Welcome to the Builder Academy

Question another core dump not long after the one earlier

More
19 Dec 2024 11:18 #10471 by JTP
again someone connects multiple times, and crashes the mud

It's like they love doing it


I REALLY hope that someone here can help fix this:


[New Thread 11301]
Reading symbols from /lib/libcrypt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...(no debugging symbols found)...don                                                                        e.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_dns.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/libnss_dns.so.2
Reading symbols from /lib/libresolv.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/libresolv.so.2
Core was generated by `bin/circle -q 6969'.
Program terminated with signal 11, Segmentation fault.
#0  0x008a4d28 in malloc_consolidate () from /lib/libc.so.6
(gdb) up
#1  0x008a6fc7 in _int_malloc () from /lib/libc.so.6
(gdb) up
#2  0x008a8f5a in calloc () from /lib/libc.so.6
(gdb) up
#3  0x0082880b in _dl_new_object () from /lib/ld-linux.so.2
(gdb) up
#4  0x00824011 in _dl_map_object_from_fd () from /lib/ld-linux.so.2
(gdb) up
#5  0x00825f71 in _dl_map_object () from /lib/ld-linux.so.2
(gdb) up
#6  0x0082fd41 in dl_open_worker () from /lib/ld-linux.so.2
(gdb) up
#7  0x0082c0d6 in _dl_catch_error () from /lib/ld-linux.so.2
(gdb) up
#8  0x0082f742 in _dl_open () from /lib/ld-linux.so.2
(gdb) up
#9  0x00948862 in do_dlopen () from /lib/libc.so.6
(gdb) up
#10 0x0082c0d6 in _dl_catch_error () from /lib/ld-linux.so.2
(gdb) up
#11 0x00948a15 in __libc_dlopen_mode () from /lib/libc.so.6
(gdb) up
#12 0x00925609 in init () from /lib/libc.so.6
(gdb) up
#13 0x009257a3 in backtrace () from /lib/libc.so.6
(gdb) up
#14 0x0089e691 in __libc_message () from /lib/libc.so.6
(gdb) up
#15 0x008a6a15 in _int_free () from /lib/libc.so.6
(gdb) up
#16 0x008aaa89 in free () from /lib/libc.so.6
(gdb) up
#17 0x080be018 in free_char (ch=0xb2575f8) at db.c:3216
3216          free(ch->player_specials);
(gdb) info local
i = 10
a = <value optimized out>
(gdb) list
3211        for (i = 0; i < NUM_HIST; i++)
3212          if (GET_HISTORY(ch, i))
3213            free_history(ch, i);
3214
3215        if (ch->player_specials)
3216          free(ch->player_specials);
3217
3218        /* free script proto list */
3219        free_proto_script(ch, MOB_TRIGGER);
3220
(gdb) up
#18 0x080b76f8 in close_socket (d=0xb2e78b0) at comm.c:2203
2203          free_char(d->character);
(gdb) info local
temp = <value optimized out>
(gdb) list
2198          act("$n has lost $s link.", TRUE, link_challenged, 0, 0, TO_ROOM);
2199          save_char(link_challenged);
2200          mudlog(NRM, MAX(LVL_IMMORT, GET_INVIS_LEV(link_challenged)), TRUE, "Closing link to: %s.", GET_NAME(link_challenged));
2201        } else {
2202          mudlog(CMP, LVL_IMMORT, TRUE, "Losing player: %s.", GET_NAME(d->character) ? GET_NAME(d->character) : "<null>");
2203          free_char(d->character);
2204        }
2205      } else
2206        mudlog(CMP, LVL_IMMORT, TRUE, "Losing descriptor without char. Host was %s", d->host);
2207
(gdb) up
#19 0x080bb36b in game_loop (local_mother_desc=3) at comm.c:902
902              close_socket(d);
(gdb) info local
input_set = {__fds_bits = {24, 0 <repeats 31 times>}}
output_set = {__fds_bits = {16, 0 <repeats 31 times>}}
exc_set = {__fds_bits = {0 <repeats 32 times>}}
null_set = {__fds_bits = {0 <repeats 32 times>}}
last_time = {tv_sec = 1734603935, tv_usec = 968292}
opt_time = {tv_sec = 0, tv_usec = 100000}
process_time = {tv_sec = 0, tv_usec = 15229}
temp_time = {tv_sec = 0, tv_usec = 84771}
before_sleep = {tv_sec = 1734603935, tv_usec = 883521}
now = {tv_sec = 1734603935, tv_usec = 969167}
timeout = {tv_sec = 0, tv_usec = 0}
comm = "GET / HTTP/1.1\000.34.217\000\277\021n\212\000\230\212\332\t\n\000\000\000\n\000\000\000\021n\212\000\304y\226\000\064\064\060\070\064\060\000\000@a\231\000 \000\000\000ST\355\277pe\231\000\021n\212\000 \000\000\000pa\231\000@a\231\000\f\000\000\000@a\231", '\000' , "\020\000\000\000\021n\212\000\004\000\000\000pa\231\000\000\000\000\000\021n\212\000@a\231\000\001\000\000\000\000\000\000\000\021n\212\000 \000\000\000\263T\355\277pe\231\000\021n\212\000 \000\000\000\303T\355\277pe\231\000\f\000\000\000@a\231\000pa\231\000@a\231\000\f\000\000\000@a\231", '\000' , "\020\000\000\000pa\231\000\004\000\000\000\002", '\000' "\260, \000\000\000pa\231\000"...
d = 0xb2e78b0
next_d = <value optimized out>
---Type <return> to continue, or q <return> to quit---list
missed_pulses = <value optimized out>
maxdesc = <value optimized out>
aliased = 0
(gdb) list
897        for (d = descriptor_list; d; d = next_d) {
898          next_d = d->next;
899          if (*(d->output) && FD_ISSET(d->descriptor, &output_set)) {
900            /* Output for this player is ready */
901            if (process_output(d) < 0)
902              close_socket(d);
903            else
904              d->has_prompt = 1;
905          }
906        }
(gdb) up
#20 0x080bc847 in init_game (argc=Cannot access memory at address 0x0
) at comm.c:536
536      game_loop(mother_desc);
(gdb) info local
No locals.
(gdb) list
531      if (fCopyOver) /* reload players */
532      copyover_recover();
533
534      log("Entering game loop.");
535
536      game_loop(mother_desc);
537
538      Crash_save_all();
539
540      log("Closing all sockets.");
(gdb) up
#21 main (argc=Cannot access memory at address 0x0
) at comm.c:356
356        init_game(port);
(gdb) info local
pos = <value optimized out>
dir = 0x9da0068 "lib"
(gdb) list
351
352      if (scheck)
353        boot_world();
354      else {
355        log("Running game on port %d.", port);
356        init_game(port);
357      }
358
359      log("Clearing game world.");
360      destroy_db();
(gdb) up
Initial frame selected; you cannot go up.

Please Log in or Create an account to join the conversation.

More
19 Dec 2024 12:46 #10472 by JTP
Dec 19 03:25:55 :: Losing player: <null>.
Dec 19 03:25:55 :: Losing player: <null>.

Crash happened right after these 2 null

Please Log in or Create an account to join the conversation.

More
19 Dec 2024 21:12 #10474 by thomas
I've been testing a couple of attacks on my own code here, and I recognize the log statement, but it doesn't crash the mud.

As in www.tbamud.com/kunena/4-development/5616-new-core-dump#10473 , find out which char is crashing it by going to frame #17 and printing *ch

Please Log in or Create an account to join the conversation.

More
19 Dec 2024 21:39 #10475 by JTP
This is print *ch in 17. i dont even have a room 2862 ?


#17 0x080be018 in free_char (ch=0xb2575f8) at db.c:3216
3216 free(ch->player_specials);
(gdb) print *ch
$1 = {pfilepos = 10051952, nr = 30888, in_room = 2862, was_in_room = 0, wait = 0, player = {
passwd = '\000' <repeats 30 times>, name = 0x0, short_descr = 0x0, long_descr = 0x0, description = 0x0, title = 0x0,
sex = 0 '\000', chclass = 0 '\000', chrace = 0 '\000', level = 0 '\000', time = {birth = 0, logon = 0, played = 0},
weight = 0 '\000', height = 0 '\000'}, real_abils = {str = 0 '\000', str_add = 0 '\000', intel = 0 '\000',
wis = 0 '\000', dex = 0 '\000', con = 0 '\000', cha = 0 '\000'}, aff_abils = {str = 0 '\000', str_add = 0 '\000',
intel = 0 '\000', wis = 0 '\000', dex = 0 '\000', con = 0 '\000', cha = 0 '\000'}, points = {mana = 0, max_mana = 100,
hit = 0, max_hit = 0, move = 0, max_move = 0, armor = 100, gold = 0, bank_gold = 0, exp = 0, hitroll = 0 '\000',
damroll = 0 '\000'}, char_specials = {fighting = 0x0, hunting = 0x0, furniture = 0x0, next_in_furniture = 0x0,
riding = 0x0, ridden_by = 0x0, position = 8 '\b', carry_weight = 0, carry_items = 0 '\000', timer = 0,
hitgain = 0 '\000', managain = 0 '\000', movegain = 0 '\000', saved = {alignment = 0, idnum = 0, act = {0, 0, 0, 0},
affected_by = {0, 0, 0, 0}, apply_saving_throw = {0, 0, 0, 0, 0}}}, player_specials = 0xb257790, mob_specials = {
memory = 0x0, attack_type = 0 '\000', default_pos = 8 '\b', damnodice = 0 '\000', damsizedice = 0 '\000',
lost_weapon = 0x0, disarm_timer = 0}, affected = 0x0, equipment = {0x0 <repeats 22 times>}, carrying = 0x0, desc = 0x0,
id = 0, proto_script = 0x0, script = 0x0, memory = 0x0, next_in_room = 0x0, next = 0x0, next_fighting = 0x0,
followers = 0x0, master = 0x0, group = 0x0, pref = 0, events = 0x0}

Please Log in or Create an account to join the conversation.

More
20 Dec 2024 21:02 #10476 by thomas
THe number is the "real room" number, the index in the world table. You can see which room it is by doing

print *(world[2862])

However, the important thing here is that this looks like an empty character struct. Which means your user is at a particular state when they disconnect; they've gotten a character struct created, but haven't done anything with it.
I know you wrote you haven't changed comm.c, but this may be a symptom of a change elsewhere. Have you changed this section or any of the functions called here? github.com/tbamud/tbamud/blob/88b3027ec6...preter.c#L1611-L1641

Please Log in or Create an account to join the conversation.

More
20 Dec 2024 22:47 - 20 Dec 2024 22:51 #10477 by JTP
wow my case CON_QCLASS looks VERY different then what you posted

the rollstats was an old snippet I found.

this is mine:

  case CON_QCLASS:
    load_result = parse_class(*arg);
    if (load_result == CLASS_UNDEFINED || !classRaceAllowed[GET_RACE(d->character)][load_result]) {
      write_to_output(d, "\r\nThat's not a class.\r\nClass: ");
      return;
    }

      GET_CLASS(d->character) = load_result;

  write_to_output(d, "\r\nPress enter to roll your stats.");
  STATE(d) = CON_QROLLSTATS;
  break;

  case CON_QROLLSTATS:
    switch (*arg) {
      case 'y':
      case 'Y':
        break;
      case 'n':
      case'N':
      default:
        roll_real_abils(d->character);
        write_to_output(d, "\r\nSTR: [%d/%d] Int: [%d] Wis: [%d] Dex:"
          " [%d] Con: [%d] Cha: [%d]",
          GET_STR(d->character), GET_ADD(d->character),
          GET_INT(d->character), GET_WIS(d->character),
          GET_DEX(d->character), GET_CON(d->character),
          GET_CHA(d->character));
        write_to_output(d, "\r\nKeep these stats? (y/n)");
        return;
      }

      if (d->olc) {
        free(d->olc);
        d->olc = NULL;
      }
      if (GET_PFILEPOS(d->character) < 0)
      GET_PFILEPOS(d->character) = create_entry(GET_PC_NAME(d->character));
    /* Now GET_NAME() will work properly. */
    init_char(d->character);
    save_char(d->character);
    save_player_index();
    write_to_output(d, "%s\r\n*** PRESS RETURN: ", motd);
    STATE(d) = CON_RMOTD;
    /* make sure the last log is updated correctly. */
    GET_PREF(d->character)= rand_number(1, 128000);
    GET_HOST(d->character)= strdup(d->host);

    mudlog(NRM, LVL_GOD, TRUE, "%s [%s] new player.", GET_NAME(d->character), d->host);

    /* Add to the list of 'recent' players (since last reboot) */
    if (AddRecentPlayer(GET_NAME(d->character), d->host, TRUE, FALSE) == FALSE)
    {
      mudlog(BRF, MAX(LVL_IMMORT, GET_INVIS_LEV(d->character)), TRUE, "Failure to AddRecentPlayer (returned FALSE).");
    }
    break;

  case CON_RMOTD:              /* read CR after printing motd  */
Last edit: 20 Dec 2024 22:51 by JTP.

Please Log in or Create an account to join the conversation.

Time to create page: 0.199 seconds