[ANY/CSGO] cutlrbtree overflow, memory access
Following this tweet https://twitter.com/ZooL_Smith/statu...23189960478720 (all credits to ZooL) we have a knowledge why "CUtlRBTree overflow" crash happens. Every new unique string created (also every new entity) being added to a string pool which has a limit = 65536.
Please, don't ask "why you even need this?". This string pool is bugged because it's not purging itself on new round, which cause server crash after 1-2 hours of playing on some gamemodes. IS IT POSSIBLE to get access to these strings and kill only those, which are lost their relevance? There's a command which allows you to output all the strings - "dumpgamestringtable". If you search it on hl2 source code files, you can find "CGameStringPool" class: https://github.com/ValveSoftware/sou...stringpool.cpp Can we get an access to "m_Strings" of NON-entity class though the sourcemod, or maybe memory hack? UPD: In csgo's source code: https://github.com/perilouswithadoll...stringpool.cpp we have this function: Quote:
|
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Can this crash be related to https://crash.limetech.org/k6oh2z3avmqi ?
I have a deathrun server and this crash happens every 2 days with nothing related to sourcemod |
Re: [ANY/CSGO] cutlrbtree overflow, memory access
PHP Code:
|
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Quote:
Code:
Linux: \x55\x89\xE5\x56\x53\x83\xEC\x10\x8B\x75\x08\x8D\x46\x04 |
Re: [ANY/CSGO] cutlrbtree overflow, memory access
This calls 3 functions at once but you can find the signature and only call "CStringPool::FreeAll()"
Code
Gamedata
I didn't check because I don't have csgo |
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Alright. Thank you guys in helipng me with this investigation!
Here's conclusion that might be helpful for anyone who's facing same problem: Calling "FreeAll()" in round runtime wasn't a good idea, because you're losing map's logic. Every output stops working. Also, server crashes when you mp_restartgame 1. Maybe you should call it in pre-event of "round_restart"? I didn't try this. Forget about "FreeAll" then. Call "void Remove( const char *pszValue )" instead. It allows you to remove a string by it's name, but here's another problem: Every time you create an entity in runtime with VSCRIPT attached to it, it creates a wierd string with some unique ID and classname / targetname. Good thing you can get this unique ID and remove string in "OnEntityDestroyed" very easily. https://pbs.twimg.com/media/ECCw4PSXkAEaulG?format=png Here's the code: Code:
Handle sdkcall; YOU CAN USE THIS METHOD TO REMOVE ANY UNWATNED STRING Here's another solution, just 3 lines of code, that will remove only "m_iszScriptId" strings from stringpool. Code:
public void OnEntityCreated(entity, const char[] classname) |
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Just FYI,
I think your topic could be related to a similar issue in L4D2: [L4D2] Script Command Swap - Mem Leak Fix, caused by using the console command to create VScript instead of logic_script entity. Sorry for hijacking your topic. I also have a problem with 1 time per week crash related to CUtlRBTree overflow. But, my game is Left 4 Dead 1. There is no VScript system at all. I'm just curious didn't you try to use CStringPool::FreeAll() method on MapEnd?
Crash details:
|
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Quote:
Code:
sv_cheats 1 |
Re: [ANY/CSGO] cutlrbtree overflow, memory access
spams this in error logs when trying to use in L4D2:
PHP Code:
|
Re: [ANY/CSGO] cutlrbtree overflow, memory access
Quote:
PHP Code:
|
All times are GMT -4. The time now is 01:27. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.