Opened 7 days ago

Closed 4 days ago

#15487 closed defect (fixed)

SCUMM: MONKEY2 (MAC): segfault when typing 'rough' with original_gui=false

Reported by: dwatteau Owned by: AndywinXp
Priority: normal Component: Engine: SCUMM
Version: Keywords: macintosh
Cc: Game: Monkey Island 2

Description

Current Git HEAD, built with --enable-asan. Playing the Macintosh release of Monkey Island 2, as part of the Monkey Island Anthology set from LRG.

Steps are as follows:

  1. Start a new game
  2. In the difficulty selection screen, or when Guybrush appears right before Elaine comes to rescue him, type rough on the keyboard (to disable the smooth graphics option)

The game immediately crashes, with the following ASAN trace:

User picked target 'monkey2-mac' (engine ID 'scumm', game ID 'monkey2')...
AddressSanitizer:DEADLYSIGNAL
=================================================================
==37435==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000022 (pc 0x000104365a06 bp 0x7ff7bbef45a0 sp 0x7ff7bbef3ce0 T0)
==37435==The signal is caused by a READ memory access.
==37435==Hint: address points to the zero page.
    #0 0x104365a06 in Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(Scumm::MacGuiImpl*, OSystem*, Graphics::Surface*, Common::Rect, Scumm::MacGuiImpl::MacDialogWindowStyle, Scumm::MacGuiImpl::MacDialogMenuStyle) macgui_dialogwindow.cpp:46
    #1 0x104368828 in Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(Scumm::MacGuiImpl*, OSystem*, Graphics::Surface*, Common::Rect, Scumm::MacGuiImpl::MacDialogWindowStyle, Scumm::MacGuiImpl::MacDialogMenuStyle) macgui_dialogwindow.cpp:42
    #2 0x104383368 in Scumm::MacGuiImpl::createWindow(Common::Rect, Scumm::MacGuiImpl::MacDialogWindowStyle, Scumm::MacGuiImpl::MacDialogMenuStyle) macgui_impl.cpp:628
    #3 0x104384553 in Scumm::MacGuiImpl::createDialog(int) macgui_impl.cpp:681
    #4 0x10438a90a in Scumm::MacGuiImpl::runOkCancelDialog(Common::String) macgui_impl.cpp:949
    #5 0x1043e4752 in Scumm::MacV5Gui::handleEvent(Common::Event) macgui_v5.cpp:952
    #6 0x104364779 in Scumm::MacGui::handleEvent(Common::Event) macgui.cpp:84
    #7 0x104345a53 in Scumm::ScummEngine::parseEvent(Common::Event) input.cpp:115
    #8 0x104349ee9 in Scumm::ScummEngine::parseEvents() input.cpp:357
    #9 0x1046a1c86 in Scumm::ScummEngine::waitForTimer(int, bool) scumm.cpp:2632
    #10 0x1046a152b in Scumm::ScummEngine::go() scumm.cpp:2589
    #11 0x10418444d in Scumm::ScummEngine::run() scumm.h:585
    #12 0x10405062f in runGame(Plugin const*, OSystem&, DetectedGame const&, void const*) main.cpp:311
    #13 0x10404a0b0 in scummvm_main main.cpp:796
    #14 0x104037ea2 in main macosx-main.cpp:44
    #15 0x7ff800920417 in start+0x767 (dyld:x86_64+0xfffffffffff6e417)

==37435==Register values:
rax = 0x0000000000000022  rbx = 0x00007ff7bbef3ea0  rcx = 0x0000100000000000  rdx = 0x00006150001efd00  
rdi = 0x000061900031f180  rsi = 0x00007ff7bbef3d00  rbp = 0x00007ff7bbef45a0  rsp = 0x00007ff7bbef3ce0  
 r8 = 0x01aa00d600560080   r9 = 0x0000000000000000  r10 = 0x01aa00d600560080  r11 = 0xffffe118442ba70a  
r12 = 0x00007ff7bbefb918  r13 = 0x00007ff7bbefb990  r14 = 0x00007ff7bbefb950  r15 = 0x00007ff7bbefb7e0  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV macgui_dialogwindow.cpp:46 in Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(Scumm::MacGuiImpl*, OSystem*, Graphics::Surface*, Common::Rect, Scumm::MacGuiImpl::MacDialogWindowStyle, Scumm::MacGuiImpl::MacDialogMenuStyle)
==37435==ABORTING
Abort trap: 6

LLDB trace attached below.

Attachments (1)

lldb-asan-trace-monkey2-mac-rough.txt (3.4 KB ) - added by dwatteau 7 days ago.
LLDB trace when the crash happens

Download all attachments as: .zip

Change History (9)

by dwatteau, 7 days ago

Attachment: lldb-asan-trace-monkey2-mac-rough.txt added

LLDB trace when the crash happens

comment:1 by eriktorbjorn, 7 days ago

Valgrind doesn't show any errors here, so I'm not sure what's going on.

comment:2 by eriktorbjorn, 6 days ago

I couldn't see any warnings with asan either.

comment:3 by dwatteau, 6 days ago

Thanks. Following some Discord discussions, I can confirm that I'm building from an up-to-date tree, with no weird remnants or whatever.

Compiler is clang++ 15 (Apple's own version, which often is closer to the next release, with their own changes, if my memory serves me well).

So far, I haven't been able to replicate the issue on my other Linux/OpenBSD environments, although I'm using the same files...

Having the files untouched with their original resource forks (since I'm running the game from an APFS volume), or having them macbinary encoded doesn't change anything. So I don't think it's related to this either.

I don't think my config has anything weird:

[monkey2-mac]
extra=Mac
engineid=scumm
original_gui=false
gui_saveload_last_pos=5
platform=macintosh
music_driver=auto
talkspeed=85
subtitles=true
opl_driver=auto
guioptions=sndNoSpeech midiMac noAspect macintosh gameOption2 gameOption4 gameOption7 lang_English
description=Monkey Island 2: LeChuck's Revenge (Macintosh/English)
path=/path/to/game
enhancements=511
gameid=monkey2
language=en

Anyway, I can attach the process to LLDB when the error is triggered:

User picked target 'monkey2-mac' (engine ID 'scumm', game ID 'monkey2')...
Process 19576 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x22)
    frame #0: 0x000000010035d196 scummvm`Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(this=0x00006110001bbd80, gui=0x00006150001e0a80, system=0x0000614000000640, from=0x00006030002247d0, bounds=(top = 128, left = 86, bottom = 214, right = 426), windowStyle=kWindowStyleNormal, menuStyle=kMenuStyleDisabled) at macgui_dialogwindow.cpp:46:6
   43  		// Only apply menu style if the menu is open.
   44  		Graphics::MacMenu *menu = _gui->_windowManager->getMenu();
   45  	
-> 46  		if (!menu->_active)
   47  			menuStyle = kMenuStyleNone;
   48  	
   49  		_black = _gui->getBlack();
Target 0: (scummvm) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x22)
  * frame #0: 0x000000010035d196 scummvm`Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(this=0x00006110001bbd80, gui=0x00006150001e0a80, system=0x0000614000000640, from=0x00006030002247d0, bounds=(top = 128, left = 86, bottom = 214, right = 426), windowStyle=kWindowStyleNormal, menuStyle=kMenuStyleDisabled) at macgui_dialogwindow.cpp:46:6
    frame #1: 0x000000010035ffb9 scummvm`Scumm::MacGuiImpl::MacDialogWindow::MacDialogWindow(this=0x00006110001bbd80, gui=0x00006150001e0a80, system=0x0000614000000640, from=0x00006030002247d0, bounds=(top = 128, left = 86, bottom = 214, right = 426), windowStyle=kWindowStyleNormal, menuStyle=kMenuStyleDisabled) at macgui_dialogwindow.cpp:42:249
    frame #2: 0x000000010037ab39 scummvm`Scumm::MacGuiImpl::createWindow(this=0x00006150001e0a80, bounds=(top = 128, left = 86, bottom = 214, right = 426), windowStyle=kWindowStyleNormal, menuStyle=kMenuStyleDisabled) at macgui_impl.cpp:633:13
    frame #3: 0x000000010037bd24 scummvm`Scumm::MacGuiImpl::createDialog(this=0x00006150001e0a80, dialogId=502) at macgui_impl.cpp:686:28
    frame #4: 0x00000001003820db scummvm`Scumm::MacGuiImpl::runOkCancelDialog(this=0x00006150001e0a80, text=String @ 0x00007ff7bfef9280) at macgui_impl.cpp:954:28
    frame #5: 0x00000001003dbf63 scummvm`Scumm::MacV5Gui::handleEvent(this=0x00006150001e0a80, event=Event @ 0x00007ff7bfef9500) at macgui_v5.cpp:951:11
    frame #6: 0x000000010035bf0a scummvm`Scumm::MacGui::handleEvent(this=0x0000602000081570, event=Event @ 0x00007ff7bfef9660) at macgui.cpp:84:16
    frame #7: 0x000000010033d1d4 scummvm`Scumm::ScummEngine::parseEvent(this=0x000000011e92b800, event=Event @ 0x00007ff7bfefa190) at input.cpp:115:26
    frame #8: 0x000000010034166a scummvm`Scumm::ScummEngine::parseEvents(this=0x000000011e92b800) at input.cpp:357:3
    frame #9: 0x0000000100699227 scummvm`Scumm::ScummEngine::waitForTimer(this=0x000000011e92b800, quarterFrames=24, freezeMacGui=false) at scumm.cpp:2640:3
    frame #10: 0x0000000100698acc scummvm`Scumm::ScummEngine::go(this=0x000000011e92b800) at scumm.cpp:2597:3
    frame #11: 0x000000010017f74e scummvm`Scumm::ScummEngine::run(this=0x000000011e92b800) at scumm.h:585:10
    frame #12: 0x000000010004b960 scummvm`runGame(enginePlugin=0x000060300005f7d0, system=0x0000614000000640, game=0x00007ff7bfefdd70, meDescriptor=0x0000000000000000) at main.cpp:311:33
    frame #13: 0x00000001000453e1 scummvm`scummvm_main(argc=1, argv=0x00007ff7bfeff6c8) at main.cpp:796:13
    frame #14: 0x00000001000331d3 scummvm`main(argc=1, argv=0x00007ff7bfeff6c8) at macosx-main.cpp:44:12
    frame #15: 0x00007ff80bc7f418 dyld`start + 1896
(lldb) p menu
(Graphics::MacMenu *) nullptr

If you see anything to explore from there, feel free to ask me so :)

comment:4 by dwatteau, 6 days ago

Ah, I see it now, and lephilousophe saw it too.

My game was configured with original_gui=false (I didn't even realize that was the case), and the code allows typing rough in this case. But it should probably be a no-op (or do the action, and _not_ show any MacGUI?) in this case?

comment:5 by dwatteau, 6 days ago

Summary: SCUMM: MONKEY2 (MAC): segfault when typing 'rough' right at the start of the gameSCUMM: MONKEY2 (MAC): segfault when typing 'rough' with original_gui=false

comment:7 by dwatteau, 6 days ago

Owner: set to dwatteau
Resolution: pending
Status: newpending

comment:8 by bluegr, 4 days ago

Owner: changed from dwatteau to AndywinXp
Resolution: pendingfixed
Status: pendingclosed

Fixed with fb8f1b243394064bde0c1cf444b935786ce94fd5

Note: See TracTickets for help on using tickets.