Short: TubMud crashes on catch()
Date: Tue, 10 Oct 2000 13:43:38 +0200
From: Christian Mudra <mudra@informatik.uni-kl.de>
Type: Bug
State: Done - fixed in 3.2.9-dev.235

-- Analysis: The handling of catch() was still pessimized by compiler
optimizers. The solution was to move the function doing the setjmp() into a
different module than the caller.

Hi Lars,

hier mal ein Resultat meines heutigen dev234-Versuches:

2000.10.10 12:41:33 Could not load descr for 'players/blackmoon/obj/wel_putter'
2000.10.10 12:41:33 Caught error: Failed to load file 'players/blackmoon/obj/wel_putter'.
'     heart_beat' in 'room/domain_entrances.c' ('room/domain_entrances')line 80
'          CATCH' in 'room/domain_entrances.c' ('room/domain_entrances')line 80
<lambda 0x1dd491> in 'room/domain_entrances.c' ('room/domain_entrances')offset 65
'          reset' in '      basic/create.c' ('players/blackmoon/castle')line 24
'         create' in 'players/blackmoon/castle.c' ('players/blackmoon/castle')line 18
'     add_notify' in 'global/server/notifier.c' ('global/server/notifier')line 56
'   notify_reset' in 'global/server/notifier.c' ('global/server/notifier')line 37
'    call_notify' in 'global/server/notifier.c' ('global/server/notifier')line 25
'          CATCH' in 'global/server/notifier.c' ('global/server/notifier')line 25
'   notify_reset' in 'players/blackmoon/castle.c' ('players/blackmoon/castle')line 81
2000.10.10 12:41:33 ... execution continues.
read: EOF
Read 0, should be 9!
External Request Demon gives up.
Segmentation fault (core dumped)

Okay, schauen wir uns das core an:

Core was generated by `/home/tubmud/mudbin/driver-3.2.8-dev234 -DTUBMUD=1 -DTESTMUD -DINIT_FILE="/etc/'.
Program terminated with signal 11, Segmentation Fault.
Reading symbols from /usr/lib/libnsl.so.1...done.
Reading symbols from /usr/lib/libsocket.so.1...done.
Reading symbols from /usr/lib/libm.so.1...done.
Reading symbols from /usr/lib/libcrypt_i.so.1...done.
Reading symbols from /usr/lib/libc.so.1...done.
Reading symbols from /usr/lib/libdl.so.1...done.
Reading symbols from /usr/lib/libmp.so.2...done.
Reading symbols from /usr/lib/libgen.so.1...done.
#0  0x41e10 in catch_instruction (offset=1646985) at interpret.c:5449
5449            current_object = csp->ob;
(gdb) bt
#0  0x41e10 in catch_instruction (offset=1646985) at interpret.c:5449
#1  0x44368 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:7153
#2  0x5c944 in call_lambda (lsvp=0xefffc220, num_arg=4) at interpret.c:19746
#3  0x88990 in execute_callback (cb=0xefffc220, nargs=2, keep=1, toplevel=0)
    at simulate.c:2862
#4  0x7be08 in f_walk_mapping (sp=0xde760, num_arg=0) at mapping.c:4052
#5  0x42da8 in eval_instruction (
    first_instruction=0x7bcf0 "\235ã¿x\221.`\003\226&", initial_sp=0x9d000)
    at interpret.c:6148
#6  0x5b640 in apply_low (fun=0x2 <Address 0x2 out of bounds>, ob=0x33dd7c, 
    num_arg=1, b_ign_prot=0) at interpret.c:19017
#7  0x52750 in eval_instruction (first_instruction=0xe7800 "", 
    initial_sp=0x9d000) at interpret.c:13576
#8  0x5bc74 in apply_low (fun=0x1 <Address 0x1 out of bounds>, ob=0xabf8c0, 
    num_arg=0, b_ign_prot=0) at interpret.c:19130
#9  0x52750 in eval_instruction (first_instruction=0xe7800 "", 
    initial_sp=0x9d000) at interpret.c:13576
#10 0x5d2f4 in call_lambda (lsvp=0xde6f8, num_arg=926720) at interpret.c:19926
#11 0x7d3bc in reset_object (ob=0xabf8c0, arg=5) at object.c:603
#12 0x86af8 in load_object (lname=0x0, create_super=0, depth=60)
    at simulate.c:1503
#13 0x87034 in lookfor_object (str=0x0, bLoad=1) at simulate.c:1734
#14 0x526b0 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:13557
#15 0x41ea8 in catch_instruction (offset=8227944) at interpret.c:5479
#16 0x44368 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:7153
#17 0x5da58 in call_function (progp=0x7d8ae0, fx=236) at interpret.c:20299
#18 0x3b330 in call_heart_beat () at heartbeat.c:277
#19 0x2032c in backend () at backend.c:554
#20 0x76a0c in main (argc=5, argv=0xeffff784) at main.c:315
(gdb)


Die beteiligten Funktionen:

global/server/notifier.c:
=========================
private void call_notify(object which, string what, string where, int arg) {
  string error;
  if (!which) 
    return;
  if (error = catch(call_other(which,what,where,arg)))
    log_file("NOTIFIES",ctime(time())+" Notify failed in "+
             file_name(which)+"->"+what+"("+where+","+arg+") with error: "+
             error);
}

public void notify_reset(mixed ob,int arg) {
  mixed *n;
  ob = normalize_program_name(ob);
  if (!(n = notifies[ob]))
    return;
  walk_mapping(n,#'call_notify,ob,arg);
}

Und es wird ~blackmoon/castle->notify_reset(string where) aufgerufen:

void notify_reset(string room, int arg)
{
   switch(room) {
      ....
     case WEL_DEST :
       if (!present_clone("/players/blackmoon/obj/wel_putter", WEL_DEST))
         move_object(clone_object("/players/blackmoon/obj/wel_putter"), 
                     WEL_DEST);
       break;
   }
}

wel_putter ist nicht ladbar (das File gibt es ueberhaupt nicht), und Crash!

Coogan.

----------------------------------------------------------------------------
Christian Mudra              Just remember what your mother always told you:
mudra@informatik.uni-kl.de       "When you open windows you let in bugs".
TubMud Admin (telnet morgen.cs.tu-berlin.de 7680)


ich habs nochmal gestartet, und dies ist der naechste:

2000.10.10 16:10:28 eval_cost too big 1010324
2000.10.10 16:10:28 Caught error: Too long evaluation. Execution aborted.
'          reset' in '      basic/create.c' ('global/server/boards')line 26
'        refresh' in 'global/server/boards.c' ('global/server/boards')line 38
'prune_board_list' in 'global/server/boards.c' ('global/server/boards')line 125
'          CATCH' in 'global/server/boards.c' ('global/server/boards')line 125
<lambda 0x1dd491> in 'global/server/boards.c' ('global/server/boards')offset 65
'          reset' in '      complex/room.c' ('domains/glandon/room/town/town_hall')line 340
'          reset' in '      basic/create.c' ('domains/glandon/room/town/town_hall')line 24
'         create' in 'domains/glandon/class/room.c' ('domains/glandon/room/town/town_hall')line 70
'         create' in '      complex/room.c' ('domains/glandon/room/town/town_hall')line 193
'         create' in '    complex/create.c' ('domains/glandon/room/town/town_hall')line 27
'       populate' in 'domains/glandon/room/town/town_hall.c' ('domains/glandon/room/town/town_hall')line 255
<lambda 0x1e05e5> in 'domains/glandon/room/town/town_hall.c' ('domains/glandon/room/town/town_hall')offset 81
'          CATCH' in 'domains/glandon/room/town/town_hall.c' ('domains/glandon/room/town/town_hall')line 255
2000.10.10 16:10:28 ... execution continues.
Segmentation fault (core dumped)


Program terminated with signal 11, Segmentation Fault.
#0  0x41e10 in catch_instruction (offset=1967672) at interpret.c:5449
5449            current_object = csp->ob;
(gdb) bt
#0  0x41e10 in catch_instruction (offset=1967672) at interpret.c:5449
#1  0x44368 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:7153
#2  0x5d2f4 in call_lambda (lsvp=0xde778, num_arg=926720) at interpret.c:19926
#3  0x7d3bc in reset_object (ob=0x5e41c4, arg=6) at object.c:603
#4  0x86fac in clone_object (str1=0x3c1586 "complex/board") at simulate.c:1686
#5  0x539ac in eval_instruction (first_instruction=0xa7000 " done\n", 
    initial_sp=0x9d000) at interpret.c:14139
#6  0x5bc74 in apply_low (fun=0x1 <Address 0x1 out of bounds>, ob=0x5c9e48, 
    num_arg=0, b_ign_prot=0) at interpret.c:19130
#7  0x52750 in eval_instruction (first_instruction=0xe7800 "", 
    initial_sp=0x9d000) at interpret.c:13576
#8  0x5d2f4 in call_lambda (lsvp=0xde6f8, num_arg=926720) at interpret.c:19926
#9  0x7d3bc in reset_object (ob=0x5c9e48, arg=5) at object.c:603
#10 0x86af8 in load_object (lname=0x31602c "", create_super=0, depth=60)
    at simulate.c:1503
#11 0x87034 in lookfor_object (str=0x0, bLoad=1) at simulate.c:1734
#12 0x540e8 in eval_instruction (first_instruction=0xde400 "", 
    initial_sp=0x9d000) at interpret.c:14520
#13 0x41ea8 in catch_instruction (offset=3298798) at interpret.c:5479
#14 0x44368 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:7153
#15 0x5bc74 in apply_low (fun=0x1 <Address 0x1 out of bounds>, ob=0x45f870, 
    num_arg=1, b_ign_prot=0) at interpret.c:19130
#16 0x5be24 in sapply_int (fun=0x2ec1f2 "reset", ob=0x45f870, num_arg=1, 
    b_find_static=0) at interpret.c:19242
#17 0x7d460 in reset_object (ob=0x45f870, arg=7) at object.c:625
#18 0x20638 in process_objects () at backend.c:754
#19 0x2035c in backend () at backend.c:562
#20 0x76a0c in main (argc=5, argv=0xeffff774) at main.c:315
(gdb)

Du siehst - fast die gleichen Zeilen ...

Kann es sein, dass Du irgendwas beim catch-error handling geaendert hast,
das nun buggt und bei jedem gecatchten Fehler crasht?

Ich hab irgendwie das Gefuehl, dass das mit Deiner setjmp-Aenderung
zusammenhaengt ...

Coogan.

----------------------------------------------------------------------------
Christian Mudra              Just remember what your mother always told you:
mudra@informatik.uni-kl.de       "When you open windows you let in bugs".
TubMud Admin (telnet morgen.cs.tu-berlin.de 7680)



laeuft: OPTIMIZE= -g
crasht: OPTIMIZE= -O2 -g -fstrength-reduce -fno-force-mem -fno-force-addr -fno-inline-functions

Das ist doch schonmal was ... crash bei -O2 mit altbekanntem Backtrace:

#0  0x41e10 in catch_instruction (offset=1646985) at interpret.c:5449
5449            current_object = csp->ob;
(gdb) bt
#0  0x41e10 in catch_instruction (offset=1646985) at interpret.c:5449
#1  0x44368 in eval_instruction (first_instruction=0x158800 "", 
    initial_sp=0x9d000) at interpret.c:7153
#2  0x5c944 in call_lambda (lsvp=0xefffb2a0, num_arg=4) at interpret.c:19746
#3  0x88990 in execute_callback (cb=0xefffb2a0, nargs=2, keep=1, toplevel=0)
    at simulate.c:2862
...

Coogan.

----------------------------------------------------------------------------
Christian Mudra              Just remember what your mother always told you:
mudra@informatik.uni-kl.de       "When you open windows you let in bugs".
TubMud Admin (telnet morgen.cs.tu-berlin.de 7680)

