TFS 0.X OTX error - crash [segmentation fault]

leo123456

New Member
Joined
Jun 13, 2009
Messages
33
Best answers
0
Reaction score
0
Hi people, I have this bug.

Segmentation Fault.

Log gdb:

Code:
0x00000000004e8465 in Game::changeSpeed (this=<optimized out>, [email protected]=0x227ca00, varSpeed=<optimized out>) at game.cpp:4577
4577                    spectator->getPlayer()->sendChangeSpeed(creature, creature->getStepSpeed());
(gdb) bt
#0  0x00000000004e8465 in Game::changeSpeed (this=<optimized out>, [email protected]=0x227ca00, varSpeed=<optimized out>) at game.cpp:4577
#1  0x000000000051ce2c in ConditionSpeed::endCondition (this=0x14f598a0, creature=0x227ca00, reason=<optimized out>) at condition.cpp:1451
#2  0x000000000059ca4a in removeConditions (reason=CONDITIONEND_CLEANUP, onlyPersistent=false, this=0x227ca00) at creature.cpp:1568
#3  Creature::~Creature (this=0x227ca00, __vtt_parm=<optimized out>, __in_chrg=<optimized out>) at creature.cpp:93
#4  0x00000000005c1954 in Player::~Player ([email protected]=0x227ca00, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at player.cpp:137
#5  0x00000000005c1999 in Player::~Player (this=0x227ca00, __in_chrg=<optimized out>, __vtt_parm=<optimized out>) at player.cpp:161
#6  0x000000000042a1d7 in unRef (this=<optimized out>) at thing.h:110
#7  Monster::onCreatureLeave (this=0x10626d80, creature=0x227ca00) at monster.cpp:373
#8  0x000000000042d107 in Monster::onCreatureMove (this=0x10626d80, creature=0x227ca00, newTile=<optimized out>, newPos=..., oldTile=<optimized out>, oldPos=..., teleport=false)
    at monster.cpp:202
#9  0x00000000004d6eb1 in Tile::moveCreature (this=0x2c09e5c0, [email protected]=0x0, [email protected]=0x227ca00, [email protected]=0x2c0a5720,
    [email protected]=false) at tile.cpp:487
#10 0x00000000004e7f8f in Game::internalMoveCreature (this=0x88bb40 <g_game>, [email protected]=0x0, creature=0x227ca00, [email protected]=0x2c09e5c0,
    [email protected]=0x2c0a5720, [email protected]=1, [email protected]=false) at game.cpp:1331
#11 0x000000000057e7e5 in LuaInterface::luaDoRelocate (L=0x228b700) at luascript.cpp:4275
#12 0x00007ffff7bb8f78 in ?? () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#13 0x00007ffff7bc36af in ?? () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#14 0x00007ffff7bb93cd in ?? () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#15 0x00007ffff7bb86eb in ?? () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#16 0x00007ffff7bb955a in ?? () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#17 0x00007ffff7bb534d in lua_pcall () from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0
#18 0x000000000055b0b6 in LuaInterface::callFunction (this=0x13f4690, [email protected]=7) at luascript.cpp:980
#19 0x000000000048149a in MoveEvent::executeStep (this=0xd7c6370, actor=0x0, creature=0x1c7de00, item=<optimized out>, pos=..., fromPos=..., toPos=...) at movement.cpp:1235
#20 0x0000000000483f60 in MoveEvents::onCreatureMove (this=0x13f4680, [email protected]=0x0, [email protected]=0x1c7de00, [email protected]=0x2c09e5c0, toTile=<optimized out>,
    [email protected]=false) at movement.cpp:607
#21 0x00000000004d5dc5 in Tile::postRemoveNotification (this=0x2c09e5c0, actor=0x0, thing=0x1c7e7d8, newParent=0x2c0a5720, index=2, isCompleteRemoval=<optimized out>) at tile.cpp:1566
#22 0x00000000004d6f00 in Tile::moveCreature (this=0x2c09e5c0, [email protected]=0x0, [email protected]=0x1c7de00, [email protected]=0x2c0a5720,
    [email protected]=false) at tile.cpp:489
#23 0x00000000004e7f8f in Game::internalMoveCreature ([email protected]=0x88bb40 <g_game>, [email protected]=0x0, [email protected]=0x1c7de00,
    [email protected]=0x2c09e5c0, toCylinder=0x2c0a5720, [email protected]=32, [email protected]=false) at game.cpp:1331
#24 0x00000000004e814d in Game::internalMoveCreature (this=0x88bb40 <g_game>, [email protected]=0x1c7de00, direction=<optimized out>, flags=32) at game.cpp:1309
#25 0x000000000059e254 in Creature::onWalk (this=0x1c7de00) at creature.cpp:265
#26 0x00000000004e6bf2 in Game::checkCreatureWalk (this=0x88bb40 <g_game>, creatureId=<optimized out>) at game.cpp:4478
#27 0x000000000059dfa8 in Creature::addEventWalk ([email protected]=0x1c7de00, firstStep=<optimized out>) at creature.cpp:350
Python Exception <class 'IndexError'> list index out of range:
#28 0x000000000059e2b6 in Creature::startAutoWalk ([email protected]=0x1c7de00, listDir=std::list) at creature.cpp:335
#29 0x00000000004e13e6 in Game::playerMove (this=<optimized out>, playerId=<optimized out>, dir=EAST) at game.cpp:2314
#30 0x000000000048b740 in operator() (this=0x330955e0) at /usr/include/boost/function/function_template.hpp:767
#31 operator() (this=0x330955d0) at dispatcher.h:34
#32 Dispatcher::dispatcherThread (this=0x889780 <Dispatcher::getInstance()::dispatcher>) at dispatcher.cpp:64
#33 0x00007ffff79a2a4a in ?? () from /usr/lib/x86_64-linux-gnu/libboost_thread.so.1.54.0
#34 0x00007ffff597a184 in start_thread (arg=0x7ffff2d74700) at pthread_create.c:312
#35 0x00007ffff56a703d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
My game.cpp
hastebin
Help-me please.
 
Last edited:

Frikx

Computer Science
Joined
Mar 10, 2013
Messages
127
Best answers
3
Reaction score
23
Location
Spain
Did you modify the sources?
 

Frikx

Computer Science
Joined
Mar 10, 2013
Messages
127
Best answers
3
Reaction score
23
Location
Spain
That's strange.

When does it happen? Are you able to replicate the error?
 

Webtimize

Pro Grammer
Joined
Oct 3, 2011
Messages
487
Best answers
10
Reaction score
156
Location
The Netherlands
Did you walk on a specific tile or change walkspeed the moment it dropped segfault? It seems to be something related to creature/player speed. Seems like something after a lua function is crashing, so it might be an action/movement.
 
Last edited:
OP
L

leo123456

New Member
Joined
Jun 13, 2009
Messages
33
Best answers
0
Reaction score
0
@Frikx

I can not reproduce the error because I do not know where it occurs.

@webtimize

It has no floor that changes the speed. But you have 1 item that changes speed. However I use it several times and the server does not give the error.
 

Webtimize

Pro Grammer
Joined
Oct 3, 2011
Messages
487
Best answers
10
Reaction score
156
Location
The Netherlands
I can see that something is being teleported (stack 10, 0x88bb40 -> 0x227ca00), and then the speed was changed for the creature (+ all spectators?) (stack 1).
 

Gesior.pl

Mega Noob&LOL 2012
Joined
Sep 18, 2007
Messages
2,031
Best answers
19
Reaction score
1,087
Location
PLand
Looks like bugged LUA script or serious engine bug.

From GDB:
1. some player did step (walk on some 'quest' tile probably)
2. some LUA script tried to move tile items&creatures from tile X to Y (player walks on tile Z and it teleports other player)
3. there was some monster that saw player teleporting out from his screen (23x23 tiles area around monster)
4. monster remove player from 'players on screen' list
5. for some reason that player was removed more times then it was added (there is 'reference' counter in OTSes), now server 'state' is unstable, some serious bug!
5. that player has 'haste' spell, remove it from RAM
6. server sent to people around player 'he changed speed'
7. one of spectators was probably player who was removed from RAM already (player that teleports and whos speed is changing)
8. ====== send 'network packet' to player that does not exist in RAM = CRASH


REPRODUCE:
Search for 'relocate' in all files inside 'data/movements'. There must be some bugged script with function containing 'relocate'/'Relocate' in name.

Go that place in game (where one player can teleport other player by walking on tile).
Summon some monster (as GM, spawn monster) near player and use haste on player that will be teleported.
Walk on tile to make other player teleport.
CRASH

You can try to modify that script to do not use 'relocate' function - use 'doTeleportThing' instead. Maybe 'relocate' is bugged in C++.

I HAD REPORT ABOUT SIMILAR 'unRef' PROBLEM IN TFS 0.4 (with createItemEx and movement of that item).
Removing compilator flag '-O2' fixed it! I could not find a reason of crash, but on Windows server worked fine and on Linux it did crash.
I told owner to compare compiler flags and it was only change, so he removed it from Makefile.am, but I don't see '-O2' flag in 'otxserver' options.

@leo123456 What operating system do you use for server? What OTX version do you use (version 2 or version 3?, protocol 7.7 or 8.6 or 10.x?)?
 
Top