alientrap-forum-archives

[Ronan]

Same here, my server crash often (3-4 times this week)

Code: Select all


Core was generated by `./nexuiz-linux-686-dedicated-debug +exec spacectf.cfg'.
Program terminated with signal 11, Segmentation fault.
#0  0x08113350 in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:508
508     prvm_exec.c: No such file or directory.
        in prvm_exec.c
(gdb)


[Nil]

Same here, my server crash often (3-4 times this week)

Since the DCC's servers are running the debug binary (4th of july) there were only two crashes in mid of running and three crashes on startup.
The segfault on your machine seem to have a different cause than on DCC's

Kadaverjack had a look at the core dump of the in the mid of running crash and came to the resolution that the problem probably isn't an engine bug but caused by damaged ram or hard disk.
What happens is that an entity (mg bullet) is trying to attach itself to itself causing a loop till segfault:

Code: Select all

#39986 0x00000000004ea84a in SV_BuildEntityState (cs=0xa7e0730, ent=0xac207c0, enumber=446) at sv_main.c:937
#39987 0x00000000004ec907 in SV_SendClientMessages () at sv_main.c:1203
#39988 0x000000000046dc07 in Host_Main () at host.c:691
#39989 0x0000000000402050 in main (argc=5, argv=0x7fff8fa16478) at sys_linux.c:254


I paste the backtrace of one of the startup crashes too (the others look the same), maybe it helps to find a bug or it provides more indication of hardware problems on the DCC's machine:

Code: Select all

Core was generated by `./nexuiz-server +exec server-keyhunt.cfg +sv_public 1'.
Program terminated with signal 11, Segmentation fault.
#0  0x000000000043a9da in COM_ParseToken_VM_Tokenize (datapointer=0x7fffec61a890, returnnewline=0) at common.c:1147
1147    common.c: No such file or directory.
        in common.c
(gdb) bt
#0  0x000000000043a9da in COM_ParseToken_VM_Tokenize (datapointer=0x7fffec61a890, returnnewline=0) at common.c:1147
#1  0x00000000004be255 in VM_tokenize () at prvm_cmds.c:1983
#2  0x00000000004cedfe in PRVM_ExecuteProgram (fnum=<value optimized out>, errormessage=0x5210fe "") at prvm_execprogram.h:307
#3  0x00000000004c69f5 in PRVM_ED_LoadFromFile (
    data=0xacb1b0e "\r\n{\r\n"classname" "info_null"\r\n"origin" "-120.000000 -265.000000 370.000000"\r\n"targetname" "t128"\r\n}\r\n{\r\n"classname" "info_player_deathmatch"\r\n"origin" "-770.000000 560.000000 190.000000"\r\n"angle" "0"\r"...) at prvm_edict.c:1279
#4  0x00000000004edb56 in SV_SpawnServer (server=0x7fffec61ae00 "aggressor") at sv_main.c:2431
#5  0x00000000004711dc in Host_Map_f () at host_cmd.c:275
#6  0x0000000000434872 in Cmd_ExecuteString (text=0x7fffec61aed0 " map aggressor ", src=<value optimized out>) at cmd.c:1111
#7  0x0000000000434995 in Cbuf_Execute () at cmd.c:188
#8  0x000000000046d84e in Host_Init () at host.c:1021
#9  0x000000000046d87b in Host_Main () at host.c:539
#10 0x0000000000402050 in main (argc=5, argv=0x7fffec623078) at sys_linux.c:254


[divVerent]

Same here, my server crash often (3-4 times this week)

Code: Select all


Core was generated by `./nexuiz-linux-686-dedicated-debug +exec spacectf.cfg'.
Program terminated with signal 11, Segmentation fault.
#0  0x08113350 in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:508
508     prvm_exec.c: No such file or directory.
        in prvm_exec.c
(gdb)


Need more information, do you still have the core dump? Would be nice if you could make gdb find the sources (extract the enginesource zip file) and do a "bt full" to see the local variables of PRVM_ExecuteProgram.

[divVerent]

What happens is that an entity (mg bullet) is trying to attach itself to itself causing a loop till segfault:

Code: Select all

#39986 0x00000000004ea84a in SV_BuildEntityState (cs=0xa7e0730, ent=0xac207c0, enumber=446) at sv_main.c:937
#39987 0x00000000004ec907 in SV_SendClientMessages () at sv_main.c:1203
#39988 0x000000000046dc07 in Host_Main () at host.c:691
#39989 0x0000000000402050 in main (argc=5, argv=0x7fff8fa16478) at sys_linux.c:254


Still no idea how this can happen, still - it could be a bug in the QC code. I just have no idea what could be causing a self-attached entity, that is, how someent.owner == someent could have been caused.

Code: Select all

Core was generated by `./nexuiz-server +exec server-keyhunt.cfg +sv_public 1'.
Program terminated with signal 11, Segmentation fault.
#0  0x000000000043a9da in COM_ParseToken_VM_Tokenize (datapointer=0x7fffec61a890, returnnewline=0) at common.c:1147
1147    common.c: No such file or directory.
        in common.c
(gdb) bt
#0  0x000000000043a9da in COM_ParseToken_VM_Tokenize (datapointer=0x7fffec61a890, returnnewline=0) at common.c:1147
#1  0x00000000004be255 in VM_tokenize () at prvm_cmds.c:1983
#2  0x00000000004cedfe in PRVM_ExecuteProgram (fnum=<value optimized out>, errormessage=0x5210fe "") at prvm_execprogram.h:307
#3  0x00000000004c69f5 in PRVM_ED_LoadFromFile (
    data=0xacb1b0e "\r\n{\r\n"classname" "info_null"\r\n"origin" "-120.000000 -265.000000 370.000000"\r\n"targetname" "t128"\r\n}\r\n{\r\n"classname" "info_player_deathmatch"\r\n"origin" "-770.000000 560.000000 190.000000"\r\n"angle" "0"\r"...) at prvm_edict.c:1279
#4  0x00000000004edb56 in SV_SpawnServer (server=0x7fffec61ae00 "aggressor") at sv_main.c:2431
#5  0x00000000004711dc in Host_Map_f () at host_cmd.c:275
#6  0x0000000000434872 in Cmd_ExecuteString (text=0x7fffec61aed0 " map aggressor ", src=<value optimized out>) at cmd.c:1111
#7  0x0000000000434995 in Cbuf_Execute () at cmd.c:188
#8  0x000000000046d84e in Host_Init () at host.c:1021
#9  0x000000000046d87b in Host_Main () at host.c:539
#10 0x0000000000402050 in main (argc=5, argv=0x7fffec623078) at sys_linux.c:254


Can you please do:
(gdb) print *datapointer

It should show what DP was trying to tokenize. Either that will help reproducing it, or it is a hardware bug.

[Nil]

Can you please do:
(gdb) print *datapointer

It should show what DP was trying to tokenize. Either that will help reproducing it, or it is a hardware bug.

Here it is:

Code: Select all

(gdb) print *datapointer
$1 = 0x2b4bc0fa2e7c <Address 0x2b4bc0fa2e7c out of bounds>

[divVerent]

That's unfortunately not really useful... try instead:

(gdb) up
(gdb) print num_tokens
(gdb) print tokens[0]
(gdb) print tokens[1]

[Ronan]

Code: Select all

Core was generated by `./nexuiz-linux-686-dedicated-debug +exec spacectf.cfg'.
Program terminated with signal 11, Segmentation fault.
#0  0x08113350 in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:508
508             f = &prog->functions[fnum];
(gdb)


Code: Select all

(gdb) bt full
#0  0x08113350 in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:508
        st = <value optimized out>
        startst = <value optimized out>
        f = <value optimized out>
        newf = <value optimized out>
        ed = <value optimized out>
        ptr = <value optimized out>
        jumpcount = <value optimized out>
        cachedpr_trace = <value optimized out>
        exitdepth = <value optimized out>
        restorevm_tempstringsbuf_cursize = <value optimized out>

#1  0x08135b33 in SV_BuildEntityState (cs=0x0, ent=0x12ec2d1c, enumber=294)
    at sv_main.c:830
        i = <value optimized out>
        tagentity = <value optimized out>
        modelindex = <value optimized out>
        effects = <value optimized out>
        flags = <value optimized out>
        glowsize = <value optimized out>
        lightpflags = <value optimized out>
        specialvisibilityradius = <value optimized out>
---Type <return> to continue, or q <return> to quit---
        customizeentityforclient = 520
        f = 0
        cullmins = {0, 0, 0}
        cullmaxs = {0, 0, 0}
        model = <value optimized out>
        val = <value optimized out>
#2  0x08135f64 in SV_BuildEntityState (cs=0x0, ent=0x12ec2d1c, enumber=294)
    at sv_main.c:937
        i = <value optimized out>
        isbmodel = <value optimized out>
        i = <value optimized out>
        tagentity = 294
        modelindex = 55
        effects = 4194848
        flags = <value optimized out>
        glowsize = 0
        lightpflags = <value optimized out>
        specialvisibilityradius = 0
        customizeentityforclient = <value optimized out>
        f = 0
        cullmins = {0, 0, 0}
        cullmaxs = {0, 0, 0}
        model = <value optimized out>
---Type <return> to continue, or q <return> to quit---
        val = <value optimized out>
#3  0x08135f64 in SV_BuildEntityState (cs=0x0, ent=0x12ec2d1c, enumber=294)
    at sv_main.c:937
        i = <value optimized out>
        isbmodel = <value optimized out>
        i = <value optimized out>
        tagentity = 294
        modelindex = 55
        effects = 4194848
        flags = <value optimized out>
        glowsize = 0
        lightpflags = <value optimized out>
        specialvisibilityradius = 0
        customizeentityforclient = <value optimized out>
        f = 0
        cullmins = {0, 0, 0}
        cullmaxs = {0, 0, 0}
        model = <value optimized out>
        val = <value optimized out>



is it enough ?

[Nil]

Here it is:

Code: Select all

#0  0x000000000043a9da in COM_ParseToken_VM_Tokenize (datapointer=0x7fffec61a890, returnnewline=0) at common.c:1147
1147            for (;*data <= ' ' && ((*data != '\n' && *data != '\r') || !returnnewline);data++)
(gdb) up
#1  0x00000000004be255 in VM_tokenize () at prvm_cmds.c:1983
1983            while(COM_ParseToken_VM_Tokenize(&p, false))
(gdb) print num_tokens
$1 = 1
(gdb) print tokens[0]
$2 = 333591
(gdb) print tokens[1]
$3 = 325613

I'll come to IRC if this isn't enough information.

[Ronan]

another crash...

Code: Select all

Core was generated by `./nexuiz-linux-686-dedicated-debug +exec spacectf.cfg'.
Program terminated with signal 11, Segmentation fault.
#0  0x0811337c in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:519
519             st = &prog->statements[PRVM_EnterFunction (f)];


Code: Select all

(gdb) bt full
#0  0x0811337c in PRVM_ExecuteProgram (fnum=520,
    errormessage=0x81836bc "customizeentityforclient: NULL function")
    at prvm_exec.c:519
        st = <value optimized out>
        startst = <value optimized out>
        f = (mfunction_t *) 0x13d3fb34
        newf = <value optimized out>
        ed = <value optimized out>
        ptr = <value optimized out>
        jumpcount = <value optimized out>
        cachedpr_trace = <value optimized out>
        exitdepth = 0
        restorevm_tempstringsbuf_cursize = 0



[LordHavoc]

It would help immensely if you could reproduce this crash in a debug build (make debug in the engine sources, then run it using ./darkplaces-glx -nexuiz), the variable values would show up then.

My guess is that prog is NULL.