Path: utzoo!bnr-vpa!bnr-fos!dgibbs
From: dgibbs@bnr-fos.UUCP (David Gibbs)
Newsgroups: comp.sources.games.bugs
Subject: Conquer bug
Keywords: conquer bug
Message-ID: <757@bnr-fos.UUCP>
Date: 17 Jul 89 16:33:26 GMT
Organization: Bell-Northern Research, Ottawa, CANADA
Lines: 49


I have found a fairly subtle bug in the latest posting of conquer.  I can
show at least two places where it does happen, but I would not be surprised
if it occured several other places.  
  It occurs in line 419 of display.c; the line is:

  for (j=P_AYLOC-yoffset-ARMYSEE; j<=P_AYLOC-yoffset+ARMYSEE; j++)

P_AYLOC is defined as curntn->arm[armynum].yloc and is of type unsigned char.
yoffset and j are of type int
and ARMYSEE is a constant (normally 2)

The problem occurs when the terminating condition of the loop
(P_AYLOC-yoffset+ARMYSEE) is equal to -1.  WHat the C compiler
does is promote all the variables in the expression to unsigned for
the comparison, when j=-1, they are equal, but when j is increased to
0 it becomes a lot small than -1 considerred as an unsigned.  This will
cause a very long loop (possibly  endless if -1 unsigned become equal
to max unsigned).  This error could potentially occurr in any loop of
this type including lines 418, 412, and 411 of display.c at a minimum.
I don't know what the best fix for this is, but I would guess that
changing all the unsigned chars to short would be the easiest.
 
  I have include a simplified test program that demonstrates how this
can happen (and to make it obvious that those types can cause this problem.)
This program was run (and looped for a long type) and both a Sun 3/60
run SunOS 4.0 and an HP workstation of some sort running Hpux around 6.0.


----- begin code ----


main()
{
  unsigned char a = 21;
  short c = 24;
  int j;
  
  for (j = a-c-2; j<=a-c+2;j++) 
   { printf ("j is %d  ",j); }

}

------ end code -----


-David Gibbs
(dgibbs@bnr-fos.UUCP or
 ...!uunet!watmath!neat.ai.toronto.edu!utgpu!bnr-vpa!bnr-fos!dgibbs)