Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.9.3 Crash report #7766

Closed
SamuXarick opened this issue Oct 9, 2019 · 2 comments

Comments

@SamuXarick
Copy link
Contributor

@SamuXarick SamuXarick commented Oct 9, 2019

Version of OpenTTD

1.9.3

Expected result

Actual result

Steps to reproduce

I set up some NewGRFs downloaded via online content, and ran some AIs. Game started in 1950, but crashed quite early, in 1955.

The Minimal GS is edited.
Minimal GS.zip
crash.zip

@nielsmh

This comment has been minimized.

Copy link
Contributor

@nielsmh nielsmh commented Oct 9, 2019

Offending function:

/* static */ uint ScriptOrder::GetOrderDistance(ScriptVehicle::VehicleType vehicle_type, TileIndex origin_tile, TileIndex dest_tile)
{
if (vehicle_type == ScriptVehicle::VT_AIR) {
if (ScriptTile::IsStationTile(origin_tile) && ::Station::GetByTile(origin_tile)->airport.tile != INVALID_TILE) origin_tile = ::Station::GetByTile(origin_tile)->airport.tile;
if (ScriptTile::IsStationTile(dest_tile) && ::Station::GetByTile(dest_tile)->airport.tile != INVALID_TILE) dest_tile = ::Station::GetByTile(dest_tile)->airport.tile;
return ScriptMap::DistanceSquare(origin_tile, dest_tile);
} else {
return ScriptMap::DistanceManhattan(origin_tile, dest_tile);
}
}

Crash happens on line 670. origin_tile is 39971 (0x9C23) and that tile is a buoy.

image

This causes a crash because a buoy is a station tile, but it's not a station (it's a waypoint), thus IsStationTile() returns true, but Station::GetByTile() returns nullptr. So you get a null pointer dereference looking up the airport station part location.

Fix would be replacing by something like this, no need to check for IsStationTile() since Station::GetByTile() already checks that:

Station * origin_station = ::Station::GetByTile(origin_tile);
if (origin_station != nullptr) origin_tile = origin_st->airport.tile;

There is also a bug in the AI doing this, since it's asking for aircraft distance from a buoy to somewhere else, and aircraft don't use buoys!

@glx22

This comment has been minimized.

Copy link
Contributor

@glx22 glx22 commented Oct 9, 2019

Duplicate of #7593

@glx22 glx22 marked this as a duplicate of #7593 Oct 9, 2019
@glx22 glx22 closed this Oct 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.