This one is robust and reproducible.
I step on the bug each time at turn 25, from the attached game at turn 21 , modified to have endturn 30
common/city.c inline void set_city_production(struct city *pcity) ... 2872 : pcity->prod[o] * pcity->bonus[o] / 100, ... 2879 : pcity->prod[O_TRADE] * pcity->bonus[O_TRADE] / 100 ... 2886 : pcity->prod[o] = pcity->prod[o] * pcity->bonus[o] / 100;
with always mostly the same value - 1 billion * 100
../../common/city.c:2872:21: runtime error: signed integer overflow: -999999978 * 100 cannot be represented in type 'int' ../../common/city.c:2879:25: runtime error: signed integer overflow: -999999984 * 100 cannot be represented in type 'int' ../../common/city.c:2886:37: runtime error: signed integer overflow: -999999978 * 100 cannot be represented in type 'int'
need to check if this also happens in other cases :
several turns before our overflow we have index -1 out of bounds
> Game saved as Sz03-Ai012-Lm54-20230401-154838-T00021-auto.sav.xz > ../../common/unit.c:2475:13: runtime error: index -1 out of bounds for type 'const struct unit_list_link *[5]' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/unit.c:2475:13 in Game saved as Sz03-Ai012-Lm54-20230401-154838-T00022-auto.sav.xz > Game saved as Sz03-Ai012-Lm54-20230401-154838-T00023-auto.sav.xz > Game saved as Sz03-Ai012-Lm54-20230401-154838-T00024-auto.sav.xz > ../../common/city.c:2872:21: runtime error: signed integer overflow: -999999982 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2872:21 in ../../common/city.c:2879:25: runtime error: signed integer overflow: -999999985 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2879:25 in ../../common/city.c:2886:37: runtime error: signed integer overflow: -999999982 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2886:37 in Game saved as Sz03-Ai012-Lm54-20230401-154838-T00025-auto.sav.xz >
Reply To alain_bkr
need to check if this also happens in other cases : several turns before our overflow we have index -1 out of bounds {{{
Game saved as Sz03-Ai012-Lm54-20230401-154838-T00021-auto.sav.xz
../../common/unit.c:2475:13: runtime error: index -1 out of bounds for type 'const struct unit_list_link *5'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/unit.c:2475:13 in
Very likely not the cause to the later overflow. I opened #47900 about this one.
origin/S3_1 373049274
I have reproducible error directly at load time from Sz4-Ai001-Lm62-230409_184438-T00069-auto.sav.xz with only one AI alone
3: Savegame: 'ysize' has been set to 72. 3: Erminaz has been added as Cheating level AI-controlled player (classic). ../../common/city.c:2872:21: runtime error: signed integer overflow: -999999992 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2872:21 in ../../common/city.c:2879:25: runtime error: signed integer overflow: -999999997 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2879:25 in ../../common/city.c:2886:37: runtime error: signed integer overflow: -999999992 * 100 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../common/city.c:2886:37 in Console: 'savename' has been set to "reSz4-Ai001-Lm62-230409_184438-T%04T-%R". Console: 'endturn' has been set to 69. Game saved as reSz4-Ai001-Lm62-230409_184438-T0069-manual.sav.xz Starting game. ------------------------------------------------------------------------------ All options with non-default values ------------------------------------------------------------------------------ In the column '##' the status of
From https://osdn.net/projects/freeciv/ticket/46286#comment:12505:46286:1679918727 reported by alain_bkr:
17 ../../common/city.c:2872:21: runtime error: signed integer overflow
17 ../../common/city.c:2879:25: runtime error: signed integer overflow
17 ../../common/city.c:2886:37: runtime error: signed integer overflow
4 ../../common/city.c:3156:33: runtime error: signed integer overflow
The last one might be unrelated to the others. This was with S3_1.