Server Fails
Ok so here we see some events logged at the server, normally it happens just after a given map loads;
Faulting application Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, faulting module Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, exception code 0xc0000005, fault offset 0x002f8c20, process id 0x7dc, application start time 0x01db9186a1401f01.
Faulting application Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, faulting module Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, exception code 0xc0000005, fault offset 0x002f93d1, process id 0x72c, application start time 0x01db98397afec123.
Faulting application Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, faulting module Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, exception code 0xc0000005, fault offset 0x002f93d1, process id 0x774, application start time 0x01db9c251c0d6af0.
Faulting application Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, faulting module Tribes2.exe, version 0.25034.0.0, time stamp 0x3dc05b85, exception code 0xc0000005, fault offset 0x002f8c20, process id 0x2b0, application start time 0x01db9b8d21815660.
I note the same timestamp (0x3dc05b85) is given for each event, but the events are from different days. Dunno if the stamp's legit or if something external to T2 is causing the issue at the server. The same two offsets are blamed in each event, also. I didn't bother going any further back to see if there were other offsets.
Any input appreciated.
Comments
These two memory offsets indicate string formatting errors with inaccessible data. It'd be difficult to narrow it down further without the stack, but it's almost certainly going to be a script lexer issue; there's an outside chance something is causing a buffer overflow, but most likely a script is trying to process an uninitialized local variable or referencing data that has been deleted internally.
Does this occur on specific maps, specific game modes, specific mods? With a map it might be possible an expected format isn't being followed (although I can't think of anything offhand that should lead to this error over others), but I'd otherwise suggest reviewing scripts that run at the point of load – and, keep in mind, .mis files themselves are processed by the script engine at load as well.
Thanks for the response, I on occasion see errors in console such as "ai objectives.cs unable to find object xxxxxx attempting to call function weight" and etc, almost all errors seen have something to do with ai. Not every map however has the above error messages, and the map I recall most crashing after load is Wonderland, of course with bots.
It's possible they're related, because the AI systems would need to access data such as objectives on map loads, and because it means the person who wrote the scripts wasn't too worried about playing it safe using isObject checks, but as a general rule the script engine's very forgiving about missing objects in most scenarios, and as long as it's outputting console errors/warnings... it's at least still running.
AI script crashes could be tricky though, lots of guesswork to track down if there's not an easily observable cause, and if it's happening after the bots are already moving they could conceivably trigger something else entirely depending on the mod. If the same console error were seen before every crash, it'd be the best starting point for walking forward and backward through what's expected to happen.
If you're able to find any way to consistently reproduce the crash, I'd love to see how so I can check it locally on my end.
Next time it freaks out will post the server logs if I can remember to. For whatever reason it's usually either at map load or shortly after map load and play has begun - this happened to me yesterday say 30 secs after mission start. It hardly ever just crashes in the middle of a match, can't recall the last time it did that.
A fabulous new fail!
This was during a siege bout it seems.
fault offset 0x002ff34b
exception 0xc0000005
Hmm, unfortunately that one's not something that'll likely lead to any answers/fixes, as that offset puts you smack in the middle of the exception handler itself, specifically in building the message for the error popup dialog. Could be hitting something that corrupted the stack, but it's anyone's guess where...
Might this be the cause?
//Disable UE box on crash
//Used if a clean crash is desired
memPatch("7dc7fc","90");
Not of the initial exception, but it's likely that causes further issues inside the exception handler, yes.
0x7DC7FC gets filled with a pointer to the imported MessageBoxA symbol, and writing 90 in that location would cause the game to attempt to call that pointer with one byte changed to another offset, which would result in undefined behaviour and in most cases ultimately just... crash. Which, sure, it's crashing anyways, but this is more the throwing a marble on the stairs and letting the process break its neck on the way down approach than a clean shutdown.
While it'd be possible to write some other behaviour there instead, the quickest way to do disable that popup while the game is running would be to NOP the call itself with something like:
memPatch("6FF376", "909090909090");