Running in debug mode under MSVC 6.
Bug description: Seemingly random crashes that occur after reloading javasripts that have been used (player uses a javascripted object, for instance).
To reproduce (with some luck): Add an archery-butte ('ADD 0x100a), set it to TYPE 203 to workaround the hardcoded range-check, equip a bow, add some arrows to your backpack, then stand 5-6 tiles directly infront of the archery-butte and fire away a few times, also occationally go over and pull out the arrows & reset the score
Now reload the archerybutte.js script either directly using the command (if you're using a GM character) or press * then 8 in console. With luck, it should now crash and burn.Info available in MSVC after the crash:
Disassembly:
7C901230 int 3
Debug window:
HEAP[UOX3.exe]: Invalid Address specified to RtlFreeHeap( 00370000, 178219D9 )
Callstack:
Code: Select all
NTDLL! 7c901230()
NTDLL! 7c96cd80()
NTDLL! 7c96df66()
NTDLL! 7c94a5d0()
NTDLL! 7c9268ad()
MSVCRT! 77c2c2de()
JS32! 100533c7()
0824448b()
12000a00()
05000004()Code: Select all
UOX::CConsole::cl_getch() line 787 + 7 bytes
UOX::CConsole::Poll() line 830 + 8 bytes
UOX::CheckConsoleKeyThread(void * 0x00000000) line 252
_threadstart(void * 0x022bbd00) line 187 + 13 bytes
KERNEL32! 7c80b683()787: if( !cluox_io )
0046E5AC xor eax,eax
0046E5AE mov al,[UOX::cluox_io (0084f144)]
0046E5B3 test eax,eax
0046E5B5 jne UOX::CConsole::cl_getch+34h (0046e5d4)
788: {
789: // uox is not wrapped simply use the kbhit routine