Subject: Crash mit dev.38
From: Christian 'Chameloid' Kirschbaum <chrissy@cs.tu-berlin.de>
Date: Thu, 4 Mar 1999 21:01:09 +0100 (MET)
Type: Bug
State: Unclassified

A similar crash happened several months ago with 3.2.1@139 .

eben gab es einen Crash mit dev.38 (nach vier Tagen Uptime), es wurde ein
35M Core generiert.  Hab's mir mal angeschaut, es gab wohl Probleme beim
Durchlaufen des base_table in findstring()... hier ein paar Vars:

	curr:			0xf09efd "\001unlikely."
	s:			0x1814ff5 "fbm"
	h:			648660234
	base_table[h]:		Cannot access memory at address 0x9abb2f40.
	search_len:		648660234
	hash_index:		332
	num_str_searches:	465928720

(Ist auch wirklich sichergestellt, dass 'curr' irgendwann mal NULL wird
 und die while()-Schleife beendet wird?)

Der Folge-Pointer ging dann wohl ins Nirvana.  Swap?

Der Aufruf im Mud war ein unguarded Laden eines Players ueber
"etc/fingerd"->load_player(...) und nicht manuell induziert, ergo nicht
nachvollziehbar.  Vielleicht kannst du was damit anfangen?

Gruss,
Chris aka Chameloid@Tubmud.


PS: Hier der gdb-Dump:

tubmud 7 (~): gdb mudbin/driver-3.2.6-dev.38 mudlib/core
GNU gdb 4.17
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-sunos4.1.3_U1"...
Core was generated by `driver-3.2.6-dev'.
Program terminated with signal 10, Bus error.
Reading symbols from /usr/lib/libc.so.1.9...done.
Reading symbols from /usr/lib/libdl.so.1.0...done.
#0  findstring (s=0x1814ff5 "fbm") at stralloc.c:236
236                 curr = NEXT(curr);
(gdb) bt
#0  findstring (s=0x1814ff5 "fbm") at stralloc.c:236
#1  0x5df40 in make_shared_string (str=0x1814ff5 "fbm") at stralloc.c:287
#2  0x3d27c in restore_svalue (svp=0xefffd8b8, pt=0xefffd9b0, delimiter=58)
    at object.c:939
#3  0x3c33c in restore_mapping (svp=0x1, str=0xefffd9b0) at object.c:433
#4  0x3d2b8 in restore_svalue (svp=0xf3a080, pt=0xefffd9b0, delimiter=10)
    at object.c:948
#5  0x3dab0 in restore_object (ob=0x1022248, file=0xf3a080 "") at
object.c:1200
#6  0x24a10 in eval_instruction (first_instruction=0xefffdce8 "\006",
    sp=0x9ecb8) at interpret.c:4608
#7  0x33df4 in call_lambda (lsvp=0x9ecb0, num_arg=1) at interpret.c:13003
#8  0x2c6cc in eval_instruction (
    first_instruction=0x27210b "K/`\212K0\eA\001F`K/
\002m\003B\001F\002\0324\004Q ", sp=0x9ecb8) at interpret.c:8996
#9  0x2eb40 in apply_low (fun=0x29affe "call_unguarded", ob=0x18b7cc,
    num_arg=3, b_ign_prot=0) at interpret.c:10304
#10 0x27508 in eval_instruction (first_instruction=0xa1a0e3 " ", sp=0x9ec98)
    at interpret.c:6061
#11 0x2eb40 in apply_low (fun=0x2993da "load_player", ob=0x1022248,
num_arg=1,
    b_ign_prot=0) at interpret.c:10304
#12 0x27508 in eval_instruction (first_instruction=0xa1a0e3 " ", sp=0x9ec50)
    at interpret.c:6061
#13 0x2eb40 in apply_low (fun=0x2993da "load_player", ob=0x9ebf34,
num_arg=1,
    b_ign_prot=0) at interpret.c:10304
#14 0x27508 in eval_instruction (first_instruction=0x1366807 " ", sp=0x9ec30)
    at interpret.c:6061
#15 0x2ed70 in apply_low (fun=0x57a43e "remove_wizard_package",
ob=0x94a21c,
    num_arg=1, b_ign_prot=0) at interpret.c:10390
#16 0x2ef38 in sapply_int (fun=0x57a43e "remove_wizard_package",
ob=0x94a21c,
    num_arg=1, b_find_static=-5120) at interpret.c:10470
#17 0x5c124 in call_out () at call_out.c:664
#18 0x3f5c4 in call_heart_beat () at backend.c:796
#19 0x3eea0 in backend () at backend.c:493
#20 0x19e3c in main (argc=6, argv=0xeffffbec) at main.c:313
(gdb) list
231                         base_table[h] = curr;
232                         }
233                     return(curr);        /* pointer to string */
234                     }
235                 prev = curr;
236                 curr = NEXT(curr);
237                 }
238
239             return(0); /* not found */
240     }


                   \ | /                 \ | /
                    o-o                   o-o
----------------ooO-(^)-Ooo-----------ooO-(^)-Ooo--------------------
 NAME : Christian 'Chameloid' Kirschbaum
 EMAIL: chrissy@cs.tu-berlin.de
 SNAIL: Marzahner Promenade 14/11.04, 12679 Berlin, Germany
 PHONE: +49-30-9334688 (home)
----------------ooO--,--Ooo-----------ooO--,--Ooo--------------------

   Leave the horrifying dreamworld of reality and enter Tubmud!
          Simply telnet to 130.149.19.20 7680 and enjoy...


