Crash on the latest ReHLDS

[SergeyShorokhov]

source: https://dev-cs.ru/threads/6927/page-3#post-118710

CRASH: Di 11. Jan 04:13:36 CET 2022
Start Line: ./hlds_linux -game cstrike +ip x.x.x.x -port xxxxx +map aim_ak-colt -pingboost 3 +sys_ticrate 10001 -beta
[New LWP 4474]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `./hlds_linux -game cstrike +ip x.x.x.x -port xxxxx +map aim_ak-colt -ping'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf26b4a0d in ?? () from /home/user/server/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#0  0xf26b4a0d in ?? () from /home/user/server/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#1  0xf26b4c93 in ?? () from /home/user/server/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#2  0xf26b5b0c in Meta_Attach () from /home/user/server/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#3  0xf2dc0bda in MPlugin::attach () from /home/user/server/./cstrike/addons/metamod/dlls/metamod.so
#4  0x09336f24 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
No symbol table info available.
From        To          Syms Read   Shared Object Library
0xf7ed4130  0xf7ed5304  Yes (*)     /lib/i386-linux-gnu/libdl.so.2
0xf7e46914  0xf7e8cc78  Yes         ./libstdc++.so.6
0xf7d08190  0xf7dc8511  Yes (*)     /lib/i386-linux-gnu/libm.so.6
0xf7b300f0  0xf7c83a96  Yes (*)     /lib/i386-linux-gnu/libc.so.6
0xf7ef3090  0xf7f0fcd3  Yes (*)     /lib/ld-linux.so.2
0xf7affe04  0xf7b0f490  Yes         ./libgcc_s.so.1
0xf7420290  0xf750ff80  Yes (*)     /home/user/server/engine_i486.so
0xf73e33d0  0xf73e6fa4  Yes (*)     /lib/i386-linux-gnu/librt.so.1
0xf73d05c0  0xf73dad74  Yes (*)     ./libsteam_api.so
0xf73b25b0  0xf73c28b4  Yes (*)     /lib/i386-linux-gnu/libpthread.so.0
0xf7386e00  0xf73a2838  Yes (*)     /home/user/server/filesystem_stdio.so
0xf570c000  0xf6ba01b4  Yes (*)     /home/user/.steam/sdk32/steamclient.so
0xf2db36a0  0xf2df5f70  Yes (*)     /home/user/server/./cstrike/addons/metamod/dlls/metamod.so
0xf2b4e500  0xf2ce56b0  Yes (*)     /home/user/server/cstrike/dlls/cs.so
0xf2834070  0xf28982e0  Yes (*)     /home/user/server/cstrike/addons/amxmodx-1.10/dlls/amxmodx_mm_i386.so
0xf27a0e30  0xf27f8fb8  Yes (*)     cstrike/addons/amxmodx/modules/adminskit_amxx_i386.so
0xf26d6340  0xf26e948e  Yes (*)     /home/user/server/cstrike/addons/whblocker/whblocker_mm_i386.so
0xf26b4040  0xf26c89e4  Yes (*)     /home/user/server/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
(*): Shared library is missing debugging information.
Stack level 0, frame at 0xffc7e310:
 eip = 0xf26b4a0d; saved eip = 0xf26b4c93
 called by frame at 0xffc7e370
 Arglist at 0xffc7e308, args:
 Locals at 0xffc7e308, Previous frame's sp is 0xffc7e310
 Saved registers:
  ebx at 0xffc7e2fc, ebp at 0xffc7e308, esi at 0xffc7e300, edi at 0xffc7e304, eip at 0xffc7e30c
End of crash report

[fred0r]

v1.2b did work ~6-8 months ago with the then current versions of rehlds and regamecs_dll. metamod-r was always the same version.

[Nord1cWarr1or]

@WPMGPRoSToTeMa, I just tested the lastest version (1.2 beta 2) and it really crashes my server.

----------------------------------------------
CRASH: Sat 05 Feb 2022 10:40:34 PM MSK
Start Line: ./hlds_linux -game cstrike -strictportbind +ip 0.0.0.0 -port 27015 +clientport 27005 +map 35hp_2 +servercfgfile server.cfg -maxplayers 16 -pingboost 3 -debug -pidfile hlds.122315.pid
[New LWP 131453]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `./hlds_linux -game cstrike -strictportbind +ip 0.0.0.0 -port 27015 +clientport'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf2934eab in ?? () from /home/cs/knife_server/serverfiles/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#0  0xf2934eab in ?? () from /home/cs/knife_server/serverfiles/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#1  0xf2935117 in ?? () from /home/cs/knife_server/serverfiles/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#2  0xf2935fbe in Meta_Attach () from /home/cs/knife_server/serverfiles/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
#3  0xf2d10bda in MPlugin::attach () from /home/cs/knife_server/serverfiles/./cstrike/addons/metamod/metamod_i386.so
#4  0x09e001e4 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
No symbol table info available.
From        To          Syms Read   Shared Object Library
0xf7faa130  0xf7fab304  Yes (*)     /lib/i386-linux-gnu/libdl.so.2
0xf7f1c914  0xf7f62c78  Yes         ./libstdc++.so.6
0xf7dde190  0xf7e9e511  Yes (*)     /lib/i386-linux-gnu/libm.so.6
0xf7c060f0  0xf7d59a96  Yes (*)     /lib/i386-linux-gnu/libc.so.6
0xf7fc0090  0xf7fdccd3  Yes (*)     /lib/ld-linux.so.2
0xf7bd5e04  0xf7be5490  Yes         ./libgcc_s.so.1
0xf74f6290  0xf75e5f80  Yes (*)     /home/cs/knife_server/serverfiles/engine_i486.so
0xf74b93d0  0xf74bcfa4  Yes (*)     /lib/i386-linux-gnu/librt.so.1
0xf74a65c0  0xf74b0d74  Yes (*)     ./libsteam_api.so
0xf74885b0  0xf74988b4  Yes (*)     /lib/i386-linux-gnu/libpthread.so.0
0xf745ce00  0xf7478838  Yes (*)     /home/cs/knife_server/serverfiles/filesystem_stdio.so
0xf5689000  0xf6c110c4  Yes (*)     /home/cs/.steam/sdk32/steamclient.so
0xf2d036a0  0xf2d45f70  Yes (*)     /home/cs/knife_server/serverfiles/./cstrike/addons/metamod/metamod_i386.so
0xf2a9e4f0  0xf2c35680  Yes (*)     /home/cs/knife_server/serverfiles/cstrike/dlls/cs.so
0xf2934690  0xf2949014  Yes (*)     /home/cs/knife_server/serverfiles/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
(*): Shared library is missing debugging information.
Stack level 0, frame at 0xffcd9610:
 eip = 0xf2934eab; saved eip = 0xf2935117
 called by frame at 0xffcd9670
 Arglist at 0x8fba350, args: 
 Locals at 0x8fba350, Previous frame's sp is 0xffcd9610
 Saved registers:
  ebx at 0xffcd95fc, ebp at 0xffcd9608, esi at 0xffcd9600, edi at 0xffcd9604, eip at 0xffcd960c
End of crash report
----------------------------------------------

Server info:

meta version
Metamod-r v1.3.0.128, API (5:13)
Metamod-r build: 17:47:54 Aug 24 2018
Metamod-r from: https://github.com/theAsmodai/metamod-r/commit/0cf2f70
amxx version
AMX Mod X 1.10.0.5445 (http://www.amxmodx.org)
Authors:
        David "BAILOPAN" Anderson, Pavol "PM OnoTo" Marko
        Felix "SniperBeamer" Geyer, Jonny "Got His Gun" Bergstrom
        Lukasz "SidLuke" Wlasinski, Christian "Basic-Master" Hammacher
        Borja "faluco" Ferrer, Scott "DS" Ehlert
Compiled: Sep 17 2021 04:23:54
Built from: https://github.com/alliedmodders/amxmodx/commit/8413946
Build ID: 5445:8413946
Core mode: JIT+ASM32
version
Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
ReHLDS version: 3.11.0.767-dev
Build date: 03:13:55 Oct 25 2021 (2753)
Build from: https://github.com/dreamstalker/rehlds/commit/471158b

[s1lentq]

cuz gMsgBuffer can't find on ReHLDS platform, need find symbols through elf symbol table we really can't do without a hacks?

https://github.com/WPMGPRoSToTeMa/SafeNameAndChat/blob/83fc271222afb77a1e40034bbce3dd0276073e7d/Main.cpp#L380-L387

Core was generated by `./hlds_linux -game cstrike +maxplayers 10 +map 35hp_2 -port 27017 -pingboost 1'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  PatternMemoryEqual (size=22, pattern=0x97b9ed0, memory=0xf7538000) at /slavebot/SafeNameAndChat/Main.cpp:289
#0  PatternMemoryEqual (size=22, pattern=0x97b9ed0, memory=0xf7538000) at /slavebot/SafeNameAndChat/Main.cpp:289
#1  FindMemoryByPattern (startPtr=0xf747f810 <PF_MessageEnd_I()>, pattern=...) at /slavebot/SafeNameAndChat/Main.cpp:318
#2  0xf36aadb7 in Init () at /usr/include/c++/9/ext/new_allocator.h:80
#3  0xf36abe2e in Meta_Attach (now=PT_STARTUP, pFunctionTable=0xfff0dfb0, pMGlobals=0xf3ada260 <g_metaGlobals>, pGamedllFuncs=0xa610224) at /slavebot/SafeNameAndChat/Main.cpp:798
#4  0xf3a93bda in MPlugin::attach () from /home/./cstrike/addons/metamod/dlls/metamod_i386.so
#5  0x0a610224 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
i = 0
From        To          Syms Read   Shared Object Library
0xf7eda230  0xf7edb368  Yes (*)     /lib32/libdl.so.2
0xf7e4c914  0xf7e92c78  Yes         ./libstdc++.so.6
0xf7d0e2b0  0xf7dcef14  Yes (*)     /lib32/libm.so.6
0xf7b341d0  0xf7c8ad4a  Yes (*)     /lib32/libc.so.6
0xf7eed100  0xf7f0a883  Yes (*)     /lib/ld-linux.so.2
0xf7b03e04  0xf7b13490  Yes         ./libgcc_s.so.1
0xf74240e0  0xf7513b80  Yes (*)     /home/engine_i486.so
0xf73e7770  0xf73eb688  Yes (*)     /lib32/librt.so.1
0xf73d45c0  0xf73ded74  Yes (*)     ./libsteam_api.so
0xf73b5b20  0xf73c6208  Yes         /lib32/libpthread.so.0
0xf7396f40  0xf73a88f8  Yes (*)     /home/filesystem_stdio.so
0xf648be80  0xf6f73040  Yes (*)     ./steamclient.so
0xf6306670  0xf637c020  Yes (*)     ./crashhandler.so
0xf3add5d0  0xf3ae3f28  Yes (*)     /lib32/libnss_files.so.2
0xf3a866a0  0xf3ac8f70  Yes (*)     /home/./cstrike/addons/metamod/dlls/metamod_i386.so
0xf3821500  0xf39b86b0  Yes (*)     /home/cstrike/dlls/cs.so
0xf36a9bb0  0xf36c7cb3  Yes         /home/cstrike/addons/SafeNameAndChat/SafeNameAndChat.so
(*): Shared library is missing debugging information.
Stack level 0, frame at 0xfff0df20:
 eip = 0xf36aab30 in PatternMemoryEqual (/slavebot/SafeNameAndChat/Main.cpp:289); saved eip = 0xf36aadb7
 inlined into frame 1
 source language c++.
 Arglist at unknown address.
 Locals at unknown address, Previous frame's sp in esp
End of crash report
----------------------------------------------

[WPMGPRoSToTeMa]

Please check if #4 fixes the crash, here are the binaries: https://github.com/WPMGPRoSToTeMa/SafeNameAndChat/actions/runs/1801278702#artifacts.

cuz gMsgBuffer can't find on ReHLDS platform, need find symbols through elf symbol table we really can't do without a hacks?

Looks like an addition to the ReHLDS API would be the best option, but I may want to re-consider the current implementation. At this point I think it's better to keep the status quo.

[Nord1cWarr1or]

@WPMGPRoSToTeMa Now it works!

Currently loaded plugins:
      description            stat pend  file                                vers             src  load  unload
 [ 1] SafeNameAndChat        RUN   -    SafeNameAndChat.so                  v1.2 Beta 2      ini  ANY   ANY

[s1lentq]

@WPMGPRoSToTeMa Don't you think that resolving for a symbol through elf symtab is more reliable than patterns?

Looks like an addition to the ReHLDS API would be the best option, but I may want to re-consider the current implementation.

This requires a consensus on adding this to the API, how safe is it to provide these globals variables in the 3rd party etc, no one guarantees that in the future refactoring or rethinking of the internal engine code won't affect these variables without the possibility of backward compatibility, idk

[DeNeDe]

Just tried Beta 2 on debian 12(testing/bookworm) with 5.15.0-3-amd64 #1 SMP Debian 5.15.15-2 (2022-01-30) x86_64 GNU/Linux, latest rehlds, regamedll and still crashes edit: https://github.com/WPMGPRoSToTeMa/SafeNameAndChat/actions/runs/1801278702 this doesn't crash anymore. its working [ 7] SafeNameAndChat RUN - SafeNameAndChat.so v1.2 Beta 2 ini ANY ANY

[WPMGPRoSToTeMa]

@Nord1cWarr1or, @DeNeDe thanks for the testing of this one!

@WPMGPRoSToTeMa Don't you think that resolving for a symbol through elf symtab is more reliable than patterns?

Of course, thanks for the idea. At first I didn't understand what you meant, but now I see it. This is yet to be implemented, so I'll plan to add it for the final 1.2. Let's keep the pattern easy fix for the 1.2 Beta 3.

This requires a consensus on adding this to the API, how safe is it to provide these globals variables in the 3rd party etc, no one guarantees that in the future refactoring or rethinking of the internal engine code won't affect these variables without the possibility of backward compatibility, idk

Yep, I'm also not happy about adding everything to the API, especially something very specific like this one.

[WPMGPRoSToTeMa]

This is fixed in 1.2 Beta 3 release.

[fred0r]

thank you for fixing.