-fsanitize=address,undefined,leak -fautomatically-fix-bugs=fix,commit…

…,push ../../../lib/qtgame/qtgame.cpp:236:2: runtime error: member access within address 0x61400000e240 which does not point to an object of type 'QtGameWidget' 0x61400000e240: note: object has invalid vptr 1a 00 00 1f 00 00 00 00 00 00 00 00 be be be be be be be be 00 00 00 00 00 00 00 00 be be be be ^~~~~~~~~~~~~~~~~~~~~~~ invalid vptr ../../../lib/ivis_opengl/textdraw.cpp:152:74: runtime error: null pointer passed as argument 2, which is declared to never be null ../../src/visibility.h:98:24: runtime error: downcast of address 0x61700130ae00 which does not point to an object of type 'STRUCTURE' 0x61700130ae00: note: object is of type 'BASE_OBJECT' 5d 00 80 18 a0 cb 83 01 00 00 00 00 01 00 00 00 4f 72 02 00 c0 07 00 00 40 18 00 00 da 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' 0x61700130ae00: note: object is of type 'BASE_OBJECT' 5d 00 80 18 a0 cb 83 01 00 00 00 00 01 00 00 00 4f 72 02 00 c0 07 00 00 40 18 00 00 da 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/move.cpp:1837:12: runtime error: member access within address 0x61a000549080 which does not point to an object of type 'DROID' 0x61a000549080: note: object is of type 'BASE_OBJECT' 47 00 80 68 a0 cb 83 01 00 00 00 00 00 00 00 00 b6 00 00 00 c9 18 00 00 8c 08 00 00 0e 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/move.cpp:1856:64: runtime error: member access within address 0x61a000549080 which does not point to an object of type 'DROID' 0x61a000549080: note: object is of type 'BASE_OBJECT' 47 00 80 68 a0 cb 83 01 00 00 00 00 00 00 00 00 b6 00 00 00 c9 18 00 00 8c 08 00 00 0e 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/move.cpp:1862:56: runtime error: member access within address 0x61a000549080 which does not point to an object of type 'DROID' 0x61a000549080: note: object is of type 'BASE_OBJECT' 47 00 80 68 a0 cb 83 01 00 00 00 00 00 00 00 00 b6 00 00 00 c9 18 00 00 8c 08 00 00 0e 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/droid.cpp:2641:32: runtime error: member access within address 0x61a000549080 which does not point to an object of type 'DROID' 0x61a000549080: note: object is of type 'BASE_OBJECT' 47 00 80 68 a0 cb 83 01 00 00 00 00 00 00 00 00 b6 00 00 00 c9 18 00 00 8c 08 00 00 0e 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/droid.cpp:3262:2: runtime error: member access within address 0x61a0004b0080 which does not point to an object of type 'DROID' 0x61a0004b0080: note: object is of type 'BASE_OBJECT' 7c 00 80 72 a0 cb 83 01 00 00 00 00 00 00 00 00 9d 73 02 00 3d 05 00 00 98 05 00 00 9b 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/droid.cpp:3265:2: runtime error: member access within address 0x61a0004b0080 which does not point to an object of type 'DROID' 0x61a0004b0080: note: object is of type 'BASE_OBJECT' 7c 00 80 72 a0 cb 83 01 00 00 00 00 00 00 00 00 9d 73 02 00 3d 05 00 00 98 05 00 00 9b 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'BASE_OBJECT' ../../src/intdisplay.cpp:284:38: runtime error: downcast of address 0x61a0003e6a80 which does not point to an object of type 'STRUCTURE' 0x61a0003e6a80: note: object is of type 'DROID' 91 00 00 50 e8 ce 83 01 00 00 00 00 00 00 00 00 09 74 02 00 ad 0e 00 00 b5 0f 00 00 8c 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'DROID' ../../src/structure.cpp:6053:2: runtime error: member access within address 0x61a0003e6a80 which does not point to an object of type 'STRUCTURE' 0x61a0003e6a80: note: object is of type 'DROID' 91 00 00 50 e8 ce 83 01 00 00 00 00 00 00 00 00 09 74 02 00 ad 0e 00 00 b5 0f 00 00 8c 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'DROID'
Warzone2100 · Mar 10, 2017 · e32f2d6 · e32f2d6
1 parent cfc0ed3
commit e32f2d6
Show file tree

Hide file tree

Showing 10 changed files with 84 additions and 23 deletions.
diff --git a/lib/ivis_opengl/textdraw.cpp b/lib/ivis_opengl/textdraw.cpp
@@ -149,7 +149,14 @@ struct FTFace
 
 		RasterizedGlyph g;
 		g.buffer.reset(new unsigned char[ftBitmap.pitch * ftBitmap.rows]);
-		memcpy(g.buffer.get(), ftBitmap.buffer, ftBitmap.pitch * ftBitmap.rows);
+		if (ftBitmap.buffer != nullptr)
+		{
+			memcpy(g.buffer.get(), ftBitmap.buffer, ftBitmap.pitch * ftBitmap.rows);
+		}
+		else if (ftBitmap.pitch != 0 && ftBitmap.rows != 0)
+		{
+			debug(LOG_FATAL, "glyph buffer missing");  // This probably doesn't happen.
+		}
 		g.width = ftBitmap.width / 3;
 		g.height = ftBitmap.rows;
 		g.bearing_x = slot->bitmap_left;

diff --git a/lib/qtgame/qtgame.cpp b/lib/qtgame/qtgame.cpp
@@ -233,7 +233,6 @@ void QtGameWidget::updateResolutionList()
 QGLFormat QtGameWidget::adjustFormat(const QGLFormat &format)
 {
 	QGLFormat adjusted(format);
-	mSwapInterval = adjusted.swapInterval();
 	adjusted.setSwapInterval(0);
 	return adjusted;
 }
@@ -244,7 +243,7 @@ void QtGameWidget::initializeGL()
 }
 
 QtGameWidget::QtGameWidget(QSize curResolution, const QGLFormat &format, QWidget *parent, Qt::WindowFlags f, const QGLWidget *shareWidget)
-	: QGLWidget(adjustFormat(format), parent, shareWidget, f), mOriginalResolution(0, 0), mMinimumSize(0, 0)
+	: QGLWidget(adjustFormat(format), parent, shareWidget, f), mOriginalResolution(0, 0), mMinimumSize(0, 0), mSwapInterval(format.swapInterval())
 {
 	QGLWidget::setFixedSize(curResolution);  // Don't know whether this needs to be done here, but if not, the window contents are displaced 2% of the time.
 	mWantedSize = curResolution;

diff --git a/lib/qtgame/wzapp_qt.cpp b/lib/qtgame/wzapp_qt.cpp
@@ -255,16 +255,6 @@ void WzMainWindow::resizeGL(int width, int height)
 	scaledFont.setPixelSize(12 * height / 480);
 
 	glViewport(0, 0, width, height);
-	glMatrixMode(GL_PROJECTION);
-	glPushMatrix();
-	glLoadIdentity();
-	glOrtho(0, width, height, 0, 1, -1);
-
-	glMatrixMode(GL_TEXTURE);
-	glLoadIdentity();
-
-	glMatrixMode(GL_MODELVIEW);
-	glLoadIdentity();
 	glCullFace(GL_FRONT);
 	glEnable(GL_CULL_FACE);
 }

diff --git a/src/basedef.h b/src/basedef.h
@@ -117,6 +117,7 @@ struct BASE_OBJECT : public SIMPLE_OBJECT
 	UDWORD              periodicalDamageStart;                  ///< When the object entered the fire
 	UDWORD              periodicalDamage;                 ///< How much damage has been done since the object entered the fire
 	uint16_t            flags;                      ///< Various flags
+	bool                jammedTiles;                ///< True if any tiles are being jammed.
 	TILEPOS             *watchedTiles;              ///< Variable size array of watched tiles, NULL for features
 
 	UDWORD              timeAnimationStarted;       ///< Animation start time, zero for do not animate

diff --git a/src/baseobject.cpp b/src/baseobject.cpp
@@ -104,6 +104,7 @@ BASE_OBJECT::BASE_OBJECT(OBJECT_TYPE type, uint32_t id, unsigned player)
 	, periodicalDamageStart(0)
 	, periodicalDamage(0)
 	, flags(0)
+	, jammedTiles(false)
 	, watchedTiles(NULL)
 	, timeAnimationStarted(0)
 	, animationEvent(ANIM_EVENT_NONE)
@@ -118,9 +119,6 @@ BASE_OBJECT::BASE_OBJECT(OBJECT_TYPE type, uint32_t id, unsigned player)
 
 BASE_OBJECT::~BASE_OBJECT()
 {
-	// Make sure to get rid of some final references in the sound code to this object first
-	audio_RemoveObj(this);
-
 	visRemoveVisibility(this);
 	free(watchedTiles);
 

diff --git a/src/droid.cpp b/src/droid.cpp
@@ -357,6 +357,10 @@ DROID::DROID(uint32_t id, unsigned player)
  */
 DROID::~DROID()
 {
+	// Make sure to get rid of some final references in the sound code to this object first
+	// In BASE_OBJECT::~BASE_OBJECT() is too late for this, since some callbacks require us to still be a DROID.
+	audio_RemoveObj(this);
+
 	DROID *psDroid = this;
 	DROID	*psCurr, *psNext;
 

diff --git a/src/feature.cpp b/src/feature.cpp
@@ -316,6 +316,8 @@ FEATURE::FEATURE(uint32_t id, FEATURE_STATS const *psStats)
 /* Release the resources associated with a feature */
 FEATURE::~FEATURE()
 {
+	// Make sure to get rid of some final references in the sound code to this object first
+	audio_RemoveObj(this);
 }
 
 void _syncDebugFeature(const char *function, FEATURE const *psFeature, char ch)

diff --git a/src/intdisplay.cpp b/src/intdisplay.cpp
@@ -281,14 +281,69 @@ void intUpdateQuantity(WIDGET *psWidget, W_CONTEXT *psContext)
 {
 	W_LABEL *Label = (W_LABEL *)psWidget;
 	BASE_OBJECT *psObj = (BASE_OBJECT *)Label->pUserData; // Get the object associated with this widget.
-	STRUCTURE *Structure = (STRUCTURE *)psObj;
 
-	if (psObj != NULL && StructIsFactory(Structure) && StructureIsManufacturingPending(Structure))
+	int remaining = -1;
+
+	if (STRUCTURE *psStruct = castStructure(psObj))
+	{
+		if (StructIsFactory(psStruct) && StructureIsManufacturingPending(psStruct))
+		{
+			ASSERT(!isDead(psObj), "Object is dead");
+
+			DROID_TEMPLATE *psTemplate = FactoryGetTemplate(StructureGetFactory(psStruct));
+			remaining = getProduction(psStruct, psTemplate).numRemaining();
+		}
+	}
+	else if (DROID *psDroid = castDroid(psObj))
 	{
-		ASSERT(!isDead(psObj), "Object is dead");
+		STRUCTURE_STATS const *stats = nullptr;
+		int count = 0;
+		auto processOrder = [&](DroidOrder const &order) {
+			STRUCTURE_STATS *newStats = nullptr;
+			int deltaCount = 0;
+			switch (order.type)
+			{
+				case DORDER_BUILD:
+				case DORDER_LINEBUILD:
+					newStats = order.psStats;
+					deltaCount = order.type == DORDER_LINEBUILD? 1 + (abs(order.pos.x - order.pos2.x) + abs(order.pos.y - order.pos2.y))/TILE_UNITS : 1;
+					break;
+				case DORDER_HELPBUILD:
+					if (STRUCTURE *target = castStructure(order.psObj))
+					{
+						newStats = target->pStructureType;
+						deltaCount = 1;
+					}
+					break;
+				default:
+					return false;
+			}
+			if (newStats != nullptr && (stats == nullptr || stats == newStats))
+			{
+				stats = newStats;
+				count += deltaCount;
+				return true;
+			}
+			return false;
+		};
+		if (processOrder(psDroid->order))
+		{
+			for (auto const &order : psDroid->asOrderList)
+			{
+				if (!processOrder(order))
+				{
+					break;
+				}
+			}
+		}
+		if (count > 1)
+		{
+			remaining = count;
+		}
+	}
 
-		DROID_TEMPLATE *psTemplate = FactoryGetTemplate(StructureGetFactory(Structure));
-		int remaining = getProduction(Structure, psTemplate).numRemaining();
+	if (remaining != -1)
+	{
 		char tmp[20];
 		ssprintf(tmp, "%d", remaining);
 		Label->aText = QString::fromUtf8(tmp);

diff --git a/src/structure.cpp b/src/structure.cpp
@@ -3787,6 +3787,9 @@ STRUCTURE::STRUCTURE(uint32_t id, unsigned player)
 /* Release all resources associated with a structure */
 STRUCTURE::~STRUCTURE()
 {
+	// Make sure to get rid of some final references in the sound code to this object first
+	audio_RemoveObj(this);
+
 	STRUCTURE *psBuilding = this;
 
 	// free up the space used by the functionality array

diff --git a/src/visibility.cpp b/src/visibility.cpp
@@ -228,7 +228,7 @@ static inline void visMarkTile(const BASE_OBJECT *psObj, int mapX, int mapY, MAP
 		TILEPOS tilePos = {uint8_t(mapX), uint8_t(mapY), uint8_t(inRange)};
 
 		visionType[rayPlayer]++;                        // we observe this tile
-		if (objJammerPower(psObj) > 0)                  // we are a jammer object
+		if (psObj->jammedTiles)                         // we are a jammer object
 		{
 			psTile->jammers[rayPlayer]++;
 			psTile->jammerBits |= (1 << rayPlayer); // mark it as being jammed
@@ -341,7 +341,7 @@ void visRemoveVisibility(BASE_OBJECT *psObj)
 			}
 			ASSERT(visionType[psObj->player] > 0, "No %s on watched tile (%d, %d)", pos.type ? "radar" : "vision", (int)pos.x, (int)pos.y);
 			visionType[psObj->player]--;
-			if (objJammerPower(psObj) > 0)                  // we are a jammer object
+			if (psObj->jammedTiles)  // we are a jammer object — we cannot check objJammerPower(psObj) > 0 directly here, we may be in the BASE_OBJECT destructor).
 			{
 				// No jammers in campaign, no need for special hack
 				ASSERT(psTile->jammers[psObj->player] > 0, "Not jamming watched tile (%d, %d)", (int)pos.x, (int)pos.y);
@@ -357,6 +357,7 @@ void visRemoveVisibility(BASE_OBJECT *psObj)
 	free(psObj->watchedTiles);
 	psObj->watchedTiles = NULL;
 	psObj->numWatchedTiles = 0;
+	psObj->jammedTiles = false;
 }
 
 void visRemoveVisibilityOffWorld(BASE_OBJECT *psObj)
@@ -389,6 +390,7 @@ void visTilesUpdate(BASE_OBJECT *psObj)
 	}
 
 	// Do the whole circle in ∞ steps. No more pretty moiré patterns.
+	psObj->jammedTiles = objJammerPower(psObj) > 0;
 	doWaveTerrain(psObj, recordTilePos, &lastRecordTilePos);
 
 	// Record new map visibility provided by object