Integer Overflow Bug Leads To Diablo III Gold Duping

Nerval's Lobster writes "Online economies come with their own issues. Case in point is the Auction House for Diablo III, a massively multiplayer game in which players can pay for items in either in-game gold or real-world dollars. Thanks to a bug in the game's latest patch, players could generate massive amounts of virtual gold with little effort, which threatened to throw the in-game economy seriously out of whack. Diablo series publisher Blizzard took corrective steps, but the bug has already attracted a fair share of buzz on gaming and tech-news forums. 'We're still in the process of auditing Auction House and gold trade transactions,' read Blizzard's note on the Battle.net forums. 'We realize this is an inconvenience for many of our players, and we sincerely apologize for the interruption of the service. We hope to have everything back up as soon as possible.' Blizzard was unable to offer an ETA for when the Auction House would come back. 'We'll continue to provide updates in this thread as they become available.' Diablo's gold issue brings up (however tangentially) some broader issues with virtual currencies, namely the bugs and workarounds that can throw an entire micro-economy out of whack. But then again, 'real world' markets have their own software-related problems: witness Wall Street's periodic 'flash crashes' (caused, many believe, by the rise of ultra-high-speed computer trading)." It seems likely the gold duping was due to a simple integer overflow bug. A late change added to the patch allowed users to sell gold on the Real Money Auction House in stacks of 10 million rather than stacks of 1 million. On the RMAH, there exists both a cap ($250) and a floor ($0.25) for the value of auctions. With stacks of 1 million and a floor of $0.25, a seller could only enter 1 billion gold (1,000 stacks) while staying under the $250 cap. When the gold stack size increased, the value of gold dropped significantly. At $0.39 per 10 million, a user could enter values of up to 6.4 billion gold at a time. Unfortunately, the RMAH wasn't designed to handle gold numbers above 2^31, or 2,147,483,648 gold. Creating the auction wouldn't remove enough gold, but canceling it would return the full amount.

Limit checking

[girlintraining]

And this class, is why we use explicit type casting and do sanity checks (checking limits) prior to processing. Now, if you'll look on your screens, you'll see another example of this. Here is a failed mission to Mars, caused because the wrong unit of measurement was put into the computer, a problem caused by the lack of the human brain's compiler to make use of any data type except 'variant' and 'object'... So, what have we learned?

Re:Limit checking

[Samantha+Wright]

That Ada prevails in all things?

Re:Limit checking

tat puters' is hard.

Re:Limit checking

So, what have we learned?

That C is scaryscary and we're too lazy to do type checking, so we'll keep using the trendy, make-money-now languages, treating this as an outlier that won't happen to us, since we're so smart?

Re:Limit checking

[TubeSteak]

So, what have we learned?

That 2^31 gold ought to be enough for anybody?

Re:Limit checking

[solidraven]

Yep, Ada and the closely related VHDL are both a success story for a very good reason. Yet a lot of people seem to hate both due to how strictly they enforce their rules. But Ada always wins when reliability is a must.

Re:Limit checking

What have we learned? That it's best to perform all monetary transactions in arbitrary-precision unary. 8^D

p.s. The only downside it's much harder to write out 5318008 in unary, and /.'s lameness filter stopped me before I got anywhere close. :-(

Re:Limit checking

So, what have we learned?

That next time when we launch something headed to Mars, we should duct tape you to it, with a sign that reads:

if (ego > INT_MAX)
airsupply = INT_MAX+1; // Just to make sure there's enough to make it back

Let us know what Mars is like, and take some pretty pictures while there. Try not to upset the rovers too much, once their clock overflows they get quite moody.

Re:Limit checking

And this class, is why we use explicit type casting and do sanity checks (checking limits) prior to processing. Now, if you'll look on your screens, you'll see another example of this. Here is a failed mission to Mars, caused because the wrong unit of measurement was put into the computer, a problem caused by the lack of the human brain's compiler to make use of any data type except 'variant' and 'object'... So, what have we learned?

That girlintraining is actually captain hindsight?

Well done! Well done! That's some mighty fine no-shit-sherlock work you're doing there and I'm glad every single test case was instantly obvious to you while they're clearly just standing around with their thumbs up their asses!

Go ahead and throw stones as you've clearly never erred in deploying production code that equates to hundreds of thousands of lines of code.

Re:Limit checking

[Austerity+Empowers]

So, what have we learned?

Gamers gonna game, and real money auction houses are a bad idea...

Re:Limit checking

[AlamedaStone]

[...] real money auction houses are a bad idea...

Some of us knew this a long, long time ago. I have to admit, I'm feeling terribly smug right now.

Re:Limit checking

[girlintraining]

That 2^31 gold ought to be enough for anybody?

Gryfindor loses 50 points.

Re:Limit checking

Gryffindor has two f's.

Re:Limit checking

[djlowe]

Hi,

That Ada prevails in all things?

Well, I suspect that you're being snarky, but you have a point. Sort of, in the sense that "If we can't trust the programmers to write good code, always, then we can force them to use a language that at least forestalls the worst of their blunders."

The real issue, of course, is NOT technical, at the programmer/developer level, for such a project. It's administrative, in the sense that, regardless of the chosen programming language, bad code that would allow this should NEVER have passed review.

Assuming that they set up such properly, of course, which apparently isn't the case.

And the latter, too, isn't a technical matter either, really.

Just my opinion.

Regards,

dj

Re:Limit checking

[Jesus_666]

So, what have we learned?

To always use 64-bit numbers, duh.

Re:Limit checking

[Culture20]

Yes. I hate games where gold is weightless. How does someone carry around that much gold?

Re:Limit checking

If your character has trouble carrying 2^31 gold atoms, that's probably the least of its problems.

Re:Limit checking

Gamers gonna game the RMAH.

Re:Limit checking

You just overflowed the smugness scale?

Re:Limit checking

[Samantha+Wright]

That's basically it, yes. If I had my radical hat on, I might even go so far as to say this is yet more evidence that C (or, in this case C++) is not suitable for non-high-performance application-layer programming... but I dunno, it's getting pretty late.

Re:Limit checking

[broken_chaos]

One bug, which I reported about WoW two years ago, shows an integer underflow on a character statistics page under certain conditions. It still hasn't been fixed. Minor? Yeah, but give a bit of a pattern.

Re:Limit checking

Warning: Unreachable code.

Re:Limit checking

[Entropius]

Ask Joseph Smith; his mor(m)ons apparently figured that out.

Re:Limit checking

6x10^23 gold atoms is 200 grams. 2^31 gold atoms is a picogram, which is the wet mass of an e. coli bacterium.

2^88 gold atoms is 100kg, which is probably more than a person wants to be carrying around.

Re:Limit checking

Gold, shmold. A good Mormon gets their own universe to rule as god. Though they are going to be mighty lonely if their children are all good (male) Mormons and get their own universes to rule.

Re:Limit checking

I was once in a last line of defense group doing 3rd reviews of patches in a company before they were packaged and delivered. I actually had very good statistics compared with the rest anyway. I also led a diary of checked items with dates etc. After a year or so I was so bored that I moved away. I was then asked to participate in a crash commission to analyze an incident that took an important customer off line for a day or so. I looked at the determined reason and it was a faulty (1 liner) patch that looked familiar. I checked my diary and I found out that I did its review on hangover monday morning. What this proves is that no amount of review will remove all faults and the chances it does not increases with heaviness of reviewer's head while doing the review. Said heaviness may be caused by booze as here and/or by low quality genetic material used to produce said reviewer. If you go to the root cause you may see parents, booze producers, bar owners that did not throw me out at 3am on mo morning, friends that bought the drinks etc - I'd say charge them as they are all guilty.OC the fact that this was a 1 liner was a reason too as what can go wrong with one-liner? I made this a part of a course for reviewers in our company back then only to be faced with a row of empty faces looking silently - no questions, no why do you bother us questions nothing. I felt a bit silly but then I looked at statistics of this review group and I found out that I was just the only one to write bug reports - even with all the booze and boredom. The long term effect was to first offshore the group and then dismiss the whole review group as it was useless with this quality of people doing the job there. Funny how things work...

Re:Limit checking

c++ is like WMD - it is a very potent tool, doing a lots of good things and you can use it but consequences are often so dire that you wonder if you maybe should use some less powerful one of which your coding floor folk has better command (and this applies to good coders too as they work with less skilled ones who often do not comprehend the work of genius...)

Re:Limit checking

explicit type casting

Perhaps you could enlighten us on how that cute phrase would actually identify and solve the bug?

It sounds like a 32-bit signed integer overflowed; no amount of casting is going to catch that.
There is a simple way to detect these things with 100% accuracy, but in general if your background starts at
Visual Studio *anything* or C++, it won't be obvious. Here's an incomplete but conceptually accurate example —

#include <limits.h>

int add_em_up(int const a, int const b) {
    double ad = a;
    double bd = b;
    if (INT_MAX < (ad + bd)) { // Trouble in Dodge...
    }
    else if ( /* do something with INT_MIN here */ ) { // Trouble in Dodge...
    }
    return (a + b);
}

Re:Limit checking

[WilyCoder]

When you type 'Gryffindor' and use two f's, Gryffindor has two f's.

But when you type 'Gryfindor' and use one f, then Gryfindor has one f.

Re:Limit checking

[X0563511]

How very existentialist of you!

Re:Limit checking

[Remus+Shepherd]

That begs the question: Can God dupe so much gold that even He couldn't lift it?

Re:Limit checking

[Samantha+Wright]

If you have a coding floor, your codebase should generally not have any room for "the work of genius." It should be straight-forward, accessible, and maintainable. Sophisticated optimizations are rarely necessary, except perhaps in kernel mode (scheduling, drivers...) or graphics.

Re:Limit checking

[DiEx-15]

... So, what have we learned?

That Blizzard did a piss poor job in bug checking? That they didn't do enough QA assurance and brought this problem onto itself?

Nah... It ain't that. It is the PLAYERS that did all the wrongdoing!

Re:Limit checking

[DKlineburg]

But when you type 'Gryfindor' and use one f, the sentence has 2 f's, so it is right.

However my above sentence is wrong because I added "the sentence has 2 f's, so it is right." making it have 3 f's.

However my above sentence is now correct because it only has 2 f's.

Thus we conclude that to type 'Gryffindor' we instead type "However my above sentence is wrong because I added "the sentence has 2 f's, so it is right." making it have 3 f's." This make the original statement read as follows:

However my above sentence is wrong because I added "the sentence has 2 f's, so it is right." making it have 3 f's loses 50 points.

Arrests will be made...

And several arrests - this is computer hacking of exploiting a known bug to your advantage.

Re:Arrests will be made...

[dingen]

Yeah, I'm sure the Chinese government is very upset with these hackers who just made them lots of American dollars.

Re:Arrests will be made...

Oh, honey...

Re:Arrests will be made...

[fuzzyfuzzyfungus]

And several arrests - this is computer hacking of exploiting a known bug to your advantage.

It will actually be interesting to see. Historically, people who come up with glitch exploits, even in multiplayer and MMORPG contexts, just get banned for some ToS reason. Blizzard's precious little 'Auction House', of course, might change that. However, I suspect that Blizzard really doesn't want to push the idea that 'in-game items are legally real value' too seriously, both because that could complicate things if players end up 'owning' them, rather than the current "Everything in this game is just intellectual property of blizzard...yadda yadda, licensed not sold,etc.", and because it would be a real blow, to the US customer base, if it were decided that Blizzard was running something closer to a very complex flavor of video poker, rather than a mere video game that you can buy some DLC for.

Obviously Blizzard won't be happy, and the banhammer will see some use; but they might want to tread lightly.

Re:Arrests will be made...

[Impy+the+Impiuos+Imp]

It's too bad every organization that flips a few bits and creates tens of billions out of nothing doesn't go to jail.

Re:Arrests will be made...

[Bing+Tsher+E]

The US Government can't all be fit into a jail.

Re:Arrests will be made...

Just the senators, congressmen, president, vice presidenc, and department heads would be fine by me.

Re: Arrests will be made...

Everyone sucks but me!!!
I know all the answers and if I were dictator everything would be rainbows and puppy dogs! ...dumbass

Re:Arrests will be made...

Why bother with jail? They'll all fit into the ground easily enough.

ah the day of the diablo II trainer

[Revek]

I remember the day when you could strip the gear off anyone playing a multiplayer game with the trainer. I usually used it on jerks who came in collecting ears. If someone came in you could quickly look at their inventory and if they had several ears you could clear out their inventory and gear. They wouldn't know visually until they tried to hit you at which time they would be completely naked. It was really fun when they re-spawned and came back to loot their body and you started dropping some of the ears they collected on the ground.

Re:ah the day of the diablo II trainer

So if somebody played the game differently than you they were "jerks"?

Re:ah the day of the diablo II trainer

[Revek]

You mean the guy with the duped jacked up account that guaranteed that they could one hit you every time? Yeah I messed with his world. Now the guy without the duped jacked up shit I could handle myself. I had fun but I mostly used it to contain the guy who would come in at the 11th hour and whack all of us with his duped gear and finish the game to get some legit gear all to himself. So yes if they played the game like a luser I spanked them.

Re:ah the day of the diablo II trainer

[GigaplexNZ]

By my definition, you were playing the game like a "luser".

Re:ah the day of the diablo II trainer

By my definition, the "loser" is you.

Perspective...

This bug "threatened to throw the in-game economy seriously out of whack", yet some people had over 2.1 BILLION gold to throw on the AH?

Re:Perspective...

[gl4ss]

This bug "threatened to throw the in-game economy seriously out of whack", yet some people had over 2.1 BILLION gold to throw on the AH?

yeah the game is basically a joke already.

the wall street flash crashes have NOTHING AT ALL to do with this though. NOTHING.

because the wall street would be really out of business if someone managed to dupe shares.

Re:Perspective...

[UnknownSoldier]

Agreed.

Auction House Simulator, aka, Diablo 3, is boring.

Path of Exile is the true spiritual sucessor to Diablo 2, not that piece of garbage called Diablo 3 with cardboard cutout characters. The PoE designers understand the ONE word that made Diablo 2 fun: itemization.

Re:Perspective...

because the wall street would be really out of business if someone managed to dupe shares.

Sorry. What you call "duping shares" they call "naked short selling", and they are still very much in business.

Re:Perspective...

[Moheeheeko]

Too bad its always online bullshit with very poor connection speeds. Half the things I kill in that game die a full second after they are hit, and I have great internet.

Re:Perspective...

[GigaplexNZ]

Path of Exile is the true spiritual sucessor to Diablo 2

That title goes to the Torchlight series.

Re:Perspective...

Too bad its always online bullshit with very poor connection speeds. Half the things I kill in that game die a full second after they are hit, and I have great internet.

Connection speeds means bandwidth. The problem you're having is latency.

Re:Perspective...

[UnknownSoldier]

Technically the Blizzard North developers went to Flagship Studios and then to Runic Games (makers of Torchlight) and while Torchlight 1 & 2 copies some of the D2 mechanics IMHO PoE embodies the spirit of Diablo 2 far, far, more then any other ARPG.

i.e. There is NO gold in PoE. It uses a 100% barter multi-tiered currency system. It really is the next gen of in-game economies.

Now if we could only get the Guild Wars 2 Dynamic Events into PoE ...

* http://en.wikipedia.org/wiki/Flagship_Studios
* http://en.wikipedia.org/wiki/Runic_Games
* http://wiki.guildwars2.com/wiki/Dynamic_event

Beginner's Mistake

What a beginner's mistake. I wonder what the rationale was for not using a 64-bit integer; "It's wasteful!"

Re:Beginner's Mistake

It's simple really...

They elected to buy 2 newbie programmers for the price of 1 experienced one! And the new guys will work all night! It's win-win!

Re:Beginner's Mistake

Internally, we had this super hardcore test group, and we got it to the point where they hated the game. Then we doubled it.

Whatever happened to that "super hardcore test group" anyway?

Integer overflow you say?

[folderol]

How quaint. I can't remember the last time I saw one of those (except where deliberately created for loop counters etc.).

Re:Integer overflow you say?

[gl4ss]

How quaint. I can't remember the last time I saw one of those (except where deliberately created for loop counters etc.).

well, this serves more as an example of how fucked up the game economics already were in D3, because the problem came up from having to increase stack sizing from 1 to 10 million.

I mean, wtf, is diablo 3 set in zimbabwe?

Re:Integer overflow you say?

[imsabbel]

Its a game where money is not really "destroyed", but created everytime a monster is killed. OF COURSE it has inflation.

Re:Integer overflow you say?

Way more common than you would think: http://www.cs.utah.edu/~regehr/papers/overflow12.pdf

Re:Integer overflow you say?

[DKlineburg]

There is one way it is destroyed, death and tax on broken equipment. But this is so low, it effectively isn't.

Hyperinflation

Part of the reason I stopped playing D3 was hyper-inflation. I didn't want to spend real money on items, but my gold (which I spent a long time collecting) was completely useless for buying items of worth.

Also the game was tuned to make it impossible to farm hell chapter 3-4 without the best items...and the only practical way to get there was to have those items already...which meant buying items...with useless gold. We see the problem here, ja?

Re:Hyperinflation

[fuzzyfuzzyfungus]

I suspect that the desire to get people plunking down real money didn't help; but MMORPGs have a long history of economies that render their currencies nearly entirely obsolete after a short time, at least for anybody who isn't a level 3 newb saving up for stuff that the NPC blacksmith actually sells. Even 'open world' single player RPGs frequently succumb to "I have more money than the world has things to buy"-itis after a few levels.

Re:Hyperinflation

[GigaplexNZ]

Farming Hell 3-4 was easy. Perhaps you mean Inferno?

Bad PR?

[TubeSteak]

What could Blizzard do? Performing a roll-back would wipe all progress obtained by players for the patch day, which would result in a lot of bad PR. But leaving the economy as-is will devalue all items in the game (and Diablo III is all about getting items).

In the end, Blizzard has not done a roll-back, but instead banned anyone who duped, and refunded anyone who spent real money. The bug was temporarily fixed by reverting the patch note which caused the entire mess.

Why would rolling back 1 day of gameplay be such a disastrous event?

Re:Bad PR?

[gl4ss]

What could Blizzard do? Performing a roll-back would wipe all progress obtained by players for the patch day, which would result in a lot of bad PR. But leaving the economy as-is will devalue all items in the game (and Diablo III is all about getting items).

In the end, Blizzard has not done a roll-back, but instead banned anyone who duped, and refunded anyone who spent real money. The bug was temporarily fixed by reverting the patch note which caused the entire mess.

Why would rolling back 1 day of gameplay be such a disastrous event?

why? because people spent actual money and made actual money?

Re:Bad PR?

[happylight]

Rolling back millions of players most of whom haven't even heard of the dupe? Or ban the handful of people who were involved in the dupe and revert any transaction they had with other people? Seems like an easy choice.

Re:Bad PR?

[Hentes]

IIs that even possible? Are they keeping backups of the game state for every single day?

Re:Bad PR?

[Lakitu]

uh, are you kidding?

It's because people paid for a game, were force-fed always-online-even-for-single-player, and then may have spent hours playing on the day in question.

How is that not disastrous?

Re:Bad PR?

[seebs]

So far as I know, most online games have a transaction store, so they can roll back to any second they want.

Re:Bad PR?

[GigaplexNZ]

Why would rolling back 1 day of gameplay be such a disastrous event?

So you wouldn't mind paying $250 for an item, and then lose the item due to Blizzard rolling back?

Re:Bad PR?

Or ban the handful of people who were involved in the dupe and revert any transaction they had with other people?

Duper pays innocent one 5000 gold (for a total of 6000 gold in innocent one's bank). Innocent one pays innocent two 4000 gold (4500 in bank). Innocent two pays innocent three 4200 gold. So on and so forth. Even though they are innocent, one, two, and three still have transactions based on duped gold. Do you revert those transactions or not? What about innocent four who pays innocent five 500 gold for an item that should have only cost 5 gold? It's not clear that any transactions after the dupes started were truly authentic.

Note: the gold amounts are obviously low. The actual amounts were probably more like 500,000,000, etc. I just didn't want to write all those zeroes or million gold everywhere.

Re:Bad PR?

[crepito]

Why would rolling back 1 day of gameplay be such a disastrous event?

So you wouldn't mind paying $250 for an item, and then lose the item due to Blizzard rolling back?

Paying 250$ for a virtual item? Seriously? Are there dumb guys doing that? Ohh god... i lost my faith in humanity

Re:Bad PR?

[GigaplexNZ]

Yes, seriously, and I agree, it's ridiculous.

Re:Bad PR?

I doubt they keep backups of the game state for every single day. That probably happens weekly.

I do expect them to keep a journal of everything that happens though, so that they can replay it to recreate the state at a given time, possibly with a way to filter out stuff like, say, someone performing a transaction involving 6.4 billion gold using a 32 bit integer.

Confused

[Murdoch5]

Why are they using a signed int for the gold amount? If the lowest gold amount is 0 then you should use an unsigned int which would double the possible value. Although in either case a simple if statement could of prevented this entire issue.

Re:Confused

[UnknownSoldier]

Lazy programers with no foresight.

It is same reason people "assumed" a 32-bit IP address would be enough instead of just using 64-bit from the beginning.

There is never time to do it right, but there is always time to do it over!

Re:Confused

[Shennan]

In general, it's a good idea to used signed ints whenever possible.

Here are the only 2 reasons I see for unsigned ints:
- matching hardware or wire spec
- You need the extra range afforded, and don't need negative numbers.

And the reasons for using signed integers otherwise:
- It prevents other overflow and comparison problems. Ie, fixes other dumb coding issues like "if (my_gold - your_gold > 0)" becomes a bug when the gold types are unsigned.

Re:Confused

[Hentes]

The summary is wrong, they used an unsigned int and the overflow occured at 2^32.

Re:Confused

[Murdoch5]

well I can see the logic for IPV4 when it came out, I mean at the time 4 billion IP's was unthinkable. But as for lazy programming, I completely agree.

Re:Confused

[Murdoch5]

I completely disagree, unless you have a reason to support numbers less then 0 you should always go with unsigned. Also depending on the language unsigned int's are safer and have standardized behaviour imposed, for instance in C an unsigned int must behave in a very predictable manor well a signed int doesn't have the same restrictions.

Re:Confused

[Murdoch5]

Okay fair enough, however this would of still worked
if( gold_max 2^32 ){ /* DO STUFF */ } else { /* DO OTHER STUFF */ }. It really is a very simple check.

Re:Confused

You couldn't be more wrong. Signed ints are usually the best way to go in C/C++.

>in C an unsigned int must behave in a very predictable manor

"unsigned int x = -3;" generates no compile errors or warnings.

If you don't believe me, listen to the creator of C++ (Bjarne Stroustrup):

"The unsigned integer types are ideal for uses that treat storage as a bit array. Using an unsigned instead of an int to gain one more bit to represent positive integers is almost never a good idea. Attempts to ensure that some values are positive by declaring variables unsigned will typically be defeated by the implicit conversion rules."

Re:Confused

Except it won't work if gold_max is a 32-bit unsigned int. If it is, gold_max will always be less than 2^32, and your code optimizes to /* DO STUFF */. Which, while very simple, is not a check.

Re:Confused

[c++0xFF]

Integer underflow. Imagine a situation where a player has 100 gold and a bug in the code subtracts 101 gold for whatever reason. If you use a 32-bit unsigned integer, that player now has 4,294,967,295 gold. A 64-bit unsigned is even worse, of course.

A simple if statement would catch this as well, right? But think of how often you do addition and subtraction (and everything else) throughout your code! Do you put an if around each one? Can you handle the error situation in each case? How do you ensure that you found every addition and subtraction, including future changes?

A better solution is to make a Money class with well-defined operations, and throw an exception if you try to exceed the boundaries. Sounds easy ... but it has to be flexible enough to handle all situations (the class has to be used for all intermediate values -- it's no good to resort to an int, where problems might come back) while still being robust. ("I know, I'll use a class!" ... now you have two problems. "I know, I'll use exceptions!" ... now you have three.)

This is not an easy problem to solve for non-trivial software, which is why bugs like this come up periodically.

Re:Confused

[c++0xFF]

Too bad you're an AC. This post is spot-on.

Mixing signed and unsigned values can result in unexpected behavior. Trust me, don't mix them if you can avoid it.

You get a bit of a larger upper range (2x more, not all that much really), while introducing a whole new set of problems at the bottom end (what if you underfow?).

Avoid unsigned unless there's a good reason to use it. There are definitely good reasons -- it's a pain that Java got rid of unsigned! -- but avoid in general. Don't just use unsigned if your values are never supposed to go negative. If you need larger range, go to a larger data type.

Re:Confused

[Murdoch5]

Fair enough! I didn't really consider the under flow case.

Re:Confused

[flargleblarg]

You couldn't be more wrong. Signed ints are usually the best way to go in C/C++.

Actually, he's not wrong at all. He said signed integers don't behave in a very predictable manner, and he's right. Signed integers have undefined (actually, to be more precise, implementation-defined) behavior for mod and div of negative values. You cannot be sure whether -4 / 3 is -1 or -2, without knowing how your compiler implements it. Some round toward zero, others toward negative infinity. Recent drafts of C++ are trying to fix this.

Re:Confused

They wanted to use 128bit from the beginning, but they figured it would be easier to explain to managers on a 32bit design, but then the prototype went live.

Re:Confused

[Old+Wolf]

In general, it's a good idea to used signed ints whenever possible.

Says who?

In C, signed ints have a whole lot of problems associated with representation and overflow. But unsigned ints have well-defined behaviour in every circumstance. They wrap around in case of overflow or an out-of-range assignment. You can safely test, set and reset individual bits.

With signed ints, you can raise a signal (triggering a signal handler, or aborting the program if there is no handler) if there is overflow or underflow. Using '^', '|' or '&' on signed values can trap due to creating an invalid representation (e.g. negative zero, or parity error).

Test: what is wrong with this code snippet (assuming the appropriate furniture)? Hint: it doesn't always print 0x82.
    char ch = 130; /* é in the traditional code page */
    printf("0x%x\n", (unsigned int)ch);

Re:Confused

[Old+Wolf]

"unsigned int x = -3;" generates no compile errors or warnings.

This supports the point of the poster you were referring to. The code is correct, predictable, and generates no warnings.

If you don't believe me, listen to the creator of C++

C and C++ are different languages. The implicit conversion rules and the promotion rules are different in C++ to C. In C, unsigned types always promote to unsigned types. But in C++, unsigned types may promote to signed ones, if the value fits in the signed range.

Re:Confused

Too bad you're an AC. This post is spot-on.

? Why is it too bad he's an AC?

Re:Confused

[Common+Joe]

A simple if statement would catch this as well, right? But think of how often you do addition and subtraction (and everything else) throughout your code! Do you put an if around each one?

I use a program to automatically put a try-catch-finally statement around every line of code including my try-catch statements. When I'm contracting, no one can read my code so they'll have to hire me to fix or update anything. When I'm a permanent employee, then the number of lines of code I generate grows significantly so the bosses think I'm a great and productive programmer. Profit!

Re:Confused

GameObject.ChangeGoldBy(x);

Seems simple enough to me.

What, you were expecting every piece of code to add and subtract a variable? What kind of bass ackwards programming are you doing?

Re:Confused

yeah I was wondering about this 64bits already. With all the gear having ip address already it is going to be a mess after a while again especially when you cannot give all addresses away. OC this is 'impossible' and I am a silly anon anyway. But imagine all the gear the military uses having an ip address from munitions to each trigger on a weapon and door on a ship etc add all the funny devices that are diged into the ground for the purpose of providing service in civil engineering, sensors being applied everywhere to gather data. Just imagine this crazy git called Wolfram - if he was a worlds emperor he would have put a sensor reporting to his DB for every fart not only humans but also fish or ants do. All this together make me think the 64bit is not enough anyway and it is not even used properly yet. So we have a system that is already full to the limit, we have a better one that can b filled to the limit but is still not deployed widely and no agreed way to deploy it. What about making plans for ipv8 (I mean they always add 2 to the version right?)?

Re:Confused

"unsigned int x = -3;" generates no compile errors or warnings.

This supports the point of the poster you were referring to. The code is correct, predictable, and generates no warnings.

correct also implies semantically correct, which is obviously not the case here. The behavior is predictable (although it is unusual) and will result in the same number... on the same machine. Regardless of this, it should be clear to you that the fact that assigning a negative number to an unsigned data structure doesn't generate a compiler warning can be the cause of bugs, and that generating a warning would make the world a better place. Hell the code below generates a warning, why shouldn't this?

int main(int argc, char** argv){
if(argc>1) printf(argv[1]);
}

Re:Confused

[ShakaUVM]

Baldur's Gate stored various things as unsigned shorts, IIRC.

There was a monster called the nishruu that would drain charges off your magic items. So after one combat, I found I now had a charged magic item with 32,000-ish charges on it.

Since the gold value of magic items was proportional to the number of charges remaining, I sold it and never needed to worry about money again in the game.

Re:Confused

A simple if statement would catch this as well, right? But think of how often you do addition and subtraction (and everything else) throughout your code! Do you put an if around each one? Can you handle the error situation in each case? How do you ensure that you found every addition and subtraction, including future changes?

This is one of the more compelling reasons to use a stronger type system. Fixed-size integer arithmetic can always over- or under-flow, which is an error, but C's type system doesn't take this into account. C claims that integer addition takes two ints and returns an int, which means the compiler isn't told about the error conditions and lets them through. A better type for addition would be to take two ints and return "Maybe int". Now the compiler knows that it may fail, and it forces us to deal with the failure condition every time; we can't say "x + y + z" because "x + y" is a "Maybe int" so the compiler won't let us pass it to "+". To add z to the result we need to deconstruct the "Maybe" and branch on the two possibilities: either a successful "Just n" value, in which case we can do "n + z", or a failed "Nothing" value, in which case we have nothing to add (which is why the compiler didn't let us). That solves the problem of "ensuring we've found every addition and subtraction, including future changes", since the compiler won't compile our code unless we've handled each and every case.

The next problem is "Do you put an if around each one?". The answer is no. "Maybe int" is a Functor, so we can use "map" (as in map/reduce) to safely apply functions to "Just n" results, and ignore them for "Nothing" results. We can chain together any number of maps without checking the return values. "Maybe int" is also a Monad, so we can even chain together more potentially-failing functions using "bind", and get a single "Just n" for "everything worked" or "Nothing" for "there was a failure at some point". The compiler still forces us to handle the failure case explicitly, but we only need to do this if we try to extract an int (or whatever) out of it. We can defer doing this as long as we like.

Now, the remaining issue is that our code has becomes full of run-time checks, which is very inefficient. If we know that a particular addition will always succeed, we need to tell the compiler. We do this using proof types, values of which are witnesses to the truth of a particular program property. For example, if our program will always get a value "Just n" (for some n) then we can make a witness of this property, and use the existence of the witness to eliminate all of the run-time checks. If we can't make a witness, we need to keep the checks; either because the property doesn't hold (there are inputs which will cause errors) or because the type-system isn't strong enough to express such a witness, in which case we can't convince the compiler that our code is safe unless we keep the checks.

Re:Confused

... Although in either case a simple if statement could of prevented this entire issue.

What the heck is a "could of"?

Re:Confused

Money calculations in an MMO (or in real life for that matter) should be handled very very carefully.
So yes, you put an if around each one. Unless you're goddamn incompetent. Like, if you're a blizzard employee or something.

Re:Confused

[AmiMoJo]

I think to be fair if most of us were developing a military network in the 60s/70s we might think that 16.7 million addresses is enough. The real blunder was assigning millions and millions to companies and institutions that didn't need them, but again when there is no management structure and no money to set one up and it's a research project anyway...

The biggest failure has been our inability to do anything about it. My ISP hasn't even heard of IPv6 and they are one of the largest.

Re:Confused

[AmiMoJo]

"unsigned int x = -3;" generates no compile errors or warnings.

Yes, but it always generates the same binary value, the same number. It is 100% consistent, where as, for example, the result of dividing a negative signed int is compiler dependent.

Re:Confused

[EMG+at+MU]

2^32 - 1 != (2^32 -1)*2 - 1

Re:Confused

[Murdoch5]

What?

2^32 = 4 294 967 296
2^31 = 2 147 483 648

A signed 32 bit Int is bound by -2 147 483 648 and 2 147 483 648 and an unsigned int is bound 0 to 4 294 967 296. I don't get your point, 2^32 / 2 = 2^31 or is the same as giving the int a signed bit in the MSB.

Re:Confused

[tlhIngan]

I think to be fair if most of us were developing a military network in the 60s/70s we might think that 16.7 million addresses is enough. The real blunder was assigning millions and millions to companies and institutions that didn't need them, but again when there is no management structure and no money to set one up and it's a research project anyway...

The biggest failure has been our inability to do anything about it. My ISP hasn't even heard of IPv6 and they are one of the largest.

Well, back then, we used class-based addressing. 0-127 were /8's, 128-172 were /16's and 173-224 were /24s. 225-255 were speciality.

If you were a small business, a class C would be adequate - you were unlikely to ever have more than 256 computers. A large number of companies had between 256 and 65536 computers and thus needed a class B. However, large companies like Apple, Microsoft, IBM, Ford, etc., would potentially easily exceed 64ki (see what I did there?) computers and thus end up with a class A block. Of course, you also needed a new block when you got your 256th computer, or 64ki'th computer.

It was only later (mid 90s or so) that this allocation system was a bit too coarse-grained, so a move to CIDR was done because why waste a whole chunk of IPs just because you exceeded a small number? If you only had 257 things, you still needed a class B and wasted over 65k addresses.

Of course, NAT helped reduce the need even more when most people discovered they don't need complete end-to-end connectivity (which was broken anyways, and will remain so pretty much forever even with IPv6) thanks to firewalls and other things.

Of course, most people never had the niceties of having to renumber their networks, either. Something IPv6 doesn't address properly either - it assumes autoconfig works, or DHCPv6 works, but doesn't allow for the possibility of a bug making things screw up horribly. (The addition of link local and private addresses only serves to confuse - you're going to bet people will wonder why some can see the new server but others can't, etc).

It's one of the things NAT did that made life a bit more bearable - isolating internal network addressing from external addressing. And something that the initial Arpanet guys realized was a huge problem because companies were hooking up their networks only to have a storm of address conflicts.

Re:Confused

[sourcerror]

I mainly program in Java, so my natural reaction was using BigInteger. I'm pretty sure someone already made something like that for C++ too

Re:Confused

[sourcerror]

Sorry, the above stackoverflow link wanted to be this:

http://stackoverflow.com/questions/124332/c-handling-very-large-integers

Re:Confused

"unsigned int x = -3;" generates no compile errors or warnings.

No, you just have absolutely no clue how to use your tools.

VS2008 with /W4:
warning C4245: 'initializing' : conversion from 'int' to 'unsigned int', signed/unsigned mismatch

GCC with -Wconversion:
warning: negative integer implicitly converted to unsigned type

If you're a programmer.. don't.

Re:Confused

[c++0xFF]

The 'x' is the problem. If you just make it a primitive type, then all you did was move the problem elsewhere. All intermediate values need to have the same checks.

Re:Confused

[CByrd17]

Because he or she can't benefit from the good Karma associated with a modded up post.

Re:Confused

[Teckla]

Lazy programers with no foresight.

Yes, it couldn't possibly have been the result of time pressure the developer was under...

Re:Confused

[UnknownSoldier]

Well, IPV6 uses 128-bit addresses. That's enough for 2^128 addresse / 2^48 m^2 = 2^(128-48) = 2^80 IP addresses per square meter of the Earth!

Another way to look at how big that is, even with 7 billion people using 32 devices each, 2^33 * 2^5 = 2^(33+5) = 2^38 that still leaves room for 2^(128-38) = 2^90 IP addresses.

I seriously doubt we'll be running out IPV6 addresses anytime soon assuming my back of the napkin math is correct. :-)

* http://en.wikipedia.org/wiki/Earth
The surface area of earth is ~510 million km^2 = 510,000,000 km^2 = 510,000,000,000,000 m^2 ~=~ 2^9 x 10^12 = 2^48

Re:Confused

There was an argument on what size the addresses should be, or even if they should be variable length. In the interest of getting a prototype working, someone went ahead and implemented it using 32 bit addresses. Then it spread like wildfire outside their control before they got around to fixing it.

Which might well have been for the best, it would be pretty sad if the Internet was still trapped in bureaucratic purgatory to this while people tried to make sure it was perfect.

See also, 'Worse is better'.

Re:Confused

He said signed integers don't behave in a very predictable manner, and he's right.

Actually, he said integers don't behave in a very predictable manor.

That's an entirely different house of cards.

To get the integers to behave, obviously you need to either put them in an unpredictable manor or just smack them around a bit.

Re:Confused

[gnupun]

GP solved the problem. In this case, ChangeGoldBy(int increment) method handles both underflow and overflow. This is the only place to handle corner cases (good OO programming -- encapsulation). The rest of the app can simply call this method any time it wants to change the gold and assume things will be handled correctly.

Re:Obligatory Big Bang Theory reference

Yes, you are. We can tell, because that's the only sort of person who gets their panties in a twist about TV shows.

Luls.

[neminem]

Basically this exact thing happened to Kingdom of Loathing... like 9 years ago... at a time when that game was basically still in beta, and was basically the work of two people, neither of whom would actually have called themselves "programmers" at the time... as opposed to the work of a giant team of professionals releasing a triple-A title... that is mega hilarious.

(Black Sunday: August 8th, 2004, someone discovers that using a particular item, "meat vortex", which under normal circumstances subtracts a handful of the game's currency from your inventory, if you had 0 meat would instead wrap around and give you max meat minus a few, because the game was storing meat in an unsigned int. Fun times!)

Re:Luls.

[Rhys]

Those who froget the past are doomed to repeat it: Asheron's call had a similar issue back in 99-2000 era.

Re:Luls.

[ais523]

What's probably more interesting was their fix for the problem. Instead of trying to do any sort of rollback (although they did find people with impossibly high currency amounts and reduce them to saner values), they put a large amount of very expensive trophy items for sale which didn't do anything useful, in the hope that people would put their newfound wealth to an amusing trivial cause.

Re:Luls.

[DKlineburg]

Normally I don't point out spelling errors, but yours is two funny. froget. Can I haz your Froget Legs? Some reason you made me think of EQ, who did the spell them? Froglets? I forget.

Macintosh Pirates, circa 1989

[BenJeremy]

I discovered a bug with the gold in Pirates! while watching somebody play on my roommate's Mac (we were stationed in Okinawa on Camp Kinser)... he went into port with damage, and while he did not have enough money, it offered to repair his damaged ships for more money than he had.

Needless to say, the underflow was done to a UINT16 used to track gold (in 10-gold increments), so you'd end up with around 655350 gold after the transaction. That kept your crews happy, and let you buy lots of things.

I also enjoyed the mental image of 1200 pirates hanging off a sloop after I sold off my fleet.

We put in ungodly hours into that game.

Diablo III is NOT an MMO

Diablo III is not an MMO. You are capped at what, 4 people in a game at once? A massively multiplayer online game allows a lot more than that.

Re:Diablo III is NOT an MMO

The game part is the auction house. Many more concurrent users than 4 on that.

Fiat Simulated Money!

If they had used actual bitcoins instead of simulated fiat gold, their simulated economy wouldn't be having simulated inflation.

The interesting thing about this....

[The_Revelation]

... is that Blizzard have often touted the very reason the game carries an always connected requirement is so that they can ensure the economy works correctly and to limit exploits through 3rd party applications. It seems rather clear, however, that the 1st party application is the only one you need to exploit the system. And, as usual, the question must be asked "does this make the game more fun?".

As I see it, this has been Blizzard's only metric for success with Diablo 3, not profitability, as we will see later. They claimed that by breaking the existing mould, they were providing a 'more fun' experience. So, the question then becomes, does the AH or RMAH make the game more fun? Interestingly, Blizzard don't appear to be packaging these components with the Playstation 3 edition. Is that because it turns out all of the changes to Diablo 3 were 'not fun', or is it because Playstation 3 users don't deserve 'as much fun', or is playing with a controller rather than a mouse and keyboard 'so much more fun' that their combination with the AH/RMAH turned into a 'fun overload' that had to be dialled back in order not to blow our puny little minds?

It also asks another important question about the business model. Is always-on net requirements 'more fun', particularly when they don't add anything to play beyond what a direct/lan connection might provide. When you try to enumerate the pros/cons, you see something like:
Pros: Everyone uses the latest version all the time if they want to play
Everyone playing has to have a working key

Cons: Internet Connection must be working to play
Need a server farm in every retail country so that paying customers can play (well, they don't even now, and charge people in those countries more money per copy so that they can have a game that they don't have local server access play)
Servers have to be working in order to play
User account has to be working in order to play
If we rolled out a dodgy patch, everyone will be broken at once
We have to know the product life-cycle prior to release in order to cost all of our servers' TCO correctly.
We have to keep talking to everyone to make sure the game is working to their expectations and forever hear about shortcomings

Economically, I don't understand how game companies are able to turn a profit on a title with those kinds of restrictions and ongoing costs. As a small example, lets say one of your servers can host 200 users at a time, but the server cost $20k, thats $100 per concurrent user before you turn the thing on. Maybe it can host 2000 users at a time, sure but thats still $10 per concurrent user before you turn it on or pay any support personnel, or for space on the floor. Surely, over the life of your product, you would be operating a negative margin without some sort of subscription service. I have read other places that, while you can't place a cost on piracy, you can place a cost and a metric on product returns. Diablo 3 is one of the few games I've ever returned, it was unusable for the first week, and is still, in most parts of the world (outside the US/EU/ASIA) mostly unplayable. Despite that, the parts of the game that were modified to provide 'more fun' actually provided, for me, a fan of the Diablo franchise, 'a lot less fun'.

So, to say that another way, by insisting on Always-Connected, Blizzard not only have to pay a bunch of additional ongoing expenses to run (apparently) necessary infrastructure, its also alienating their core user-base which must be very costly to their bottom line. I don't understand how this course of action renders any kind of net commercial advantage.

Re:The interesting thing about this....

[GigaplexNZ]

Economically, I don't understand how game companies are able to turn a profit on a title with those kinds of restrictions and ongoing costs. As a small example, lets say one of your servers can host 200 users at a time, but the server cost $20k, thats $100 per concurrent user before you turn the thing on. Maybe it can host 2000 users at a time, sure but thats still $10 per concurrent user before you turn it on or pay any support personnel, or for space on the floor. Surely, over the life of your product, you would be operating a negative margin without some sort of subscription service.

They do it by selling hundreds of millions of copies worldwide and assume that not every user will log in simultaneously 24/7, and that some users will abandon the game shortly after purchase. Oversubscription leads to higher profit margins at the cost of release day meltdowns.

Re:The interesting thing about this....

[erickfis]

Go play Path of Exile - really worths your time. Its a much better game. For me, It succeeds in being the proper successor of Diablo 2 Also, its free!

Re:The interesting thing about this....

[DKlineburg]

I had never heard of the game. I am excited to play.

Back in my day...

We duped our gold the way God intended: by pulling an item out of our belt as we picked it up.

Kids these days....

Re:Back in my day...

[Culture20]

Yeah, well; nothing beats "examine butterfly; sell butterfly".
It works because the examine butterfly implicitly takes the butterfly out of the goblet for the rest of the command string (so that the examine functions), but you can sell it in the same command string. The butterfly's value doubles every time it escapes from the display case, but you have to avoid the overflow because they used a signed int for zorkmids.

And nothing of value was lost

[Eightbitgnosis]

Diablo 3 was a bad game that had a garbage economy before this event, and it's still a bad game that has a garbage economy after

Re:And nothing of value was lost

You couldn't handle Inferno huh?

Re:And nothing of value was lost

It's all gearcheck. Handle fucking off.

Re:And nothing of value was lost

If you buy into the premise that the purpose of a game is to have fun then most people are quite correct when they assert that the game is bad.

For me the game was just as boring after clearing inferno as it was before. This makes the game bad.

i didn't know goldman sachs did programming.

[NemoinSpace]

you should check your H1-B's more carefully.

Another precedent

[slashmydots]

In the very old game, Mordor, you could create a dummy character and trade negative 1 million gold to the. They get negative, you get positive. Then you delete them. This is just barely one step past that (and at least 15 years past that, lol)

Re:Another precedent

bravo Sir - you just earned a Nation Saving Economic Guru Award!

Diablo 3 hack?

[argStyopa]

I'm not sure how this is a big deal?

After all, pretty soon the only other person still playing is going to know what's going on.

Re:Diablo 3 hack?

But we have 50% market penetration on the Surface! That has to be good, right?

Wish my bank would use integers for math

[mendax]

It would be nice if my bank's software had this kind of bug. It would be like winning the lottery... until they learned what happened and wanted their money back! But on a more serious note banks aren't supposed to have these problems because they don't use integers for storing monetary amounts, they use BCD or something along those lines. One of the few nice things that can be said about COBOL is that it natively permits this. No need for a Java BigInteger or BigDecimal class. Furthermore, the IBM mainframes that most COBOL programs run on can do these calculations in hardware (or so I understand).

Re:Wish my bank would use integers for math

[Daniel+Klugh]

BCD ("Binary Coded Decimal") is just storing a decimal digit in each nybble. So instead of 0-255 you get 0-99 values in each byte. So it's just as "integer" as regular binary. And even the lowly 6502 can do BCD math "in hardware".

Re:Obligatory Big Bang Theory reference

[Entropius]

So is it a sitcom that is gay and about asses, or an ass sitcom that is gay, or a sitcom about gay asses?

OH MY FUCKING GOD

[SmallFurryCreature]

So basically your argument is to waste a HUGE range just in case one of your coders can't code and can't do basic transactions?

And your "fix" fixes nothing because underflow can happen at negative numbers as well. Basically if you are a coder, you are a lousy one because you took a design decision based on ONE possible occurrence. What if you reached the lowest limit of a signed int and deducted the WRONG amount? You would have fixed NOTHING. Worse, you "fix" the wrong thing that doesn't fix anything rather then fixing the true error, which is that you are both deducting the wrong amount AND more then the game logic should allow.

In any transaction type code, where the amount can't go negative (there is no debt in Diablo as far as I know) because you substract ANY amount, you first check that the amount can be deducted to begin with.

Your an idiot and shouldn't be let near anything more complicated then a stick. A small one.

This is a trivial issue and it has been solved countless times. By any banking software for instance. Really... deducting an amount where the result may not be less then 0... goddamn, I never thought I would encounter anyone who considered that a challenge who also didn't wear a helmet indoors.

Ben Bernanke is behind this!

[pecosdave]

There's only one answer to every problem, that's create more money! There wasn't a bug in the servers, Blizzard just consulted with the FED.

Diablo 3 is not a game

[SD-Arcadia]

The "game" part is just packaging around the pointless grind and universal trade at the auction house. No one does anything for fun after the first time they get through the quests. The game mechanics and itemization are utterly boring and without character. There is not a single aspect of skill involved either. You spend most of your time staring at your skill cooldowns and life-mana pool because the terrain and monsters don't really matter. It's rote repetition and an utter waste of time. Worst purchase I ever made. I'd much MUCH rather have a Diablo 2 expansion with new content and a higher resolution support than this PoS.

and then when the IRS drops in and says it's incom

[Joe_Dragon]

and then when the IRS drops in and says it's income then all kinds of other laws drop in.

Re:and then when the IRS drops in and says it's in

[fuzzyfuzzyfungus]

and then when the IRS drops in and says it's income then all kinds of other laws drop in.

The epic hilarity starts if they decide that you'll probably have to account for different sorts of loot in different ways... Did you get the Helm of Epic Bashing while you were wandering around and slaying monsters(self employed), while doing a quest for the Mysterious Feckless Questgiver NPC(Independent Contractor), or should it be reflected in the W-2 that the Ratslayer's Guild submitted to cover your work as an employee with them?

You should probably also get an opinion from your tax lawyer on whether the depletion of the charges stored in your Staff of Fireball is simply part of the depreciation of that capital good, or whether charges are just a business expense like copier paper or potions of stamina...

IMHO, this is why bitcoin has a max limit of 21mil

[argoff]

2^31 = 2,147,483,648 = $21,474,836.48 when counted in pennies. I once worked for a software company where a call came into the support desk from one of our customers accounting departments. Once their sales reached a certain point, their books were suddenly off by exactly that amount (minus 1 cent). While everybody else was scratching their heads about the missing 21 million dollars, I recognized the number, and knew exactly what the problem was. They were storing the number as a 32 bit signed int which had overflowed. That's also how I got promoted from the support desk to a software developer.

IMHO, this is possibly why the max number of bitcoins was designed to be 21 million. Even though the number is not stored as an int in the bitcoin clients, it still avoids a lot of potential problems across platforms, and in scripts, and in data transfer to other systems in other formats. Just a thought.

Really Blizzard?

A multibillion dollar company that has been making games for 20 years makes a mistake like this?

"Embarrassing" doesn't begin to cover it. No company at this level should be making rookie mistakes. The programmers should've known better. Testing should've found this quickly. QA should've audited this. The list of failures goes on.

Re:Really Blizzard?

[Muse011]

The amusing thing is, this isn't the first time it happened to one of their games. http://www.sk-gaming.com/content/15527-WoW_Gold_Limit_Reached_by_a_Player

Trolls can't read or write

[c++0xFF]

Calm down! You missed the point entirely!

My argument is not that signed values should be used instead of unsigned. My argument is that unsigned values don't help, and you need to look elsewhere for a solution.

I find it fascinating that the financial industry can solve this, while the gaming industry seems to have so many issues. Part of it, I think, is that games allow much more flexibility in how money is used than you see in real life. Also, the fact that game money isn't real money means that mistakes aren't as important ... but now that line is blurred a bit. Don't trust a gaming company with real money (shocker, I know) .... these sorts of bugs are insanely common.

Your an idiot and shouldn't be let near anything more complicated then a stick. A small one.

Pardon me while I cry in the corner. "Your an idiot" ... priceless.

The NEWS is

[someones]

that there are actually people who STILL play D3.
I expected that noone was p(l)aying that game anymore.

cheap jordan shoes handbag store

[koanoiuv]

YOU MUST NOT MISS IT! The website cheap wholesale and retail for many kinds of fashion shoes, like the nike,jordan, also including the handbags,sunglasses,jeans,shirts,hat,belt and the watch, All the products are free shipping, and the price is competitive, after the payment, can ship within short time. the goods are shipping by air express, such as EMS,DHL,the shipping time is in 5-7 business days! http://www.sport3trade.net/ cheap jordan for $40, Air Max 90 for $41, air shox for $40, best handbags for $39, Sunglasses for $18, wallet for $19, belt for $18, T-shirts for $20, Jeans for $39, NFL/MLB/NBA jersey for $25, Top Rolex watch,jordan for cheap, http://www.sport3trade.net/

cheapt jordan shoes,Air max shoes,wallet sale

[poiuweng]

YOU MUST NOT MISS IT! The website cheap wholesale and retail for many kinds of fashion shoes, like the nike,jordan, also including the handbags,sunglasses,jeans,shirts,hat,belt and the watch, All the products are free shipping, and the price is competitive, after the payment, can ship within short time. the goods are shipping by air express, such as EMS,DHL,the shipping time is in 5-7 business days! http://www.sport3trade.net/ cheap jordan for $40, Air Max 90 for $41, air shox for $40, best handbags for $39, Sunglasses for $18, wallet for $19, belt for $18, T-shirts for $20, Jeans for $39, NFL/MLB/NBA jersey for $25, Top Rolex watch,jordan for cheap, http://www.sport3trade.net/