View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000872LDMud 3.6Runtimepublic2019-11-20 21:412019-11-21 14:32
ReporterNostradamus Assigned ToGnomi  
PrioritynormalSeveritycrashReproducibilitysometimes
Status resolvedResolutionfixed 
Summary0000872: A miscalculation in efun terminal_colour will crash the driver
DescriptionDriver version: (3.6.0-7-ge196172a)
OS: Ubuntu Linux 18.04 LTS
Architecture: x86_64
Compilation settings:
./configure \
--prefix=/home/dragonfiredev/mud \
--bindir=/home/dragonfiredev/mud/bin \
--libdir=/home/dragonfiredev/mud/dev-lib \
--libexec=/home/dragonfiredev/mud/libexec \
--enable-use-mysql=/usr/include/mysql \
--enable-compat-mode \
--enable-erq=xerq \
--enable-dynamic-costs \
--enable-opcprof \
--enable-verbose-opcprof \
--enable-use-deprecated=no \
--enable-malloc-trace=yes \
--enable-use-alists=yes \
--enable-use-pcre=yes \
--enable-use-json=yes \
--enable-use-pgsql=no \
--enable-use-mccp=yes \
--enable-use-tls=gnu \
--enable-share-variables=no \
--enable-filename-spaces=yes \
--enable-malloc-lpc-trace=yes \
--with-read-file-max-size=200000 \
--with-max-byte-transfer=200000 \
--without-wizlist-file \
--with-optimize=no \
--with-master-name=secure/master \
--with-time-to-reset=900 \
--with-portno=1999 \
--with-udp-port=2000 \
--with-max-cost=2100000 \
--with-otable-size=8192 \
--with-htable-size=32768 \
--with-apply-cache-bits=14 \
--with-time-to-swap=0 \
--with-time-to-swap-variables=0 \
--with-max_net_connects=100 \
--with-min-malloced=0x80000 \
--with-min-small-malloced=0x80000 \
--with-hard-malloc-limit=0 \
--with-malloc=sysmalloc \
--with-heart-beat-interval=2 \
--with-alarm-time=1 \
--with-swap-file=DFDEV_SWAP \
--with-max-array-size=50000 \
--with-max-mapping-keys=50000 \
--with-max-mapping-size=100000 \
--enable-eval-cost-trace=yes \
--with-max-cost=10000000 \
--enable-use-python \
--with-setting=default

Stack trace:
warning: .dynamic section for "/usr/lib/x86_64-linux-gnu/libmysqlclient.so.20" is not at the expected address (wrong library or version mismatch?)
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/home/dragonfiredev/mud/bin/dev-ldmud -d --debug-file /home/dragonfiredev/mud/d'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
0000001 0x00007f8c4b87a801 in __GI_abort () at abort.c:79
0000002 0x000055ad67fb9560 in dump_core () at simulate.c:623
0000003 0x000055ad67fb9844 in fatal (
    fmt=0x55ad67fe26c8 "Length miscalculated in terminal_colour()\n Expected: %i (or %i) Was: %td\n In string: %.*s\n Out string: %.*s\n Indent: %i Wrap: %i, indent overflow: %s\n") at simulate.c:684
0000004 0x000055ad67f13916 in e_terminal_colour (text=0x55ad719bc518, map=0x55ad69df7638, cl=0x0, indent=0, wrap=80)
    at efuns.c:3119
0000005 0x000055ad67f13a69 in v_terminal_colour (sp=0x55ad6826a390 <value_stack_array+592>, num_arg=3) at efuns.c:3235
0000006 0x000055ad67f3482e in eval_instruction (
    first_instruction=0x55ad6ba06752 "b\003\005\017\003\006~\005*\313l\nc\313\v\336\270d\221~\006*\037\001\306m\005\n\023~\001*c\037\001p\r", initial_sp=0x55ad6826a350 <value_stack_array+528>) at interpret.c:8476
0000007 0x000055ad67f40562 in eval_instruction (first_instruction=0x55ad6eb7a152 "b\001\005\n",
    initial_sp=0x55ad6826a2b0 <value_stack_array+368>) at interpret.c:14498
0000008 0x000055ad67f444dc in apply_low (fun=0x55ad69889948, ob=0x55ad70248438, num_arg=1, b_ign_prot=false)
    at interpret.c:16785
0000009 0x000055ad67f44694 in int_apply (fun=0x55ad6a556db8, ob=0x55ad70248438, num_arg=1, b_ign_prot=false,
    b_use_default=true) at interpret.c:16863
0000010 0x000055ad67f42e55 in eval_instruction (first_instruction=0x55ad693b02c2 "b\001\t\037",
    initial_sp=0x55ad6826a220 <value_stack_array+224>) at interpret.c:16083
0000011 0x000055ad67f43fa5 in apply_low (fun=0x55ad6931ef78, ob=0x55ad693b7438, num_arg=1, b_ign_prot=false)
    at interpret.c:16664
0000012 0x000055ad67f44694 in int_apply (fun=0x55ad6931ef78, ob=0x55ad693b7438, num_arg=1, b_ign_prot=false,
    b_use_default=true) at interpret.c:16863
---Type <return> to continue, or q <return> to quit---
0000013 0x000055ad67f42e55 in eval_instruction (first_instruction=0x55ad6935f0d2 "\017\003;\v\022\064l\031\v\023~",
    initial_sp=0x55ad6826a150 <value_stack_array+16>) at interpret.c:16083
#14 0x000055ad67f43fa5 in apply_low (fun=0x55ad6931ef78, ob=0x55ad72860c48, num_arg=1, b_ign_prot=false)
    at interpret.c:16664
#15 0x000055ad67f44694 in int_apply (fun=0x55ad6931ef78, ob=0x55ad72860c48, num_arg=1, b_ign_prot=false,
    b_use_default=true) at interpret.c:16863
#16 0x000055ad67f44a90 in sapply_int (fun=0x55ad6931ef78, ob=0x55ad72860c48, num_arg=1, b_find_static=false,
    b_use_default=true) at interpret.c:17025
#17 0x000055ad67fc0192 in execute_callback (cb=0x55ad6c444ee0, nargs=1, keep=true, toplevel=true) at simulate.c:4278
#18 0x000055ad67ed8f93 in parse_command (buff=0x7ffed8f00050 "grep -R hell *", from_efun=false) at actions.c:1005
#19 0x000055ad67ed949c in execute_command (str=0x7ffed8f00050 "grep -R hell *", ob=0x55ad72860c48) at actions.c:1161
#20 0x000055ad67ee394b in backend () at backend.c:942
#21 0x000055ad67f5990b in main (argc=6, argv=0x7ffed8f062d8) at main.c:706
(gdb)
Steps To ReproduceOur best results at reproducing the crash are by 'grepping' big files/input's.
Additional InformationMud is running in "UTF-8 mode" but pretty much all files are ascii encoded.
Core dump is available upon request
Tagscrash

Activities

Gnomi

2019-11-20 22:03

manager   ~0002487

Could you please provide the coredump and corresponding binary?

Nostradamus

2019-11-20 22:13

reporter   ~0002488

New infomation has come to light. The crash might be due to a Python efun function (grep tool) that looks like this:

def do_grep(name, where, arg):
    myCmd = os.popen('grep --include \*.h --include \*.c '+arg+' '+name+' /mud/lib'+where).read()
    myOutput = re.sub('/mud/lib','',myCmd)
    myOutput = re.sub(name, '%^BLDCYN%^'+name+'%^OFF%^',myOutput)
    return myOutput

Binary and core:
https://nas.zitz.dk/~ralph/ldmud
https://nas.zitz.dk/~ralph/core

Gnomi

2019-11-20 22:15

manager   ~0002489

I could download the binary, but I get HTTP 403 for the core.

Nostradamus

2019-11-20 22:50

reporter   ~0002490

Apologies, the permissions on the file were too restrictive. Please try again

Gnomi

2019-11-20 23:03

manager   ~0002491

The binary and core file don't seem to match. According to the core file the binary was named "dev-ldmud", is this a different one?

gorgar

2019-11-21 00:21

reporter   ~0002492

#Gnomi - dev-ldmud is a symlink:
dev-ldmud -> ldmud

Gnomi

2019-11-21 14:32

manager   ~0002493

Fixed in the current master.

Issue History

Date Modified Username Field Change
2019-11-20 21:41 Nostradamus New Issue
2019-11-20 21:41 Nostradamus Tag Attached: crash
2019-11-20 22:03 Gnomi Note Added: 0002487
2019-11-20 22:13 Nostradamus Note Added: 0002488
2019-11-20 22:15 Gnomi Note Added: 0002489
2019-11-20 22:50 Nostradamus Note Added: 0002490
2019-11-20 23:03 Gnomi Note Added: 0002491
2019-11-21 00:21 gorgar Note Added: 0002492
2019-11-21 12:36 Gnomi Assigned To => Gnomi
2019-11-21 12:36 Gnomi Status new => confirmed
2019-11-21 14:31 Gnomi Status confirmed => assigned
2019-11-21 14:32 Gnomi Status assigned => resolved
2019-11-21 14:32 Gnomi Resolution open => fixed
2019-11-21 14:32 Gnomi Note Added: 0002493