00:10 < bridge> The https://gitlab.com/ddnet-rs/twgame/-/blob/autoland/bin/src/bin/bug-8199.rs looks for this pattern now and prints all game_uuids of teehistorian files that matches. `./bug-8199 ` the path will get traversed recursively. 00:11 < bridge> The https://gitlab.com/ddnet-rs/twgame/-/blob/autoland/bin/src/bin/bug-8199.rs looks for this pattern now and prints all game_uuids of teehistorian files that matches. `./bug-8199 ` the path will traversed all files recursively. 00:14 < bridge> Example when using with cargo run in `twgame` git checkout: `cargo run --bin bug-8199 ~/.local/share/ddnet/teehistorian/` 03:16 < bridge> <0xdeen> Thanks a lot Zwelf! Now I have to check what files to run this on based on file date, because all would take forever 😄 04:31 < bridge> spellcheck wasn't perfect but how are you committing this without even take a look at the squiggly lines `public void SetTasfnorm(List l)` 04:35 < ws-client> also who has spellcheck in the dev IDE? 04:35 < ws-client> do you code in word? 04:36 < ws-client> https://zillyhuhn.com/cs/.1712889357.png 04:36 < ws-client> fred company be like 04:38 < bridge> jetbrains does have that by default 04:38 < ws-client> ew jetbrains 04:39 < bridge> cracked versions no less 04:39 < ws-client> xd 04:39 < ws-client> imagine having to crack your editor 04:39 < ws-client> if there is free and open source ones 04:39 < ws-client> like emacs 04:41 < bridge> it's just less work to train my coworkers to use git 04:41 < ws-client> just tell them git gud 04:41 < bridge> no way 04:41 < ws-client> i love how you have trainees that annoy you :D 04:45 < ws-client> also get off of discord and back to work watafak 04:45 < ws-client> i tell your boss 04:46 < bridge> i don't care about losing jobs 04:46 < bridge> they know that 04:51 < bridge> swedes got robbed 04:51 < ws-client> wat 04:52 < bridge> isn't matrick swedish 04:52 < ws-client> something like that 05:00 < bridge> wdym 0.7 05:05 < ws-client> ddnet 0.7 client demos 05:06 < ws-client> 弗雷迪 06:44 < bridge> <0xdeen> Could it also print the map and name of the people in that team or is that hard to add? 06:45 < bridge> <0xdeen> Seems like we have a lot of affected teehistorian files, so will take some time to go through all of them 08:13 < bridge> that would work too (can also add a timestamp check). 09:17 < bridge> I'm tired (again) 10:42 < bridge> damn 11:05 < bridge> fred again 11:09 < bridge> https://twitter.com/kosenjuu/status/1778404783923331373 11:09 < bridge> @mpft check this 11:10 < bridge> audio 11:51 < bridge> @learath2 do u know aarch64 asm 11:51 < bridge> Nope. I know it has some quirks though 11:52 < bridge> btw, do u have any hint on what a possible segfault could be if it only segfaults in x86_64, but not on aarch64? the result is wrong so its a bug 11:55 < bridge> here is the assembly 11:55 < bridge> the segfault happens on that store 11:55 < bridge> Show registers 11:55 < bridge> ok wait 11:55 < bridge> gotta rerun this 11:55 < bridge> xd 11:56 < bridge> Rbx getting broken by that call is weird, isn’t rbx callee saved? 11:57 < bridge> yeah 11:57 < bridge> its odd 11:57 < bridge> @learath2 u need a pop to restore it right? 11:57 < bridge> or can u restore it by changing rsp 11:57 < bridge> Afaik how you preserve it is not defined 11:58 < bridge> ``` 11:58 < bridge> $rax : 0x1 12:03 < bridge> the expr number changed but dont mind it the function 12:03 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228284446218653716/message.txt?ex=662b7c08&is=66190708&hm=9a7f6571b43a06658d87bb937515eace3157f452799bda9861b80612d9252f48& 12:03 < bridge> omg 12:04 < bridge> Can you also check what is in r14? What function are you calling? 12:04 < bridge> im calling `program::program::try_into_bytes[expr25](f0):` 12:09 < bridge> Well I don’t see anything obv wrong. I guess I would step through see how on earth that pop rbx doesn’t happen or how rsp gets ruined 12:09 < bridge> yeah 12:09 < bridge> ill look more into this 12:10 < bridge> @learath2 u know how fun it is not knowing if something is your bug or a llvm bug 12:10 < bridge> xD 12:10 < bridge> we found a MLIR bug that got fixed in llvm 18 12:11 < bridge> If this is rust, it could be miscompilation 12:12 < bridge> no its our own 12:12 < bridge> compiler 12:12 < bridge> its how i added the sigtrap 12:12 < bridge> manually xd 12:12 < bridge> u can see the int3 12:14 < bridge> and ye its probs something we do wrong 12:14 < bridge> Then your own mistake is more likely 12:14 < bridge> yeah 12:16 < bridge> <0xdeen> Stack overflow? https://github.com/rust-lang/rust/issues/79935 12:16 < bridge> its not rust 12:17 < bridge> xD 12:17 < bridge> But it could be stack overflow for you too 12:17 < bridge> do u overflow the stack on a store? 12:18 < bridge> hmm could be 12:18 < bridge> Maybe you have a store into a wrong offset that ruins the stack pointer or the stack itself in that call into r14, which restores a wrong rbx 12:19 < bridge> true 12:20 < bridge> I would first keep track of rsp, see if that’s broken 12:23 < bridge> @learath2 notice 12:24 < bridge> there is a add rsp, 0x68 12:24 < bridge> xD 12:25 < bridge> before the pops 12:25 < bridge> its what messes the rsp 12:25 < bridge> and sets rbx to 0x00007fff00000000 12:25 < bridge> which is not rly a addr 12:25 < bridge> before going to that it comes from a jump 12:25 < bridge> ` 0x00007ffff7fc233b <+155>: jmp 0x7ffff7fc23b8 ` 12:25 < bridge> this jump 12:25 < bridge> it skips this 12:25 < bridge> 12:25 < bridge> ``` 12:25 < bridge> 0x00007ffff7fc2378 <+216>: mov QWORD PTR [rsp+0x18],rcx 12:25 < bridge> 0x00007ffff7fc237d <+221>: mov QWORD PTR [rsp+0x10],rax 12:25 < bridge> 0x00007ffff7fc2382 <+226>: mov BYTE PTR [rsp+0x8],0x1 12:25 < bridge> 0x00007ffff7fc2387 <+231>: mov DWORD PTR [rsp+0x20],0x8 12:25 < bridge> ``` 12:25 < bridge> Mh, that’s normal, the add is to get rid of the stack of the callee 12:26 < bridge> true there is also a 0x00007ffff7fc22a7 <+7>: sub rsp,0x68 12:26 < bridge> at the start 12:26 < bridge> Push push push, sub rsp to allocate the stack of the callee,……,add rsp to deallocate the stack of the callee, pop pop pop 12:26 < bridge> how can i print the stack minus 0x68? 12:26 < bridge> In gdb? 12:26 < bridge> ``` 12:26 < bridge> Dump of assembler code for function program::program::try_into_bytes[expr25](f0): 12:26 < bridge> 0x00007ffff7fc22a0 <+0>: push r15 12:27 < bridge> 0x00007ffff7fc22a2 <+2>: push r14 12:27 < bridge> 0x00007ffff7fc22a4 <+4>: push r12 12:27 < bridge> 0x00007ffff7fc22a6 <+6>: push rbx 12:27 < bridge> 0x00007ffff7fc22a7 <+7>: sub rsp,0x68 12:27 < bridge> 0x00007ffff7fc22ab <+11>: int3 12:27 < bridge> => 0x00007ffff7fc22ac <+12>: mov r14,rdi 12:27 < bridge> ``` 12:27 < bridge> i can only stop here 12:27 < bridge> after the sub 12:27 < bridge> ye gdb 12:27 < bridge> $rsp + 0x68 no? 12:27 < bridge> - whatever 12:27 < bridge> gef➤ print ($rsp+0x68) 12:27 < bridge> $2 = (void *) 0x7fffffff8a68 12:27 < bridge> xd 12:27 < bridge> \- whatever 12:28 < bridge> gef➤ print *0x7fffffff8a68 12:28 < bridge> $3 = 0xffff8b98 12:28 < bridge> You want to examine the memory there, not just it’s address 12:28 < bridge> how 12:28 < bridge> i forgot gdb xd 12:28 < bridge> `x/10w ($rsp+0x68) 12:29 < bridge> whats x? 12:29 < bridge> `x/10w ($rsp+0x68)` 12:29 < bridge> eXamine 12:29 < bridge> gef➤ print x/10w ($rsp+0x68) 12:29 < bridge> No symbol "x" in current context. 12:29 < bridge> No print 12:29 < bridge> ``` 12:29 < bridge> 0x7fffffff8a68: 0xffff8b98 0x7fff 0x0 0x0 12:29 < bridge> 0x7fffffff8a78: 0xf7fc22a0 0x7fff 0x9875ec 0x0 12:29 < bridge> 0x7fffffff8a88: 0xf7fc204a 0x7fff 12:29 < bridge> ``` 12:30 < bridge> Make that 10g 12:30 < bridge> can you explain what it does 12:33 < bridge> ``` 12:33 < bridge> gef➤ x/10g ($rsp+0x68) 12:33 < bridge> 0x7fffffff8ad0: 0x1db4d9cee6f2494c 0xaab0955087dea811 12:33 < bridge> 0x7fffffff8ae0: 0x2c30e620ff7c8a4b 0x5246686403a16a1c 12:33 < bridge> 0x7fffffff8af0: 0xd77697b53557a631 0xc925852851117366 12:33 < bridge> 0x7fffffff8b00: 0x8 0x0 12:33 < bridge> 0x7fffffff8b10: 0x1 0x9875ec 12:33 < bridge> ``` 12:33 < bridge> oh wait 12:33 < bridge> ``` 12:33 < bridge> gef➤ x/10g ($rsp) 12:33 < bridge> 0x7fffffff8a68: 0x7fff00000000 0x0 12:34 < bridge> 0x7fffffff8a78: 0x7ffff7fc22a0 0x9875ec 12:34 < bridge> 0x7fffffff8a88: 0x7ffff7fc204a 0x0 12:34 < bridge> 0x7fffffff8a98: 0x0 0x0 12:34 < bridge> 0x7fffffff8aa8: 0x0 0x0 12:34 < bridge> ``` 12:34 < bridge> this one 12:34 < bridge> looks like smth changes it 12:34 < bridge> Okay the stack value got destroyed, so lets watch that address and see what destroys it 12:34 < bridge> how? xD 12:34 < bridge> watch i guess 12:36 < bridge> Yep 12:36 < bridge> Make sure you cast it to something 8 byte though 12:37 < bridge> `watch *(size_t *)($rsp+0x68)` or something like that 12:41 < bridge> it moves the byte 0x0 to the addr at r9 12:42 < bridge> the other break is at the pop 12:42 < bridge> → 0x7ffff7fc23bf pop rbx 12:42 < bridge> See the lea r9 at +74? 12:42 < bridge> oh wait i rerun 12:43 < bridge> 0x00007ffff7fc22e5 <+69>: lea r10,[rsp+0x48] 12:43 < bridge> 0x00007ffff7fc22ea <+74>: lea r9,[rsp+0x28] 12:43 < bridge> yes 12:44 < bridge> I’ve run out of context at this point, but that first write you found is what destroys the value in stack. Perhaps you have a self referential pointer there? 12:44 < bridge> could be 12:44 < bridge> thanks for the help though! 12:44 < bridge> Hope it’s of some use. Gl 12:46 < bridge> ``` 12:46 < bridge> 0x00007ffff7fc22e5 <+69>: lea r10,[rsp+0x48] ; this stack addr is loaded into r9 12:46 < bridge> 0x00007ffff7fc22ea <+74>: lea r9,[rsp+0x28] ; or this stack addr is loaded into r9 12:46 < bridge> 0x00007ffff7fc22ef <+79>: sub esi,DWORD PTR [rsp+0x90] 12:46 < bridge> 0x00007ffff7fc22f6 <+86>: cmp r8d,esi ; which depends on this 12:46 < bridge> 0x00007ffff7fc22f9 <+89>: cmove r9,r10 ; at this cmov 12:46 < bridge> ``` 12:46 < bridge> @learath2 actually it may be the first lea too 12:46 < bridge> cuz the cmp and cmove 12:50 < bridge> Maybe zero initialize the local stack, that might make the bug more obvious 12:51 < bridge> You also seem to access far more than you allocate. I don't quite understand whats going on there 12:51 < bridge> xD 12:52 < bridge> 0x68 we reserve for the frame, but I see access to rsp + a8 98, b8 12:52 < bridge> i see i see 12:53 < bridge> i guess i might be doing some allocas wrong 12:53 < bridge> by alloca i mean this https://llvm.org/docs/LangRef.html#alloca-instruction 12:56 < bridge> @learath2 if u look enough im sure u can get a nice job 12:56 < bridge> ur a pro 12:56 < bridge> I guess that is enough hints for you to go off of for now. Filling your stack with 0s might make it crash faster and more obv 12:56 < bridge> yeah 12:56 < bridge> ill see how i can do that with llvm xD 12:56 < bridge> well i guess i can zero init after a alloca 12:56 < bridge> Might be a good start yeah 12:56 < bridge> or is 0xbeef more obvious 12:56 < bridge> xd 12:57 < bridge> @learath2 any good books on debugging? 12:58 < bridge> or gdb related 12:58 < bridge> or resources 12:58 < bridge> i rly need to step up my debugging xD 12:58 < bridge> i can get my company to buy it >:) 12:58 < bridge> That is one topic I never really read up on. I just kept referring to the gdb docs as I needed stuff 12:58 < bridge> i see 12:58 < bridge> Learning some reverse engineering does help. It is a similar kind of thinking 12:59 < bridge> yeah 13:06 < bridge> @learath2 funny thing when i was debugging i found calls to memcpy avx512 13:06 < bridge> pog ryzen 13:06 < bridge> xD 13:06 < bridge> Pogzen 13:07 < bridge> do u know what is __futex_abstimed_wait_common64 13:19 < bridge> The driver thing? I've had to in the past 13:19 < bridge> why does ddd look so ugly 13:19 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228303451667300372/image.png?ex=662b8dbb&is=661918bb&hm=f3b6ac75e870cbad389da972b11eb3f23b14efbf9100c274e451d2c8895bb531& 13:19 < bridge> It's the userspace part of the futex wait for uncontested futexes iirc 13:20 < bridge> It'll spin there for very little time before going into a deeper slumber using the futex syscall 13:20 < bridge> Oh, I've never seen this 13:20 < bridge> i guess ddd is ancient 13:20 < bridge> GNU DDD 13:20 < bridge> https://www.gnu.org/software/ddd/ 13:20 < bridge> I only use gdb and sometimes gdb with tui 13:28 < bridge> Oh and gdb with gef when reverse engineering 14:04 < bridge> @learath2 https://www.phoronix.com/news/Gentoo-Linux-SPI-Project 14:04 < bridge> @learath2 https://www.gentoo.org/news/2024/04/10/SPI-associated-project.html 15:50 < bridge> @learath2 15:50 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228341424752169031/img_7159.png?ex=662bb119&is=66193c19&hm=0e681f497dfea2099ba739effac0083b80a4c70be48e7af0198264365c53841e& 15:51 < bridge> So true 15:51 < bridge> <_gwendal> lmao i love that template so much 16:08 < bridge> XDD 16:11 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228346830970945647/image.png?ex=662bb622&is=66194122&hm=fa23388ccfce2f20f58dad0ac0af56cd52130301237a7d81d97f1e8811f21e32& 16:12 < bridge> @learath2 what u think 16:12 < bridge> i looked to much assembly i need memes now 17:01 < bridge> https://darkdust.net/files/GDB%20Cheat%20Sheet.pdf 17:10 < bridge> Postgres is a very flexible tool indeed. Unless you have some extreme demands from your data store, it can fill in for a lot of the newfangled stuff 17:11 < bridge> omg weird stuff 17:11 < bridge> i was testing this using a JIT engine from llvm 17:11 < bridge> using it as a .so library it doesnt segfault 17:12 < bridge> oh 17:12 < bridge> the .so isnt optimized 17:12 < bridge> If optimization is what breaks it, it’s very very likely you are violating a constraint without noticing 17:13 < bridge> yep 17:14 < bridge> without opts the stack looks so clean 17:14 < bridge> its all zeros 17:14 < bridge> there is only this 0x00007fffffff8b30 → 0x0000000000000000 17:16 < bridge> yep it breaks 18:07 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228375946676011008/GK88Ln9akAAuc5h.jpg?ex=662bd13f&is=66195c3f&hm=0f86007d75af210ffa97c096ca484f8b06f81b89386eb3be8b6e2357e8abf09a& 18:41 < bridge> Average Postgres W :gigachad: 18:53 < bridge> yo have question records channel messages about top 1 of each map is public to know how it's calculate and comparing to next place ? 18:55 < bridge> just do `(old_time / new_time) * 100`? 18:55 < bridge> time in game ticks 18:56 < bridge> no I mean when and where it's check is it checking on ddnet server then it's sending by discord webhook ? 19:00 < bridge> It's done here, https://github.com/ddnet/ddnet-scripts/blob/808c81af00f928209041bdd08338b1175dc357ef/servers/scripts/top-ranks.py#L57 and then sent to the webhook with this script, https://github.com/ddnet/ddnet-scripts/blob/master/servers/scripts/discord-ranks.py 19:02 < bridge> oh tnx ❤️ 19:18 < bridge> sorry what is `scripts/discord-ranks-last` for ? 20:10 < bridge> scary 20:45 < bridge> direct 3d? :justatest: 20:46 < bridge> don't be misled... that's just what i'm using as the renderer on dolphin 20:46 < bridge> :justatest: 21:13 < bridge> I saw a different variation 21:13 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228422673374384138/whatisanindex-v0-cs09idk4eytc1.webp?ex=662bfcc4&is=661987c4&hm=fbb3ae8d1b9de18ac5bec98a75db550a15967dadb910d8ecb9d66f5a96d2f1c8& 21:13 < bridge> I love it when I type too fast and get sent to bing instead 21:43 < bridge> The output is now a lot clearer. It outputs player names, timestamp, map and only looks at teehistorian files between `2024-04-07` and `2024-04-13`. I think for the remaining affected teehistorian files it is best to check with the database whether finishes exist on those and only then check the demo. 21:44 < bridge> I just use Open-Shell 21:45 < bridge> https://gitlab.com/ddnet-rs/twgame/-/tree/255b60e92821afebeb3a4da17e529a748f8d5890 21:48 < bridge> even better 21:48 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1228431589151739946/ztveebvr2x761.webp?ex=662c0512&is=66199012&hm=d71b2e58b83cad0dc2dce00fdf03876ea7ba76a8791f65e368cc6e0644a2c82a& 21:57 < bridge> Gentoo mentioned 22:04 < bridge> Why 22:04 < bridge> He wants u to use Vulkan 22:13 < bridge> GENTOO 22:54 < bridge> jesus christ 22:59 < bridge> unrelated but the dr put me on vyvanse and it's like i was living in hard mode tbh 22:59 < bridge> now i don't really have to think about whether or not i want to do something before i do it 22:59 < bridge> i feel actually normal 22:59 < bridge> now i want a feature to add to ddnet or something 22:59 < bridge> to kill time 23:11 < bridge> speaking of kill - may i reintroduce the idea to rescue on kill tile collision within practice mode? :kek: - why not write some rust stuff! 23:12 < bridge> like i've already said, it's completely finished the way i want it to be done 23:12 < bridge> if heinrich has other intentions then he's free to implement them 23:12 < bridge> but i'm not putting in more work just so his toddler attitude can be appeased 23:13 < bridge> thanks for the suggestion though 23:13 < bridge> doing something in rust is a good idea 23:13 < bridge> but im not sure what 23:13 < bridge> :justatest: 23:15 < bridge> i'm hoping some of zwelf's rust interfaces get merged eventually 23:15 < bridge> so ddnet rust can actually be functional 23:16 < bridge> atm it'd be so much FFI tomfoolery to even get started 23:16 < bridge> im currently cooking a (currently closed source) rustapi to handle accounts using sqlx, and tokio, loving the journey so far 23:18 < bridge> ```rust 23:18 < bridge> pub async fn create(pool: &MySqlPool, user: User) -> Result, sqlx::Error> { 23:18 < bridge> let result = sqlx::query("INSERT IGNORE INTO users (username, password) VALUES (?, ?)") 23:18 < bridge> .bind(&user.username) 23:18 < bridge> .bind(&user.password) 23:18 < bridge> .execute(pool) 23:18 < bridge> .await?; 23:18 < bridge> 23:18 < bridge> if result.rows_affected() == 1 { 23:18 < bridge> Ok(Some(result.last_insert_id() as i32)) 23:18 < bridge> } else { 23:18 < bridge> Ok(None) 23:18 < bridge> } 23:18 < bridge> } 23:18 < bridge> ``` 23:18 < bridge> 23:18 < bridge> i fckn love this syntax so much, its so much fun 23:19 < bridge> me and gerdoe (want to give proper credit ofc) currently cooking a (currently closed source) rustapi to handle accounts using sqlx, and tokio, loving the journey so far 23:19 < bridge> gerdoe and me (want to give proper credit ofc) are currently cooking a (currently closed source) rustapi to handle accounts using sqlx, and tokio, loving the journey so far 23:20 < bridge> gerdoe and me (want to give proper credit ofc) are currently cooking a (currently closed source) rustapi to handle accounts using sqlx, axum and tokio, loving the journey so far 23:28 < bridge> Lisdexamfetamine just doesn't do anything for me. Methylphenidate kinda makes me want to do stuff but I only ever had it for a short while since no doctor wants to prescribe it in Italy or Turkey 23:31 < bridge> I'm doomed to undiagnosed adhd since no doctor is willing to diagnose me. They just say I'm depressed ignoring the fact that I'm depressed because of my adhd, not the other way around 23:31 < bridge> i feel like i was the same way to be honest 23:31 < bridge> i mean 23:31 < bridge> im not out of it yet right 23:31 < bridge> i'm new on vyvanse 23:32 < bridge> but if it continues to work the way it has then i feel like it's the solution for me 23:32 < bridge> most of my depressive tendencies are a result of bad habits from adhd 23:32 < bridge> it's sad that it doesn't work for you, i never tried ritalin so i can't say much about it 23:34 < bridge> i feel like when i was younger i could do these things without consequences 23:34 < bridge> but it takes its toll 23:34 < bridge> sleep whenever, eat whenever, caff whenever 23:34 < bridge> only do school if i want 23:34 < bridge> Ritalin for me (i got it prescribed as a Kid until i was 18 y/o) Just Made Me sleepy and loose my appetite, it only really worked for exams where sitting still was difficult for Me 23:34 < bridge> that's usually how it's supposed to work unfortunately 23:35 < bridge> it's supposed to make you feel "normal" 23:35 < bridge> maybe sleepy is a side effect 23:35 < bridge> If thats normal i rather snort crack everyday fr 23:35 < bridge> i sort of lose my edge in the late afternoon 23:35 < bridge> but i think it would be fixed by proper sleep habits 23:35 < bridge> constent and abundant sleep is incredibly important for your health 23:35 < bridge> ur not using sqlx power 23:35 < bridge> use the macro 23:36 < bridge> 10€ and i might 23:36 < bridge> :justatest: 23:36 < bridge> also u use ? 23:36 < bridge> use psql directly 23:36 < bridge> oh wait is it mysql 23:36 < bridge> Yes 23:36 < bridge> boo 23:36 < bridge> :kek: 23:36 < bridge> use mongodb 23:36 < bridge> it's webscale 23:36 < bridge> Nah 23:36 < bridge> use the sqlx::query! macro 23:36 < bridge> for compile time checked queries 23:37 < bridge> nice 23:38 < bridge> What would be the benefit in my usecase tho ? 23:39 < bridge> u know ur query is valid 23:39 < bridge> xd 23:39 < bridge> if the query is malformed it will fail to compile 23:39 < bridge> Im checking the query values during the Initial request tho 23:40 < bridge> ok but do u want to investigate when u make a typo 23:40 < bridge> or do u want the compiler to do it for you 23:40 < bridge> I dont do typos :feelsbadman: 23:40 < bridge> :gigachad: