2019-12-07 09:18 EST


View Issue Details Jump to Notes ] Related Changesets ]
IDProjectCategoryView StatusLast Update
0002864FSSCPmultiplayerpublic2013-12-03 06:26
ReporterFUBAR-BDHR 
Assigned Toniffiwan 
PriorityurgentSeverityblockReproducibilityhave not tried
StatusresolvedResolutionfixed 
Product Version3.6.19 
Target Version3.7.0Fixed in Version3.7.0 
Summary0002864: Standalone ASSERTION: "handle >= 0" trying to unload head .ani file
DescriptionAppears to be trying to unload head .ani bitmaps which have a bitmap_id of -858993460. This is coming from message_init()in missionmessage.cpp line 695. Blows up on the first one of 11. All have the same -858993460 bitmap_id

    // this forces a reload of the AVI's and waves for builtin messages. Needed because the flic and
    // sound system also get reset between missions!
    for (i = 0; i < Num_builtin_avis; i++ ) {
        generic_anim_unload(&Message_avis[i].anim_data);
    }


Additional Informationr9668 with Kara's patch for 1863.


Stack

     fs2_open_3_6_19-DEBUG.exe!debug_int3(char * file=0x010f6904, int line=966) Line 768 C++
     fs2_open_3_6_19-DEBUG.exe!WinAssert(char * text=0x010f7dbc, char * filename=0x010f6f9c, int linenum=1837) Line 966 + 0x13 bytes C++
     fs2_open_3_6_19-DEBUG.exe!bm_release(int handle=-858993460, int clear_render_targets=0) Line 1837 + 0x1e bytes C++
> fs2_open_3_6_19-DEBUG.exe!generic_anim_unload(generic_anim * ga=0x057b09fc) Line 300 + 0xe bytes C++
     fs2_open_3_6_19-DEBUG.exe!messages_init() Line 695 + 0x17 bytes C++
     fs2_open_3_6_19-DEBUG.exe!game_level_init(int seed=-1) Line 1017 C++
     fs2_open_3_6_19-DEBUG.exe!game_start_mission() Line 1429 + 0x7 bytes C++
     fs2_open_3_6_19-DEBUG.exe!multi_sync_pre_do() Line 8037 C++
     fs2_open_3_6_19-DEBUG.exe!multi_sync_do() Line 7469 C++
     fs2_open_3_6_19-DEBUG.exe!game_do_state(int state=38) Line 6659 C++
     fs2_open_3_6_19-DEBUG.exe!gameseq_process_events() Line 405 + 0x14 bytes C++
     fs2_open_3_6_19-DEBUG.exe!game_main(char * cmdline=0x00152340) Line 7032 + 0x5 bytes C++
     fs2_open_3_6_19-DEBUG.exe!WinMain(HINSTANCE__ * hInst=0x00400000, HINSTANCE__ * hPrev=0x00000000, char * szCmdLine=0x00152340, int nCmdShow=1) Line 7101 + 0x9 bytes C++
     fs2_open_3_6_19-DEBUG.exe!__tmainCRTStartup() Line 263 + 0x2c bytes C
     fs2_open_3_6_19-DEBUG.exe!WinMainCRTStartup() Line 182 C
     kernel32.dll!7c81776f()
     [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]


Autos from generic_anim_unload()

- ga 0x057b09fc {filename=0x057b09fc "Head-TP1" first_frame=14251 num_frames=1 ...} generic_anim *
+ filename 0x057b09fc "Head-TP1" char [32]
        first_frame 14251 int
        num_frames 1 int
        keyframe 0 int
        keyoffset -858993460 int
        current_frame -858993460 int
        previous_frame -858993460 int
        direction 204 'Ì' unsigned char
        done_playing 0 unsigned char
        total_time 0.066666670 float
        anim_time 0.00000000 float
+ ani {animation=0xcccccccc instance=0xcccccccc bg_type='Ì' } generic_anim::<unnamed-tag>::<unnamed-type-ani>
+ eff {next_frame=-858993460 } generic_anim::<unnamed-tag>::<unnamed-type-eff>
        type 204 'Ì' unsigned char
        streaming 204 'Ì' unsigned char
+ buffer 0xcccccccc <Bad Ptr> unsigned char *
        height -858993460 int
        width -858993460 int
        bitmap_id -858993460 int
        use_hud_color true bool
        ga->bitmap_id -858993460 int
- ga->buffer 0xcccccccc <Bad Ptr> unsigned char *
            CXX0030: Error: expression cannot be evaluated
TagsNo tags attached.
Attached Files
  • rar file icon 2864_fs2_standalone.rar (65,139 bytes) 2013-05-03 15:42
  • ? file icon 2864.fs2 (3,412 bytes) 2013-05-08 04:30
  • ? file icon 2864_TBP.fs2 (4,022 bytes) 2013-05-08 04:30
  • patch file icon mantis2864-svn.patch (594 bytes) 2013-05-17 23:11 -
    Index: code/mission/missionmessage.cpp
    ===================================================================
    --- code/mission/missionmessage.cpp	(revision 9677)
    +++ code/mission/missionmessage.cpp	(working copy)
    @@ -310,6 +310,7 @@
     	}
     
     	// would have returned if a slot existed.
    +	generic_anim_init( &extra.anim_data );
     	strcpy_s( extra.name, avi_name );
     	strcpy_s( extra.anim_data.filename, avi_name);
     	extra.num = -1;
    @@ -332,6 +333,7 @@
     			return i;
     	}
     
    +	generic_anim_init( &extra.anim_data );
     	strcpy_s( extra.name, wave_name );
     	extra.num = -1;
     	Message_waves.push_back(extra);
    
    patch file icon mantis2864-svn.patch (594 bytes) 2013-05-17 23:11 +

-Relationships
related to 0002866code reviewFUBAR-BDHR Sounds played from event editor in FRED get extension added even if they have one 
+Relationships

-Notes

~0015035

Echelon9 (developer)

That particular value looks like an uninitialised or dummy value, as it has also been set for the height, width, keyoffset, current_frame and previous_frame

~0015036

FUBAR-BDHR (developer)

Well whatever it is it is happening pretty regularly. 3 more standalones down today with the same issue.

~0015042

FUBAR-BDHR (developer)

Getting the same thing trying to start a mission from the tech room in single player. Simple mission just the player and 1 send message event.

~0015044

FUBAR-BDHR (developer)

Alright this gets even weirder same mission in both TBP and FS2. TBP gets the same crash as the standalone. FS2 no crash.

Attaching mission from both TBP and FS2.

~0015045

niffiwan (developer)

I didn't get a crash in TBP when running 2864_TBP.fs & Zathras 2.6. I didn't hear any audio play for the message either. The audio played OK for the fs2 version.

I did get this warning on mission load though:
WARNING: "Invalid type "MF Tlez'iar" found in loadout of mission file...skipping" at parse/parselo.cpp:2814

~0015046

FUBAR-BDHR (developer)

That weapon wasn't added until the 2.7 betas so that would be a valid warning for 2.6. As for the sound not playing that is probably because it's from a campaign you might not have. Of course it should not be an issue as you shouldn't even make it past the load screen. Crash occurs on about the second loading bar.

~0015047

FUBAR-BDHR (developer)

Well strangely enough it seems like we are dealing with 2 different but possibly related bugs in the exact same spot.

To reproduce the TBP crash in retail simply extract Head-TP1a.ani, place in the hud directory, and rename to Head-TP1.ani. This will trigger the issue as now the name specified in message.tbl exists and is loaded. This makes the number of frames > 0 and it assumes the bitmaps have been loaded and tries to unload them.

As to why it's happening on the standalones as well it's probably because they use the same file for everything that is loaded. This would result in a file with one frame already being loaded.

~0015049

niffiwan (developer)

Yup, that does it alright. I get a slightly different error, might just be due to OS differences.

ASSERTION FAILED: "be->handle == handle" at bmpman/bmpman.cpp:1850 Invalid bitmap handle number 9500 (expected 0) for cursorweb.ani passed to bm_release()

~0015057

niffiwan (developer)

Last edited: 2013-05-18 00:53

View 5 revisions

I believe this was introduced by 9660, could you please test & confirm/deny this?

update: I suspect that in add_avi() we *don't* want to call "generic_anim_load()". add_avi() is only called when parsing messages.tbl "+AVI Name:" and the ani name here is not valid. i.e. string is Head-TP1, but the real ANI's to load are Head-TP1[abc].ani.

Regardless, when called here "generic_anim_load()" isn't working correctly anyway, ga->first_frame was approx 9 hundred thousand when I stepped through the loading of (shouldn't really exist) Head-TP1.ani
(update: ga->first_frame approx 9 hundred thousand is actually a valid value)

~0015058

niffiwan (developer)

Echelon9 & The_E, this seems related to 9654 & 9660. Could you please provide some more background about those changes? e.g. what was the problem that BP was having that led to 9654?

~0015059

The_E (administrator)

Last edited: 2013-05-15 02:12

View 2 revisions

The issue were infrequent crashes due to two things. One, the original function (pre-9654) was calling generic_anim_unload instead of generic_anim_load, and two, it did so with uninitialized parameters, which naturally caused badness. 9654 changed that to use generic_anim_load, but E9 forgot to fill in the filename field in the struct that that function expects as input, which I then corrected.

This issue, while it was discovered when E9 ran BP, was not specific to BP. It could literally happen anywhere, anytime.

~0015060

niffiwan (developer)

thanks, that makes sense. The only thing is, that function is only called for messages.tbl entries and for them AFAIK the AVI name is not a valid filename. It needs a, b or c added to it before it becomes a valid ani filename. i.e. a generic_anim_unload or generic_anim_load is useless because normally the file should not exist.

~0015065

niffiwan (developer)

Last edited: 2013-05-18 01:28

View 5 revisions

ahhhh, uninitialised structs, we hates them preciousssssss

IOW, anim_data in message_extra wasn't being initialised. This could lead to crashes when unloading ani's, e.g. if buffer was a non-nullptr then generic_anim_unload could attempt to bm_release an invalid bitmap_id. The patch should deal all instances of message_extra in the code.

I've successfully tested the patch with 2864.fs2 & data/hud/Head_TP1.ani.
Also fixes crashes in WoD found as part of testing 0002837.

~0015066

FUBAR-BDHR (developer)

Seems to be working in retail. Still having some issues in TBP (no crash but no ani either) but it might be data related so I'm trying to rule that out. In the meantime I'm going to update the standalones and see if they crash.

~0015085

chief1983 (administrator)

Any update here? Still getting crashes after patching?

~0015086

FUBAR-BDHR (developer)

Well haven't seen a crash yet but I also haven't seen anyone actually using a standalone yet either.

~0015092

niffiwan (developer)

Fix committed to trunk@9681.

~0015093

niffiwan (developer)

Per IRC discussion with FUBAR, committed as it fixes the single player issue, but leaving mantis open until some more people use the standalones to give it a better test.

~0015293

niffiwan (developer)

Has anyone seen this problem reoccur on any standalones recently?

~0015492

Echelon9 (developer)

This one looks fixed from my ASan testing of standalone servers.
+Notes

+Related Changesets

-Issue History
Date Modified Username Field Change
2013-05-03 15:42 FUBAR-BDHR New Issue
2013-05-03 15:42 FUBAR-BDHR File Added: 2864_fs2_standalone.rar
2013-05-04 19:50 Echelon9 Note Added: 0015035
2013-05-04 20:24 FUBAR-BDHR Note Added: 0015036
2013-05-08 04:03 FUBAR-BDHR Note Added: 0015042
2013-05-08 04:03 FUBAR-BDHR Priority normal => urgent
2013-05-08 04:03 FUBAR-BDHR Severity minor => block
2013-05-08 04:25 FUBAR-BDHR Note Added: 0015044
2013-05-08 04:30 FUBAR-BDHR File Added: 2864.fs2
2013-05-08 04:30 FUBAR-BDHR File Added: 2864_TBP.fs2
2013-05-08 06:02 niffiwan Note Added: 0015045
2013-05-08 15:51 FUBAR-BDHR Note Added: 0015046
2013-05-08 17:44 FUBAR-BDHR Note Added: 0015047
2013-05-09 06:57 niffiwan Note Added: 0015049
2013-05-09 06:57 niffiwan Status new => confirmed
2013-05-13 17:01 chief1983 Target Version => 3.7.0
2013-05-14 05:02 niffiwan Assigned To => niffiwan
2013-05-14 05:02 niffiwan Status confirmed => assigned
2013-05-14 05:03 niffiwan Note Added: 0015057
2013-05-14 06:08 niffiwan Note Edited: 0015057 View Revisions
2013-05-14 06:08 niffiwan Note Edited: 0015057 View Revisions
2013-05-14 06:11 niffiwan Note Edited: 0015057 View Revisions
2013-05-15 01:51 niffiwan Note Added: 0015058
2013-05-15 02:11 The_E Note Added: 0015059
2013-05-15 02:12 The_E Note Edited: 0015059 View Revisions
2013-05-15 02:24 niffiwan Note Added: 0015060
2013-05-17 23:11 niffiwan File Added: mantis2864-svn.patch
2013-05-17 23:23 niffiwan Note Added: 0015065
2013-05-17 23:23 niffiwan Status assigned => code review
2013-05-18 00:53 niffiwan Note Edited: 0015057 View Revisions
2013-05-18 01:19 niffiwan Note Edited: 0015065 View Revisions
2013-05-18 01:19 niffiwan Note Edited: 0015065 View Revisions
2013-05-18 01:20 FUBAR-BDHR Note Added: 0015066
2013-05-18 01:23 niffiwan Note Edited: 0015065 View Revisions
2013-05-18 01:28 niffiwan Note Edited: 0015065 View Revisions
2013-05-20 01:26 niffiwan Relationship added related to 0002866
2013-05-23 15:34 chief1983 Note Added: 0015085
2013-05-23 16:09 FUBAR-BDHR Note Added: 0015086
2013-05-29 05:28 niffiwan Changeset attached => fs2open trunk r9681
2013-05-29 05:28 niffiwan Note Added: 0015092
2013-05-29 05:28 niffiwan Status code review => resolved
2013-05-29 05:28 niffiwan Resolution open => fixed
2013-05-29 05:33 niffiwan Note Added: 0015093
2013-05-29 05:33 niffiwan Status resolved => feedback
2013-05-29 05:33 niffiwan Resolution fixed => reopened
2013-09-26 21:19 niffiwan Note Added: 0015293
2013-12-03 04:42 Echelon9 Category graphics => multiplayer
2013-12-03 06:26 Echelon9 Note Added: 0015492
2013-12-03 06:26 Echelon9 Status feedback => resolved
2013-12-03 06:26 Echelon9 Fixed in Version => 3.7.0
2013-12-03 06:26 Echelon9 Resolution reopened => fixed
+Issue History