View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000879LDMud 3.6Runtimepublic2020-07-27 17:302020-09-01 20:36
Reporterzesstra Assigned ToGnomi  
PriorityhighSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Platformx86_64OSGNU/LinuxOS Version0
Product Version3.6.2 
Target Version3.6.3Fixed in Version3.6.3 
Summary0000879: Crash in collect_trace() during runtime error handling
DescriptionDuring the handling of an argument type error in functions arguments, the driver crashed with a segmentation fault while accessing a string.

#0 get_txt (s=<optimized out>) at mstrings.h:278
No locals.
0000001 collect_trace (sbuf=sbuf@entry=0x7fff6bd10c10,
    rvec=rvec@entry=0x559eabbc7be8 <current_error_trace>) at interpret.c:18979
        dump_pc = <optimized out>
        prog = <optimized out>
        dump_eval_cost = 1
        p = 0x559eabb58d90 <control_stack_array+272>
        ret = 0x0
        pc = <optimized out>
        line = 366
        name = "clean_up"
        file = "d/schattenwelt/ennox/pentarena/std/arena_master.c"
        ob = 0x0
        last_catch = 0x0
        first_entry = 0x0
        last_entry = 0x0
        num_entries = 0
0000002 0x0000559eaae81e69 in dump_trace (how=<optimized out>,
    rvec=rvec@entry=0x559eabbc7be8 <current_error_trace>,
    rstr=rstr@entry=0x559eabbc7bd8 <current_error_trace_string>) at interpret.c:19059
        sbuf = {alloc_len = 0, length = 0, buf = 0x0}
        hb_obj_name = <optimized out>
0000003 0x0000559eaaede6d2 in errorf (fmt=<optimized out>,
    fmt@entry=0x559eaaf04ba0 "Bad arg %d to %s(): got '%s', expected '%s'.\n")
    at simulate.c:1009
        rt = 0x7fff6bd118f0
        object_name = 0x0
        ts = <optimized out>
        svp = <optimized out>
        error_caught = <optimized out>
        published_catch = false
        do_save_error = <optimized out>
        file = <error reading variable: Cannot access memory at address 0x6>
        malloced_error = "Bad arg 1 to clean_up(): got 'int', expected 'object'.
"
        malloced_file = <optimized out>
        malloced_name = <optimized out>
        curobj = <optimized out>
        fixed_fmt = "Bad arg %d to %.200s(): got '%.200s', expected '%.200s'.\n\000\377\377\377\377\377\377\000\000\000\000\020+\000\000X\000\000\000\000\000\000\000)\017\000\000\000\000\000\000q\356\361\252\236U\000\000\000\000\000\000\000\000\000\000 յ\253\236U\000\000\200\001\000\000\000\000\000\000\335u爵U\000\000\000\000\000\000\000\000\000\000@յ\253\236U\000\000\003\000\000\000\000\000\000\000\310\330f\234\003\177\000\000\060\000\000\000\000\000\000\000`\023U\000\000Y\017\321k\377\177\000\000\005\000\000\000\000\000\000\000\270\330f\234\003\177\000\000`յ\253\236U\000\000"...
        line_number = <optimized out>
        va = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fff6bd115a0,
            reg_save_area = 0x7fff6bd114b0}}
0000004 0x0000559eaae7f776 in check_function_args (fx=<optimized out>,
    progp=0x-378ea610 "d/schattenwelt/ennox/pentarena/std/arena_master.c",
    funstart=0x7f03c8716442 "\036") at interpret.c:6485
        num_csf = 0
        buff = "int\000d*\000|object>*", '\000' <repeats 495 times>
        firstarg = <optimized out>
        formal_args = 1
        i = 0
        arg_type = <optimized out>
        header = 0x7f03c8716a10
0000005 0x0000559eaae90168 in apply_low (fun=fun@entry="clean_up",
    ob=ob@entry=0x-428eff90 "d/schattenwelt/ennox/pentarena/std/arena_master",
    num_arg=num_arg@entry=1, b_ign_prot=b_ign_prot@entry=false) at interpret.c:16818
        funstart = 0x7f03c8716442 "\036"
        fx = <optimized out>
        progp = <optimized out>
        save_csp = <optimized out>
        ix = 79860
0000006 0x0000559eaae90cb3 in int_apply (fun=fun@entry="clean_up",
    ob=ob@entry=0x-428eff90 "d/schattenwelt/ennox/pentarena/std/arena_master",
    num_arg=num_arg@entry=1, b_ign_prot=false, b_use_default=b_use_default@entry=true)
    at interpret.c:16901
No locals.
0000007 0x0000559eaae9116c in sapply_int (fun="clean_up",
    ob=ob@entry=0x-428eff90 "d/schattenwelt/ennox/pentarena/std/arena_master",
    num_arg=num_arg@entry=1, b_find_static=b_find_static@entry=false,
    b_use_default=b_use_default@entry=true) at interpret.c:17063
        expected_sp = 0x-544a2d60 T_INVALID
0000008 0x0000559eaae91317 in apply (fun=<optimized out>,
    ob=ob@entry=0x-428eff90 "d/schattenwelt/ennox/pentarena/std/arena_master",
    num_arg=num_arg@entry=1) at interpret.c:17103
No locals.
0000009 0x0000559eaae40745 in process_objects () at backend.c:1424
        save_reset_state = 256
        svp = <optimized out>
        time_since_ref = 90001
        min_time_to_swap = 300
        bResetCalled = false
        did_reset = true
        did_swap = true
        obj = <optimized out>
        limit_data_clean = <optimized out>
        error_recovery_info = {rt = {last = 0x559eabbc7c60 <toplevel_context>, type = 1},
          flags = -1402174672, con = {text = {{__jmpbuf = {94139974753824,
                  -2192059183495383761, 139653571421912, 0, 1, 139653495107176,
                  -5379622419619121873, -2192057245403581137}, __mask_was_saved = 0,
                __saved_mask = {__val = {139653495107176, 140735002253748, 110,
                    1595862920, 1, 139654383158432, 140735002253816, 139654383158432,
                    140735002253816, 94139974753824, 94139974753824, 139653571421912, 0,
                    1, 139653495107176, 140735002253824}}}}}}
0000010 0x0000559eaae41381 in backend () at backend.c:1014
        cur_time = {tv_sec = 1595862921, tv_usec = 1049}
        buff = "teile afunial mit 16+2", '\000' <repeats 978 times>...
        bufflength = 15
        prevent_object_cleanup = false
0000011 0x0000559eaae34030 in main (argc=<optimized out>, argv=<optimized out>) at main.c:708
        i = 5
        p = 0x7fff6bd16be8 "\005"
        set = {__val = {8192, 0 <repeats 15 times>}}
        rc = 0
TagsNo tags attached.

Activities

zesstra

2020-07-27 17:36

administrator   ~0002535

"d/schattenwelt/ennox/pentarena/std/arena_master.c" defined the clean_up() as follows:

public void clean_up(object pl);

which obviously causes a runtime error, when the driver calls it during clean_up handling. My first idea is, that this might be relevant, but had not time so far to check for it.

Gnomi

2020-09-01 20:36

manager   ~0002553

Also fixed in 3.5.3

Issue History

Date Modified Username Field Change
2020-07-27 17:30 zesstra New Issue
2020-07-27 17:36 zesstra Note Added: 0002535
2020-07-27 22:34 zesstra Project LDMud => LDMud 3.6
2020-07-27 22:35 zesstra Reproducibility N/A => always
2020-07-27 22:35 zesstra Status new => confirmed
2020-07-27 22:35 zesstra Product Version => 3.6.2
2020-07-27 22:35 zesstra Target Version => 3.6.3
2020-08-24 16:58 Gnomi Assigned To => Gnomi
2020-08-24 16:58 Gnomi Status confirmed => assigned
2020-09-01 20:36 Gnomi Status assigned => resolved
2020-09-01 20:36 Gnomi Resolution open => fixed
2020-09-01 20:36 Gnomi Fixed in Version => 3.6.3
2020-09-01 20:36 Gnomi Note Added: 0002553