Where does "Error: Invalid command received" come from?

[Silentwings]

Please list current exploits ...

I'm not doing that on a public forum for very obvious reasons. Also, I said "produce fair games", not "crash". For a basic and harmless example, while I was changing something in CF2 recently I produced a minor crash (never checked if local or global, but presumably global if commands are not checked in unsynced before being sent) with a patrol command that had a unitID as its target instead of a map coord.

Also that issue is entirely off topic.

[AF]

An API that gets told to do something but doesn't return or indicate that something went wrong, is a shoddy API. I for one support these messages.

Swallowing invalid commands only leads to confused developers, and bugs that go unnoticed.

[Google_Frog]

AF and abma, your points are trumped by mine. You are saying that error reporting is good. I am saying that your error reporting will not actually cause errors to be fixed. It will always spam players because people don't fix widgets. A malicious person could intentionally spam errors with a widget.

I am not even convinced that invalid commands are always a problem. But I don't need this line of argument.

[AF]

I'm saying if errors are never reported, you may never find out that they exist, and they won't be fixed because nobody will know they exist. Lua widgets aren't the only code that issues commands. Also, a malicious person could do a lot of things aside from spamming invalid commands from a Lua widget, what if they spammed valid commands that didn't do much? Telling a stopped unit to stop? Fill up the network buffer and slow down the game?

Simply swallowing the error and pretending everything is okay is downright irresponsible.

I am not even convinced that invalid commands are always a problem. But I don't need this line of argument.

A malicious person could intentionally spam errors with a widget......

The actual problem here is not reporting errors as a responsible stable testable API should, it's:

• Users don't have a means to update their widgets effectively
• There's no mechanism for a lot of widgets to report bugs etc, most widgets don't have bug trackers or issues, and they don't have version control
• Misbehaving widgets that cause errors are being allowed to run amok.

My suggestion would be to disable a widget should it run into such an issue, it's clearly not working as it should, and who knows what undefined behaviour could be included. THIS will get widgets fixed.

Making the engine shut up when it's given garbage parameters is simply sweeping bugs under the carpet.

If you give a waitress a pile of lego to pay for a bill at a restaurant, should the waitress shut up instead of demanding cash because it would ruin your experience of dining out? I can't even understand why the waitress couldn't accept lego instead of $$, has a restuarant ever been closed because of Lego coinage? But that's not a line of discussion I need.

Malicious diners could continuously hand out small segments of lego blocks to said restaurant in an attack that would utterly ruin dining for all customers in the restaurant.

In terms of all users vs only yourself receiving the error, perhaps the command should never have been sent if it originated in unsynced code.

Otherwise I think the arguments for silencing the engine amount to:

We're getting error messages in our game, shut it up

[FLOZi]

G_F is right.

Surely this can be tied to a logsection that is not default on for players?

[Google_Frog]

Someone spamming any type of command with a widget (valid or not) will quickly come up against:

Warning: Waiting packet limit was reached for Player [packets dropped]

So your particular example is flawed.

It does not even matter how many other things a malicious person can do or how many situations would benefit from the reporting of the invalid commands.

A malicious person could intentionally spam errors with a widget......

I think we are using the word error slightly differently. For me, in this thread, an error is a message that appears in chat. Removing the message would mean that people could no longer spam errors at each other. Sure, they could still send invalid commands but this has never been a problem before.

The issue here is very specific. Players can spam each other with error messages and in the current environment will do so without realizing that they are doing it. Removing the widget which causes the error would require a different implementation of the error message and would be overkill. I am not yet convinced that the current level of sending invalid commands with widgets has any significant performance impact. Removing offending widgets would just make UIs more fragile.

[AF]

I disagree, but Flozis suggestion makes sense

[abma]

Players can spam each other with error messages and in the current environment will do so without realizing that they are doing it.

what prevents players from spamming random messages? some games already (try) to prevent user installed lua widgets.


@all:

can you please calm down, there is very few to discuss on this topic. the loglevel atm is to high, but this message is imo very useful and should be (somehow) visible.

in summary: it should be configureable and still, the widgets causing it should be fixed. the "cost" to send a packet trough net is very high.

[Google_Frog]

The entire issue is around the log level. I like error logging but not at the cost of normal users experience when the problem is so minor and unable to be completely fixed. This is prevented by local widgets. Sure there are games which block user widgets but you should not expect every game to.

Players can spam messages in the chat. The difference is that it is easy to tell who is doing the spamming and it takes deliberate effort to do so. This error message gives no indication of its source. If we suddenly switched to using the development engine then players would assume that the game is at fault.

Even if nothing is done the thread has served its purpose. I now know that I need to block the message even after I fix the commands which are given by the lua that I have control over.

[abma]

I now know that I need to block the message even after I fix the commands which are given by the lua that I have control over.

hu? i don't understand this. why do you add a hack to your code instead of focusing it to fix it for all? this way you have always to touch your code when sth. changed in the engine. your initial post was just the question where does this message come from, which was answered a long time ago.

mantis'ed: http://springrts.com/mantis/view.php?id=4354

[Silentwings]

this message is imo very useful

It's not very useful to game devs because it contains so little information that, for reasons I explained above, it won't be possible to debug anything using the message.

If that mantis is fixed, so as only players who cause the error see the error, then there is some hope of persuading players to find someone who can update whatever non-game widgets they use to handle the new engine behaviour.

[SinbadEV]

What if you softened the "default" message to something meaningful yet less scary like: "Player X tried to issue an invalid command." for other players and "You can't [move|build] there." for the offending player.

[knorke]

instead of focusing it to fix it for all

Because in past it was not a bug. It was imo valid way as also Silentwings and GoogleFrog seem to agree.

http://springrts.com/phpbb/viewtopic.ph ... 78#p555896
(from the quote on)

Then there is the problem of non-mod-included widgets causing the error message. Or an AI causing the error message. Over both things modder has no controll.

bit blabla style:
[quote="AF"]If you give a waitress a pile of lego to pay for a bill at a restaurant, should the waitress shut up instead of demanding cash because it would ruin your experience of dining out?[/quote]To stay with this example:
It is more like you pay the bill with perfectly legal money in correct amount. But then suddendly trouble because because among the money slipped in some old cinema ticket and the restaurant kicks you out for that.
Maybe you should have paid more attention when handing the money? Yes, but your pants only have 2 pockets and it was more convient. It is also not that a big problem that warrants kicking anyone out of restaurant.

[hoijui]

suggestion x:

• "invalid command" message goes to a lower log level or different log section
• some counters/statistics are recorded for all invalid commands given
• at the end of the game, those statistics get logged on the warning log level in the default section

->

• no spam by default
• everyone can see that there were failed commands by default
• ... devs can therefore know whether there is something that should be fixed, and enable the extended logging to find out what/where it is