mailversion:1.42nhversion:3.4.3nhfrom:Our 3.4.3 source release, un

1. mailversion:
2. 1.42
3.  
4. nhversion:
5. 3.4.3
6.  
7. nhfrom:
8. Our 3.4.3 source release, unmodified
9.  
10. hardware:
11. Probably irrelevant, but it's a Toshiba Satellite netbook with 3 GB memory and 4 GB swap, and an Intel U2700 1.3GHz processor.
12.  
13. software:
14. Ubuntu Lucid, running Linux 2.6.32, using a NetHack binary compiled from unmodified (apart from config.h/unixconf.h and makefiles) official NetHack 3.4.3 sources compiled for Unix-like systems using gcc 4.4.3
15.  
16. comments:
17. If a level is almost but not entirely full of monsters, then a player hiding on the ceiling (after using #monster in any p or t form), then when a monster moves onto the player's square, the player falls to the nearest unoccupied square that the monster didn't come from, even if it's over the other end of the level. There are no restrictions on this, so it can be used to, say, cross the Plane of Air or Astral in one turn, or escape from the Wizard of Yendor's tower (or phase into it, but that's less useful because there are various standard ways of luring him out, which as far as I know are intentional; let me know if they're bugs and I'll report them).
18.  
19. The culprit is a use of enexto() without any sort of check, on src/mhitu.c line 362 (in NetHack 3.4.3); the check is made before moving the monster, even though the monster vacates the square in question, so it won't hit the square that the monster was occupying. (Every other use of enexto() in the 3.4.3 source to find a location to place the player also has a check on the maximum distance that the player can be moved; I obviously can't check to see if more buggy uses have been introduced in a development version.) The most obvious fix is simply to make the player and monster swap places, although that would have issues where long worms were involved.