Mirror of https://dl.dropboxusercontent.com/u/733696/BW_CrashList.txt

BW_CrashList.txt

Terms: Extended unit: A unit with a type ID that is out of bounds.
       Extended player: A unit owned by a player ID that is out of bounds. Most commonly used by some maps to induce an exploit that increases the speed of the game.

Notes: All of these can be reproduced, with the possible exception of extended units and players (IDs were not recorded, sorry).
       This is for the 1.16.1 version of Starcraft: Broodwar

0x00401D44
    Caused by: Mass of 1700 units all splash-damaging each other?
    Crashes when: Retrieving the Unit Type for an invalid Unit Class.

0x0040449B
    Caused by: Placing extended unit.

0x00404500
    Caused by: Placing extended unit, or giving a unit that is hatching to another player.

0x0040452B
    Caused by: Placing extended unit.

0x00409188
    Caused by: Unit's hit box is partially outside of the map boundry.
    Crashes when: memcpy reads/writes to an invalid memory location.

0x0040AC21 (pal0_0)
0x0040B609 (pal9_0)
0x0040B74C (pal10_0)
    Caused by: Displaying an invalid graphic. Functions pal_0_0 to pal_17_0.
    Fix: Limit playframe iscript opcode to the maximum number of frames in the GRP.

0x0040ABCA (pal0_0)
    Caused by: Using overflow/invalid drawing function (images.dat)

0x0040BD1D
    Caused by: Placing extended unit.

0x0040B68C (pal9_0)
    Caused by: Using overflow/invalid remapping data (images.dat)

0x0040B6B7 (pal9_0)
    Caused by: Set doodad state on protoss buildings under construction.

0x0040C119 (imageRender10_1)
    Caused by: Possibly extended unit or doodad state.
    Crashes when: Unknown, invalid pointer.

0x0040E622
    Caused by: Showing an invalid portrait (flag portrait, show portrait trigger).
    Crashes when: Unknown. Located somewhere in __vsnprintf's __output function. Something to do with getting the string for the smk file?

0x00419DF2
    Caused by: Non-standard sized maps. Fault address usually 0x00000000.
    Crashes when: Minimap update function is NULL.
    Fix: When the minimap is initialized, set the default case to a 256-size map, or give it a special case.

0x0041D800
    Caused by: Scrolling vertically off the edge of the minimap (in a map smaller than the screen size).

0x0042BD4D
    Caused by: Small-sized map.
    Crashes when: Unknown. AI Path Creation.

0x00430B93
    Caused by: Storming a mass of ~1600 protoss units in one space.

0x004344A3
    Crashes when: Unknown. Retrieving a sprite pointer from a unit pointer. Related to purchasing something (Ore/Gas referenced). Same comments as below.

0x004344B4
    Crashes when: Unknown. Retrieving a unit pointer from an unknown structure (For building or upgrading). Strong possibility of being AI related. Same comments as above.

0x0043AE98
    Caused by: Plaguing a mass of ~1600 protoss units in one space.

0x0045925C
    Caused by: Selecting an extended unit (using flingy #255).
    Crashes when: Attempt to retrieve invalid/NULL sprite pointer.

0x00460071
    Caused by: Score(Custom) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046007C
    Caused by: Score(Units) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460087
    Caused by: Score(Buildings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460092
    Caused by: Score(Units And Buildings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x004600A4
    Caused by: Score(Kills) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x004600AF
    Caused by: Score(Razings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x004600BA
    Caused by: Score(Kills And Razings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x004600CC
    Caused by: Score(Total) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460417
    Caused by: Deaths(Any Unit) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460428
    Caused by: Deaths(Men) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460432
    Caused by: Deaths(Buildings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046043C
    Caused by: Deaths(Factories) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046044C
    Caused by: Deaths(Specific Unit) condition with extended player/unit ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460537
    Caused by: Kills(Any Unit) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460548
    Caused by: Kills(Men) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x00460552
    Caused by: Kills(Buildings) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046055C
    Caused by: Kills(Factories) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046056C
    Caused by: Kills(Specific Unit) condition with extended player/unit ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x004605E7
    Caused by: Accumulate(Ore and Gas) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.
    
0x00460662
    Caused by: Accumulate(Gas) condition with extended player ID. (reading invalid block of memory)
    Fix: Limit possible values.

0x0046066B
    Caused by: Accumulate(Ore) condition with extended player ID. (Reading invalid block of memory)
    Fix: Limit possible values.

0x00460768
    Caused by: Bring/Command(Any Unit) condition with extended player ID. (Reading invalid block of memory)
    Fix: Limit possible values.
    
0x0046077A
    Caused by: Bring/Command(Men) condition with extended player ID. (Reading invalid block of memory)
    Fix: Limit possible values.

0x00460785
    Caused by: Bring/Command(Buildings) condition with extended player ID. (Reading invalid block of memory)
    Fix: Limit possible values.

0x00460790
    Caused by: Bring/Command(Factories) condition with extended player ID. (Reading invalid block of memory)
    Fix: Limit possible values.

0x004607A1
    Caused by: Bring/Command(Specific Unit) condition with extended player/unit ID. (Reading invalid block of memory)
    Fix: Limit possible values.

0x004629DC
    Caused by: Extended player

0x00466A2A
    Caused by: Selecting a unit with an active production bar with a build time of 0.
    Crashes when: Divided by 0.
    Fix: Create a case for when the denominator value is 0.

0x00468F31
    Caused by: Placing extended unit.
    Crashes when: Unknown. Subunit Guard order.

0x00468F44
    Caused by: Placing extended unit.

0x0046A8EE
    Caused by: Placing extended unit.
    Crashes when: Unit references a sprite that doesn't exist.

0x0046CFA0
    Caused by: Briefing action referencing an invalid portrait number.

0x00472EE6
    Caused by: Placing extended unit.
    Crashes when: Unknown. Something with the mask(fog) handle.

0x00477438
    Caused by: Subunit parameter set on a non-subunit.

0x004777F3
    Caused by: Placing a subunit with no main unit.
    Crashes when: "Turret Guard" attempts to retrieve the parent unit.
    Fix: Create a case for parent units that are NULL.

0x004796F7
    Caused by: Loading a game with stacked ~1600 corsairs next to 100 valkyrie.
    Crashes when: A bad reference to a Unit in "getAllUnitsInBounds"/"unitFinder" is created.
    
0x0047A834 (pal11_0)
    Caused by: Images drawing properties set to Unknown11

0x0047A8C6 (pal11_0)
    Caused by: Selecting a unit with a positive hp over a negative hp (default/-1000).

0x0047B0D1      
    Caused by: Minimap preview when a unit is placed in the no-build zone on a map (under HUD at the bottom).
    Crashes when: Map attempts to retrieve the unit name string for unit placement error. Strings are not loaded.
    Fix: Ignore all unit placement errors until after map starts.

0x0047DCCF
    Caused by: Unknown; creep related on non-standard map with extremely tiny dimension (5 x 64)

0x00480133
    Caused by: Unit sight range > 11 (Ground unit, map edge)
    Note: Unit sight ranges have a fixed array with additional allocated values. A callback exists each for ground, air, inside map, and edge of map.
    Crashes when: The pointer reference was out of bounds and had no allocated data.
    Fix: Ignore sight ranges > 11

0x00480166
    Caused by: Extended unit ID.
    Crashes when: A buffer overflow involving a reference to the Fog Mask array. Origin of the index corruption is unknown.

0x00480220
    Caused by: Unit sight range > 11 (Ground unit, inside)
    Note: Unit sight ranges have a fixed array with additional allocated values. A callback exists each for ground, air, inside map, and edge of map.
    Crashes when: The pointer reference was out of bounds and had no allocated data.
    Fix: Ignore sight ranges > 11

// Expecting an extended unit crash here (same function as the above)
    
0x004802D0
    Caused by: Unit sight range > 11 (Air unit, map edge)
    Note: Unit sight ranges have a fixed array with additional allocated values. A callback exists each for ground, air, inside map, and edge of map.
    Crashes when: The pointer reference was out of bounds and had no allocated data.
    Fix: Ignore sight ranges > 11

0x004802F6
    Caused by: Extended unit ID.
    Crashes when: A buffer overflow involving a reference to the Fog Mask array. Origin of the index corruption is unknown.

0x00480329
    Caused by: Unit sight range > 11 (Air unit, inside)
    Note: Unit sight ranges have a fixed array with additional allocated values. A callback exists each for ground, air, inside map, and edge of map.
    Crashes when: The pointer reference was out of bounds and had no allocated data.
    Fix: Ignore sight ranges > 11

// Expecting an extended unit crash here (same function as the above)

0x00483190
    Caused by: Unknown in AI path creation. Terrain-related.
    Crashes when: A bad pointer is generated from a region's list of neighbors.
    
0x00484538
    Caused by: Using the middle mouse button (move the screen) on a map with a width of 20 (exactly one screen).
    Crashes when: Divide by 0.
    Fix: Create a case for when the denominator value is 0.

0x004865F2
    Caused by: Corrupted replay.
    Crashes when: Retrieving the first byte of a frame buffer that doesn't exist.

0x00488633
    Caused by: A 0x0 map.
    Fix: Just don't use it.

0x00488C35
    Caused by: Placement of High index Extended unit. (increments unit scores)
    Crashes when: Adding to the unit count overflows beyond the Starcraft module's memory bounds.
    Fix: Create a special/default case.

0x00497A10
    Caused by: SCV weapon behaviour made to fly to target.
    Crashes when: Attempts to set the target for a subunit that doesn't exist. (Really? Looks like a bad sprite reference to me)

0x00498277
    Caused by: 2 units in 1 egg property set for non-standard unit.
    Crashes when: References invalid "imagesLandingDustOverlay" graphic pointer.
    Fix: Check for NULL graphic pointers.

0x004A05BF
    Caused by: Extended player
    
0x004A4294
    Caused by: Unknown extended player (Terrain palette modification).

0x004A4B23
    Crashes when: Using an invalid sprite pointer from a unit. (Note that the unit is NOT a subunit, a trap, a disruption web, or a dark swarm)

0x004BBB2B
    Caused by: Invalid SFX id for unit.

0x004BCD1D
    Caused by: Setting a human player's race to invalid.
    Fix: Create a default case for player's race.

0x004BCEF8
    Caused by: Loading an invalid map tile.
    Fix: Create a default case for map tiles.

0x004BDB81
    Caused by: Unknown, minimap related (possibly reported as wrong version)

0x004CD125
    Caused by: A map height of 1.

0x004CD1A5
    Caused by: Larger MTXM section for smaller map.

0x004CE1C4
    Caused by: A corrupted section that is only invalid after the map start. For example: MRGN section size is 64 locations in a Broodwar scenario, or map is larger than 256x256

0x004D4DB3
    Caused by: Extended unit/animation. Deals with GRP display. Protoss overlay related?

0x004D57D3
    Caused by: Placing extended unitID.
    Crashes when: Attempting to access a missing GRP file.

0x004D57DD
    Caused by: Yet another extended unit + weird order combo.

0x004D57EE
    Caused by: Carrier/Reaver using "Train Unit" for an interceptor/scarab instead of "Train Fighter", or invalid unit running Spider Mine script.
    Crashes when: Invalid anim is executed, iscript.
  
0x004D5A57
    Caused by: Placing extended unitID, or bad image script. Common if orders array is maxed out.
    Crashes when: order executed? Some iscript opcode case.

0x004D5A67
    Caused by: Placing extended unitID, or bad image script. Common if orders array is maxed out.
    Crashes when: order executed? Some iscript opcode case.

0x004D7B39
    Caused By: ???
    Crashes when: iscript's creategasoverlays uses a bad unit pointer to determine which overlay to use.
    Fix:  Ignore the opcode when the unit pointer is NULL.

0x004D7DF5
    Caused by: Placing sprites that crash (White Circle, Psionic Storm, etc).
    Crashes when: iscript's sigorder opcode attempts to signal a main unit. However, the sprite is independant.
    Fix: When graphic has no unit attached, then ignore this op.

0x004D7E8A
    Caused by: Extended unit (again).
    Crashes when: Something about iscript's turncwise opcode (0x20).

0x004D7F84
    Caused by: Placing sprites that crash (Battlecruiser bullet, missiles, etc).
    Crashes when: iscript's trgtrangecondjmp opcode attempts to retrieve the weapon target. However, the sprite is independant.
    Fix: When sprite has no weapon data, then ignore this op.

0x004DD66E
    Caused by: Missing object for a BIN Dialog.

0x004D933E
    Caused by: Replay speed crash hack.
    Crashes when: Game speed modifier is 0. Divide by 0.
    Fix: Create a case for when denominator value is 0.
    
0x004E60CB
    Caused by: Building fire/blood overlay graphic when building HP is 0.
    Crashes when: Divided by 0.
    Fix: Create a case for when the denominator value is 0.

0x004E6156
    Caused by: Some extended units.
    Crashes when: Attempting to access an invalid shield overlay pointer.
    Fix: Create a Default for the index that grabs the shield overlay.

0x004EBA12
    Caused by: Killing a worker holding a blank unit as a powerup.
    Crashes when: Null unit's sprite pointer is referenced. (Sprite pointer is 0.)
    Fix: Create conditions for sprite pointer of 0.

0x004EC32F
    Caused by: Placing an extended unit.
    Crashes when: Accessing a bad sprite pointer.
    Fix: Case for NULL sprite pointer.

0x004ECF85
    Caused by: Unknown Extended player overflow
    Crashes when: Attempt to reference invalid sprite entry for a subunit.
    Fix: Create a case for bad Sprite pointer