Server changing variables randomly (memory bug?)
#1

Hello, it's been a while!

My server is experiencing an issue where after a period of time, variables are just randomly being changed/bugged. I believe it is a memory issue?

I will offer a reward (money if I am allowed) for anyone that helps me nail down this issue.


Anyway, for example:

pawn Code:
new iWeather = 0;

// a timer every 24 minutes
iWeather = randomEx( 10, 12 )

// another timer every second
SetPlayerWeather( playerid, iWeather );
Now randomly, out of nowhere. This weather variable is being changed to some negative value and bugging out the server.

ANOTHER EXAMPLE:
pawn Code:
/* ** Random Messages ** */
static const
    g_randomMessages[ 45 ] [ 137 ] =
    {
        { "{8ADE47}Stephanie:"COL_WHITE" You can buy ropes at Supa Save or a 24/7 store to tie people up!" },
        { "{8ADE47}Stephanie:"COL_WHITE" Save us on your favourites so you don't miss out on the action!" },
        // 43 others ...
    }
;

public timer( )
{
    if( ( g_iTime = gettime( ) ) > g_randomMessageTick ) {
        SendClientMessageToAll( -1, g_randomMessages[ random( sizeof( g_randomMessages ) ) ] );
        g_randomMessageTick = g_iTime + 30;
    }
}
This constant array only just dumps random messages in my server periodically. However, it sometimes only just prints NOTHING. Like literally, the constant value is changed by itself during runtime.

-----

Advanced

according to a stack trace, seems that last line before my server crashes is here
https://github.com/compuphase/pawn/b...amx/amx.c#L582

-----

This issue occurs to many variables and consequentially, the server crashes.

Crashdetect provides me some information such as:
Code:
[10:42:56] [debug] AMX backtrace:
[10:42:56] [debug] #0 native memcpy () from samp03svr
But when I comment the code, other things get even more buggy. I've rolled back to an older version of my server and this still persists oddly.

If you know any potential reasons for this to cause (or fixes), please tell me.

I'll reward contributors that help me to fix the issues.


Ask me if you need more information, and what kind of information.
Reply
#2

Instead of using randomex try this raw method(im not sure if it will work but you can try)
PHP Code:
srandom(a,b)
{
if(
a>b)
{
return 
random(a-b+1)+b;
}
return 
random(b-a+1)+a;

Reply
#3

Variables being overwritten is nearly always caused by a stack or buffer overflow; putting more things on the stack than it has room to store, or somehow storing a larger string in a variable than its capacity allows.
Reply
#4

Well something is leaking for sure, but it's a needle in the haystack, you yourself should know better when it started happening and what you've added back then, trace recursive functions and such. An observation I made was that it's very easy to ruin data with memcpy, check for memcpy's with incorrect sizes, as those can easily overwrite your data if you give them incorrect numbers.
Reply
#5

Thank you for the replies. Hope y'all don't mind me asking, it's imperative I nail it to the last detail.

Stack overflow?

What's the most common type of stack overflow? Doesn't the compiler often suggest a stack overflow after compilation?

Buffer overflow?

Are there more examples of a buffer overflow than just this?

pawn Code:
new
    szString[ 8 ];

format( szString, 16, "%s", "the lazy dog jumps over lorenc's fence" );
Reply
#6

Did you run your server on localhost to check if it does the same thing?
Reply
#7

Buffer overflow means that your string has more cells than it can hold for example

Code:
CMD:test(playerid)
{	
	new message[100];
	if(sscanf(params, "s[144]", message)) return 0;
	
	new string[100];
	format(string, sizeof(string), "%s from id %i", message, playerid);
	SendClientMessage(playerid, -1, string);
	return 1;
}
I remember facing such problems but the server never crashed

I hope my info helped you out
Reply
#8

I got a problem similar to this once, I defined a global string and after some time the string changes to random characters but never fixed it, had to re-create the whole thing I made..
Reply
#9

Quote:
Originally Posted by SecretBoss
View Post
Buffer overflow means that your string has more cells than it can hold for example

Code:
CMD:test(playerid)
{	
	new message[100];
	if(sscanf(params, "s[144]", message)) return 0;
	
	new string[100];
	format(string, sizeof(string), "%s from id %i", message, playerid);
	SendClientMessage(playerid, -1, string);
	return 1;
}
I remember facing such problems but the server never crashed

I hope my info helped you out
Sscanf automatically discards the excess hence the warning (afaik)? I don't think we're even meant to have only "s[144]", am I wrong?

Quote:
Originally Posted by PawnHunter
View Post
I got a problem similar to this once, I defined a global string and after some time the string changes to random characters but never fixed it, had to re-create the whole thing I made..
Very similar, if not, the same issue.

Quote:
Originally Posted by Golimad
View Post
Did you run your server on localhost to check if it does the same thing?
Not yet, because it happens after a few hours.
Reply
#10

I run some tests because I wanted to make a function to continue messages to a new line if they are very long and I received such messages when the string was too long

Logs:

Code:
[19:43:30] [join] SecretBoss has joined the server (0:192.168.2.2)
[19:43:50] sscanf warning: String buffer overflow.
[19:43:53] sscanf warning: String buffer overflow.
[19:43:54] [part] SecretBoss has left the server (0:2)
[19:44:18] [connection] 192.168.2.2:55307 requests connection cookie.
[19:44:19] [connection] incoming connection: 192.168.2.2:55307 id: 0
[19:44:19] [join] SecretBoss has joined the server (0:192.168.2.2)
[19:44:33] sscanf warning: String buffer overflow.
[19:44:38] sscanf warning: String buffer overflow.
[19:49:32] sscanf warning: String buffer overflow.
[19:49:34] [part] SecretBoss has left the server (0:2)
Reply
#11

Quote:
Originally Posted by SecretBoss
View Post
I run some tests because I wanted to make a function to continue messages to a new line if they are very long and I received such messages when the string was too long

Logs:

Code:
[19:43:30] [join] SecretBoss has joined the server (0:192.168.2.2)
[19:43:50] sscanf warning: String buffer overflow.
[19:43:53] sscanf warning: String buffer overflow.
[19:43:54] [part] SecretBoss has left the server (0:2)
[19:44:18] [connection] 192.168.2.2:55307 requests connection cookie.
[19:44:19] [connection] incoming connection: 192.168.2.2:55307 id: 0
[19:44:19] [join] SecretBoss has joined the server (0:192.168.2.2)
[19:44:33] sscanf warning: String buffer overflow.
[19:44:38] sscanf warning: String buffer overflow.
[19:49:32] sscanf warning: String buffer overflow.
[19:49:34] [part] SecretBoss has left the server (0:2)
Yeah but sscanf handles it AFAIK. So it shouldn't be a problem.

Managed to portionally fix it by searching all my formats carefully. However, the random messages are being unfortunately bugged.

Please let me know if you know some ways to cause overflows in ways I wouldn't imagine (or something)
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)