SlashTHEM
SlashTHEM copied to clipboard
[Fuzzer] Hang from object merge
#0 0x000055555562e26a in mergable (otmp=otmp@entry=0x555555b41500, obj=obj@entry=0x55555597ecf0) at src/invent.c:3307
#1 0x0000555555630a08 in merged (potmp=potmp@entry=0x7fffffffdc68, pobj=pobj@entry=0x7fffffffdc70) at src/invent.c:271
#2 0x000055555563350f in stackobj (obj=<optimized out>) at src/invent.c:3298
#3 0x00005555555f90ef in throwit (obj=<optimized out>, obj@entry=0x555555b41500, wep_mask=wep_mask@entry=512, twoweap=twoweap@entry=0 '\000', thrown=thrown@entry=1) at src/dothrow.c:1422
#4 0x00005555555fad9f in throw_obj (obj=0x555555b41500, shotlimit=<optimized out>, thrown=1) at src/dothrow.c:303
#5 0x00005555555bc7b0 in rhack (cmd=<optimized out>, cmd@entry=0x0) at src/cmd.c:3814
#6 0x0000555555590ebc in moveloop () at src/allmain.c:654
#7 0x000055555558fbac in main (argc=<optimized out>, argv=<optimized out>) at sys/unix/unixmain.c:309
Game completely freezes; fuzzer makes no inputs and requires ctrl-c to halt, no error message
if you get an infinite loop, doing ctrl+c and bt and c a few times and taking note of what the backtrace is each time can help identify where the infinite loop is for diagnosis, it can show other lines of code that are being reached for example
should be easier to figure it out then, but at least we got one snapshot here