"Double free or corruption" on assign_continent_flood()
Well addign_continent_flood() removes tile from a list it's currently iterating, and that's not _safe iterator (I don't think one exist for this). That's the case on all branches, and is likely very old bug - somehow it just has never caused failures before this particular autogame. With this information it's hard to estimate if this is critical issue wrt 3.0.4 release. Seems not to be a regression, but it's possible that I've just encountered the first crash that is coming to be a trend e.g. because some new dependency library version.
Reply To cazfi
it's possible that I've just encountered the first crash that is coming to be a trend e.g. because some new dependency library version.
Well, the very glibc itself had been updated just before that autogame run. So it's likely that this crash will be common as the new glibc version gets widely used -> 3.0.4 should have a fix.
Reply To cazfi
Well assign_continent_flood() removes tile from a list it's currently iterating, and that's not _safe iterator (I don't think one exist for this).
There's something more to this - I reworked that part, but the crash remains effectively the same (still no way to reproduce consistently, but now with a high percentage of the runs of that autogame)
From the save autogame (and likely from the very situation) valgrind reports invalid read on dai_data_phase_begin() handling of workers/continent statistics, in call chain beginning from the tile change. Likely this AI stats update is happening when the terrain class has already changed, but continent numbers have not been updated to reflect that.
Seems that to do all this properly requires quite big changes (and most importantly a lot of testing, which is going to take time.) So, opened an emergency fix ticket #45768 for a temporary solution to enable 3.0.4 release.
Reply To cazfi
Well addign_continent_flood() removes tile from a list it's currently iterating, and that's not _safe iterator (I don't think one exist for this). That's the case on all branches, and is likely very old bug - somehow it just has never caused failures before this particular autogame. With this information it's hard to estimate if this is critical issue wrt 3.0.4 release. Seems not to be a regression, but it's possible that I've just encountered the first crash that is coming to be a trend e.g. because some new dependency library version.
As this was not the cause of this particular ticket, filed a new ticket about it -> #45825
Attached patch is a bit simpler than what I had in my mind earlier, but this should be fine for the current codebase. Let's move to the over-engineered version only once there's need for it.
Got this in a S3_1 autogame. After several reproducing attempts got it again (maybe one has to configure with '--enable-testmatic', as that was the latest change in my reproducing attempts before it succeeded)
glibc reports "double free or corruption" from tile_list_remove() called when continent numbers are reassigned from check_terrain_change()