Opened 11 months ago

Last modified 7 hours ago

#13661 new defect

SAGA: IHNM: "createThread wrong scriptEntryPointNumber" when starting with Benny

Reported by: dwatteau Owned by:
Priority: normal Component: Engine: SAGA
Version: Keywords: threading
Cc: Game: I Have No Mouth

Description

With either the English/Steam or French/GOG versions of IHNM (which trigger the SAMPLE.AD/SAMPLE.OPL warning), reinstalled from scratch to make sure the data is OK.

For whatever reason, I can only reproduce this with the OSX PowerPC port:

  • It also happens with ScummVM 2.2.0, so it's not a recent regression.
  • Using different compiler versions doesn't fix the problem.
  • It's systematic on this port, i.e. playing with Benny is impossible there.
  • With Linux on the same PowerPC machine, it's fine. Maybe the OSX PowerPC environment is "luckier" in triggering this bug, especially if it's related to threading?

Anyway, if I just do this:

  1. Start the game
  2. Choose Benny as a character
  3. Go down the stairs with Benny

then the following error always appears in the console when Benny starts speaking to AM:

Script::createThread wrong scriptEntryPointNumber!

Skipping the dialogue or enabling/disabling the subtitles doesn't change anything.

On Windows, I can't trigger the error message, but sometimes (1 out of 10?) if I reproduce the steps above, Benny suddendly teleports to the cemetery, and if I go back to the previous room, he will resume reacting to AM, as if nothing happened.

GDB and debug logs to be attached below.

Attachments (4)

ihnm_benny_gdb.txt (2.0 KB ) - added by dwatteau 11 months ago.
GDB log when the error happens
ihnm_benny_debug.txt (12.2 KB ) - added by dwatteau 11 months ago.
debug (-d9) log when AM teleports Benny to the first room
asan-ihnm-benny-stairs.txt (5.0 KB ) - added by dwatteau 8 months ago.
ASAN trace when falling from the stairs with Benny
tsan-saga-ihnm-amiga-aga.txt (9.2 KB ) - added by dwatteau 10 hours ago.

Download all attachments as: .zip

Change History (12)

by dwatteau, 11 months ago

Attachment: ihnm_benny_gdb.txt added

GDB log when the error happens

by dwatteau, 11 months ago

Attachment: ihnm_benny_debug.txt added

debug (-d9) log when AM teleports Benny to the first room

comment:1 by dwatteau, 11 months ago

It's systematic on this port, i.e. playing with Benny is impossible there.

Well, actually there's a way of working around this on this port: look at the Psych Profile in the inventory, before you fall from the stairs with Benny.

It looks like it resets the room to a proper state, and thus prevents the wrong scriptEntryPointNumber error from happening.

comment:2 by dwatteau, 8 months ago

ASAN (with clang++ on macOS 12.6) detects a heap-use-after-free with the same Benny action. Git HEAD is 20c1dbb50d.

==13418==ERROR: AddressSanitizer: heap-use-after-free on address 0x00011d412a38 at pc 0x000100775ccc bp 0x00016fd61760 sp 0x00016fd61758
READ of size 4 at 0x00011d412a38 thread T0
    #0 0x100775cc8 in Saga::HitZone::getFlags() const objectmap.h:56
    #1 0x1006ec924 in Saga::Actor::stepZoneAction(Saga::ActorData*, Saga::HitZone const*, bool, bool) actor.cpp:551
    #2 0x100712a0c in Saga::Actor::handleActions(int, bool) actor_walk.cpp:695
    #3 0x10071da30 in Saga::Actor::direct(int) actor_walk.cpp:727
    #4 0x1007d2f48 in Saga::SagaEngine::run() saga.cpp:357
    #5 0x1000dc7e0 in runGame(Plugin const*, Plugin const*, OSystem&, Common::String const&) main.cpp:318
    #6 0x1000d8130 in scummvm_main main.cpp:619
    #7 0x1000cf19c in main macosx-main.cpp:44
    #8 0x1024b1088 in start+0x204 (dyld:arm64e+0x5088)

I'm attaching the full ASAN log below.

by dwatteau, 8 months ago

Attachment: asan-ihnm-benny-stairs.txt added

ASAN trace when falling from the stairs with Benny

comment:3 by dwatteau, 2 days ago

As per #14334 (see comment no. 12) this also happens with the ECS version of Inherit the Earth.

comment:4 by johnpevensie, 2 days ago

I meant to say the AGA Amiga version of Inherit the Earth. The ECS version of Inherit the Earth works fine.

comment:5 by PushmePullyu, 10 hours ago

Thanks for investigating this and for the ASAN trace. I can not get the "Script::createThread wrong scriptEntryPointNumber!" error message on Linux x86_64, but i have attempted a fix based on the ASAN log: https://github.com/PushmePullyu/scummvm/tree/debug-ihnm-use-after-free

comment:6 by dwatteau, 10 hours ago

@johnpevensie: Oops, sorry for inverting them!

Thank you very much @PushmePullyu, here's the ThreadSanitizer trace I manage to get in IHNM-AGA, for reference (attaching it as .txt).

by dwatteau, 10 hours ago

Attachment: tsan-saga-ihnm-amiga-aga.txt added

comment:7 by dwatteau, 9 hours ago

@PushmePullyu: I've tested your PR with IHNM: the AddressSanitizer error is now gone, and it appears to fix the createThread wrong scriptEntryPointNumber error on OSX PPC, cool! :)

The ThreadSanitizer errors in IHNM are still there, though (but they look unrelated?), and I couldn't reproduce the original IHNM error on OSX PPC, so I can't say if it fixes both issues yet.

@johnpevensie: Can you grab the updated SAGA plugin at <https://github.com/dwatteau/scummvm/releases/download/v0.7.1/saga.plugin>, use it to overwrite /Applications/ScummVM.app/Contents/Resources/saga.plugin (from the test build from the other Trac ticket), and report whether this fixes your error in IHNM AGA too? Thanks!

comment:8 by johnpevensie, 7 hours ago

This does not fix the error on the AGA Amiga version of Inherit the Earth. I still get the same error at the same place (after the intro finishes).

Note: See TracTickets for help on using tickets.