The Mana World Forums

A TMWA dev recently raised the concern that some GM commands in TMWA might have bugs that are serious enough to crash the server itself.

The command in question was @storage. Devs then investigated the code and determined that it doesn't have the ability to crash a TMWA server, but of course that leaves the question of what other commands are safe.

On the main server, @storage was identified as a high risk command because it is so restricted (GM 80 or higher). One suggestion was that admins ask the code developers before using any GM commands that have not been "approved." I think it's better to proactively identify such catastrophic bugs so that admins of all servers can make informed decisions about what to use and permit on their servers.

The following are the commands I find that are GM 80 or higher on the main server.

setmagic
magicinfo
option
zeny
charzeny
charoption
addwarp
day
doom
doommap
night
recallall
raisemap
raise
enablenpc
disablenpc
npcmove
skillon
skilloff
lostskill
idsearch
item
produce
dropall
gvgon
gpvpon
gvgoff
gpvpoff
questskill
ignorelist
charignorelist
gstorage
effect
charmodel
agitstart
agitend
guildlvl
guild
party
guildrecall
partyrecall
guildspy
partyspy
memo
charmountpeco
disguise
undisguise
chardisguise
charundisguise
charitemlist
charstoragelist
charcartlist
charquestskill
charlostskill
model
mountpeco
kami
kamib
kickall /safe
mapexit /safe
gat
packet
mapinfo
reloaditemdb
reloadmobdb
reloadskilldb
reloadscript
reloadgmdb
storage /safe

That's the list from the server config file. Some of those commands were removed in the recent code update/rewrite. I did not cross-reference with the release notes for that, so some of the above commands can probably be marked as deleted or something. Likewise, if commands were added in the code but not to this server config, I will have missed them too.


TMWA code devs declared the following commands are safe enough to use:
Safe
@kickall
@mapexit
@storage



Note that I am not requesting that we audit the entire codebase, merely that if a GM command has the ability to "crash the server" then that should be identified, documented, and tracked.

Ooh, good catch that the main server's local config file is outdated. The server is *supposed* to just symlink directly to the example file (which, by definition, is what the main server uses), but that's obviously not the case.

I would have replaced the atcommand_local.conf file with the symlink just now, but 'diff' tells me that it is still overriding atcommand_athena.conf (which is now supposed to contain all of the commands except @gm); the relevant changes should be merged into the content repo for the next restart.

It's not worth going into details about individual commands until we're going against the *actual* list.

Edit: oh, and it's hardly fair to categorize the concerns as recent. I've been bringing it up for the last several months, and only repeating what I heard when I started dev'ing years ago.

o11c wrote:It's not worth going into details about individual commands until we're going against the *actual* list.

The wiki has a list of GM commands: https://wiki.themanaworld.org/index.php/GM_Commands
It doesn't seem to have been updated. Where can we find a list of GM commands at this point in your rewrite?

If you are aware of GM commands that can "crash the server," then we don't even need a comprehensive list to start the discussion.

When using an "oddball" GM command it's *always* been adviseable to test it on a local/development server first. Even before the rewrite many of them were quite broken.

Not saying documenting the broken ones is a bad idea though!

Lets see. From a cursory examination:

The following unmarked commands are technically safe and intuitive or have in the past been technically safe and intuitive:

magicinfo
zeny
charzeny
doom
doommap
recallall
raisemap
raise
enablenpc
disablenpc
dropall
charitemlist
charstoragelist
item
kami

The following unmarked commands are technically safe if you know what you are doing, or have in the past been technically safe if you know what you are doing. For instance, @packet doesn't actually have anything to do with packets, though it is useful for testing status change visuals.

charoption
option
setmagic
npcmove
packet

All others should be considered unaudited (not that all of the above should be considered audited) and causing undefined behaviour, unless specific investigation shows otherwise. Undefined behaviour may include but is not limited to crashing the server. For instance, I conjecture that some, until recently, lingering, issues with database corruption were remnants from the inadvertent use of @produce years ago, back when it was an @60 command for some inexplicable reason.

The following unmarked commands are ones that I would be particularly unsure of, but this should in no way taken to mean that others are safe:

skillon
skilloff
lostskill
gvgon
gpvpon
gvgoff
gpvpoff
questskill
ignorelist
charignorelist
gstorage
charmodel
agitstart
agitend
guildlvl
guildspy
partyspy
memo
charmountpeco
disguise
undisguise
chardisguise
charundisguise
charcartlist
charquestskill
charlostskill
model
mountpeco
reloaditemdb
reloadmobdb
reloadskilldb
reloadscript
reloadgmdb

For instance, in the past, the disguise family of functions have been known to cause major client issues, and the reload family of functions have been known to duplicate entities without removing the old ones.


---Freeyorp

Freeyorp101 wrote: enablenpc
disablenpc

Caveat: these may mess up quest state, so they should not be used lightly.
But generally, if they're used, it's to prevent a *major* mess up of quest state.

Freeyorp wrote: charmodel
model

These should also be safe, although the 3rd argument does not work the way it's meant to.