Crash Report for Fatal Error

[WastedSavior]

I'm at wits end trying to fix this myself, I have a critical error that I can't trace to a particular object or trigger. All the error reports for the crash include the term "MAXUNITLEVEL" but I have no idea what that could mean. I've looked at the possibility that a trigger may be adding exp or changing the level of a unit, but on inspection this doesn't seem to cause a fatal error. The max unit level is set to default (20) and no unit exceeds level 14 in the map.

Perhaps someone more experienced with diagnostics could give me some insight, thanks guys.

Crash Log

Spoiler

Program: c:\program files (x86)\warcraft iii\war3.exe
Exception: 0xC0000005 (ACCESS_VIOLATION) at 0023:6F3A1654

The instruction at '0x6F3A1654' referenced memory at '0x04B610D0'.
The memory could not be 'read'.

----------------------------------------
Memory Dump
----------------------------------------

Code: 16 bytes starting at (EIP = 6F3A1654)

6F3A1654: 8B 44 81 58 C2 04 00 CC CC CC CC CC 8B 44 24 04 .D.X.........D$.


Stack: 1024 bytes starting at (ESP = 0018F628)

* = addr ** *
0018F620: 00 00 00 00 BE 73 94 6F 41 BB 3B 6F EE 03 00 00 .....s.oA.;o....
0018F630: BE 73 94 6F B8 D1 45 6F EE 03 00 00 A4 D1 45 6F .s.o..Eo......Eo
0018F640: 9C D1 45 6F B8 CA 18 0A B8 0F 59 1C 08 00 00 00 ..Eo......Y.....
0018F650: 1F 49 03 15 4D 41 58 55 4E 49 54 4C 45 56 45 4C .I..MAXUNITLEVEL
0018F660: 00 74 69 6B D6 B7 45 6F B8 0F 59 1C 9C F6 18 00 .tik..Eo..Y.....
0018F670: 93 A0 45 6F 60 B7 18 F5 00 00 00 00 9C F6 18 00 ..Eo`...........
0018F680: C4 F6 18 00 28 E6 82 6F 00 00 00 00 EE 03 00 00 ....(..o........
0018F690: E0 31 1A 10 08 2E 45 6F 00 00 00 00 48 F9 A7 6F .1....Eo....H..o
0018F6A0: FE FF FF FF 02 00 00 00 E0 31 1A 10 C0 E1 19 0A .........1......
0018F6B0: CA 9F 37 60 F7 41 45 6F E0 41 1B 10 00 00 00 00 ..7`.AEo.A......
0018F6C0: 00 00 00 00 00 00 00 00 04 00 00 00 8C F6 18 00 ................
0018F6D0: 94 90 DD 05 50 31 1A 10 04 00 00 00 01 00 00 00 ....P1..........
0018F6E0: 30 BB 3B 6F F0 B7 18 F5 04 00 00 00 AE EF 45 6F 0.;o..........Eo
0018F6F0: B8 CA 18 0A E0 B7 18 F5 00 00 00 00 B8 0F 59 1C ..............Y.
0018F700: 00 00 00 00 DC 0F 59 1C 00 00 14 1C 00 04 00 00 ......Y.........
0018F710: 68 F7 18 00 08 04 00 00 0C 00 00 00 00 00 00 00 h...............
0018F720: 00 00 00 00 00 00 00 00 48 5D 02 15 00 04 00 00 ........H]......
0018F730: E2 5D 02 15 48 E6 14 1C D6 B7 45 6F B8 0F 59 1C .]..H.....Eo..Y.
0018F740: 70 F7 18 00 93 A0 45 6F 54 B6 18 F5 00 00 00 00 p.....EoT.......
0018F750: 70 F7 18 00 98 F7 18 00 28 E6 82 6F 00 00 00 00 p.......(..o....
0018F760: 32 E8 45 6F 70 B6 18 F5 00 00 00 00 B8 0F 59 1C 2.Eop.........Y.
0018F770: 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F780: 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 ................
0018F790: BC F8 18 00 A8 E8 82 6F FF FF FF FF 03 FC 45 6F .......o......Eo
0018F7A0: E8 A5 BD 10 48 F8 18 00 E0 93 04 00 00 00 00 00 ....H...........
0018F7B0: B4 01 00 00 B8 0F 59 1C CC 00 B6 04 C0 00 B6 04 ......Y.........
0018F7C0: D4 B6 44 6F E8 A5 BD 10 00 00 00 00 48 F8 18 00 ..Do........H...
0018F7D0: E0 93 04 00 00 00 00 00 00 00 00 00 48 F8 18 00 ............H...
0018F7E0: F4 48 94 19 96 83 3A 6F 00 00 00 00 48 F8 18 00 .H........H...
0018F7F0: E0 93 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F800: B4 44 BC 0C 00 00 00 00 24 2C C1 0C C4 A8 3B 6F .D......$,....;o
0018F810: B4 01 00 00 48 F8 18 00 F4 48 94 19 00 00 00 00 ....H....H......
0018F820: 00 00 00 00 A4 48 94 19 55 58 44 6F 48 F8 18 00 .....H..UXDoH...
0018F830: F4 48 94 19 00 00 00 00 00 00 00 00 A4 48 94 19 .H...........H..
0018F840: F4 48 94 19 A4 48 94 19 00 00 00 00 F6 73 44 6F .H...H.......sDo
0018F850: F4 48 94 19 00 00 00 00 A4 48 94 19 A4 48 94 19 .H.......H...H..
0018F860: F8 34 3B 19 C8 48 94 19 00 00 00 00 F8 34 3B 19 .4;..H.......4;.
0018F870: C8 48 94 19 A4 48 94 19 FF B6 6B E6 33 50 44 6F .H...H....k.3PDo
0018F880: 72 50 44 6F 00 00 00 00 A4 48 94 19 C8 48 94 19 rPDo.....H...H..
0018F890: F8 34 3B 19 82 7F 44 6F 84 B9 18 F5 FF FF FF FF .4;...Do........
0018F8A0: 4C A0 C0 0C 24 6D A4 21 88 00 90 06 10 A0 C0 0C L...$m.!........
0018F8B0: 24 6D A4 21 88 00 90 06 A4 48 94 19 1C F9 18 00 $m.!.....H......
0018F8C0: 51 DE 82 6F FF FF FF FF 64 82 44 6F 4C A0 C0 0C Q..o....d.DoL...
0018F8D0: AF 5F 3F F3 00 00 00 00 C4 B9 18 F5 10 A0 C0 0C ._?.............
0018F8E0: 10 A0 C0 0C 2C 96 A6 21 A4 48 94 19 78 65 74 2B ....,..!.H..xet+
0018F8F0: 6C 67 61 2B 78 65 74 2B 00 00 00 00 9C E2 80 0C lga+xet+........
0018F900: 0C 72 AB 6F 00 00 00 00 00 00 00 00 00 00 00 00 .r.o............
0018F910: 00 00 00 00 FF FF FF FF FF FF FF FF 88 F9 18 00 ................
0018F920: A8 DE 82 6F 00 00 00 00 CB 82 44 6F 00 00 00 00 ...o......Do....
0018F930: B4 27 87 0C 36 84 44 6F 34 69 64 20 34 69 64 20 .'..6.Do4id 4id
0018F940: D4 0B 18 20 08 C4 5A 20 FD A6 62 6F F8 F9 18 00 ... ..Z ..bo....
0018F950: 4C B8 18 F5 24 6D A4 21 24 6D A4 21 48 6D A4 21 L...$m.!$m.!Hm.!
0018F960: B4 27 87 0C 00 00 00 00 02 00 00 00 08 C4 5A 20 .'............Z
0018F970: 78 F9 18 00 34 69 64 20 34 69 64 20 2C 96 A6 21 x...4id 4id ,..!
0018F980: 00 00 00 00 40 01 00 00 0C FA 18 00 88 0A 84 6F [email protected]
0018F990: 00 00 00 00 D0 A7 62 6F 3B 02 08 00 F8 F9 18 00 ......bo;.......
0018F9A0: 24 6D A4 21 04 04 95 6F A1 9A 62 6F 3B 02 08 00 $m.!...o..bo;...
0018F9B0: F8 F9 18 00 44 24 54 20 7F 5B 43 6F F8 F9 18 00 ....D$T .[Co....
0018F9C0: 00 00 00 00 5C 6D A4 21 24 6D A4 21 44 24 54 20 ....\m.!$m.!D$T
0018F9D0: D6 C2 43 6F F8 F9 18 00 C4 B8 18 F5 E4 C3 5A 20 ..Co..........Z
0018F9E0: 24 69 64 20 24 69 64 20 C4 0B 18 20 2C 96 A6 21 $id $id ... ,..!
0018F9F0: 00 00 61 43 CC 00 A0 06 34 FE 92 6F 00 00 00 00 ..aC....4..o....
0018FA00: 3B 02 08 00 24 6D A4 21 2C 96 A6 21 58 FA 18 00 ;...$m.!,..!X...
0018FA10: E0 C9 82 6F 01 00 00 00 FD A6 62 6F C4 3B A8 6F ...o......bo.;.o
0018FA20: 3C BB 18 F5 C8 FA 18 00 58 24 54 20 F4 24 9D 09 <.......X$T .$..


------------------------------------------------------------------------------

 

[Juggernaut]

I don't know for sure. But try disabling triggers one after another and maybe you find the source of the problem. I once had a problem where the level of ability of a unit was increased while the unit was dead.

 

[WastedSavior]

I wish it was that easy, Unfortunately it isn't consistent.9 out of 10 games crashes, meaning one game plays to finish.

It doesn't seem to happen at a particular event (ranges from day 1 to day 9) and I've used every ability and item in the game. Most notably under no circumstances have I been able to crash the game in single player.

Not being able to crash it in single player means I can't just disable one trigger at a time and test to see if it was causing it. It's a very frustrating fatal error.

 

[Dameon]

Can you post the map? Cant help if I cant look over what the cause might be.
my last 2 crashes were cause by
1. Raising the level of a ability on a dead unit.
2. Using [] in a units tool tip.

 

[Imp Midna]

Im Afraid nobody except for Blizzard or some hardcore reverse engeneerers with loads of time can read all to much out of this crash log. I can explain what the crash log is saying and give you all information i have, but i doubt that it will help.

Program: c:\program files (x86)\warcraft iii\war3.exe

Tells me you got a 64 bit system. The most useless information alive.

Exception: 0xC0000005 (ACCESS_VIOLATION) at 0023:6F3A1654

an access_violation has been thrown. Some smart person somewhen defined an access violation to be represented by the number 0xc00000005 (or 3221225477 in decimal). Has nothing to do with the page table with is funnily starting at 0xc0000000. Pure coincidence (or someone wanted to confuse us ._.)

The instruction at '0x6F3A1654' referenced memory at '0x04B610D0'.
 
The memory could not be 'read'.

Now here comes an interisting part. It says that the memory could not be 'read' due to an access violation, which means that this was a general act of security. It wouldnt make sense to define a variable and then tell the program to not touch it, theres no point in the varibable then as you can not touch it. That means, some pointer failed.

But the pointer did not only fail, it failed horrifically, pointing to the address 0x04B610D0, which is totally random whatsoever. Which sort of algorythm would make a valid pointer point to such a weird location? Pure randomness would, which puts us to the next point.

Code: 16 bytes starting at (EIP = 6F3A1654)
6F3A1654: 8B 44 81 58 C2 04 00 CC CC CC CC CC 8B 44 24 04 .D.X.........D$.

my decompiler translates it to this one:

mov eax,[ecx+eax*4+58]
ret 0004
int 3
int 3
int 3
int 3
int 3
mov eax,[esp+04]

This looks like the end of a function, and this function is returning something. This something is located at [ecx+eax*4+58], and ecx+eax*4+58 = 0x04B610D0. Fortunately, the incridebly detailed dump does not tell us what is standing in ecx and eax, so we have absolutely no way of telling which of those 2 failed. If the code is correct, then it would access an array containing integers, pointers or reals, beeing part of a structure with shittons of elements as the array would be the element at the offset 58. The function then returns what is standing in this array at that location (or, it would, but it crashed, you know...)

the int 3 indicate that the function ends here, telling us that we dont need to care about whats coming after them.
I tried to find this function in my wc3, but at the address 6F3A1654, i only seemed to find garbage. Where i found this functoin is at 025F1654, which is faaar faar away. But ok, maybe i just got an other version of the game. got the german one. and its a function from game.dll. dll's use to change position on different versions. and also, my function is moving around a bit every time i restart the game.
Ive set a breakpoint in this function and now i know so far:
1: it is called all_the_time
2: its called by 2 fucntions: one at 25F390F, one at 24D513F
From the stack dump given in your log file, i can see that your function was at 6F3BBB41.
6F3BBB41-6F3A1654 = 1A4ED. Both of my calls do not even remotely have this position to each other, so i asume its called by something else. What i can also see is that ecx, which is the object im looking at, is always the same. The array that is accessed is a array of pointers, containing more wierd information i cant interpret (but which seemingly is used when i order my hero to walk or use methamorphosis, which is what i tested in this short amount of time)
Also, none of the calls i had would have the MAXUNITLEVEL string on the stack.

Wow. I actually wrote this while i was testing the stuff. As you can see, its a lot of random things in here, which is the price for crawling around in such a low level area of the game. i dont think i will ever understand the structures and the pointers and what they are all used for, but maybe i could reduce the possible amount of things that can cause the crash. The only real way to do this is trial and error though. As i allready mentionend, the functions addresses are changing all the time, so i cant use the call address as a hint, but what is quite interisting is the MAXUNITLEVEL string. Well, to effektively do more, i need more information:
1: when is it crashing? can you combine any trigger or any room of triggers with it? its like, i will have to make a test map calling different functions with different paramters to find out which particular functions are calling it, and any sort of limitation would probably be a relief on some way
2: do you have more log files related to this crash? especially interisting would be if the MAXUNITLEVEL is always at the same offset compared to esp. If it is constant, then it's a great hint to determine the correct function, and over the correct function, maybe even the correct trigger action causing this error.

lots of writing. hurray. im so gonna go sleepin now. gn8

 

[Dameon]

Im Afraid nobody except...

Translation, Give me more log file.

 

[thorhunter]

My suggestion is to get a group of testers and try to find the trigger. Since it happes frequently, you should be able to track it pretty quickly. Just disable half of your triggers and see how the map works. If it still crashes, you have half of your triggers 'clear' and the other half to be 'halved' again. This way you should find the bug rather quickly. Otherwise, as Juggernaut suggested, I recommend checking your triggers under functions that involve operations on units that may have died or deceased, since this was the case for me several times. You can also check this link to check if any of these reasons could possibly be the case (though the list is tiny compared to actual possibilities).

 

[WastedSavior]

Here is all the logs I have, If we could get even in the ballpark of whats causing it would help tremendously. Thanks for all the posts so far guys.

Spoiler

----------------------------------------
Memory Dump
----------------------------------------

Code: 16 bytes starting at (EIP = 6F3A1654)

6F3A1654: 8B 44 81 58 C2 04 00 CC CC CC CC CC 8B 44 24 04 .D.X.........D$.


Stack: 1024 bytes starting at (ESP = 0018F628)

* = addr ** *
0018F620: 00 00 00 00 BE 73 94 6F 41 BB 3B 6F EB 03 00 00 .....s.oA.;o....
0018F630: BE 73 94 6F B8 D1 45 6F EB 03 00 00 A4 D1 45 6F .s.o..Eo......Eo
0018F640: 9C D1 45 6F 68 CB E0 09 28 C5 68 1C 08 00 00 00 ..Eoh...(.h.....
0018F650: 1F 49 03 15 4D 41 58 55 4E 49 54 4C 45 56 45 4C .I..MAXUNITLEVEL
0018F660: 00 00 00 00 D6 B7 45 6F 28 C5 68 1C 9C F6 18 00 ......Eo(.h.....
0018F670: 93 A0 45 6F AD 86 E9 F5 00 00 00 00 9C F6 18 00 ..Eo............
0018F680: C4 F6 18 00 28 E6 82 6F 00 00 00 00 EB 03 00 00 ....(..o........
0018F690: 60 5D AE 0F 08 2E 45 6F 00 00 00 00 48 F9 A7 6F `]....Eo....H..o
0018F6A0: FE FF FF FF 02 00 00 00 60 5D AE 0F 70 E2 E1 09 ........`]..p...
0018F6B0: CA 9F 37 60 F7 41 45 6F B8 4B B0 0F 00 00 00 00 ..7`.AEo.K......
0018F6C0: 00 00 00 00 00 00 00 00 04 00 00 00 8C F6 18 00 ................
0018F6D0: 94 90 96 03 D0 5C AE 0F 04 00 00 00 01 00 00 00 .....\..........
0018F6E0: 30 BB 3B 6F 3D 86 E9 F5 04 00 00 00 AE EF 45 6F 0.;o=.........Eo
0018F6F0: 68 CB E0 09 2D 86 E9 F5 00 00 00 00 28 C5 68 1C h...-.......(.h.
0018F700: 00 00 00 00 4C C5 68 1C 00 00 91 1B 00 04 00 00 ....L.h.........
0018F710: 68 F7 18 00 08 04 00 00 0C 00 00 00 00 00 00 00 h...............
0018F720: 00 00 00 00 00 00 00 00 48 5D 02 15 00 04 00 00 ........H]......
0018F730: E2 5D 02 15 38 5D 91 1B D6 B7 45 6F 28 C5 68 1C .]..8]....Eo(.h.
0018F740: 70 F7 18 00 93 A0 45 6F 99 87 E9 F5 00 00 00 00 p.....Eo........
0018F750: 70 F7 18 00 98 F7 18 00 28 E6 82 6F 00 00 00 00 p.......(..o....
0018F760: 32 E8 45 6F BD 87 E9 F5 00 00 00 00 28 C5 68 1C 2.Eo........(.h.
0018F770: 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F780: 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 ................
0018F790: BC F8 18 00 A8 E8 82 6F FF FF FF FF 03 FC 45 6F .......o......Eo
0018F7A0: 60 85 62 10 48 F8 18 00 E0 93 04 00 00 00 00 00 `.b.H...........
0018F7B0: A3 01 00 00 28 C5 68 1C CC 00 1A 04 C0 00 1A 04 ....(.h.........
0018F7C0: D4 B6 44 6F 60 85 62 10 00 00 00 00 48 F8 18 00 ..Do`.b.....H...
0018F7D0: E0 93 04 00 00 00 00 00 00 00 00 00 48 F8 18 00 ............H...
0018F7E0: 54 AF B9 17 96 83 3A 6F 00 00 00 00 48 F8 18 00 T.........H...
0018F7F0: E0 93 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F800: 0C 42 C4 0C 00 00 00 00 BC 2A C9 0C C4 A8 3B 6F .B.......*....;o
0018F810: A3 01 00 00 48 F8 18 00 54 AF B9 17 00 00 00 00 ....H...T.......
0018F820: 00 00 00 00 04 AF B9 17 55 58 44 6F 48 F8 18 00 ........UXDoH...
0018F830: 54 AF B9 17 00 00 00 00 00 00 00 00 04 AF B9 17 T...............
0018F840: 54 AF B9 17 04 AF B9 17 00 00 00 00 F6 73 44 6F T............sDo
0018F850: 54 AF B9 17 00 00 00 00 04 AF B9 17 04 AF B9 17 T...............
0018F860: 80 0A 65 17 28 AF B9 17 00 00 00 00 80 0A 65 17 ..e.(.........e.
0018F870: 28 AF B9 17 04 AF B9 17 9F 50 46 E8 33 50 44 6F (........PF.3PDo
0018F880: 72 50 44 6F 00 00 00 00 04 AF B9 17 28 AF B9 17 rPDo........(...
0018F890: 80 0A 65 17 82 7F 44 6F 49 88 E9 F5 FF FF FF FF ..e...DoI.......
0018F8A0: F0 9B C8 0C F4 0E 5A 21 88 00 A6 03 B4 9B C8 0C ......Z!........
0018F8B0: F4 0E 5A 21 88 00 A6 03 04 AF B9 17 1C F9 18 00 ..Z!............
0018F8C0: 51 DE 82 6F FF FF FF FF 64 82 44 6F F0 9B C8 0C Q..o....d.Do....
0018F8D0: 0B 64 37 F3 00 00 00 00 09 88 E9 F5 B4 9B C8 0C .d7.............
0018F8E0: B4 9B C8 0C 6C 6E 5C 21 04 AF B9 17 78 65 74 2B ....ln\!....xet+
0018F8F0: 6C 67 61 2B 78 65 74 2B 00 00 00 00 9C E2 88 0C lga+xet+........
0018F900: 0C 72 AB 6F 00 00 00 00 00 00 00 00 00 00 00 00 .r.o............
0018F910: 00 00 00 00 FF FF FF FF FF FF FF FF 88 F9 18 00 ................
0018F920: A8 DE 82 6F 00 00 00 00 CB 82 44 6F 00 00 00 00 ...o......Do....
0018F930: B4 27 8F 0C 36 84 44 6F 64 12 42 20 64 12 42 20 .'..6.Dod.B d.B
0018F940: 4C AC 51 1C F8 07 29 20 FD A6 62 6F F8 F9 18 00 L.Q...) ..bo....
0018F950: 81 89 E9 F5 F4 0E 5A 21 F4 0E 5A 21 18 0F 5A 21 ......Z!..Z!..Z!
0018F960: B4 27 8F 0C 00 00 00 00 02 00 00 00 F8 07 29 20 .'............)
0018F970: 78 F9 18 00 64 12 42 20 64 12 42 20 6C 6E 5C 21 x...d.B d.B ln\!
0018F980: 00 00 00 00 50 00 00 00 0C FA 18 00 88 0A 84 6F ....P..........o
0018F990: 00 00 00 00 D0 A7 62 6F 3B 02 08 00 F8 F9 18 00 ......bo;.......
0018F9A0: F4 0E 5A 21 04 04 95 6F A1 9A 62 6F 3B 02 08 00 ..Z!...o..bo;...
0018F9B0: F8 F9 18 00 84 D9 A2 1F 7F 5B 43 6F F8 F9 18 00 .........[Co....
0018F9C0: 00 00 00 00 2C 0F 5A 21 F4 0E 5A 21 84 D9 A2 1F ....,.Z!..Z!....
0018F9D0: D6 C2 43 6F F8 F9 18 00 09 89 E9 F5 A0 07 29 20 ..Co..........)
0018F9E0: D4 12 42 20 D4 12 42 20 14 AC 51 1C 6C 6E 5C 21 ..B ..B ..Q.ln\!
0018F9F0: FE FF 60 43 20 FC AD C4 34 FE 92 6F 00 00 00 00 ..`C ...4..o....
0018FA00: 3B 02 08 00 F4 0E 5A 21 6C 6E 5C 21 58 FA 18 00 ;.....Z!ln\!X...
0018FA10: E0 C9 82 6F 01 00 00 00 FD A6 62 6F C4 3B A8 6F ...o......bo.;.o
0018FA20: F1 8A E9 F5 C8 FA 18 00 98 D9 A2 1F E4 24 65 09 .............$e.


----------------------------------------
Memory Dump
----------------------------------------

Code: 16 bytes starting at (EIP = 6F3A1654)

6F3A1654: 8B 44 81 58 C2 04 00 CC CC CC CC CC 8B 44 24 04 .D.X.........D$.


Stack: 1024 bytes starting at (ESP = 0018F628)

* = addr ** *
0018F620: 00 00 00 00 BE 73 94 6F 41 BB 3B 6F EE 03 00 00 .....s.oA.;o....
0018F630: BE 73 94 6F B8 D1 45 6F EE 03 00 00 A4 D1 45 6F .s.o..Eo......Eo
0018F640: 9C D1 45 6F B8 CA 18 0A B8 0F 59 1C 08 00 00 00 ..Eo......Y.....
0018F650: 1F 49 03 15 4D 41 58 55 4E 49 54 4C 45 56 45 4C .I..MAXUNITLEVEL
0018F660: 00 74 69 6B D6 B7 45 6F B8 0F 59 1C 9C F6 18 00 .tik..Eo..Y.....
0018F670: 93 A0 45 6F 60 B7 18 F5 00 00 00 00 9C F6 18 00 ..Eo`...........
0018F680: C4 F6 18 00 28 E6 82 6F 00 00 00 00 EE 03 00 00 ....(..o........
0018F690: E0 31 1A 10 08 2E 45 6F 00 00 00 00 48 F9 A7 6F .1....Eo....H..o
0018F6A0: FE FF FF FF 02 00 00 00 E0 31 1A 10 C0 E1 19 0A .........1......
0018F6B0: CA 9F 37 60 F7 41 45 6F E0 41 1B 10 00 00 00 00 ..7`.AEo.A......
0018F6C0: 00 00 00 00 00 00 00 00 04 00 00 00 8C F6 18 00 ................
0018F6D0: 94 90 DD 05 50 31 1A 10 04 00 00 00 01 00 00 00 ....P1..........
0018F6E0: 30 BB 3B 6F F0 B7 18 F5 04 00 00 00 AE EF 45 6F 0.;o..........Eo
0018F6F0: B8 CA 18 0A E0 B7 18 F5 00 00 00 00 B8 0F 59 1C ..............Y.
0018F700: 00 00 00 00 DC 0F 59 1C 00 00 14 1C 00 04 00 00 ......Y.........
0018F710: 68 F7 18 00 08 04 00 00 0C 00 00 00 00 00 00 00 h...............
0018F720: 00 00 00 00 00 00 00 00 48 5D 02 15 00 04 00 00 ........H]......
0018F730: E2 5D 02 15 48 E6 14 1C D6 B7 45 6F B8 0F 59 1C .]..H.....Eo..Y.
0018F740: 70 F7 18 00 93 A0 45 6F 54 B6 18 F5 00 00 00 00 p.....EoT.......
0018F750: 70 F7 18 00 98 F7 18 00 28 E6 82 6F 00 00 00 00 p.......(..o....
0018F760: 32 E8 45 6F 70 B6 18 F5 00 00 00 00 B8 0F 59 1C 2.Eop.........Y.
0018F770: 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F780: 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 ................
0018F790: BC F8 18 00 A8 E8 82 6F FF FF FF FF 03 FC 45 6F .......o......Eo
0018F7A0: E8 A5 BD 10 48 F8 18 00 E0 93 04 00 00 00 00 00 ....H...........
0018F7B0: B4 01 00 00 B8 0F 59 1C CC 00 B6 04 C0 00 B6 04 ......Y.........
0018F7C0: D4 B6 44 6F E8 A5 BD 10 00 00 00 00 48 F8 18 00 ..Do........H...
0018F7D0: E0 93 04 00 00 00 00 00 00 00 00 00 48 F8 18 00 ............H...
0018F7E0: F4 48 94 19 96 83 3A 6F 00 00 00 00 48 F8 18 00 .H........H...
0018F7F0: E0 93 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F800: B4 44 BC 0C 00 00 00 00 24 2C C1 0C C4 A8 3B 6F .D......$,....;o
0018F810: B4 01 00 00 48 F8 18 00 F4 48 94 19 00 00 00 00 ....H....H......
0018F820: 00 00 00 00 A4 48 94 19 55 58 44 6F 48 F8 18 00 .....H..UXDoH...
0018F830: F4 48 94 19 00 00 00 00 00 00 00 00 A4 48 94 19 .H...........H..
0018F840: F4 48 94 19 A4 48 94 19 00 00 00 00 F6 73 44 6F .H...H.......sDo
0018F850: F4 48 94 19 00 00 00 00 A4 48 94 19 A4 48 94 19 .H.......H...H..
0018F860: F8 34 3B 19 C8 48 94 19 00 00 00 00 F8 34 3B 19 .4;..H.......4;.
0018F870: C8 48 94 19 A4 48 94 19 FF B6 6B E6 33 50 44 6F .H...H....k.3PDo
0018F880: 72 50 44 6F 00 00 00 00 A4 48 94 19 C8 48 94 19 rPDo.....H...H..
0018F890: F8 34 3B 19 82 7F 44 6F 84 B9 18 F5 FF FF FF FF .4;...Do........
0018F8A0: 4C A0 C0 0C 24 6D A4 21 88 00 90 06 10 A0 C0 0C L...$m.!........
0018F8B0: 24 6D A4 21 88 00 90 06 A4 48 94 19 1C F9 18 00 $m.!.....H......
0018F8C0: 51 DE 82 6F FF FF FF FF 64 82 44 6F 4C A0 C0 0C Q..o....d.DoL...
0018F8D0: AF 5F 3F F3 00 00 00 00 C4 B9 18 F5 10 A0 C0 0C ._?.............
0018F8E0: 10 A0 C0 0C 2C 96 A6 21 A4 48 94 19 78 65 74 2B ....,..!.H..xet+
0018F8F0: 6C 67 61 2B 78 65 74 2B 00 00 00 00 9C E2 80 0C lga+xet+........
0018F900: 0C 72 AB 6F 00 00 00 00 00 00 00 00 00 00 00 00 .r.o............
0018F910: 00 00 00 00 FF FF FF FF FF FF FF FF 88 F9 18 00 ................
0018F920: A8 DE 82 6F 00 00 00 00 CB 82 44 6F 00 00 00 00 ...o......Do....
0018F930: B4 27 87 0C 36 84 44 6F 34 69 64 20 34 69 64 20 .'..6.Do4id 4id
0018F940: D4 0B 18 20 08 C4 5A 20 FD A6 62 6F F8 F9 18 00 ... ..Z ..bo....
0018F950: 4C B8 18 F5 24 6D A4 21 24 6D A4 21 48 6D A4 21 L...$m.!$m.!Hm.!
0018F960: B4 27 87 0C 00 00 00 00 02 00 00 00 08 C4 5A 20 .'............Z
0018F970: 78 F9 18 00 34 69 64 20 34 69 64 20 2C 96 A6 21 x...4id 4id ,..!
0018F980: 00 00 00 00 40 01 00 00 0C FA 18 00 88 0A 84 6F [email protected]
0018F990: 00 00 00 00 D0 A7 62 6F 3B 02 08 00 F8 F9 18 00 ......bo;.......
0018F9A0: 24 6D A4 21 04 04 95 6F A1 9A 62 6F 3B 02 08 00 $m.!...o..bo;...
0018F9B0: F8 F9 18 00 44 24 54 20 7F 5B 43 6F F8 F9 18 00 ....D$T .[Co....
0018F9C0: 00 00 00 00 5C 6D A4 21 24 6D A4 21 44 24 54 20 ....\m.!$m.!D$T
0018F9D0: D6 C2 43 6F F8 F9 18 00 C4 B8 18 F5 E4 C3 5A 20 ..Co..........Z
0018F9E0: 24 69 64 20 24 69 64 20 C4 0B 18 20 2C 96 A6 21 $id $id ... ,..!
0018F9F0: 00 00 61 43 CC 00 A0 06 34 FE 92 6F 00 00 00 00 ..aC....4..o....
0018FA00: 3B 02 08 00 24 6D A4 21 2C 96 A6 21 58 FA 18 00 ;...$m.!,..!X...
0018FA10: E0 C9 82 6F 01 00 00 00 FD A6 62 6F C4 3B A8 6F ...o......bo.;.o
0018FA20: 3C BB 18 F5 C8 FA 18 00 58 24 54 20 F4 24 9D 09 <.......X$T .$..

----------------------------------------
Memory Dump
----------------------------------------

Code: 16 bytes starting at (EIP = 6F3A1654)

6F3A1654: 8B 44 81 58 C2 04 00 CC CC CC CC CC 8B 44 24 04 .D.X.........D$.


Stack: 1024 bytes starting at (ESP = 0018F628)

* = addr ** *
0018F620: 00 00 00 00 BE 73 94 6F 41 BB 3B 6F FA 03 00 00 .....s.oA.;o....
0018F630: BE 73 94 6F B8 D1 45 6F FA 03 00 00 A4 D1 45 6F .s.o..Eo......Eo
0018F640: 9C D1 45 6F C8 CA AC 0A 48 B9 79 1F 08 00 00 00 ..Eo....H.y.....
0018F650: 1F 49 03 15 4D 41 58 55 4E 49 54 4C 45 56 45 4C .I..MAXUNITLEVEL
0018F660: 00 6A 87 6F D6 B7 45 6F 48 B9 79 1F 9C F6 18 00 .j.o..EoH.y.....
0018F670: 93 A0 45 6F 15 0D 06 80 00 00 00 00 9C F6 18 00 ..Eo............
0018F680: C4 F6 18 00 28 E6 82 6F 00 00 00 00 FA 03 00 00 ....(..o........
0018F690: 20 5E A5 10 08 2E 45 6F 00 00 00 00 48 F9 A7 6F ^....Eo....H..o
0018F6A0: FE FF FF FF 02 00 00 00 20 5E A5 10 D0 E1 AD 0A ........ ^......
0018F6B0: CA 9F 37 60 F7 41 45 6F 28 4C A6 10 00 00 00 00 ..7`.AEo(L......
0018F6C0: 00 00 00 00 00 00 00 00 04 00 00 00 8C F6 18 00 ................
0018F6D0: 94 90 15 04 90 5D A5 10 04 00 00 00 01 00 00 00 .....]..........
0018F6E0: 30 BB 3B 6F 85 0D 06 80 04 00 00 00 AE EF 45 6F 0.;o..........Eo
0018F6F0: C8 CA AC 0A 95 0D 06 80 00 00 00 00 48 B9 79 1F ............H.y.
0018F700: 00 00 00 00 6C B9 79 1F 00 00 C9 1D 00 04 00 00 ....l.y.........
0018F710: 68 F7 18 00 08 04 00 00 0C 00 00 00 00 00 00 00 h...............
0018F720: 00 00 00 00 00 00 00 00 48 5D 02 15 00 04 00 00 ........H]......
0018F730: E2 5D 02 15 C8 24 C9 1D D6 B7 45 6F 48 B9 79 1F .]...$....EoH.y.
0018F740: 70 F7 18 00 93 A0 45 6F 21 0C 06 80 00 00 00 00 p.....Eo!.......
0018F750: 70 F7 18 00 98 F7 18 00 28 E6 82 6F 00 00 00 00 p.......(..o....
0018F760: 32 E8 45 6F 05 0C 06 80 00 00 00 00 48 B9 79 1F 2.Eo........H.y.
0018F770: 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F780: 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 ................
0018F790: BC F8 18 00 A8 E8 82 6F FF FF FF FF 03 FC 45 6F .......o......Eo
0018F7A0: E8 A5 48 11 48 F8 18 00 E0 93 04 00 00 00 00 00 ..H.H...........
0018F7B0: B4 01 00 00 48 B9 79 1F CC 00 3E 05 C0 00 3E 05 ....H.y...>...>.
0018F7C0: D4 B6 44 6F E8 A5 48 11 00 00 00 00 48 F8 18 00 ..Do..H.....H...
0018F7D0: E0 93 04 00 00 00 00 00 00 00 00 00 48 F8 18 00 ............H...
0018F7E0: B4 AC 25 1A 96 83 3A 6F 00 00 00 00 48 F8 18 00 ..%.......H...
0018F7F0: E0 93 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0018F800: B4 44 50 0D 00 00 00 00 24 2C 55 0D C4 A8 3B 6F .DP.....$,U...;o
0018F810: B4 01 00 00 48 F8 18 00 B4 AC 25 1A 00 00 00 00 ....H.....%.....
0018F820: 00 00 00 00 64 AC 25 1A 55 58 44 6F 48 F8 18 00 ....d.%.UXDoH...
0018F830: B4 AC 25 1A 00 00 00 00 00 00 00 00 64 AC 25 1A ..%.........d.%.
0018F840: B4 AC 25 1A 64 AC 25 1A 00 00 00 00 F6 73 44 6F ..%.d.%......sDo
0018F850: B4 AC 25 1A 00 00 00 00 64 AC 25 1A 64 AC 25 1A ..%.....d.%.d.%.
0018F860: 60 06 BA 19 88 AC 25 1A 00 00 00 00 60 06 BA 19 `.....%.....`...
0018F870: 88 AC 25 1A 64 AC 25 1A 3F 53 DA E5 33 50 44 6F ..%.d.%.?S..3PDo
0018F880: 72 50 44 6F 00 00 00 00 64 AC 25 1A 88 AC 25 1A rPDo....d.%...%.
0018F890: 60 06 BA 19 82 7F 44 6F F1 03 06 80 FF FF FF FF `.....Do........
0018F8A0: 4C A0 54 0D B4 6D 07 1D 88 00 24 04 10 A0 54 0D L.T..m....$...T.
0018F8B0: B4 6D 07 1D 88 00 24 04 64 AC 25 1A 1C F9 18 00 .m....$.d.%.....
0018F8C0: 51 DE 82 6F FF FF FF FF 64 82 44 6F 4C A0 54 0D Q..o....d.DoL.T.
0018F8D0: AF 5F AB F2 00 00 00 00 B1 03 06 80 10 A0 54 0D ._............T.
0018F8E0: 10 A0 54 0D 8C 81 09 1D 64 AC 25 1A 78 65 74 2B ..T.....d.%.xet+
0018F8F0: 6C 67 61 2B 78 65 74 2B 00 00 00 00 9C E2 14 0D lga+xet+........
0018F900: 0C 72 AB 6F 00 00 00 00 00 00 00 00 00 00 00 00 .r.o............
0018F910: 00 00 00 00 FF FF FF FF FF FF FF FF 88 F9 18 00 ................
0018F920: A8 DE 82 6F 00 00 00 00 CB 82 44 6F 00 00 00 00 ...o......Do....
0018F930: B4 27 1B 0D 36 84 44 6F D4 85 8F 1C D4 85 8F 1C .'..6.Do........
0018F940: 44 29 25 1C 68 05 37 1C FD A6 62 6F F8 F9 18 00 D)%.h.7...bo....
0018F950: 39 02 06 80 B4 6D 07 1D B4 6D 07 1D D8 6D 07 1D 9....m...m...m..
0018F960: B4 27 1B 0D 00 00 00 00 02 00 00 00 68 05 37 1C .'..........h.7.
0018F970: 78 F9 18 00 D4 85 8F 1C D4 85 8F 1C 8C 81 09 1D x...............
0018F980: 00 00 00 00 78 00 00 00 0C FA 18 00 88 0A 84 6F ....x..........o
0018F990: 00 00 00 00 D0 A7 62 6F 3B 02 08 00 F8 F9 18 00 ......bo;.......
0018F9A0: B4 6D 07 1D 04 04 95 6F A1 9A 62 6F 3B 02 08 00 .m.....o..bo;...
0018F9B0: F8 F9 18 00 64 5B 29 1C 7F 5B 43 6F F8 F9 18 00 ....d[)..[Co....
0018F9C0: 00 00 00 00 EC 6D 07 1D B4 6D 07 1D 64 5B 29 1C .....m...m..d[).
0018F9D0: D6 C2 43 6F F8 F9 18 00 B1 02 06 80 44 05 37 1C ..Co........D.7.
0018F9E0: C4 85 8F 1C C4 85 8F 1C 7C 29 25 1C 8C 81 09 1D ........|)%.....
0018F9F0: 00 00 61 43 30 77 27 6F 34 FE 92 6F 00 00 00 00 ..aC0w'o4..o....
0018FA00: 3B 02 08 00 B4 6D 07 1D 8C 81 09 1D 58 FA 18 00 ;....m......X...
0018FA10: E0 C9 82 6F 01 00 00 00 FD A6 62 6F C4 3B A8 6F ...o......bo.;.o
0018FA20: 49 01 06 80 C8 FA 18 00 78 5B 29 1C E4 24 31 0A I.......x[)..$1.

 

[Imp Midna]

Hadn't have all too much time today, but heres what i found out so far:

In the 4 log files, something, either uncontrolled or by using the native Player() function, tried to get a player. As we know, players range from 0-14. On your crashes, you seemingly tried to get the players:
1006
1006
1003
1018
which of corse do not exist, causing a crash.

Gonna edit this one or write a new post if i find out more.

edit 1: i was not possible to create an other situation other then using the Player() (or in gui, get player by converted id) calling this special function. Im 90% sure its a wrong call to the native jass function Player()
edit2: looking through the Blizzard.j, the following function calls could cause this problem:
-Get Player by Id
-MeleePlayerIsOpponent, which seemingly is used in the melee map victory/defeat conditions

 

[WastedSavior]

Looked through the maps war3map.j doesn't seem to have any unusual Player() calls.

Don't use MeleePlayerIsOpponent at all, so I can't see that causing the problem

Searching through war3map.j there also seems to be no unusual calls for ConvertedPlayerId

Could the problem be that at some point something is set to null that would allow a ConvertedPlayerId to return something unrelated?

 

[Dameon]

it would be easier just to post your map, if you are worried about some thing being stolen just flatten the terrain and delete every thing not connected to a trigger first.