focustense / easymod

Modding for the modern age.
44 stars 2 forks source link

Stack overflow crash when analyzing plugin with circular references #166

Closed focustense closed 2 years ago

focustense commented 2 years ago

Reported in Discord, no error log or Windows .NET event log generated, only a basic crash report:

Faulting application name: EasyNPC.exe, version: 0.9.5.0, time stamp: 0x60e89703
Faulting module name: coreclr.dll, version: 5.0.921.35908, time stamp: 0x60e88dd3
Exception code: 0xc00000fd
Fault offset: 0x0000000000174eb7
Faulting process id: 0x2eb0
Faulting application start time: 0x01d8f328a0e39a97
Faulting application path: F:\Arisen\tools\EasyNPC\EasyNPC.exe
Faulting module path: F:\Arisen\tools\EasyNPC\coreclr.dll
Report Id: b114515b-6359-4f0c-9729-eb1b12a00e96
Faulting package full name: 
Faulting package-relative application ID: 

Search for 0xc00000fd turns up that it is a stack overflow.

focustense commented 2 years ago

After analyzing the dump file uploaded by the user (too big to post here), this was narrowed down to the ReferenceFollower class recursing subrecords infinitely. This was subsequently narrowed down to a specific mod ("Dibella's Blessing - Children of the North") which has head parts that reference themselves in the Extra Parts.

This is definitely wrong in the original mod, but it has to be handled better in EasyNPC because crashes that don't produce a managed stack trace or output to the application's error log are nigh on impossible to debug. It was fortunate that this particular user was able and willing to generate a full memory dump for it.

The workaround should be pretty simple, just track previously-visited form keys and exit out of the recursion when a previously-seen key is seen again.