Page 1 of 1
WS_ExamineSpellInfo crash
Posted: Sat Nov 03, 2012 9:40 am
by John Adams
First, ANAL doesn't support Substructs yet - so this bug COULD be a by-product of how I'm hacking it to work by combining all substructs into a new, single struct so ANAL can still display the data - which works 99% of the time. In this one case, something is blowing up and wanted to bug it in case it's a valid crash. Now that I have explained myself to death, here's the crash
Normal WS_SpellInfo packets are larger than this, so it's likely the fact ANAL is picking this packet up and trying to display it as a full spell packet, when it's not. I don't know what it is, in fact...
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
10/28/2012 02:46:44
69.174.200.157 -> 192.168.1.65
0000: 00 3A 1F 00 00 00 FF 7A 02 01 00 00 00 00 FE 3F .:.....z.......?
0010: 05 66 C4 00 00 46 00 00 00 01 00 00 00 00 00 00 .f...F..........
0020 00 00 00 00 00 .....
Crash is:
System.IndexOutOfRangeException: Index was outside the bounds of the array.
at EQ2PacketAnalyzer.DataStruct.LoadData(Byte[] bytes, Int32& index, DataStruct ds_array_size) in D:\dev\eq2\eq2tools\trunk\DevTools\PacketAnalyzer\PacketAnalyzer\Packets\DataStruct.cs:line 510
at EQ2PacketAnalyzer.DataStruct.LoadData(Byte[] bytes, Int32& index) in D:\dev\eq2\eq2tools\trunk\DevTools\PacketAnalyzer\PacketAnalyzer\Packets\DataStruct.cs:line 690
at EQ2PacketAnalyzer.PacketStruct.LoadData(Byte[] bytes, Int32 index) in D:\dev\eq2\eq2tools\trunk\DevTools\PacketAnalyzer\PacketAnalyzer\Packets\PacketStruct.cs:line 590
at EQ2PacketAnalyzer.Main.LoadPacketStruct(TreeNode node) in D:\dev\eq2\eq2tools\trunk\DevTools\PacketAnalyzer\PacketAnalyzer\Main.cs:line 415
at EQ2PacketAnalyzer.Main.treeView_opcodes_AfterSelect(Object sender, TreeViewEventArgs e) in D:\dev\eq2\eq2tools\trunk\DevTools\PacketAnalyzer\PacketAnalyzer\Main.cs:line 383
at System.Windows.Forms.TreeView.OnAfterSelect(TreeViewEventArgs e)
at System.Windows.Forms.TreeView.TvnSelected(NMTREEVIEW* nmtv)
at System.Windows.Forms.TreeView.WmNotify(Message& m)
at System.Windows.Forms.TreeView.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
This happens only on select packets in the OP_ClientCmdMsg::OP_EqExamineInfoCmd tree, in the 1191\Court of Al Afaz.log. The ANAL-formatted struct you need is this:
WorldStructsANAL.zip
I can explain more why the structs need to be mashed together for ANAL if needed.
PS: Point your ANAL to this new struct
Re: WS_ExamineSpellInfo crash
Posted: Sat Nov 03, 2012 10:47 am
by Zcoretri
That is not a Spell packet...its something else we have yet to identify.
You need more schooling, lol
Code: Select all
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
10/28/2012 02:46:44
69.174.200.157 -> 192.168.1.65
0000: 00 3A 1F 00 00 00 FF 7A 02 01 00 00 00 00 FE 3F .:.....z.......?
0010: 05 66 C4 00 00 46 00 00 00 01 00 00 00 00 00 00 .f...F..........
0020 00 00 00 00 00 .....
starting at the opcode
FF 7A 02 = opcode
next is WS_ExamineInfoHeader
01 = show_name
00 00 00 = unknown (size=3)
00 = show_popup
FE 3F = packettype
05 = packetsubtype
after the packetsubtype of 05...unknown bytes at this time.
These are packetsubtype that I know of
00 = Bag (meaning item was in someones bag, you do not get full item info here)
02 = Recipe
04 = AA
05 = unknown
80 = item
81 = special spell (these come from examining buffs on NPC's or detriments on you)
83 = spells/combat arts
Re: WS_ExamineSpellInfo crash
Posted: Sat Nov 03, 2012 11:12 am
by John Adams
Yep, I am plenty schooled, thanks. I know what a type and subtype are. This is about a crash in PacketAnalyzer, that is all.
Re: WS_ExamineSpellInfo crash
Posted: Sat Nov 03, 2012 12:25 pm
by xinux
This is showing up after you use
http://eq2.wikia.com/wiki/Acceleration_Strike which applies a buff Called
Acceleration Counter with 3 charges everytime a charge get's used is when -- OP_ClientCmdMsg::OP_EqExamineInfoCmd -- show's up.
After 05 = packetsubtype here is what i've noticed.
66 C4 00 00 46 = Only changes when a new Buff is applied
00 00 00 = unknown
01 = Number of charges remaining
Re: WS_ExamineSpellInfo crash
Posted: Sat Nov 03, 2012 1:09 pm
by xinux
Ok it's a little odd here is some examples... Notice how the first one with 3 charges the first byte after 05 is different then they are the same.
Code: Select all
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:51:50
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 B2 42 09 00 01 00 00 00 03 00 00 00 00 00 ?..B............
0020: 00 00 00 00 00 00
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:51:54
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 B5 42 09 00 01 00 00 00 02 00 00 00 00 00 ?..B............
0020: 00 00 00 00 00 00
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:51:58
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 B5 42 09 00 01 00 00 00 01 00 00 00 00 00 ?..B............
0020: 00 00 00 00 00 00
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:52:00
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 B5 42 09 00 01 00 00 00 00 00 00 00 00 00 ?..B............
0020: 00 00 00 00 00 00
Same character next group of mobs new buff.
Code: Select all
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:52:20
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 C8 49 09 00 04 00 00 00 03 00 00 00 00 00 ?..I............
0020: 00 00 00 00 00 00
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:52:28
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 CB 49 09 00 04 00 00 00 02 00 00 00 00 00 ?..I............
0020: 00 00 00 00 00 00 ......
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:52:31
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 CB 49 09 00 04 00 00 00 01 00 00 00 00 00 ?..I............
0020: 00 00 00 00 00 00 ......
-- OP_ClientCmdMsg::OP_EqExamineInfoCmd --
11/3/2012 12:52:33
69.174.200.160 -> 192.168.1.104
0000: 00 3A 20 00 00 00 FF 7A 02 01 00 00 00 00 00 FE .: ....z........
0010: 3F 05 CB 49 09 00 04 00 00 00 00 00 00 00 00 00 ?..I............
0020: 00 00 00 00 00 00 ......
Re: WS_ExamineSpellInfo crash
Posted: Sun Nov 04, 2012 11:40 am
by John Adams
lol, you do realize this is about a PacketAnalyzer crash, and not about figuring out the packet? Might save that for a different thread, since this Bug will be archived once we fix it
Re: WS_ExamineSpellInfo crash
Posted: Mon Nov 05, 2012 5:04 am
by Scatman
It's most likely the substruct issue, but I'll take a gander at it regardless. I think I will be rewriting how structs work anyway.
Re: WS_ExamineSpellInfo crash
Posted: Wed Jul 26, 2017 10:02 pm
by Cynnar
Checking to see if this can be archived.