Opened 7 years ago

Closed 7 years ago

Last modified 2 years ago

#6334 closed defect (fixed)

NEVERHOOD: Bus error 10 and Segmentation fault 11

Reported by: SF/noizje Owned by: johndoe123
Priority: normal Component: Engine: Neverhood
Keywords: Cc:
Game: The Neverhood

Description

Playing a smacker video in game gets me either a Bus error: 10 or Segmentation fault: 11 and exits.

Running Mac OSX Intel SVN build

Ticket imported from: #3613666. Ticket imported from: bugs/6334.

Attachments (5)

neverhood-valgrind-trace.zip (7.3 KB ) - added by digitall 7 years ago.
Neverhood Valgrind Trace as of 20130529
neverhood-win.004 (22.1 KB ) - added by SF/noizje 7 years ago.
Savegame at disk player
2013-07-06-neverhood-segfault-at-disk-player-valgrind.zip (8.0 KB ) - added by digitall 7 years ago.
Valgrind trace of crash at disk player
neverhood-win.2.004 (18.6 KB ) - added by SF/noizje 7 years ago.
Savegame at crown selection scene
neverhood-crown-klayman-valgrind.txt (4.2 KB ) - added by digitall 7 years ago.
Valgrind errors from crown selection when Klayman takes it.

Download all attachments as: .zip

Change History (29)

comment:1 by digitall, 7 years ago

noizje: Please note that we don't generally accept bug reports on Work In Progress/Incomplete engines as we know they are still buggy and/or incomplete. When we are happy they are fairly complete, we announce a testing pashe for a new engine/game and ask for testing, but thank you anyway for testing this.

We are still happy to accept any bugs until testing is announced, but this is best done by informally asking the developers in the IRC channel or on the Forum, before opening an official bug as it may be a known current issue. If so, this should be documented on the engines wiki page i.e. http://wiki.scummvm.org/index.php/Neverhood

I have replicated the issue on Linux and this is associated with the following valgrind trace, which triggers a segfault after the second screen after you move outside from the room with the piranha plant and then try to move forward...: ==26412== Invalid read of size 8 ==26412== at 0x4ACDCA: Neverhood::Scene::draw() (scene.cpp:83) ==26412== by 0x43A49E: Neverhood::Module::draw() (module.cpp:45) ==26412== by 0x43A49E: Neverhood::Module::draw() (module.cpp:45) ==26412== by 0x41B014: Neverhood::NeverhoodEngine::mainLoop() (neverhood.cpp:171) ==26412== by 0x41ACF5: Neverhood::NeverhoodEngine::run() (neverhood.cpp:120) ==26412== by 0x409360: runGame(PluginSubclass<MetaEngine> const*, OSystem&, Common::String const&) (main.cpp:226) ==26412== by 0x40A03C: scummvm_main (main.cpp:452) ==26412== by 0x407FD7: main (posix-main.cpp:45) ==26412== Address 0xc4e70f0 is 0 bytes inside a block of size 80 free'd ==26412== at 0x4C2AE2C: operator delete(void*) (vg_replace_malloc.c:480) ==26412== by 0x4B1DFF: Neverhood::SmackerDoubleSurface::~SmackerDoubleSurface() (smackerplayer.h:44) ==26412== by 0x4B168F: Neverhood::SmackerPlayer::close() (smackerplayer.cpp:137) ==26412== by 0x4B1420: Neverhood::SmackerPlayer::open(unsigned int, bool) (smackerplayer.cpp:108) ==26412== by 0x4A3782: Neverhood::NavigationScene::update() (navigationscene.cpp:72) ==26412== by 0x42E8E6: Neverhood::Entity::handleUpdate() (entity.cpp:64) ==26412== by 0x43A85C: Neverhood::Module::updateChild() (module.cpp:104) ==26412== by 0x47A23B: Neverhood::Module2300::updateScene() (module2300.cpp:117) ==26412== by 0x42E8E6: Neverhood::Entity::handleUpdate() (entity.cpp:64) ==26412== by 0x43A85C: Neverhood::Module::updateChild() (module.cpp:104) ==26412== by 0x430F1F: Neverhood::GameModule::updateModule() (gamemodule.cpp:614) ==26412== by 0x42E8E6: Neverhood::Entity::handleUpdate() (entity.cpp:64)

One of the developers will look at this... and the variety of memory leaks and other issues! :-)

comment:2 by digitall, 7 years ago

Summary: NEVERHOOD: Bus error 10 and Segmentation fault 11NEVERHOOD: Crash During Navigation Video Scenes

comment:3 by wjp, 7 years ago

Owner: set to johndoe123

comment:4 by wjp, 7 years ago

diskplayerscene and navigationscene do an addSurface on the smackerSurface, but it never seems to be removed, as far as I can tell.

comment:5 by bluegr, 7 years ago

Here's eriktorbjorn's comment from the original neverhood engine pull request: https://github.com/scummvm/scummvm/pull/330

"I can fix the slew of Valgrind warnings by making the following two changes:

In NavigationScene::update(), add "addSurface(_smackerPlayer->getSurface());" after opening a new Smacker movie. In SmackerPlayer::close(), add _scene->removeSurface(_smackerSurface) before deleting _smackerSurface. But that's not quite right, because now the screen turns black as soon as the navigation movie ends. So the next guess would be to create and delete _smackerSurface in SmackerPlayer's constructor/destructor, allowing it to use the same surface for its entire life span. But I couldn't get that to work right either, and it's getting much too late in the evening to keep looking"

We could also do: removeSurface(_smackerPlayer->getSurface()); inside the NavigationScene() destructor... but I still get crashes with this :/

comment:6 by bluegr, 7 years ago

Owner: johndoe123 removed
Summary: NEVERHOOD: Crash During Navigation Video ScenesNEVERHOOD: Bus error 10 and Segmentation fault 11

comment:7 by johndoe123, 7 years ago

I'm working on it. I'll try eriktorbjorn's second solution, creating/deleting the smacker surface only once during the SmackerPlayer's lifetime. (I can't really test it because it doesn't crash for me and I don't have Valgrind.)

comment:8 by bluegr, 7 years ago

It always crashes for me outside the first building, if I change about 3-4 screens. If you're on Windows, a very good substitute for Valgrind is Dr. Memory: http://www.drmemory.org/

comment:9 by digitall, 7 years ago

john_doe: Another solution would be to install Debian Linux on an Oracle VirtualBox instance, then install Valgrind in that. Instructions for doing this (aimed at allowing debugging of different endians, but it is the same idea): http://wiki.scummvm.org/index.php/HOWTO-Debug-Endian-Issues

comment:10 by SF/noizje, 7 years ago

I saw the recent commit by eriktorbjorn. Segmentation fault seems to be gone making it able to navigate, but I still get the Bus Error 10 at the 'disk player' and exits.

comment:11 by digitall, 7 years ago

Owner: set to eriktorbjorn

comment:12 by digitall, 7 years ago

noizje: Thanks for the feedback. Can you please attach a savegame at the disk player to this bug as an attached file? This will help us diagnose the issue.

comment:13 by digitall, 7 years ago

eriktorbjorn: Thanks for the fix which has improved things significantly. No segfault now, but Valgrind still shows very significant memory leaks and an uninitialised variable access in the SoundItem. Attaching a trace to this bug for reference.

by digitall, 7 years ago

Neverhood Valgrind Trace as of 20130529

by SF/noizje, 7 years ago

Attachment: neverhood-win.004 added

Savegame at disk player

comment:14 by digitall, 7 years ago

noizje: Thank you for the savegame. Will try to replicate and diagnose.

comment:15 by digitall, 7 years ago

Replicated under Valgrind on x86_64 with latest git master. Attaching valgrind trace... Looks like a use-after-freed issue in the graphics surfaces...

by digitall, 7 years ago

Valgrind trace of crash at disk player

comment:16 by SF/noizje, 7 years ago

The commit by bluegr seems to have fixed the problem at the disk player. However, the problem still exist at the end 'crown selection' scene.

When choosing Klayman it directly results in a Bus Error 10.

When choosing Hoborg I get a Segmentation Fault 11 later on in the scene.

Another thing: sometimes I hear footsteps at the end scene.

Attached savegame

by SF/noizje, 7 years ago

Attachment: neverhood-win.2.004 added

Savegame at crown selection scene

comment:17 by bluegr, 7 years ago

After the latest commit by johndoe123, all Smacker related crashes have been fixed - I tried navigation scenes, the video player, the cannon and the finale and they all work great without crashes. Thus, I'm closing this as fixed

comment:18 by bluegr, 7 years ago

Owner: changed from eriktorbjorn to johndoe123
Resolution: fixed
Status: newclosed

comment:19 by bluegr, 7 years ago

Resolution: fixed
Status: closednew

comment:20 by bluegr, 7 years ago

Reopening, as this still occurs for the OP

comment:21 by digitall, 7 years ago

Attaching valgrind trace for Klayman wearing the Crown from the savegame. There is a critical memory access error in the Smacker Player causing this (2nd error) But the other unitialised read and the remaining leaks should be closed as well.

by digitall, 7 years ago

Valgrind errors from crown selection when Klayman takes it.

comment:22 by johndoe123, 7 years ago

Should be fixed now, closing again.

comment:23 by johndoe123, 7 years ago

Resolution: fixed
Status: newclosed

comment:24 by digitall, 2 years ago

Component: Engine: Neverhood
Game: The Neverhood
Note: See TracTickets for help on using tickets.