View Full Version : Map Crash

22-05-2016, 02:02 PM
Tremplers mmm (http://forums.svencoop.com/showthread.php/41704-Weekly-mapping-sprint?p=503206&viewfull=1#post503206) map does crash on a Linux dedicated server as soon as the Alien Grunt is killed (*** Error in `./svends_i686': corrupted double-linked list: 0x0a76b258 ***). This is reproducable.

It works fine on a Windows listenserver. The meteorite shower or something which gets triggered after the agrunt dies is probably the cause.

26-05-2016, 05:56 PM
*** Error in `./svends_i686': corrupted double-linked list: 0x097c7c48 ***
======= Backtrace: =========

CRASH: Fri May 27 00:19:31 CEST 2016
Start Line: ./svends_i686 -debug -heapsize 1G -pingboost 2 +maxplayers 26 +port 27210 +net_public_adr +map _server_start -pidfile svends.22342.pid
[New LWP 3057]
[New LWP 3058]
[New LWP 3060]
[New LWP 3102]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `./svends_i686 -debug -heapsize 1G -pingboost 2 +maxplayers 26 +port 27210 +net_'.
Program terminated with signal SIGABRT, Aborted.
#0 0xf7786d70 in __kernel_vsyscall ()
#0 0xf7786d70 in __kernel_vsyscall ()
#1 0xf74d2e26 in raise () from /lib/i386-linux-gnu/libc.so.6
#2 0xf74d43f7 in abort () from /lib/i386-linux-gnu/libc.so.6
#3 0xf75102a0 in ?? () from /lib/i386-linux-gnu/libc.so.6
#4 0xf7516527 in ?? () from /lib/i386-linux-gnu/libc.so.6
#5 0xf7517446 in ?? () from /lib/i386-linux-gnu/libc.so.6
#6 0xf6303c41 in FreeEntPrivateData (pEdict=0xd76a2c60) at ../engine/pr_edict.c:655
#7 ED_Free (ed=ed@entry=0xd76a2c60) at ../engine/pr_edict.c:108
#8 0xf632a748 in SV_RunThink (ent=0xd76a2c60) at ../engine/sv_phys.c:158
#9 SV_Physics_None (ent=0xd76a2c60) at ../engine/sv_phys.c:1392
#10 SV_Physics () at ../engine/sv_phys.c:2045
#11 0xf6321ee6 in SV_Frame () at ../engine/sv_main.c:9288
#12 0xf62e609b in _Host_Frame (time=time@entry=0.00109300704) at ../engine/host.c:1408
#13 0xf62e62c8 in Host_Frame (time=0.00109300704, iState=1, stateInfo=0xffb81fcc) at ../engine/host.c:1526
#14 0xf630e394 in CEngine::Frame (this=0xf63da4c0 <g_Engine>) at ../engine/sys_engine.cpp:245
#15 0xf630aad5 in CDedicatedServerAPI::RunFrame (this=0xf63d5b00 <__g_CDedicatedServerAPI_singleton>) at ../engine/sys_dll2.cpp:1315
#16 0x08049b92 in RunServer () at ../dedicated/sys_ded.cpp:772
#17 0x08049372 in main (argc=16, argv=0xffb82204) at ../dedicated/sys_ded.cpp:1152
No symbol table info available.
From To Syms Read Shared Object Library
No linux-gate.so.1
0xf76d89f0 0xf7746cdd Yes (*) ./libstdc++.so.6
0xf767da30 0xf767e961 Yes (*) /lib/i386-linux-gnu/libdl.so.2
0xf7663890 0xf7671241 Yes (*) /lib/i386-linux-gnu/libpthread.so.0
0xf74be5f0 0xf75eae6d Yes (*) /lib/i386-linux-gnu/libc.so.6
0xf745d5a0 0xf748eb47 Yes (*) /lib/i386-linux-gnu/libm.so.6
0xf7789830 0xf77a2040 Yes (*) /lib/ld-linux.so.2
0xf7445e04 0xf7455490 Yes ./libgcc_s.so.1
0xf62c9160 0xf6357881 Yes /home/srcds/sc5/engine_i686.so
0xf626c5c0 0xf6276d74 Yes (*) ./libsteam_api.so
0xf6262870 0xf6265d7c Yes (*) /lib/i386-linux-gnu/librt.so.1
0xf6249e20 0xf6256698 Yes /home/srcds/sc5/filesystem_stdio.so
0xf50edd00 0xf5d6c780 Yes (*) /home/srcds/linux32/steamclient.so
0xf4ffd130 0xf5025064 Yes (*) /home/srcds/linux32/crashhandler.so
0xd4fb5a50 0xd4fbb9c2 Yes (*) /lib/i386-linux-gnu/libnss_files.so.2
0xd48ef1d0 0xd4d2b535 Yes (*) /home/srcds/sc5/./svencoop/dlls/server.so
0xd4741690 0xd474db84 Yes (*) /lib/i386-linux-gnu/libresolv.so.2
0xd469d1a0 0xd471ad70 Yes (*) ./svencoop/dlls/libsqlite3.so
0xd46515a0 0xd467cd78 Yes ./svencoop/dlls/libmariadb.so.2
0xd45603a0 0xd457b684 Yes (*) ./libiconv.so.2
0xd450c9d0 0xd454bd44 Yes (*) /usr/lib/i386-linux-gnu/i686/cmov/libssl.so.1.0.0
0xd4378180 0xd448b524 Yes (*) /usr/lib/i386-linux-gnu/i686/cmov/libcrypto.so.1.0.0
0xd3312e80 0xd3dfa040 Yes (*) ./steamclient.so
0xd2b60670 0xd2bd6020 Yes (*) ./crashhandler.so
0xf7689bb0 0xf768c85c Yes (*) /lib/i386-linux-gnu/libnss_dns.so.2
(*): Shared library is missing debugging information.
Stack level 0, frame at 0xffb81b44:
eip = 0xf7786d70 in __kernel_vsyscall; saved eip = 0xf74d2e26
called by frame at 0xffb81b50
Arglist at 0xffb81b3c, args:
Locals at 0xffb81b3c, Previous frame's sp is 0xffb81b44
Saved registers:
ebp at 0xffb81b34, eip at 0xffb81b40
End of crash report

27-05-2016, 01:57 AM
That kind of error message indicates heap corruption has occurred. Given that it triggers this error while in FreeEntPrivateData, it's probably being corrupted while freeing the entity's CBaseEntity instance. Can't say more without seeing its code though.

EDIT: disassembled the hw.so library, pseudo code as follows:

void __cdecl FreeEntPrivateData(edict_t *pEdict)
void *v1; // eax@1

v1 = pEdict->pvPrivateData;
if ( v1 )
if ( (_DWORD)gNewDLLFunctions.pfnOnFreeEntPrivateData )
v1 = pEdict->pvPrivateData;
pEdict->pvPrivateData = 0;

Mem_Free frees the entity's memory. Since i don't have the line numbers to match this to, i can't tell you for sure where the problem is.

Does this map use Angelscript? Does the alien grunt have an OnDestroy function specified for it?

27-05-2016, 05:34 AM
Yes it has a on destory function (triggercondition 4), no it does not use as.

27-05-2016, 05:41 AM
Then it will be up to an engine programmer to debug this.