Initial commit — leak-hunt project complete
Five bugs identified and patched in retail Asheron's Call client: - v3b: palette refcount over-increment (3-byte NOP at two sites) - v5: RenderSurface PurgeResource no-op stub (vtable slot 2 thunk) - v11: two dangling-pointer crash guards (NULL-check + reorder) - v14: CEnvCell::Destroy ClipPlaneList leak (18-byte JMP to cleanup thunk) - v22: unpacker stale-pointer SEH guard (whole-function __try/__except) All five ship in leakfix.dll (117 KB, SHA d282f23c…) which is loaded by acclient.exe at process start via PE import table patching by tools/install_leakfix.py. Controlled 15-client fleet soak: unpatched control died at 26h with palette exhaustion; all 14 patched clients survived past that point and reached ≥5-day uptime. Residual ~15 MB/h growth traced to d3d9.dll's internal slab allocator (260KB surface backing buffers retained after Release). See REPORT.md §10 for the full investigation; conclusion is that it's unfixable from outside d3d9. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
commit
57b5e43d0e
199 changed files with 1648333 additions and 0 deletions
15
tools/find_literals.py
Normal file
15
tools/find_literals.py
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
"""find_literals.py <exe> <hex_value>
|
||||
Count occurrences of a 32-bit LE literal in the binary."""
|
||||
import struct, sys
|
||||
path = sys.argv[1]
|
||||
target = int(sys.argv[2], 0)
|
||||
with open(path, 'rb') as f:
|
||||
data = f.read()
|
||||
needle = struct.pack('<I', target)
|
||||
off = 0; n = 0
|
||||
while True:
|
||||
off = data.find(needle, off)
|
||||
if off < 0: break
|
||||
n += 1
|
||||
off += 1
|
||||
print(f"0x{target:x}: {n} occurrences in binary")
|
||||
Loading…
Add table
Add a link
Reference in a new issue