CTD while running macro

[Avanos]

While running robdawg's hunter.mac, it will run for a variable length of time, then crash. Treid with another, simpler macro with no troubles. The info (first time posting crash info, so if I need to include more, please tell me):

First-chance exception at 0x77f67f26 in eqgame.exe: 0xC0000005: Access violation writing location 0xc0884000.

Some of the assembly:
03045789 mov ecx,dword ptr [ebp+1D0h]
0304578F mov eax,dword ptr [ebp-4Ch]
03045792 pop ebx
03045793 call __security_check_cookie (3048AAAh)
03045798 add ebp,1D4h <------Arrow was on this line
0304579E leave
0304579F ret

Call stack:

ntdll.dll!77f67f26()
ntdll.dll!77f516f5()
ntdll.dll!77f517cd()
ntdll.dll!77f5180b()
MQ2Main.dll!_cftof(double * pvalue=0x0012ab04, char * buf=0x0012ab4c, int ndec=2) + 0x51 C
MQ2Main.dll!_cfltcvt(double * arg=0x00000000, char * buffer=0xfffffff9, int format=320, int precision=50616137, int caps=0) + 0x23 C
c0884000()
> MQ2Main.dll!_output(_iobuf * stream=0x312d2828, const char * format=0x3d3d3231, char * argptr=0x3534312d) Line 1070 + 0xf C
MQ2Main.dll!Calculate(char * szFormula=0x01490000, double & Result=) Line 3538 + 0x19 C++
MQ2Main.dll!NewIf(EQData::_SPAWNINFO * pChar=0x01490000, char * szLine=0x00000000) Line 794 + 0x17 C++
MQ2Main.dll!HideDoCommand(EQData::_SPAWNINFO * pChar=0x01490000, char * szLine=0x00000000, int delayed=56) Line 119 + 0x16 C++
MQ2Main.dll!DoNextCommand() Line 57 C++
MQ2Main.dll!Heartbeat() Line 291 + 0x5 C++
MQ2Main.dll!Detour_ProcessGameEvents() Line 306 C++
eqgame.exe!004aeff0()

[Lax]

ack. probably a malformed calculation in the macro somewhere.
I figured I'd let people learn the hard way for now

I'll put in protection for the next update

[Avanos]

Different trace this time, same macro, same results:

assembly:
03040BE0 push esi
03040BE1 push 0
03040BE3 push dword ptr [__crtheap (30901CCh)]
03040BE9 call dword ptr [__imp__HeapFree@12 (3057084h)]
}
}
03040BEF call __SEH_epilog (3044DEFh) <------
03040BF4 ret

Call Stack:
ntdll.dll!77f5215c()
ntdll.dll!77f51fbf()
ntdll.dll!77f5168d()
ntdll.dll!77f51fbf()
ntdll.dll!77f52083()
ntdll.dll!77f5168d()
> MQ2Main.dll!free(void * pBlock=0x2083dd98) Line 103 C
MQ2Main.dll!std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::_Erase(std::_Tree_nod<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::_Node * _Rootnode=0x2083dd98) Line 896 + 0x6 C++
MQ2Main.dll!std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::_Erase(std::_Tree_nod<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::_Node * _Rootnode=0x0171e728) Line 894 C++
MQ2Main.dll!std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::erase(std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::iterator _First={...}, std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> >,0> >::iterator _Last={...}) Line 753 + 0xb C++
MQ2Main.dll!std::map<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> > >::~map<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,unsigned long,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,unsigned long> > >() + 0x17 C++
MQ2Main.dll!doexit(int code=0, int quick=0, int retcaller=1) Line 376 C
MQ2Main.dll!_cexit() Line 318 + 0xb C
MQ2Main.dll!_CRT_INIT(void * hDllHandle=0x03000000, unsigned long dwReason=0, void * lpreserved=0x00000001) Line 198 C
MQ2Main.dll!_DllMainCRTStartup(void * hDllHandle=0x03000000, unsigned long dwReason=0, void * lpreserved=0x00000001) Line 312 + 0xa C
ntdll.dll!77f7e3aa()
ntdll.dll!77f6b1c6()
ntdll.dll!77f539cc()
kernel32.dll!77e75c84()
ntdll.dll!77f5168d()
eqgame.exe!005b63d4()
ntdll.dll!77f5168d()
eqgame.exe!005b63d4()
eqgame.exe!005b63d9()
kernel32.dll!77e75cc7()
eqgame.exe!005b7c84()
eqgame.exe!005b7dc3()
ntdll.dll!77f5108f()
eqgame.exe!005b7de9()
eqgame.exe!004cab2d()

Last few lines of spew:

[MQ2]CSidlScreenWnd::GetChildItem(DoneButton). pWnd=0x2F56C448
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x2F56C808
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]CXWnd::GetChildItem(DoneButton). pWnd=0x00000000
[MQ2]GetChildItem() Got pXMLData
[MQ2]PulsePlugins()
First-chance exception at 0x77f5215c in eqgame.exe: 0xC0000005: Access violation writing location 0x00000000.

[Avanos]

addition to the above: this is the code block in free.c showing in the debugger:

#ifdef _MT
}
__finally {
_munlock(_HEAP_LOCK );
}
#endif /* _MT */

if (pmap == NULL)
HeapFree(_crtheap, 0, pBlock);
}
#endif /* CRTDLL */
else // __active_heap == __SYSTEM_HEAP
#endif /* _WIN64 */
{
HeapFree(_crtheap, 0, pBlock);
}
} <------ arrow on this line

[Rusty~]

not sure what ya mean by malformed calculation in the macro, but i have a macro i always have running that used to work perfectly, and most of it still does, but now it crashes when i do certain things, and im sure there's no problems in my if statements cause it was all working before just how i wanted it to.

[Lax]

good job being generic rusty, that'll get it fixed
avanos are you using a custom plugin? ....

[Avanos]

Nope, only the plugins that come with MQ2 by default. I've confirmed that it has something to do with calc ; per a suggestion in another thread, I recompiled MQ2 after uncommenting ActualCal, and commenting out FastCalc, and it runs smoothly again. I'm not sure where in hunter.mac these calcs are being done improperly. It just increments a few counters and generates two random numbers, nothing horribly complex.

[Avanos]

I recompiled with DebugSpew added into FastCalc and this is what I got when I crashed:

[MQ2]FastCalculate((10>13))
[MQ2]FastCalculate((10<13&&10>11))
[MQ2]FastCalculate((10<9))
[MQ2]FastCalculate((!14))
[MQ2]FastCalculate((10>13))
First-chance exception at 0x03024fcf (MQ2Main.dll) in eqgame.exe: 0xC0000005: Access violation writing location 0x00000000.

Those calcs are done in this sub in hunter.mac:

Code: Select all

Sub MoveToMob

   /varset RV_MyXLOC ${Int[${Me.X}]}
   /varset RV_MyYLOC ${Int[${Me.Y}]}
   /declare RV_DistanceTimer timer 15
   
   
   
   :MovementLoop

   /if ((!${RV_Fighting})&&(!${RV_TargetDead})&&(${Target.PctHPs}<100)) {
      /echo Mob not at full health, picking another...
      /varset RV_InvalidTargetID ${Target.ID}
      /varset RV_HasTarget 0
      /call ResetSub
      /return
   }

   /if (${Target.ID}) {
      /face fast
   }
   /if (${Int[${Target.Distance}]}>${RV_FastRange}) {
      /keypress forward hold
   }
   /if (${Int[${Target.Distance}]}<${RV_FastRange}&&${Int[${Target.Distance}]}>${RV_RangeMax}) {
      /keypress forward
   }
   /if (${Int[${Target.Distance}]}<${RV_RangeMin}) {
      /keypress back
   }
   /if (!${RV_DistanceTimer}) {
      /if ((${RV_MyXLOC}==${Int[${Me.X}]})&&(${RV_MyYLOC}==${Int[${Me.Y}]})) /call HitObstacle
      /varset RV_MyXLOC ${Int[${Me.X}]}
      /varset RV_MyYLOC ${Int[${Me.Y}]}
      /varset RV_DistanceTimer 15
      /goto :Movementloop
   }
   /if (${Int[${Target.Distance}]}>${RV_FastRange}) /goto :MovementLoop

/return

That last 10>13 calc should have been the macro breaking out of the movement loop and returning. Would the problem have been in something at the spot after the return, or in that sub?