[Outdated][Bug 1.23] Crash at 0x00FB1F7E


#1

Game crashed:
Exception non gérée à 0x00FB1F7E dans ProductionLine.exe : 0xC0000005 : Violation d’accès lors de la lecture de l’emplacement 0x00000168.

[code]00FB1F70 push ebp
00FB1F71 mov ebp,esp
00FB1F73 push ebx
00FB1F74 mov ebx,dword ptr [ebp+8]
00FB1F77 push esi
00FB1F78 push edi
00FB1F79 mov esi,ecx
00FB1F7B mov ecx,dword ptr [ebp+0Ch]
00FB1F7E mov edi,dword ptr [ebx+10h]
00FB1F81 cmp edi,ecx
00FB1F83 jb 00FB2072
00FB1F89 sub edi,ecx
00FB1F8B cmp dword ptr [ebp+10h],edi
00FB1F8E cmovb edi,dword ptr [ebp+10h]
00FB1F92 cmp esi,ebx
00FB1F94 jne 00FB1FDD
00FB1F96 lea eax,[edi+ecx]
00FB1F99 cmp dword ptr [esi+10h],eax
00FB1F9C jb 00FB207C
00FB1FA2 cmp dword ptr [esi+14h],10h
00FB1FA6 mov dword ptr [esi+10h],eax

	ECX	00000000	
	EBX	00000158	
	EBP	001CF56C	
	ESI	001CF5B0	
	EDI	011000DC	

[/code]

EBX is too small, this point before allocated memory for the application;
EBX is set from a pointer address EBP + 8 bytes, so it’s come from an argument passed to the function (a pointer) where the memory has been corrupted (can be an overflow or an object deallocated and reallocated for something else).

I have attached the snapshoot at the instant of the crash.



#2

Hmmm. I cannot reproduce this, although I have just fixed some seemingly random crashes that could be it. Is it always happening precisely with placing down a research slot like that?


#3

I just reported it when it happenned, for the moment i do not have reproduced it, but by memory i didn’t click to place the research slot, i just hovered it, so maybe it’s not related to reseach slot near expansion.