Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
Couple bugs
Yesterday, 5:42 pm
By Remcon
Bug in disarm( )
Nov 12, 2017, 6:54 pm
By GatewaySysop
Bug in will_fall( )
Oct 23, 2017, 1:35 am
By GatewaySysop
Bug in do_zap( ), do_brandish( )
Oct 18, 2017, 1:52 pm
By GatewaySysop
Bug in get_exp_worth( )
Oct 10, 2017, 1:26 am
By GatewaySysop
LOP 1.45
Author: Remcon
Submitted by: Remcon
LOP Heroes Edition
Author: Vladaar
Submitted by: Vladaar
Heroes sound extras
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.3
Author: Vladaar
Submitted by: Vladaar
Memwatch
Author: Johan Lindh
Submitted by: Vladaar
Users Online
CommonCrawl, DotBot, Yandex, Google, Yahoo!

Members: 0
Guests: 2
Stats
Files
Topics
Posts
Members
Newest Member
477
3,705
19,232
608
LAntorcha
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » Codebases » SmaugFUSS » color.c alloc crash
Forum Rules | Mark all | Recent Posts

color.c alloc crash
< Newer Topic :: Older Topic >

Pages:<< prev 1 next >>
Post is unread #1 May 31, 2011, 4:00 pm   Last edited May 31, 2011, 4:00 pm by Zeno
Go to the top of the page
Go to the bottom of the page

Zeno
Sorcerer
GroupMembers
Posts723
JoinedMar 5, 2005

I had a crash in do_who, bt:
#0 0x400ed66b in _int_malloc () from /lib/libc.so.6
(gdb) bt
#0 0x400ed66b in _int_malloc () from /lib/libc.so.6
#1 0x400ece15 in calloc () from /lib/libc.so.6
#2 0x081a005e in write_to_pager (d=0x8730a90, txt=0x823ba48 "\033[1;32m", length=7) at color.c:1227
#3 0x0819ffaa in set_pager_color (AType=10, ch=0x86f7bf0) at color.c:1205
#4 0x0805ccf7 in do_who (ch=0x86f7bf0, argument=0xbffff1d3 "") at act_info.c:3432
#5 0x0810df1b in interpret (ch=0x86f7bf0, argument=0xbffff1d3 "") at interp.c:737
#6 0x080c0ac1 in game_loop () at comm.c:694
#7 0x080c004a in main (argc=2, argv=0xbffff6e4) at comm.c:339

(gdb) f 2
#2 0x081a005e in write_to_pager (d=0x8730a90, txt=0x823ba48 "\033[1;32m", length=7) at color.c:1227
1227 CREATE( d->pagebuf, char, d->pagesize );

(gdb) list
1222          return;
1223
1224       if( !d->pagebuf )
1225       {
1226          d->pagesize = MAX_STRING_LENGTH;
1227          CREATE( d->pagebuf, char, d->pagesize );
1228       }
1229       if( !d->pagepoint )
1230       {
1231          d->pagepoint = d->pagebuf;

Which is the same code that stock FUSS has.

(gdb) p d->pagebuf
$3 = 0x0
(gdb) p d->pagesize
$4 = 4096
(gdb)


Any thoughts?
       
Post is unread #2 May 31, 2011, 6:25 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

Any chance the system was low on memory? It looks like the failure was in the malloc() call itself. It would have to have been shockingly low though to fail a 4096 byte allocation.
       
Post is unread #3 May 31, 2011, 7:12 pm
Go to the top of the page
Go to the bottom of the page

Zeno
Sorcerer
GroupMembers
Posts723
JoinedMar 5, 2005

I don't know for sure, but doubtful. There's 135+ Mb of RAM free right now. This is my host, so I would have heard other issues on other MUDs like SBI.
       
Post is unread #4 May 31, 2011, 7:58 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

Any possibility that the memory for d->pagebuf is being manipulated by a STRALLOC/STRFREE pair somewhere it shouldn't be?
       
Post is unread #5 May 31, 2011, 8:15 pm
Go to the top of the page
Go to the bottom of the page

Zeno
Sorcerer
GroupMembers
Posts723
JoinedMar 5, 2005

Hm nope, looks okay. My code:
color.c:   if( !d->pagebuf )
color.c:      CREATE( d->pagebuf, char, d->pagesize );
color.c:      d->pagepoint = d->pagebuf;
color.c:      d->pagebuf[0] = '\n';
color.c:      d->pagebuf[1] = '\r';
color.c:   pageroffset = d->pagepoint - d->pagebuf;  /* pager fix (goofup fixed 08/21/97) */
color.c:         DISPOSE( d->pagebuf );
color.c:      RECREATE( d->pagebuf, char, d->pagesize );
color.c:   d->pagepoint = d->pagebuf + pageroffset;  /* pager fix (goofup fixed 08/21/97) */
color.c:   strncpy( d->pagebuf + d->pagetop, txt, length );
color.c:   d->pagebuf[d->pagetop] = '\0';
comm.c:    if ( d->pagebuf )
comm.c: DISPOSE( d->pagebuf );
comm.c:    DISPOSE(d->pagebuf);
comm.c:  while ( lines < 0 && d->pagepoint >= d->pagebuf )
comm.c:  if ( d->pagepoint < d->pagebuf )
comm.c:    d->pagepoint = d->pagebuf;
comm.c:    DISPOSE(d->pagebuf);


Stock FUSS:
color.c:   if( !d->pagebuf )
color.c:      CREATE( d->pagebuf, char, d->pagesize );
color.c:      d->pagepoint = d->pagebuf;
color.c:      d->pagebuf[0] = '\r';
color.c:      d->pagebuf[1] = '\n';
color.c:   pageroffset = d->pagepoint - d->pagebuf;  /* pager fix (goofup fixed 08/21/97) */
color.c:         DISPOSE( d->pagebuf );
color.c:      RECREATE( d->pagebuf, char, d->pagesize );
color.c:   d->pagepoint = d->pagebuf + pageroffset;  /* pager fix (goofup fixed 08/21/97) */
color.c:   strncpy( d->pagebuf + d->pagetop, txt, length );   /* Leave this one alone! BAD THINGS(TM) will happen if you don't! */
color.c:   d->pagebuf[d->pagetop] = '\0';
comm.c:   if( d->pagebuf )
comm.c:      DISPOSE( d->pagebuf );
comm.c:         DISPOSE( d->pagebuf );
comm.c:   while( lines < 0 && d->pagepoint >= d->pagebuf )
comm.c:   if( d->pagepoint < d->pagebuf )
comm.c:      d->pagepoint = d->pagebuf;
comm.c:      DISPOSE( d->pagebuf );
       
Post is unread #6 May 31, 2011, 9:42 pm   Last edited May 31, 2011, 9:42 pm by Aurin
Go to the top of the page
Go to the bottom of the page

Aurin
Magician
GroupMembers
Posts189
JoinedSep 5, 2010

I've posted a crash related to color.c some time ago, never fixed--then again, it hasn't come up a second time with nothing changed.
My color.c crash report.
And this is from 6 Dragons on your server, Zeno.
       
Post is unread #7 May 31, 2011, 10:00 pm
Go to the top of the page
Go to the bottom of the page

Zeno
Sorcerer
GroupMembers
Posts723
JoinedMar 5, 2005

That doesn't look like the same thing, but I don't know what caused yours to crash. You didn't print out some stuff like parts of ch.

I know there was a line in the color code that did something with ch->desc but failed to actually see if that wasn't null (if a player was linkdead) which caused a crash.
       
Post is unread #8 May 31, 2011, 10:06 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

What's your CREATE macro look like?
       
Post is unread #9 Jun 1, 2011, 2:42 am
Go to the top of the page
Go to the bottom of the page

Quixadhal
Conjurer
GroupMembers
Posts398
JoinedMar 8, 2005

Does your CREATE() macro have braces around the entirety of it? I note the if statement in question does not, and therefore if CREATE doesn't, you may be getting parts of it being called outside the if() conditional.
       
Post is unread #10 Jun 1, 2011, 3:22 am
Go to the top of the page
Go to the bottom of the page

Aurin
Magician
GroupMembers
Posts189
JoinedSep 5, 2010

May or may not be an issue related, but for the period of a month or so, I had a number of random unexplainable crashes that haven't happened again since that last post. Thought it might have been part of a memleak, but haven't been able to pin anything down, unfortunately...or fortunately. *shrugs* Just thought I'd throw it out there as an unexplained crash that may have helped ya in your endeavors.
       
Post is unread #11 Jun 1, 2011, 9:26 am   Last edited Jun 1, 2011, 9:26 am by Zeno
Go to the top of the page
Go to the bottom of the page

Zeno
Sorcerer
GroupMembers
Posts723
JoinedMar 5, 2005

#define CREATE(result, type, number)                            \
do                                                              \
{                                                               \
    if (!((result) = (type *) calloc ((number), sizeof(type)))) \
    {                                                           \
        perror("malloc failure");                               \
        fprintf(stderr, "Malloc failure @ %s:%d\n", __FILE__, __LINE__ ); \
        abort();                                                \
    }                                                           \
} while(0)


Seems to be the same as FUSS.

I mean it's not like this code crashes every time. In the end I'll have to valgrind if I can't figure this out, but such a pain...
       
Post is unread #12 Jun 1, 2011, 1:32 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

Yep. Looking like you'll need Valgrind on this one. Everything you've shown so far is the way it should be.
       
Pages:<< prev 1 next >>