Opened 5 years ago

Closed 5 years ago

#1803 closed bug (fixed (in master))

Random crash when going up (monster list subwindow)

Reported by: PowerWyrm Owned by: molybdenum
Milestone: 3.5.0 Keywords: blocker
Cc:

Description

This is very hard to reproduce. Logging the error message, I got something like "access violation at 0x459390". This seems to happen on line 250 in mon-util.c (display_monlist) which is:

v = &list[m_ptr->race->ridx];

Looking at the code, this is the only place in a "for (i = 1; i < cave_monster_max(cave); i++)" loop that there's no check for m_ptr->race ("skip dead monsters"). I presume this is the cause of the crash: m_ptr->race is null. Should be easy to fix.

Change History (8)

comment:1 Changed 5 years ago by molybdenum

This is no longer relevant due to the new monster list code (commit f23c0f777f3d).

comment:2 Changed 5 years ago by PowerWyrm

Well, the crash won't happen, but instead you'll get an empty entry (NULL race) with all other info set... which will be used for the next live monster. So you'll get count incremented and so on. This happens in really rare circumstances and nobody would probably notice the off-by-one monster count, but I guess adding a check wouldn't hurt...

comment:3 Changed 5 years ago by molybdenum

  • Owner set to molybdenum
  • Status changed from new to assigned

comment:4 Changed 5 years ago by takkaria

  • Milestone changed from Triage to 3.5.0

Moving to 3.5 because open bugs.

comment:5 Changed 5 years ago by takkaria

  • Resolution set to fixed (in master)
  • Status changed from assigned to closed

comment:6 Changed 5 years ago by PowerWyrm

  • Resolution fixed (in master) deleted
  • Status changed from closed to reopened

The fix incorrectly wipes the "count" and "asleep" arrays using WIPE, which works with structures. The best way is probably to wipe the whole entry here:

if (list->entries[j].race == NULL)
{
	/* We found an empty slot, so add this race here. */
	entry = &list->entries[j];
	WIPE(entry, monster_list_entry_t);
	entry->race = monster->race;
	break;
}

comment:7 Changed 5 years ago by takkaria

  • Keywords blocker added

comment:8 Changed 5 years ago by takkaria

  • Resolution set to fixed (in master)
  • Status changed from reopened to closed

Fixed, finally, in 72e7da2

Note: See TracTickets for help on using tickets.