First things first - how I reproduce the crash on my end:
1. Start any map (the more corpses & enemies, the faster it should be to reproduce)
2. Type `summon archangel` into the console (friendly Archvile in Hideous Destructor)
3. Either wait a minute or so, or type `i_timescale 50` to speed things up
4. The ArchAngel will attack nearby enemies and resurrect corpses as allies
5. Sooner or later, on one of the resurrections of corpses as allies or during the presence of friendly resurrected demons, crash will occur:
Code: Select all
*** Fatal Error ***
Address not mapped to object (signal 11)
Address: 0x7ffc1a70afe8
System: Linux heim 4.19.0-5-amd64 #1 SMP Debian 4.19.37-5 (2019-06-19) x86_64 GNU/Linux
GZDoom version g4.1.3 (d3e04a94c0fc4e4ab0480f69e25f1eefe9ed803a)
Compiler version: 8.3.0
Command line: /usr/games/gzdoom/gzdoom -iwad doom_complete.pk3 -file equinox.zip hideous_destructor
Wad 0: gzdoom.pk3
Wad 1: zd_extra.pk3
Wad 2: doom_complete.pk3
Wad 3: equinox.zip
Wad 4: equinox.zip:equinox.wad
Wad 5:
Current map: map01
viewx = -416.482277
viewy = 3892.601535
viewz = 124.000000
viewangle = 159.479187
Executing: gdb --quiet --batch --command=gdb-respfile-AFs2uU
And now, this is the output on the crash from Debug GZDoom in gdb
Code: Select all
Thread 1 "gzdoom" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff513e900 (LWP 5976)]
0x0000555555b03b78 in xs_Fix<16>::ToFix (val=<error reading variable: Cannot access memory at address 0x7fffff7feff8>)
at /home/ignacio/data/gzdoom_build/gzdoom/src/utility/xs_Float.h:91
91 finline static Fix ToFix (real64 val) {return xs_ConvertToFixed(val);}
Code: Select all
(gdb) backtrace
#0 0x0000555555b03b78 in xs_Fix<16>::ToFix (val=<error reading variable: Cannot access memory at address 0x7fffff7feff8>)
at /home/ignacio/data/gzdoom_build/gzdoom/src/utility/xs_Float.h:91
#1 0x0000555555afb58e in FloatToFixed (f=351.30619505835591) at /home/ignacio/data/gzdoom_build/gzdoom/src/utility/m_fixed.h:99
#2 0x00005555561fece0 in FLevelLocals::PointInSubsector (this=0x555557504460 <level>, x=351.30619505835591, y=2773.2464121425264)
at /home/ignacio/data/gzdoom_build/gzdoom/src/p_maputl.cpp:1953
#3 0x00005555561431c3 in FLevelLocals::PointInSector (this=0x555557504460 <level>, pos=...) at /home/ignacio/data/gzdoom_build/gzdoom/src/./g_levellocals.h:373
#4 0x00005555561e3451 in P_CheckPosition (thing=0x55555f4624f0, pos=..., tm=..., actorsonly=false) at /home/ignacio/data/gzdoom_build/gzdoom/src/p_map.cpp:1677
#5 0x00005555561e5390 in P_TryMove (thing=0x55555f4624f0, pos=..., dropoff=0, onfloor=0x0, tm=..., missileCheck=false)
at /home/ignacio/data/gzdoom_build/gzdoom/src/p_map.cpp:2165
#6 0x00005555561bd4c0 in P_Move (actor=0x55555f4624f0) at /home/ignacio/data/gzdoom_build/gzdoom/src/p_enemy.cpp:523
#7 0x00005555561c21dd in A_Wander (self=0x55555f4624f0, flags=0) at /home/ignacio/data/gzdoom_build/gzdoom/src/p_enemy.cpp:2124
#8 0x00007ffff2a24435 in ?? ()
#9 0x00007fffff7ffbf0 in ?? ()
#10 0x00005555561fb688 in FBlockLinesIterator::StartBlock (this=0x8000000000000001, x=1206910975, y=-536870912)
at /home/ignacio/data/gzdoom_build/gzdoom/src/p_maputl.cpp:633
Backtrace stopped: previous frame inner to this frame (corrupt stack?)