EOSERV Bug Tracker > Bug #356: TimeEvent double free when casting spells - server crash

Bug #356: TimeEvent double free when casting spells - server crash

TimeEvent double free when casting spells - server crash
ID #356
Submitter Sausage
Product EOSERV
Severity Critical
Status CLOSED, FIXED
Submitted 6th Aug 2015
Updated 6th Aug 2015
Related SVN Revisions
Rev# Date Description
r459 06 Aug 2015 23:10:21 UTC Fix spell crashing (bug #356)
Sausage Submitter
Developer 9 years, 16 weeks ago

character_cast_spell(void*) deletes the spell_event TimeEvent while the Timer system is executing it, leading to the TimeEvent being deleted twice.

Stack trace (r458):

  1. 6 0xb7396ea8 in operator delete(void*) () from /usr/lib/i386-linux-gnu/libstdc++.so.6

  • 7 0x0816a1d2 in Timer::Tick (this=0x9864d6c) at src/timer.cpp:257

  • 8 0x081fa8e1 in EOServer::Tick (this=0xbfd4f8a8) at src/eoserver.cpp:227

  • 9 0x0816055b in eoserv_main (argc=1, argv=0xbfd4fad4) at src/main.cpp:403

  • 10 0x0815f181 in main (argc=1, argv=0xbfd4fad4) at src/main.cpp:106

    • Removing the delete line from character_cast_spell should be a sufficient fix as it is not called from outside its timer event.

    Comments

    Sausage Submitter
    Developer     9 years, 16 weeks ago

    Hopefully fixed in r459 without any side-effects.

    Updated Status to CLOSED, FIXED

    Add Comment

    Please don't post unless you have something relevant to the bug to say.
    Do not comment to say "thanks" or "fix this please".

    Please log in to add comments. EOSERV Bug Tracker > Bug #356: TimeEvent double free when casting spells - server crash