Counter-Strike new update on Linux crashes when open scoreboard

[khanghugo]

Here is the log after joining a game and open scoreboard.

Error:/home/khang/.local/share/Steam/steamapps/common/Half-Life/.so: cannot open shared object file: No such file or directory
DemoPlayer::Init: couldn't get engine interface.

ERROR! System::AddModule: couldn't initialize module (null).

Can't "cmd", not connected

Unknown command from unsafe location. Ignoring.

STEAM Auth Server

Playing Startup Videos...

AppActive: active
AppActive: active
AppActive: not active
AppActive: active
No detail texture mapping file: maps/crossfire_detail.txt

[S_API] SteamAPI_Init(): Loaded '/home/khang/.local/share/Steam/linux32/steamclient.so' OK.
CAppInfoCacheReadFromDiskThread took 17 milliseconds to initialize
dlmopen steamservice.so failed: steamservice.so: cannot open shared object file: No such file or directory
SteamInternal_SetMinidumpSteamID:  Caching Steam ID:  76561197960265728 [API loaded yes]
SteamInternal_SetMinidumpSteamID:  Setting Steam ID:  76561197960265728
Looking up breakpad interfaces from steamclient
Calling BreakpadMiniDumpSystemInit
SteamInternal_SetMinidumpSteamID:  Caching Steam ID:  76561197960265728 [API loaded yes]
SteamInternal_SetMinidumpSteamID:  Setting Steam ID:  76561197960265728
ERROR: ld.so: object '/home/khang/.local/share/Steam/ubuntu12_64/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
crash_20231122132703_14.dmp[12803]: Uploading dump (out-of-process)
/tmp/dumps/crash_20231122132703_14.dmp
crash_20231122132703_14.dmp[12803]: Finished uploading minidump (out-of-process): success = yes
crash_20231122132703_14.dmp[12803]: response: Discarded=1
crash_20231122132703_14.dmp[12803]: file ''/tmp/dumps/crash_20231122132703_14.dmp'', upload yes: ''Discarded=1''
pid 12803 != 12802, skipping destruction (fork without exec?)
/home/khang/.local/share/Steam/steamapps/common/Half-Life/hl.sh: line 83: 12722 Segmentation fault      (core dumped) ${DEBUGGER} "${GAMEROOT}"/${GAMEEXE} "$@"

[kisak-valve]

Possibly related to #3502.

[OlegAckbar]

Can confirm this issue

[ghost]

Stack trace:

Program terminated with signal SIGSEGV, Segmentation fault.

warning: Section `.reg-xstate/189663' in core file too small.
#0  CCSClientScoreBoardDialog::UpdateTeamInfo (this=<optimized out>) at ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp:577
Downloading source file /home/buildbot/buildslave/goldsrc_linux/build/GoldSrc/linux/../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp
577     ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp: Directory not empty.                                                                                           
[Current thread is 1 (Thread 0xf766cb00 (LWP 189663))]
(gdb) info stack
#0  CCSClientScoreBoardDialog::UpdateTeamInfo (this=<optimized out>) at ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp:577
#1  0xcf0369eb in CClientScoreBoardDialog::FillScoreBoard (this=0x951cab0) at ../vgui2/game_controls/ClientScoreBoardDialog.cpp:501
#2  CClientScoreBoardDialog::Update (this=this@entry=0x951cab0, servername=servername@entry=0xffa1504b " Player's Server", teamplay=teamplay@entry=true, 
    spectator=spectator@entry=false) at ../vgui2/game_controls/ClientScoreBoardDialog.cpp:168
#3  0xcef57682 in CCSClientScoreBoardDialog::Update (this=0x951cab0, servername=0xcf0afde4 <__g_CounterStrikeViewport_singleton+132> "Player's Server", 
    teamplay=true, spectator=false) at ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp:274
#4  0xcf03f1c1 in TeamFortressViewport::OnTick (this=this@entry=0xcf0afd60 <__g_CounterStrikeViewport_singleton>)
    at ../vgui2/game_controls/vgui_TeamFortressViewport.cpp:690
#5  0xcef508a0 in CounterStrikeViewport::OnTick (this=0xcf0afd60 <__g_CounterStrikeViewport_singleton>) at ../cstrike/cl_dll/VGUI/counterstrikeviewport.cpp:770
#6  0xcef87a3d in CHud::UpdateClientData (this=this@entry=0xcf0b4900 <gHUD>, cdata=cdata@entry=0xffa15130, time=time@entry=3.81224442)
    at ../cstrike/cl_dll/hud_update.cpp:42
#7  0xcef70188 in HUD_UpdateClientData (pcldata=0xffa15130, flTime=3.81224442) at ../cstrike/cl_dll/cdll_int.cpp:484
#8  0xf4a9234d in ClientDLL_UpdateClientData () at ../engine/cdll_int.c:1186
#9  0xf49e2a55 in _Host_Frame (time=time@entry=2.6350001e-06) at ../engine/host.c:1414
#10 0xf49e2d38 in Host_Frame (time=2.6350001e-06, iState=1, stateInfo=stateInfo@entry=0xffa1524c) at ../engine/host.c:1549
#11 0xf4a13e24 in CEngine::Frame (this=0xf4c74ee0 <g_Engine>) at ../engine/sys_engine.cpp:245
#12 0xf4a10e84 in RunListenServer (instance=0x0, basedir=0x804d120 <szBaseDir> "~/.local/share/Steam/steamapps/common/Half-Life", 
    cmdline=0x8b39d00 "~/.local/share/Steam/steamapps/common/Half-Life/hl_linux -steam -game cstrike", 
    postRestartCmdLineArgs=0x804f260 <main::szNewCommandParams> "", launcherFactory=0x80497f0 <CreateInterface(char const*, int*)>, 
    filesystemFactory=0xf5d05450 <CreateInterface(char const*, int*)>) at ../engine/sys_dll2.cpp:968
#13 0x0804905b in main (argc=4, argv=0xffa154b4) at ../launcher/launcher.cpp:469

[ShiroYasha456]

having the same issue myself

[ByJumperX4]

Having the same problem on my end
flatpak steam, gentoo linux

[ghost]

confirming this issue myself too

[Eoin-ONeill-Yokai]

Can confirm this issue on Fedora linux.

[eightyninetytwo]

Confirming this issue on Linux Mint

[Neonpk]

I'm unable to reproduce. I've installed the latest version of HLDS 06:35:09 Nov 23 2023 (9891) joined the server and pressed key to open scoreboard and the server did not crash.

On ReHLDS in conjunction with REGAME-DLL and METAMOD-R everything works fine

[drehak]

Confirming on Arch (X11/i3, 64bit).

[Neonpk]

SteamDB shows that a test update was released today. (https://steamdb.info/app/10/history/)
Most likely, one of these days there will be a patch.

[eightyninetytwo]

SteamDB shows that a test update was released today. (https://steamdb.info/app/10/history/) Most likely, one of these days there will be a patch.

You're a legend, thanks for keeping everyone updated

[jinetty]

Confirming on Arch Linux (Plasma 5.27 Wayland/X11 Session)

[flaphoschi]

Confirmed (Archlinux, GNOME/WAYLAND, AMD RNDA2 running Kernel 6.2.2, Mesa 23.2.1).

@kisak-valve
Do you need beta-testers? I willing to test and report. As I see the current channel beta - beta is shipping the an old release, so this is not an option.

// edit
Todays update didn't fixed it.

[bolokanar]

Yep, still crashing after new update.

[Neonpk]

Yes, same thing.

Now I have debugged and the stack trace turned out to be similar to @stacksmash76.

Thread 1 "hl_linux" hit Breakpoint 1, CCSClientScoreBoardDialog::UpdateTeamInfo (this=0x8cb44f0) at ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp:559 559 ../cstrike/cl_dll/VGUI/cstrikeclientscoreboard.cpp: No such file or directory.

[SamVanheer]

A quick look using IDA shows they're probably passing sizeof(bufname) to swprintf instead of ARRAYSIZE(bufname). Before the anniversary update this caused it to silently write past the end of the buffer which is on the stack, so random corruption issues occurred that probably went unnoticed since the overwritten memory was written to afterwards.

Now it uses _swprintf_chk which is responsible for shutting the game down due to said overflows: https://refspecs.linuxbase.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/baselib---swprintf-chk-1.html

There are a number of cases in various parts of the engine and the games where wide character string buffers have their size calculated using sizeof instead of ARRAYSIZE. Best to just check all of them and fix them all in one go, but that could break things in other ways. The buffer sizes need double checking and increasing where needed.

For reference: char is one byte in size so number of characters equals size in bytes, wchar_t's size is implementation-defined: 2 bytes on Windows and 4 bytes on Linux.

The buffer size is 6 characters so 6 * 4 is 24, which is what's being passed in.

Interestingly the first call does pass the correct size so it's inconsistently calculated.

[fred0r]

@kisak-valve
maybe take a look at https://github.com/mikkokko/csldr for some inspiration about FOV.

[kisak-valve]

Hello @fred0r, friendly reminder that I'm a moderator for Valve's issue trackers on Github, and not a game developer myself. I have no real insight into the game's code base beyond what's publicly available.

[fred0r]

@kisak-valve
sry - wasnt ment 'like that' :/
maybe you could file my url to some dev, beside giving him some context from this 'issue'.

[andrzej-tech]

+1
NAME="Pop!_OS"
VERSION="22.04 LTS"

[Neonpk]

In addition to the scoreboard.

I found another problem related to swprintf and __swprintf_chk, which was described by @SamVanheer.

When you join a server with a custom weapon slot and when you select the desired slot, the client crashes in the same way.
On the function call CHudVGUI2Print::VGUI2HudPrintArgs

Stack Trace:

*** buffer overflow detected ***: terminated

Thread 1 "hl_linux" received signal SIGABRT, Aborted.
0xf7fc7579 in __kernel_vsyscall ()
(gdb) bt
#0  0xf7fc7579 in __kernel_vsyscall ()
#1  0xf788ea17 in ?? () from /usr/lib32/libc.so.6
#2  0xf783b317 in raise () from /usr/lib32/libc.so.6
#3  0xf7822121 in abort () from /usr/lib32/libc.so.6
#4  0xf78231b6 in ?? () from /usr/lib32/libc.so.6
#5  0xf793be03 in __fortify_fail () from /usr/lib32/libc.so.6
#6  0xf793b7df in __chk_fail () from /usr/lib32/libc.so.6
#7  0xf793d075 in __swprintf_chk () from /usr/lib32/libc.so.6
#8  0xdaabd67f in swprintf (
    __fmt=0xffffa910 L"Mode: Normal (\xc1c0ddac\xec254472\xffffaa70", 
    __n=2048, __s=0xdabefa18 <gHUD+24856> L"Free Chase Cam")
    at /usr/include/i386-linux-gnu/bits/wchar2.h:292
#9  CHudVGUI2Print::VGUI2HudPrintArgs (this=0xdabef9fc <gHUD+24828>, 
    charMsg=charMsg@entry=0xdac04180 <CHudTextMessage::MsgFunc_TextMsg(char const*, int, void*)::szBuf> "Mode: Normal", 
    sstr1=sstr1@entry=0xdac04200 <CHudTextMessage::MsgFunc_TextMsg(char const*, int, void*)::szBuf+128> "", 
    sstr2=sstr2@entry=0xdac04280 <CHudTextMessage::MsgFunc_TextMsg(char const*, int, void*)::szBuf+256> "", 
    sstr3=sstr3@entry=0xdac04300 <CHudTextMessage::MsgFunc_TextMsg(char const*, int, void*)::szBuf+384> "", 
    sstr4=sstr4@entry=0xdac04380 <CHudTextMessage::MsgFunc_TextMsg(char const*, int, void*)::szBuf+512> "", x=x@entry=-1, y=378, r=r@entry=1, 
--Type <RET> for more, q to quit, c to continue without paging--
    g=g@entry=0.70599997, b=b@entry=0.118000001)
    at ../cstrike/cl_dll/hud_vgui2print.cpp:323

[bolokanar]

Exe build: 08:56:59 Dec 1 2023 (9899)
Still not working

[fred0r]

https://steamdb.info/app/10/history/
#21428111

/me keeps his fingers crossed

[eightyninetytwo]

https://steamdb.info/app/10/history/ #21428111

/me keeps his fingers crossed

Been keeping my fingers crossed for a month now lmao

[peylight]

I have the same problem.
It is not about server.
Even make New game on client can cause crash when Tab clicked.

[6yntar05]

+1
ArchLinux

[peylight]

Even Condition Zero have the same problem.

[bolokanar]

Btw I think I found another bug...
Can somebody please confirm if it's crashing when you buy via vest; vesthelm from console or bind. Doesn't really matter.

[Neonpk]

@bolokanar

Everything is fine in New Game.

When you join a server with the metamod extension, it crashes due to the same error swprintf and __swprintf_chk

On a call to the same function: CHudVGUI2Print::VGUI2HudPrintArgs , which was described above.

[bolokanar]

@bolokanar

Everything is fine in New Game.

When you join a server with the metamod extension, it crashes due to the same error swprintf and __swprintf_chk

On a call to the same function: CHudVGUI2Print::VGUI2HudPrintArgs , which was described above.

Weird. On my end it crashes even in New game.
Anynody can point me to a resource to generate a trace?

Anyway, opened a new issue: #3701

[kernel17]

+1
NixOS-Unstable

[SamVanheer]

There's no need to keep bumping this issue, the cause is known. It happens on Linux regardless of distro. Just wait until it's listed as fixed.

[fir3-1ce]

I just had it crash while using the buy menu. I don't know what triggered it. The scoreboard bug is there too

[bolokanar]

I just had it crash while using the buy menu. I don't know what triggered it. The scoreboard bug is there too

#3672

[0Ky]

Dec 12, 2023 update:
* Fixed an occasional crash when opening the scoreboard.

@khanghugo Can you retest again? I believe the recent update should have fixed this.

[Neonpk]

Yay.
🆒
😃
This is victory, but viewdemo command is still not fixed (the client crashes).

bt:

Error:/home/neonpk/.local/share/Steam/steamapps/common/Half-Life/.so: cannot open shared object file: No such file or directory
CDemoPlayerDialog::LoadModules: couldn't get engine interface.

viewdemo <demoname>: shows a demo


Thread 1 "hl_linux" received signal SIGSEGV, Segmentation fault.
0xda8d119f in CDemoPlayerDialog::ApplySchemeSettings (this=0xcb92160, 
    pScheme=0x8b4fb90) at ../GameUI/DemoPlayerDialog.cpp:139
139	../GameUI/DemoPlayerDialog.cpp: No such file or directory
(gdb) c
Continuing.

Thread 1 "hl_linux" received signal SIGSEGV, Segmentation fault.
0xda8d119f in CDemoPlayerDialog::ApplySchemeSettings (this=0xcb92160, 
    pScheme=0x8b4fb90) at ../GameUI/DemoPlayerDialog.cpp:139
139	in ../GameUI/DemoPlayerDialog.cpp
(gdb) bt
#0  0xda8d119f in CDemoPlayerDialog::ApplySchemeSettings (this=0xcb92160, 
    pScheme=0x8b4fb90) at ../GameUI/DemoPlayerDialog.cpp:139
#1  0xda947c43 in vgui2::Panel::PerformApplySchemeSettings (this=0xcb92160)
    at ../vgui2/controls/Panel.cpp:1871
#2  0xf5dc6524 in BaseUISurface::InternalSchemeSettingsTraverse (
    this=this@entry=0xf6545660 <g_BaseUISurface>, panel=panel@entry=146771344, 
    forceApplySchemeSettings=forceApplySchemeSettings@entry=false)
    at ../engine/vgui2/BaseUISurface.cpp:1379

[bolokanar]

Yep, it works on my end (finally)

] version 
Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
Exe build: 23:26:01 Dec  9 2023 (9907)

[flaphoschi]

Confirm the fix. Thank you for fixing 🙂

App ID: 10
Build ID: 12934623

Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
Exe build: 23:26:01 Dec  9 2023 (9907)

The wording with "occasional" is funny. I literally press Tab multiple times within a round.

[khanghugo]

Works for me.

[flaphoschi]

@kisak-valve I think you can close this issue 😉