by 0x107F309: Vehicle::~Vehicle() (Vehicle.cpp:66)
==1357== by 0x10BE0D2: Unit::RemoveVehicleKit() (Unit.cpp:15949)
==1357== by 0x10B52CA: Unit::RemoveFromWorld() (Unit.cpp:13440)
==1357== by 0x11A7D73: Creature::RemoveFromWorld() (Creature.cpp:204)
==1357== by 0x11BCBAA: TempSummon::RemoveFromWorld() (TemporarySummon.cpp:279)
==1357== by 0x11BCD5E: Minion::RemoveFromWorld() (TemporarySummon.cpp:308)
==1357== by 0x10B5514: Unit::CleanupBeforeRemoveFromMap(bool) (Unit.cpp:13481)
==1357== by 0x10B5605: Unit::CleanupsBeforeDelete(bool) (Unit.cpp:13503)
==1357== by 0x12E3B67: Map::AddObjectToRemoveList(WorldObject*) (Map.cpp:2401)
==1357== by 0x10FCAAC: WorldObject::AddObjectToRemoveList() (Object.cpp:2138)
==1357== by 0x11BCABA: TempSummon::UnSummon(unsigned int) (TemporarySummon.cpp:256)
==1357== by 0x11BCAFA: ForcedUnsummonDelayEvent::Execute(unsigned long, unsigned int) (TemporarySummon.cpp:261)
==1357== by 0x159B665: EventProcessor::Update(unsigned int) (EventProcessor.cpp:47)
==1357== by 0x10858E2: Unit::Update(unsigned int) (Unit.cpp:318)
==1357== by 0x11A8E6C: Creature::Update(unsigned int) (Creature.cpp:519)
==1357== by 0x11BC1A2: TempSummon::Update(unsigned int) (TemporarySummon.cpp:47)
==1357== by 0x12E8194: Trinity::ObjectUpdater::Visit(GridRefManager<Creature>&) (GridNotifiersImpl.h:45)
==1357== by 0x12F31BD: void VisitorHelper<Trinity::ObjectUpdater, Creature>(Trinity::ObjectUpdater&, ContainerMapList<Creature>&) (TypeContainerVisitor.h:64)
==1357== by 0x12F2CCB: void VisitorHelper<Trinity::ObjectUpdater, Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > >(Trinity::ObjectUpdater&, ContainerMapList<TypeList<Creature, TypeList<DynamicObject, TypeList<Corpse, TypeNull> > > >&) (TypeContainerVisitor
This commit is contained in:
Shauren
2013-10-27 23:05:31 +01:00
parent 29570076d5
commit cf72f7cc5c
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/server/game/AI/CoreAI/CombatAI.cpp
View File

@@ -272,7 +272,7 @@ void TurretAI::UpdateAI(uint32 /*diff*/)
//VehicleAI
//////////////
VehicleAI::VehicleAI(Creature* c) : CreatureAI(c), m_vehicle(c->GetVehicleKit()), m_IsVehicleInUse(false), m_ConditionsTimer(VEHICLE_CONDITION_CHECK_TIME)
VehicleAI::VehicleAI(Creature* c) : CreatureAI(c), m_IsVehicleInUse(false), m_ConditionsTimer(VEHICLE_CONDITION_CHECK_TIME)
{
LoadConditions();
m_DoDismiss = false;
@@ -291,7 +291,9 @@ void VehicleAI::UpdateAI(uint32 diff)
m_DoDismiss = false;
me->SetVisible(false);
me->DespawnOrUnsummon();
}else m_DismissTimer -= diff;
}
else
m_DismissTimer -= diff;
}
}
@@ -310,6 +312,7 @@ void VehicleAI::OnCharmed(bool apply)
}
else if (apply)
m_DoDismiss = false;//in use again
m_DismissTimer = VEHICLE_DISMISS_TIME;//reset timer
m_IsVehicleInUse = apply;
}
@@ -327,8 +330,8 @@ void VehicleAI::CheckConditions(const uint32 diff)
{
if (!conditions.empty())
{
for (SeatMap::iterator itr = m_vehicle->Seats.begin(); itr != m_vehicle->Seats.end(); ++itr)
if (Unit* passenger = ObjectAccessor::GetUnit(*m_vehicle->GetBase(), itr->second.Passenger.Guid))
for (SeatMap::iterator itr = me->GetVehicleKit()->Seats.begin(); itr != me->GetVehicleKit()->Seats.end(); ++itr)
if (Unit* passenger = ObjectAccessor::GetUnit(*me, itr->second.Passenger.Guid))
{
if (Player* player = passenger->ToPlayer())
{
@@ -341,5 +344,7 @@ void VehicleAI::CheckConditions(const uint32 diff)
}
}
m_ConditionsTimer = VEHICLE_CONDITION_CHECK_TIME;
} else m_ConditionsTimer -= diff;
}
else
m_ConditionsTimer -= diff;
}

1
src/server/game/AI/CoreAI/CombatAI.h
View File

@@ -105,7 +105,6 @@ struct VehicleAI : public CreatureAI
void OnCharmed(bool apply);
private:
Vehicle* m_vehicle;
bool m_IsVehicleInUse;
void LoadConditions();
void CheckConditions(const uint32 diff);