Server crash when checking timer on deleted object?

Found a bug in UOX3? Or experienced a server crash? Perhaps you've noticed a broken feature? Post the details here!
Post Reply
User avatar
Xuri
Site Admin
Posts: 3704
Joined: Mon Jun 02, 2003 9:11 am
Location: Norway
Has thanked: 48 times
Been thanked: 8 times
Contact:
Contact Xuri

Server crash when checking timer on deleted object?

Post by Xuri »

Caught a server crash after having spawned a whole bunch of orcs who had a script set on them which may have started some timers. Killed all the orcs using the 'KILLALL command, and not long after the server crashed:

Code: Select all

>	UOX3.exe!std::bitset<6>::test(unsigned int _Pos=1)  Line 357 + 0x1e bytes	C++
 	UOX3.exe!UOX::CBaseObject::isDeleted()  Line 1904	C++
 	UOX3.exe!UOX::ValidateObject(const UOX::CBaseObject * toValidate=0x046bb430)  Line 207 + 0x8 bytes	C++
 	UOX3.exe!UOX::checkItem(UOX::CMapRegion * toCheck=0x02c7f3c0, bool checkItems=false, unsigned long nextDecayItems=624286)  Line 1013 + 0x9 bytes	C++
 	UOX3.exe!UOX::CWorldMain::CheckAutoTimers()  Line 1395 + 0x1a bytes	C++
 	UOX3.exe!main(int argc=1, char * * argv=0x002f5070)  Line 2813	C++
 	UOX3.exe!__tmainCRTStartup()  Line 586 + 0x19 bytes	C
 	UOX3.exe!mainCRTStartup()  Line 403	C
The code-bits where it falls over and dies go from

Code: Select all

void checkItem( CMapRegion *toCheck, bool checkItems, UI32 nextDecayItems )
{
	CDataList< CItem * > *regItems = toCheck->GetItemList();
	regItems->Push();
	for( CItem *itemCheck = regItems->First(); !regItems->Finished(); itemCheck = regItems->Next() )
	{
		[color=red]if( !ValidateObject( itemCheck ) || itemCheck->isFree() )[/color]
			continue;
to

Code: Select all

inline bool ValidateObject( const CBaseObject *toValidate )
{
	bool rvalue = true;
	try
	{
		if( toValidate == NULL )
			rvalue = false;
		[color=red]else if( toValidate->isDeleted() )[/color]
			rvalue = false;
through

Code: Select all

bool CBaseObject::isDeleted( void ) const
{
	return objSettings.test( BIT_DELETED );
[color=red]}[/color]
at which point the server crashes and takes us to:

Code: Select all

	bool test(size_t _Pos) const
		{	// test if bit at _Pos is set
		if (_Bits <= _Pos)
			_Xran();	// _Pos off end
		return ((_Array[_Pos / _Bitsperword]
			[color=red]& ((_Ty)1 << _Pos % _Bitsperword)) != 0);[/color]
		}
(The latter code-snippet coming from some "bitset" file in a MS Visual Studio folder?)
-= Ho Eyo He Hum =-
Top
Post Reply

Return to “Bugs & Errors”