[2.2.0.6] Crash: Access violation at 0x2bc7008d

[NavigatorNebula]

Getting a very reproducible crash several in-game days after loading a particular save. It was occurring sporadically before this which makes me think it's related to some specific event firing.

Stack:

2bc7008d()	
CK2game.exe!009d3f3b() 	
[Frames below may be incorrect and/or missing, no symbols loaded for CK2game.exe]	
CK2game.exe!005c81a8() 	
CK2game.exe!005f07bb() 	
CK2game.exe!005e8d1b() 	
nvd3dum.dll!5a904df0() 	
kernel32.dll!76f214ad() 	
ntdll.dll!779af8d1() 	
KernelBase.dll!775514de() 	
ntdll.dll!779aff86() 	
KernelBase.dll!7754858e() 	
ntdll.dll!779af9f2() 	
KernelBase.dll!7754848d() 	
steamclient.dll!382b7f49() 	
tier0_s.dll!6f818d37() 	
steamclient.dll!382b5e14() 	
GameOverlayRenderer.dll!743fa862() 	
CK2game.exe!00ad6733() 	
CK2game.exe!00acb774() 	
CK2game.exe!00ae62ab() 	
CK2game.exe!009e7b84() 	
tier0_s.dll!6f820667() 	
tier0_s.dll!6f81b045() 	
tier0_s.dll!6f81ae54() 	
steamclient.dll!383907bf() 	
steamclient.dll!382a075d() 	
ntdll.dll!779afd91() 	
KernelBase.dll!77553bd5() 	
CK2game.exe!00ac9690() 	
CK2game.exe!0094777e() 	
CK2game.exe!0094798d() 	
CK2game.exe!006f96b6() 	
CK2game.exe!00b85198() 	
CK2game.exe!00babad0() 	
CK2game.exe!00babb6e() 	
CK2game.exe!00b865cd() 	
CK2game.exe!00b94efe() 	
kernel32.dll!76f2338a() 	
ntdll.dll!779c9f72() 	
ntdll.dll!779c9f45()

Disassembly of frame 1:

009D3EE0  push        ebp  
009D3EE1  mov         ebp,esp  
009D3EE3  push        ebx  
009D3EE4  mov         ebx,ecx  
009D3EE6  mov         cl,byte ptr [ebp+8]  
009D3EE9  push        esi  
009D3EEA  push        edi  
009D3EEB  cmp         byte ptr [ebx+49h],cl  
009D3EEE  je          009D3F09  
009D3EF0  cmp         dword ptr [ebx+138h],0  
009D3EF7  lea         eax,[ebx+138h]  
009D3EFD  je          009D3F09  
009D3EFF  test        cl,cl  
009D3F01  lea         ecx,[ebp+8]  
009D3F04  call        00A4E010  
009D3F09  mov         al,byte ptr [ebp+8]  
009D3F0C  mov         byte ptr [ebx+49h],al  
009D3F0F  mov         esi,dword ptr [ebx+144h]  
009D3F15  sub         esi,dword ptr [ebx+140h]  
009D3F1B  xor         edi,edi  
009D3F1D  sar         esi,2  
009D3F20  test        esi,esi  
009D3F22  jle         009D3F40  
009D3F24  mov         ecx,dword ptr [ebx+140h]  
009D3F2A  mov         ecx,dword ptr [ecx+edi*4]  
009D3F2D  mov         edx,dword ptr [ecx]  
009D3F2F  mov         eax,dword ptr [ebp+8]  
009D3F32  mov         edx,dword ptr [edx+148h]  
009D3F38  push        eax  
009D3F39  call        edx  [B]<-- bad call is here, edx is 0x2bc7008d[/B]
009D3F3B  inc         edi  
009D3F3C  cmp         edi,esi  
009D3F3E  jl          009D3F24  
009D3F40  pop         edi  
009D3F41  pop         esi  
009D3F42  pop         ebx  
009D3F43  pop         ebp  
009D3F44  ret         4

Not a C++ wizard, but it looks like a bad function pointer?

I can provide the save if needed.

 

[AndrewT]

Definitely paste in a link to the save, thanks.

 

[NavigatorNebula]

Save here: https://drive.google.com/file/d/0Bzxeu8fO7nusUnhkREZMTG5LQWM/view?usp=sharing

 

[MrNibbles]

Did it only need to run a few days for the game to CTD when you load the game? I've been running the game for a few years a couple of times and it hasen't crashed for me so far (in beta patch 2.2.0.7).

 

[NavigatorNebula]

Yes, this still occurs on 2.2.0.7. Takes less than 30 seconds to appear for me after loading the save. Are you testing with an AMD or nVidia card? The problem appears to be in a callback from the nVidia d3d driver, though I suspect its not a problem with the driver itself, as it's persisted through several driver upgrades.

 

[NavigatorNebula]

Here's a minidump of the crash (no heap)
View attachment CK2game.rar

edit: this is from 2.2.0.7

 

[MrNibbles]

I'm using nvidia here at the office, will see if we can take another look at it when I get back to work in a few hours.

 

[NavigatorNebula]

Can you post the full symbolic stack? I might be able to get a more targeted repro if I know more about what's actually going on