Server crash after connection

[velteyn]

Hello, I compiled the server from source ( TomeNET server - v4.8.0 ), when I connect I obtain a server crash: I think that it maybe a compilation problem about 32 /64 bit variables.. How can I fix ?

[Initializing lua... (scripts)] 04 Aug (Thu) 09:03:53_SERVERSTARTUP_9:3:53-2022/8/4(4) [Initializing arrays... (features)] [Initializing arrays... (skills)] [Initializing arrays... (objects)] [Initializing arrays... (artifacts)] [Initializing arrays... (ego-items)] [Initializing arrays... (monsters)] [Initializing arrays... (ego-monsters)] [Initializing arrays... (dungeon types)] [Initializing arrays... (vaults)] [Initializing arrays... (traps)] [Initializing arrays... (action types)] [Initializing arrays... (owners types)] [Initializing arrays... (stores types)] [Initializing arrays... (quests)] [Initializing arrays... (other)] [Initializing arrays... (alloc)] [Initializing arrays... (iddc)] [Initializing arrays... (randart)] [Initializing arrays... done] Accumulated Treasure Class Biasses (normal) : 24905, 54314, 82797, 11250, 22294. Initialized Treasure Class Biasses (normal) : 157%, 72%, 47%, 347%, 175%. Accumulated Treasure Class Biasses (good) : 7742, 52414, 37408, 7993, 1894. Initialized Treasure Class Biasses (good) : 277%, 41%, 57%, 268%, 500%. Accumulated Treasure Class Biasses (great) : 2302, 52414, 7936, 7587, 0. Initialized Treasure Class Biasses (great) : 500%, 26%, 177%, 185%, 500%. Read 5 saved quests states. GO_INIT: ---INIT--- GO_ERROR: Engine executable not found. 04 Aug (Thu) 09:03:54_SERVERSTARTUPPOST_9:3:54-2022/8/4(4) Reading banlist.txt: Success Read 0 player name records. INIT_CHARACTER_ORDERING: Processed 0; imprinted 0; imprinted accounts 0. Please wait... Object flavors initialized... ./tomenet.server: Create TCP socket on port 18348... ./tomenet.server: Set Non-Blocking... Unable to connect to world server 0 3 Report to metaserver TomeNET 4.8.0.0 (Compiled Aug 1 2022 15:04:18) Server is running version 4800 Current time is 04 Aug (Thu) 09:03:54 Session startup turn is: 25619 Starting player inactivity check.. 0 players expired 0 players old total, 0 new total Finished player inactivity check. Starting account inactivity check.. Doing house maintenance Finished house maintenance firework_dungeon: 17 (The Illusory Castle) 04 Aug (Thu) 09:03:54_PLAYLOOPSTARTUP_9:3:54-2022/8/4(4) EXPORT_PLAYER_STORE_OFFERS: Init at 04 Aug (Thu) 09:03:54. EXPORT_PLAYER_STORE_OFFERS: Beginning o_list [5] export. EXPORT_PLAYER_STORE_OFFERS: o_list export completed. 04 Aug (Thu) 09:03:57_CRON1H_9:3:57 04 Aug (Thu) 09:03:57 EVENT_CREATE: #6 of type 5 parms='>' 04 Aug (Thu) 09:03:57 EVENT_CREATE: #14 of type 3 parms='' 04 Aug (Thu) 09:03:58 EVENT_STARTS: 14 (Arena Monster Challenge) has 0 participants. EVENT_LAYOUT: Generating arena_tt at 32,32,2 Received contact from xxxxl:49760. Address: 10.200.200.132. Info: real_name PLAYER, port 49760, nick Velteyn, host xxxx, version 65535 04 Aug (Thu) 09:06:41: Welcome Velteyn=PLAYER@xxxx (10.200.200.132/49760) (NP=0,ind=0) (version 4.8.0.0 branch 0 build 0, os 1) ./tomenet.server: condense: n='Velteyn' free(): invalid pointer Received signal 6. ./tomenet.server: server panic info save succeeded! ./tomenet.server: Quitting!

[velteyn]

Another hint by enabilng error tracking:

./tomenet.server: condense: n='Velteyn'

==388615==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0x7fffa341f4e0 in thread T0

0 0x7f3216452517 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127

#1 0x56094afdb6f1 in mem_free common/z-virt.c:85
#2 0x56094aff6426 in GetAccount server/party.c:543
#3 0x56094ba7a805 in Receive_login server/nserver.c:4492
#4 0x56094baae55a in Receive_play server/nserver.c:4885
#5 0x56094ba772d7 in Handle_input server/nserver.c:3836
#6 0x56094b9bdf6f in sched server/sched.c:296
#7 0x56094b9bdf6f in play_game server/dungeon.c:10216
#8 0x56094afb9633 in main server/main.c:427
#9 0x7f32157bcd8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
#10 0x7f32157bce3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
#11 0x56094afdae44 in _start (/home/xrm/work/tomenet-4.8.0/tomenet.server+0x1873e44)

Address 0x7fffa341f4e0 is located in stack of thread T0 at offset 736 in frame

0 0x56094ba79d1f in Receive_login server/nserver.c:4220

This frame has 19 object(s): [32, 35) 'colour_sequence' (line 4495) [48, 52) 'err_Ind' (line 4625) [64, 70) 'wpos' (line 4226) [96, 104) 'id_list' (line 4250) [128, 136) 'id_list' (line 4493) [160, 176) 'tmp_name2' (line 4340) [192, 208) 'tmp_name' (line 4340) [224, 240) 'tmp_name' (line 4627) [256, 272) 'tmpname' [288, 368) 'loc' (line 4224) [400, 480) 'choice' (line 4224) [512, 592) 'buffer' (line 811) [624, 704) 'name' (line 811) [736, 860) 'acc' (line 4225) <== Memory access at offset 736 is inside this variable [896, 1020) 'acc' (line 4252) [1056, 1180) 'acc' [1216, 1376) 'tmp_name_wide' (line 4341) [1440, 2464) 'path_buf' (line 810) [2592, 3616) 'buf' HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions are supported) SUMMARY: AddressSanitizer: bad-free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127 in __interceptor_free ==388615==ABORTING

[CBlueGH]

Hm, rather odd. I'm not sure yet why this happens (it shouldn't).

Basically, what does seem to happen is that during the login procedure (Receive_login()) the server tries to perform the usual lookup of the account in the account database file (tomenet.acc), utilizing especially GetAccount() function for this.

However, it seems that the pointer to the account database is erased in the first attempt to GetAccount(), and then a 2nd attempt to GetAccount() tries to erase it again, which causes the "free(): invalid pointer" error, as you cannot free (aka erase) a pointer that has already been erased before (it will become invalid).

The strange thing is not only the sequence of these GetAccount() calls to some extent, but rather, that the account database pointer is erased at all, because: The account database file (tomenet.acc) is first checked for existance. If it doesn't exist, it will be created. Only if creation AND accessing it fail, then the pointer gets erased. This should not happen in normal operation, as even a newly set up server without tomenet.acc file, will simply create one and move on normally.

I am not sure what is going on, what OS do you use? Windows or Linux or something else? My only guess atm is that for some reason TomeNET has no permissions to write the tomenet.acc file in the desired location (tomenet/lib/save/tomenet.acc).

Then again my assumption about the GetAccount() call sequence might have an oversight in it.

[velteyn]

The system is a Ubuntu server 20.04 LTS. I'll try to give 777 permissions on the folder and I'll return back here ;)

[velteyn]

Ok I tried to run the server as superuser and it runs fine and the connection is good.. Still don't understand what is happening because I have full access to the folder.. It seems that the server is trying to write on a different folder. Can I suggest to log out the current database full path and also if the access status is ok ?

[CBlueGH]

(Relative) path and lots of additional path/acc file verbosity now in the server log, maybe give that a try. Access to tomenet.acc should be completely and verbosely guarded now.

[CBlueGH]

Since there has been no further info/update, I'm closing this for now.