Server crashes if cPlayer is deleted during the adding procedure. #1969
Comments
|
Double-free? |
|
No, an assert failure, and potential use after free. |
|
If anyone wants to reproduce this, or try and find other race conditions, I can post the program. |
|
Something else that may be related: If the world thread is blocked somewhere (i.e. in cMonster::Tick) for long enough, the client quits because of a timeout. cClientHandle's m_Protocol is destroyed, but then a message tries to be sent to the quit player, but since m_Protocol is null, there is a crash. |
worktycho
added a commit
that referenced
this issue
May 25, 2015
when socket is closed whilst the client is being added to the world Fixes #1969
worktycho
added a commit
that referenced
this issue
May 26, 2015
when socket is closed whilst the client is being added to the world Fixes #1969
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a race condition in the server that for a sufficiently loaded server, if the connection is closed during the player spawn process the server will crash as cWorld::HasEntity returns true for Entitys in the queue, but cWorld::Player does not remove it from. This causes the server to crash due to an ASSERT in cEntity.
I achieved this situation with a c++ program that simulates the bare minimum of a client to login, and attempts to run a login against the server every 10 ms.
The text was updated successfully, but these errors were encountered: