pvpgn-server icon indicating copy to clipboard operation
pvpgn-server copied to clipboard

Published 20 hours ago verified publisher icon pvpgn

2 Segfaults

Open Sora012 opened this issue 4 years ago • 12 comments

EDIT (Develop Branch)

  1. When a host client is kicked in a WOL channel (e.g. Red Alert 2 -> create game -> /kick host) the whole server goes down with a segfault after ":No Channel" & WOL list command.

  2. When CTRL + C server (e.g. running ./bnetd -D)

Dec 31 21:22:34 [info ] _server_mainloop: the server is shutting down (0 connections left) Dec 31 21:22:34 [info ] unload_topic_conf: Successfully unloaded all channel topics Dec 31 21:22:34 [trace] friendlist_close: got NULL flist Segmentation fault (core dumped)

Core was generated by `./bnetd -D'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000561990a8cd2f in pvpgn::bnetd::attrgroup_flush(pvpgn::bnetd::attrgroup_struct*, int) ()                                                                                        
#1  0x0000561990a8da60 in pvpgn::bnetd::attrlayer_flush(int) ()
#2  0x0000561990a8d8ae in pvpgn::bnetd::attrlayer_cleanup() ()
#3  0x0000561990b6bfba in post_server_shutdown(int) ()
#4  0x0000561990b6c4b5 in main ()

Sora012 avatar Jan 01 '21 02:01 Sora012

When a host client is kicked in a WOL channel (e.g. Red Alert 2 -> create game -> /kick host) the whole server goes down with a segfault after ":No Channel" & WOL list command.

Can you obtain and post a core dump for this segfault here.

When CTRL + C server (e.g. running ./bnetd -D)

The second segfault appears to be related to #429.

RElesgoe avatar Jan 02 '21 23:01 RElesgoe

Segfault for kicking host below.

#0  0x000055d9aceebca5 in pvpgn::bnetd::irc_convert_channel (channel=0x55d9ae1a46d0, c=0x55d9ae200e70) at /home/sora/Projects/pvpgn-server/src/bnetd/irc.cpp:350
#1  0x000055d9aced2b3e in pvpgn::bnetd::append_game_info (game=0x55d9ae1a3e80, vdata=0x7ffd251cd700) at /home/sora/Projects/pvpgn-server/src/bnetd/handle_wol.cpp:483
#2  0x000055d9ace8eb6c in pvpgn::bnetd::gamelist_traverse (cb=0x55d9aced28c5 <pvpgn::bnetd::append_game_info(pvpgn::bnetd::t_game*, void*)>, data=0x7ffd251cd700, 
    gamelist_source=pvpgn::bnetd::gamelist_source_none) at /home/sora/Projects/pvpgn-server/src/bnetd/game.cpp:2230
#3  0x000055d9aced33b7 in pvpgn::bnetd::_handle_list_command (conn=0x55d9ae200e70, numparams=2, params=0x55d9ae1a4020, text=0x0)
    at /home/sora/Projects/pvpgn-server/src/bnetd/handle_wol.cpp:606
#4  0x000055d9aced1aca in pvpgn::bnetd::handle_wol_log_command (conn=0x55d9ae200e70, command=0x55d9ae1a4080 "LIST", numparams=2, params=0x55d9ae1a4020, text=0x0)
    at /home/sora/Projects/pvpgn-server/src/bnetd/handle_wol.cpp:204
#5  0x000055d9acec97be in pvpgn::bnetd::handle_irc_common_log_command (conn=0x55d9ae200e70, command=0x55d9ae1a4080 "LIST", numparams=2, params=0x55d9ae1a4020, text=0x0)
    at /home/sora/Projects/pvpgn-server/src/bnetd/handle_irc_common.cpp:81
#6  0x000055d9aceca445 in pvpgn::bnetd::handle_irc_common_line (conn=0x55d9ae200e70, ircline=0x7ffd251cdb70 "LIST 41 41")
    at /home/sora/Projects/pvpgn-server/src/bnetd/handle_irc_common.cpp:283
#7  0x000055d9aceca867 in pvpgn::bnetd::handle_irc_common_packet (conn=0x55d9ae200e70, packet=0x55d9ae19e7a0) at /home/sora/Projects/pvpgn-server/src/bnetd/handle_irc_common.cpp:331
#8  0x000055d9acf201a2 in pvpgn::bnetd::sd_tcpinput (c=0x55d9ae200e70) at /home/sora/Projects/pvpgn-server/src/bnetd/server.cpp:711
#9  0x000055d9acf20a32 in pvpgn::bnetd::handle_tcp (data=0x55d9ae200e70, rw=pvpgn::fdwatch_type_read) at /home/sora/Projects/pvpgn-server/src/bnetd/server.cpp:917
#10 0x000055d9acf630e8 in pvpgn::FDWEpollBackend::handle (this=0x55d9ae170160) at /home/sora/Projects/pvpgn-server/src/common/fdwatch_epoll.cpp:113
#11 0x000055d9acf62579 in pvpgn::fdwatch_handle () at /home/sora/Projects/pvpgn-server/src/common/fdwatch.cpp:198
#12 0x000055d9acf23169 in pvpgn::bnetd::_server_mainloop (laddrs=0x55d9ae1a82c0) at /home/sora/Projects/pvpgn-server/src/bnetd/server.cpp:1581
#13 0x000055d9acf2393d in pvpgn::bnetd::server_process () at /home/sora/Projects/pvpgn-server/src/bnetd/server.cpp:1709
#14 0x000055d9acf10510 in main (argc=2, argv=0x7ffd251ce268) at /home/sora/Projects/pvpgn-server/src/bnetd/main.cpp:617

Sora012 avatar Jan 03 '21 22:01 Sora012

Oddly, there aren't any line numbers in that backtrace.

Could you try to locate the exact line in irc_convert_channel() where pvpgn segfaults at.

RElesgoe avatar Jan 04 '21 00:01 RElesgoe

I've updated the above comment with a bt with line numbers.

Sora012 avatar Jan 04 '21 01:01 Sora012

The second segfault appears to be related to #429.

Looks true, I fixed the crash on rehash but not on "default attrgroup" destroy which called only by server shutdown now. It require deep debugging to find whats wrong there.

HarpyWar avatar Jan 13 '21 09:01 HarpyWar

@Sora012 Are you available to test a potential fix for the first segfault?

RElesgoe avatar Feb 28 '21 08:02 RElesgoe

Sorry for delay, yeah I'm available to test. What do I need to do?

Sora012 avatar Mar 02 '21 18:03 Sora012

Try replacing https://github.com/pvpgn/pvpgn-server/blob/develop/src/bnetd/irc.cpp#L345-L348 with:

			if ((conn_get_wol(c) == 1) && (channel_get_clienttag(channel) != 0 && (conn_get_clienttag(c) == channel_get_clienttag(channel))))
			{
				bname = channel_get_shortname(channel); /* We converting unreadable "lob 18 0" names to human redable ones */
				if (!bname)
				{
					bname = channel_get_name(channel);
				}
			}
			else
				bname = channel_get_name(channel);

RElesgoe avatar Mar 03 '21 14:03 RElesgoe

That fixes the server segfault, but client gets stuck on "Requesting channel list" and are forced to disconnect. I think the channel would still be listed, at least according to the PVPGN log until client disconnects.

Mar 03 17:18:06 [debug] handle_irc_common_line: [27] got "" "PRIVMSG" ["#Sora's_game"] "/kick sora"
Mar 03 17:18:06 [info ] channel_destroy: channel was not removed from any list
Mar 03 17:18:06 [info ] channel_destroy: destroying channel "Sora's game"
Mar 03 17:18:07 [debug] handle_irc_common_line: [27] got "" "LIST" ["0" "41"] ""
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 321 Sora Channel :Users Names
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #The_Void 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Starcraft-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Brood_War-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Starcraft_Shareware-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Diablo_Retail-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #War2BNE-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Diablo_II-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Diablo_II-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Warcraft_3_Frozen_Throne 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Warcraft_3 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Human_Castle 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Orc_Stronghold 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Undead_Necropolis 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Night_Elf_Tree_of_Life 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Dragon_Roost 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Human_Castle 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Orc_Stronghold 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Undead_Necropolis 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Night_Elf_Tree_of_Life 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Dragon_Roost 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Chat 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Backstage 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Moderated_Support 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Command_n_Conqr 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Monopoly 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Red_Alert 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Renegade-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Dune_2000-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Nox-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Nox-2 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Tiberian_Sun-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Tiberian_Sun-2 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Tiberian_Sun-3 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Red_Alert-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Emperor-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Emperor-2 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Red_Alert_2-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Red_Alert_2-2 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Nox_Quest-1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Lob_41_0 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Lob_41_1 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Lob_38_0 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Lob_39_0 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 327 Sora #Lob_40_0 0 1 388
"
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 323 Sora :End of LIST command
"
Mar 03 17:18:07 [debug] handle_irc_common_line: [27] got "" "LIST" ["41" "41"] ""
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 321 Sora Channel :Users Names
"
Mar 03 17:18:07 [debug] _handle_list_command: [** WOL **] LIST [Game]
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 326 Sora #��OfU 1 7 41 0 /etc/localtime <REDACTED> 128::
"
Mar 03 17:18:07 [debug] _handle_list_command: [27] LIST sent 1 of 1 games
Mar 03 17:18:07 [debug] irc_send: [27] sent ":servserv 323 Sora :End of LIST command

Sora012 avatar Mar 03 '21 22:03 Sora012

Your log had your IP address in it, I deleted the link to the file and removed the original comment from the comment history.

While keeping the previous change, try replacing https://github.com/pvpgn/pvpgn-server/blob/develop/src/bnetd/handle_wol.cpp#L523 with:

std::snprintf(temp_a, sizeof(temp_a), "%s ", "0");  /* game extension */

RElesgoe avatar Mar 07 '21 20:03 RElesgoe

The repo you linked doesn't seem to exist or I have no access, but tried to changed that line, and tested again, nothing changed. Game still gets stuck on requesting list, after kicking myself from a game lobby as host.

Sora012 avatar Mar 08 '21 01:03 Sora012

I did some testing, (Running two copies of the game, which is a PITA on same machine) The lobby does NOT list for other clients, after the host is kicked, its just a bug in how the client (game) responds to being kicked from a lobby. Segfault is fixed and this seems to be likely a bug in the game itself? Unsure. Feel free to close and patch using https://github.com/pvpgn/pvpgn-server/issues/431#issuecomment-789770502

Sora012 avatar Mar 08 '21 02:03 Sora012