Question Crash bug - need assistance with GDB

I have been trying to find this issue for week now. Basically when we call dg_misc.c for dg_valid_target() It corrupts the character. It does not happen right away but 12-24 hours into the game. Hoping someone with more skill in GDB can assist.


(gdb) up
#1 0x00000000004341a7 in get_char_by_obj (obj=obj@entry=0x3a251f0, name=name@entry=0x3b224d0 "}32387")
at dg_scripts.c:509
509 if (ch && valid_dg_target(ch, DG_ALLOW_GODS))
(gdb) info local
ch = <optimized out>
(gdb) up
#2 0x000000000041d5aa in find_replacement (go=go@entry=0x3a251f0, sc=sc@entry=0x326bdf0,
trig=trig@entry=0x3b34f80, type=type@entry=1, var=var@entry=0x7ffd7586ffa1 "actor",
field=field@entry=0x7ffd7586ffa7 "inventory", subfield=0x7ffd758705a0 "8461", str=0x7ffd758701a0 "", slen=512)
at dg_variables.c:376
376 if ((c = get_char_by_obj(obj, name)));
(gdb) info local
vd = 0x3a1be20
ch = <optimized out>
c = 0x0
rndm = <optimized out>
obj = 0x3a251f0
o = 0x0
room = <optimized out>
r = 0x0
name = 0x3b224d0 "}32387"
count = <optimized out>
i = <optimized out>
doors = <optimized out>
send_cmd = {0x584d4f "", 0x584d56 "year", 0x584d5d "ndmob"}
echo_cmd = {0x584d64 "indobj", 0x584d6b "random", 0x584d72 "char"}
echoaround_cmd = {0x584d79 "nbeseen", 0x584d86 "ll", 0x584d93 "ower"}
door = {0x584da0 "", 0x584da7 "ached", 0x584dae "eshe"}
force = {0x584db5 "mher", 0x584dbd "her", 0x584dc5 "oll"}
load = {0x584dcd "er", 0x584dd4 "c", 0x584ddb "ller"}
purge = {0x584de2 "f", 0x584dea "ef", 0x584df2 "tp"}
teleport = {0x584dfa "na", 0x584e05 "next_in_room", 0x584e10 "m"}
xdamage = {0x584e1b "pref", 0x584e24 "tpoints", 0x584e2d "pnts"}
zoneecho = {0x584e36 "tdone", 0x584e41 "g_breath", 0x584e4c "ving_para"}
asound = {0x584e57 "aving_petri", 0x584e60 "ri", 0x584e69 "_rod"}
at = {0x584e72 "ng_spell", 0x584e77 "ell", 0x584e7c "killset"}
transform = {0x584e81 "et", 0x584e8d "d", 0x584d72 "char"}
recho = {0x584e99 "exists", 0x584ea1 "is", 0x584ea9 "per_day"}
omove = {0x584d64 "indobj", 0x584eb1 "carried_by", 0x584eb8 "_by"}
(gdb)



I can provide much more detail

Thanks in advance.

please supply output from
frame #0 print *ch
frame #1 print *obj
frame #1 print *ch

My initial assumption here is that the return value from find_char_by_uid_in_lookup_table(32387) returns something that has already been free'd. This was a major problem in the beginning when those lookup tables were introduced, but they should have been cleaned out by now.
I can tell that this happens in a trigger - would you show that trigger, too?

frame #2 print *trig

Thomas! Thank you so much, even before this I think i solved it. I had 3 memory leaks. I was free'ing our unique spec procs as a prototype. I fixed those 2 instances and we also do something unique in corpse creation. I had a leak there as well.

I have been testing to valgrind for a day now, and watching. So far no triggers have corrupted. If it happens again, which it has 20-30 times in past 3 weeks. I will post those values. Right now I cannot give you those since the binary file has changed and I cannot reproduce them.

Though, this gives me more in my GDB tool box to learn how to use.

spoke too soon. The same type of crash that i get just happened. I will get you the details now.

Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00000000004a3bbc in valid_dg_target (ch=ch@entry=0x2806290, bitvector=bitvector@entry=1) at dg_misc.c:282
282 else if (ch->desc && (STATE(ch->desc) != CON_PLAYING))
(gdb) back
#0 0x00000000004a3bbc in valid_dg_target (ch=ch@entry=0x2806290, bitvector=bitvector@entry=1) at dg_misc.c:282
#1 0x000000000050eebe in get_char_in_room (room=<optimized out>, name=name@entry=0x2729740 "}966") at dg_scripts.c:408
#2 0x00000000005586da in find_replacement (go=go@entry=0x1d67db0, sc=sc@entry=0x1d680f0, trig=trig@entry=0x1d68130,
type=type@entry=0, var=var@entry=0x7ffeaf20adc1 "actor", field=field@entry=0x7ffeaf20adc7 "is_pc",
subfield=0x7ffeaf20b3c0 "", str=0x7ffeaf20afc0 "", slen=512) at dg_variables.c:366
#3 0x000000000055c1a3 in var_subst (go=0x1d67db0, sc=0x1d680f0, trig=0x1d68130, type=0, line=<optimized out>,
buf=<optimized out>) at dg_variables.c:1709
#4 0x000000000050e820 in eval_expr (line=line@entry=0x7ffeaf20b861 "%actor.is_pc%", result=result@entry=0x7ffeaf20bab0 "",
go=go@entry=0x1d67db0, sc=sc@entry=0x1d680f0, trig=trig@entry=0x1d68130, type=type@entry=0) at dg_scripts.c:1507
#5 0x000000000050e86d in eval_expr (line=line@entry=0xf6d893 "(%actor.is_pc%)", result=result@entry=0x7ffeaf20bab0 "",
go=go@entry=0x1d67db0, sc=sc@entry=0x1d680f0, trig=trig@entry=0x1d68130, type=type@entry=0) at dg_scripts.c:1503
#6 0x000000000050e891 in process_if (cond=cond@entry=0xf6d893 "(%actor.is_pc%)", go=go@entry=0x1d67db0, sc=sc@entry=0x1d680f0,
trig=trig@entry=0x1d68130, type=type@entry=0) at dg_scripts.c:1580
#7 0x0000000000511bc9 in script_driver (go_adress=go_adress@entry=0x7ffeaf20cb58, trig=trig@entry=0x1d68130, type=type@entry=0,
mode=mode@entry=0) at dg_scripts.c:2538
#8 0x00000000004b0965 in greet_mtrigger (actor=actor@entry=0x2194150, dir=dir@entry=-1) at dg_triggers.c:227
#9 0x00000000004ebd6c in spell_teleport (ch=0x2194150, victim=0x2194150, casttype=<optimized out>, spellnum=<optimized out>,
obj=<optimized out>, level=<optimized out>) at spells.c:294
#10 0x000000000053aafa in call_magic (caster=0x2806290, cvict=0x1, ovict=0xa, spellnum=0, level=1382321952, casttype=41064260,
ShowFlash=1 '\001') at spell_parser.c:267
#11 0x000000000053b435 in cast_spell (ch=0x2194150, tch=0x2194150, tobj=0xa, tobj@entry=0x0, spellnum=0, spellnum@entry=89,
ShowFlash=32 ' ', ShowFlash@entry=1 '\001') at spell_parser.c:541
#12 0x000000000053beb1 in do_cast (ch=0x2194150, argument=0x7ffeaf20d823 "'tele'", cmd=<optimized out>, subcmd=0)
at spell_parser.c:854
#13 0x0000000000447423 in command_interpreter (ch=0x2194150, argument=0x7ffeaf20d821 "c 'tele'",
argument@entry=0x7ffeaf20d820 " c 'tele'") at interpreter.c:741
#14 0x0000000000539693 in game_loop (local_mother_desc=3) at comm.c:932
#15 0x0000000000403674 in init_game (local_port=<optimized out>) at comm.c:568
#16 main (argc=<optimized out>, argv=<optimized out>) at comm.c:384

(gdb) frame 0 print *ch
Value can't be converted to integer.
(gdb) frame 1 print *ch
Value can't be converted to integer.
(gdb) frame 1 print *trg
No symbol "trg" in current context.

(gdb) up
#2 0x00000000005586da in find_replacement (go=go@entry=0x1d67db0, sc=sc@entry=0x1d680f0, trig=trig@entry=0x1d68130,
type=type@entry=0, var=var@entry=0x7ffeaf20adc1 "actor", field=field@entry=0x7ffeaf20adc7 "is_pc",
subfield=0x7ffeaf20b3c0 "", str=0x7ffeaf20afc0 "", slen=512) at dg_variables.c:366
366 else if (ch->in_room != NOWHERE && (c = get_char_in_room(&world[ch->in_room], name)));
(gdb) info local
vd = 0x28cb9e0
ch = 0x1d67db0
c = 0x0
rndm = <optimized out>
obj = <optimized out>
o = 0x0
room = <optimized out>
r = 0x0
name = 0x2729740 "}966"
count = <optimized out>
i = <optimized out>
doors = <optimized out>
send_cmd = {0x5e7889 "msend ", 0x57672e "osend ", 0x5ab5e4 "wsend "}
echo_cmd = {0x5e7890 "mecho ", 0x5766fb "oecho ", 0x5ab5b1 "wecho "}
echoaround_cmd = {0x5e7897 "mechoaround ", 0x576702 "oechoaround ", 0x5ab5b8 "wechoaround "}
door = {0x5e78a4 "mdoor ", 0x5766eb "odoor ", 0x5ab5aa "wdoor "}
force = {0x5e78ab "mforce ", 0x57670f "oforce ", 0x5ab5c5 "wforce "}
load = {0x5e78b3 "mload ", 0x576717 "oload ", 0x5ab5cd "wload "}
purge = {0x5e78ba "mpurge ", 0x57671e "opurge ", 0x5ab5d4 "wpurge "}
teleport = {0x5e78c2 "mteleport ", 0x57673e "oteleport ", 0x5ab5eb "wteleport "}
xdamage = {0x5e78cd "mdamage ", 0x5766f2 "odamage ", 0x5ab601 "wdamage "}
zoneecho = {0x5e78d6 "mzoneecho ", 0x57675d "ozoneecho ", 0x5ab5f6 "wzoneecho "}
asound = {0x5e78e1 "masound ", 0x5766dd "oasound ", 0x5ab5a1 "wasound "}
at = {0x5e78ea "mat ", 0x5766e6 "oat ", 0x5ab60a "wat "}
transform = {0x5e78ef "mtransform ", 0x576751 "otransform ", 0x5ab5b1 "wecho "}
recho = {0x5e78fb "mrecho ", 0x576726 "orecho ", 0x5ab5dc "wrecho "}
omove = {0x5e7890 "mecho ", 0x576768 "omove ", 0x5ab60f "wmove "}
(gdb)

(gdb) print *ch
$1 = {pfilepos = -1, nr = 233, in_room = 575, was_in_room = 65535, motion_timer = 0, wait = 0, version = 0 '\000', player = {
passwd = '\000' <repeats 30 times>, passwd2 = '\000' <repeats 30 times>, name = 0x16c2ad0 "innkeeper halfling inn keeper",
short_descr = 0x16c2b00 "the Innkeeper", long_descr = 0x16c2b20 "The Innkeeper stands here awaiting your order.\r\n",
description = 0x16c2b60 "The Innkeeper is a jolly old halfling who spends his days eavesdropping \r\non\r\nlocal gossip. In his younger days, he was quite a seasoned traveller.\r\n", title = 0x0, sex = 1 '\001', chclass = 0 '\000', race = 0 '\000',
level = 12 '\f', admlevel = 0 '\000', time = {birth = 1515897099, logon = 1515897099, played = 0}, weight = 200 '\310',
height = 198 '\306', last_age = 0}, real_abils = {str = 11 '\v', str_add = 0 '\000', intel = 11 '\v', wis = 11 '\v',
dex = 11 '\v', con = 11 '\v', cha = 11 '\v', ess = 100 'd'}, aff_abils = {str = 11 '\v', str_add = 0 '\000', intel = 11 '\v',
wis = 11 '\v', dex = 11 '\v', con = 11 '\v', cha = 11 '\v', ess = 100 'd'}, points = {mana = 10, max_mana = 10, hit = 161,
max_hit = 161, move = 50, max_move = 50, hit_regen = 0, mana_regen = 0, move_regen = 0, regen_factor = {100, 100, 100},
armor = 2, gold = 1256, bank_gold = 0, exp = 13000, hitroll = 11 '\v', damroll = 1 '\001', remort_count = 0, deaths = 0,
deaths_this_level = 0, reroll_count = 0, pc_steals = 0, xp_bonus = 0, align_bonus = 0, oldcha = 0, oldstr = 0, oldstradd = 0,
oldint = 0, oldwis = 0, oldcon = 0, olddex = 0, oldclass = 0, oldhit_regen = 0, oldmana_regen = 0, oldmove_regen = 0,
oldremort_total = 0, exploss = 0, dt_day = 0, dt_room = 0, dt_count = 0}, char_specials = {fighting = 0x0, hunting = 0x0,
position = 8 '\b', carry_weight = 12, carry_items = 3 '\003', timer = 0, numplus = 0, succesful_hunt = 0 '\000', saved = {
alignment = 200, idnum = 0, act = {75, 0, 0, 0}, affected_by = {0, 0, 0, 0}, apply_saving_throw = {18, 18, 18, 18, 18},
kills = 0, monthly_kills = 0}}, player_specials = 0x93e040 <dummy_mob>, mob_specials = {memory = 0x0,
attack_type = 0 '\000', default_pos = 8 '\b', damnodice = 2 '\002', damsizedice = 7 '\a', mob_race_special = 0,
last_direction = 0 '\000', func = 0x16c2c00}, affected = 0x0, equipment = {0x0 <repeats 21 times>}, carrying = 0x1d684c0,
desc = 0x0, id = 100366, proto_script = 0x1d680d0, script = 0x1d680f0, memory = 0x0, next_in_room = 0x0, next = 0x1d63bd0,
next_fighting = 0x0, followers = 0x0, master = 0x0, pref = 0, events = 0x0}


ISSUE: Mage teleporting around, invokes greet script. The greet script invokes %actor.is_pc% and this is what i see crashes me all the time.

Name: 'Innkeeper speech', VNum: [ 1130], RNum: [ 127]
Trigger Intended Assignment: Mobiles
Trigger Type: Greet , Numeric Arg: 100, Arg list: None
Commands:
* By AP
if (%actor.is_pc%)
wait 10 sec
say "Adventurers! Welcome!"
wait 20 sec
say "What's that, %actor.name%? Drinks are on you? Huzzah!"
end

Have you tried putting in an ELSE (actor is not pc) with a say or echo to see what's happening?

I think the problem is actually:
Is the actor a pc?
Yes: do this.
No: um...crash?

I'm not sure though because I think I usually close off ifs. It's been a while so I'm not sure.

I've been having some problems myself so I'd like to know what the response to an ELSE is.