[Back to Index]

[00:09] <snover> i was trying to see if anyone had ever suggested compression before in a ticket and ran into https://bugs.scummvm.org/ticket/7726, which seems like it perhaps ought to be closed now that the screenshots directory has been fixed to go to the standard locations?
[00:13] <-- SylvainTV left irc: Read error: Connection reset by peer
[00:16] --> dreammaster joined #scummvm.
[00:16] #scummvm: mode change '+o dreammaster' by ChanServ!ChanServ@services.
[00:34] <m-kiewitz> snover: it is? well, then it can be closed i guess
[00:37] <-- m-kiewitz left irc: Quit: technology isn't intrinsically good or evil. It's how it's used. Like the Death Ray.
[00:53] <-- Farmboy0 left irc: Remote host closed the connection
[01:06] <-- Dominus left irc: Ping timeout: 260 seconds
[01:06] --> Dominus joined #scummvm.
[01:14] <-- Polynomial-C left irc: Ping timeout: 240 seconds
[01:14] --> Polynomial-C joined #scummvm.
[01:20] <tsoliman> I found a bug in castlebrain and it happened twice and I don't know how to reproduce it. I was playing with my son so I didn't get a backtrace even .. now I spent 30 mins trying to repro
[01:22] --> Strangerke_ joined #scummvm.
[01:24] <-- Strangerke left irc: Ping timeout: 268 seconds
[01:25] Nick change: Strangerke_ -> Strangerke
[01:28] <-- Begas_VBox left irc: Quit: Vision[0.9.8]: i've been blurred!
[01:29] <-- Begasus left irc: Quit: Ex-Chat
[01:31] <tsoliman> still cannot repro - I am worried it might be a waiting game .. like when the music loops or something
[01:31] <snover> what kind of bug, tsoliman?
[01:31] <tsoliman> script error - crash to debugger - in the wordsearch
[01:31] <tsoliman> don't have the console output or a backtrace
[01:32] <tsoliman> I vagely remember something like an invalid access?
[01:32] <snover> hm. this sounds like a reminder that i really would enjoy breakpad integration.
[01:32] <tsoliman> access to uninitialized memory .. something like that
[01:33] <tsoliman> I have save of the problem just before it happens
[01:33] <tsoliman> I dunno how to trigger it
[01:33] <tsoliman> without the bt .. I don't even have a clue
[01:34] <snover> was the message Access violation reading/writing <resource id>: x + y > z ?
[01:34] <tsoliman> all I was doing was just sitting there trying to do the wordsearch :( which I've been doing crash-free for the last 30 mins
[01:34] <tsoliman> no .. is there a list of error messages somewhere?
[01:34] <tsoliman> I might be able to skim through them and pick it out since it is not 100% in my memory
[01:35] <snover> was the message Uninitialized read for temp # from <function name>?
[01:36] <tsoliman> that actually sounds closer than the first one
[01:36] <tsoliman> I am almost sure it had "Uninitialized" in it
[01:38] <snover> uninitialised reads are frequent in the game scripts
[01:38] <snover> is there maybe a ticket open for that game?
[01:40] <tsoliman> I don't see any tickets open for "castlebrain" or "castle brain"
[01:40] <tsoliman> didn't there used to be game-tags
[01:40] <snover> there still is
[01:40] <tsoliman> I am not used to this new system
[01:41] <tsoliman> how do you search by a specific game - there used to be a dropdown list
[01:41] <tsoliman> ah new custom query
[01:41] <snover> go to view tickets, choose report 10 (or new custom query), open the collapsed filters panel at the top-left, select Game from the drop-down menu
[01:42] <tsoliman> nope nothing open
[01:43] <snover> i guess you will just need to reproduce the issue then ;)
[01:43] <tsoliman> :D
[01:43] <tsoliman> I know I know
[01:44] <tsoliman> always always grab the bt and the console output
[01:53] <-- Vel0city left irc: Ping timeout: 245 seconds
[01:53] <tsoliman> bingo
[01:53] <tsoliman> Uninitialized read for temp 14 from method word::dispatchEvent (room 320, script 325, localCall ffffffff)!
[01:53] <tsoliman> thanks snover :)
[01:53] <tsoliman> I'll log the bug since a save is needed and such
[01:56] <snover> ugh. this torin bug kind of sucks. how is this not raising an uninitialized parameter read warning& the game calls a Blink cycler init, passes only 1 argument (the controlling object) but the Blink cycler init checks to see if theres 1 argument and if there is it assumes there are 2 arguments
[01:59] <snover> hopefully i can find space to send a second argument from the bad caller
[01:59] --> Mataniko joined #scummvm.
[01:59] Nick change: Mataniko -> mataniko
[02:02] <-- Dominus left irc: Ping timeout: 260 seconds
[02:02] --> DominusExult joined #scummvm.
[02:03] Nick change: DominusExult -> Dominus
[02:05] <tsoliman> the steps to reproduce are very stupid
[02:06] <tsoliman> "furiously click until it crashes"
[02:06] <tsoliman> https://bugs.scummvm.org/ticket/9783
[02:08] <mataniko> I submitted https://bugs.scummvm.org/ticket/9780 earlier. Trying to debug it now and I get nothing in gdb or valgrind
[02:12] <snover> tsoliman: hahaha. ive seen worse ;)
[02:13] <snover> mataniko: the bug is a script error so youll only see it in the built-in sci debugger (ctrl+shift+d)
[02:14] <snover> i mean, when you get that error the sci debugger should appear, and then you should be able to learn which script is doing the bad thing
[02:14] <mataniko> yeah that's literally the only message in the console that pops up
[02:18] <snover> mataniko: does it not say Debugger entered, please switch to this console for input.?
[02:19] <mataniko> "console is ready"
[02:19] <mataniko> "debugger started, type 'exit' to return to the game"
[02:20] <snover> ah, this bug is particularly unpleasant, as it is triggered even by parts of the debugger
[02:21] <snover> once the console shows up you should be able to type bt, but then the console will also crash, so if you are not using the text console you probably wont be able to read what it says
[02:22] <snover> (since the game window will go away)
[02:25] <mataniko> even then nothing, I ran it with gdb, console pops with the error, typed bt and the processed just quit
[02:26] <mataniko> process
[02:26] <snover> if you want to get into gdb, you should be able to do that by putting a breakpoint in the global `error` function in common/textconsole.cpp
[02:27] <snover> https://gist.github.com/csnover/4cb96bf182630215d126d15d51a15154 this is the sci VM backtrace for the crash, though i dont know if it is complete because something after frame A is causing the entire process to crash
[02:27] <mataniko> btw, everything crashes terribly with -d 11
[02:28] <snover> i am guessing that segment 0x15 doesnt exist any more
[02:30] <snover> hm. im not able to reproduce a crash with `-d 11` here, but it does trigger the onstartup debugger, so if that is what is happening you just need to type go to continue
[02:31] <mataniko> yeah, interacting with the game after it starts is when the crash happnes
[02:32] <snover> oh, ok. its the pathfinding drawing code. that is on my list of things that i need to fix so i can debug pathfinding.
[02:32] <snover> for now& uh, dont use `-d 11` :)
[02:34] --> Vel0city joined #scummvm.
[02:35] <snover> or, i mean, if you want to fix the pathfinding debugging drawing code, that would help me and also make it so you can do that
[02:35] <mataniko> ok looks like it's trying to dereference a string
[02:35] <mataniko> i would love to do that, as you probably noticed i'm not at home with this kind of tooling
[02:36] <snover> i am here to help!
[02:36] <mataniko> i wonder whats easier, learning to use unix tooling, or get scummvm to compile on VS
[02:36] <mataniko> because i remember that being a nightmare
[02:38] <snover> i want to say it is easier than used to be
[02:40] <snover> http://wiki.scummvm.org/index.php/Compiling_ScummVM/Visual_Studio VS instructions are here
[02:42] <mataniko> yeah i'm giving it another go
[02:42] <mataniko> it used to just "not work"
[02:47] <mataniko> looks good so far
[02:48] <mataniko> awesome work btw getting sci32 going
[02:50] <mataniko> not sure why i'm compiling all engines right now...
[02:51] <snover> when you run create_project you can specify engines
[02:51] <dreammaster> Because it's fun :)
[02:51] <mataniko> yeah i know, i'm just not sure why i didn't specify SCI only
[02:51] <mataniko> i'm questioning myself :)
[02:52] <snover> In that case& Because its fun :)
[02:52] <dreammaster> Though if you particularly want just SCI, it may be quicker. The Titanic engine in particular takes a while to compile
[02:55] <snover> oh, dear. torin, torin. how are you having some bad palette entries right at the end of the game.
[02:55] <snover> after restoring a save.
[02:55] <dreammaster> Erk.. not another save problem. :(
[02:58] <mataniko> yeah that's what i'm doing now
[02:58] <mataniko> kudos to whoever fixed VS
[03:01] <snover> blame dreammaster
[03:02] <dreammaster> Thanks, though it's not entirely just me.. the original zips I prepared have since been replaced with a better version. But as a long time VS user, I wanted it to be as easy as possible to setup the environment
[03:03] <dreammaster> And it's certainly helped me when I switched to a new laptop
[03:06] <snover> mataniko: oh, and, thanks for the compliment on sci32
[03:06] <mataniko> ouch, debug build from VS crashes immediately when starting lsl6hires
[03:08] <mataniko> no breakpoints hit either
[03:08] <snover> is there any output at all?
[03:09] <snover> my code is frequently buggy, but usually not quite that buggy ;)
[03:09] <mataniko> just threads exiting, and program terminating
[03:09] <mataniko> sq3 runs fine
[03:09] <dreammaster> That's weird. Maybe try seeing if it still crashes after doing a release build. Or try using a daiiy download, just to make sure it's not your data that's corrupt
[03:09] <dreammaster> Or put a breakpoint in the error method in common/textconsole.cpp.. see if it's generating an error
[03:10] <dreammaster> I have one set all the time during my development, just so I know what causes an error exit when it happens :)
[03:11] <mataniko> compiling in release
[03:13] <mataniko> build failed in release, debug mode error is "0x0189ae28 "Could not open %s for reading""
[03:13] <mataniko> updateResource method
[03:13] <snover> curious.
[03:13] <snover> what is src->getLocationName()?
[03:13] <mataniko> thanks dreammaster :)
[03:14] <dreammaster> Maybe you're missing a file?
[03:17] <mataniko> resource.000
[03:19] <mataniko> nightly runs fine,
[03:19] <mataniko> trying to build release returns a bunch of "resolved external symbol" errors
[03:20] <mataniko> sci.lib
[03:20] <snover> hm. how did you build your project?
[03:21] <snover> `--disable-all-engines --enable-engine=sci,sci32`?
[03:21] <dreammaster> Hmmm.. maybe the LIBS package doesn't have all the needed libraries for release mode anymore, there have been several new packages lately, like libcurl and winsparkle
[03:21] <snover> s/build/create
[03:21] <mataniko> just sci
[03:21] <mataniko> ok
[03:21] <mataniko> ill do sci32
[03:22] <snover> i bet i know what is going on. what a great accidental catch :)
[03:22] <mataniko> yay i helped
[03:23] <snover> (i bet the fallback detector is trying to load resources to figure out what game this is, but it cant deal with it because the code for SCI2+ volumes isnt there)
[03:23] <snover> i will test my hypothesis after i finish committing this hack :\
[03:26] <mataniko> that solved it
[03:26] <mataniko> still can't build release, but that's probably me/vs
[03:27] <tsoliman> snover: you can specify just --enable-engine=sci32 and it will auto-enable sci - because sci32 cannot live without it :P
[03:27] <snover> you might also want to `--disable-libcurl --disable-sdlnet --disable-cloud` and perhaps `--enable-text-console` and maybe even `--disable-readline`
[03:27] <dreammaster> I can't remember the last time I tried to build in release mode. I think it was one or two releases ago, I tried to help out since the Windows maintainer was absent. My attempts died in falmes, with problems trying to link in the necessary msvcrt dlls. :P
[03:28] <snover> tsoliman: whatever man! :P
[03:28] <dreammaster> readline? I don't remember that one
[03:28] <snover> i use xcode, and i have to disable readline or else the text console does not work (it is not a full terminal emulator)
[03:29] <snover> i figure that perhaps visual studio is the same
[03:29] <dreammaster> Ah. A text window thing
[03:29] <snover> the graphical debugger is great except if you want to do things like copy information out of it
[03:30] <tsoliman> also: --disable-cloud auto-disables sdlnet as well (I guess it is a dependency?) .. it doesn't auto-disable disable libcurl :(
[03:30] <snover> stop messing with my snake oil rituals tsoliman :(((
[03:31] <tsoliman> --enable-text-console is the best :) I'll grant you that
[03:32] <tsoliman> hey man, I have my own snake oil as well: --disable-eventrecorder .. I don't even remember why I do that
[03:33] <snover> because it broke& a& something& about 600 days ago. oh, right, the tests.
[03:33] <mataniko> ok so something funky with getObjectName
[03:34] <mataniko> but i have no clue what/how/why
[03:34] <tsoliman> oh I remember now .. I sometimes --enable-keymapper and they cannot co-exist .. yeah :(
[03:34] <snover> but it was fixed about 599 days ago
[03:37] <snover> mataniko: when scripts are loaded they are loaded into a segment; sounds like the script that was at segment 0x15 was unloaded, but there is still a reference to an object (a `reg_t`) with segment 0x15 that is being used
[03:37] <mataniko> i concur
[03:43] <mataniko> and i'm totally lost at this point too
[03:43] <mataniko> maybe a fresh look in the morning
[03:43] <snover> the first step i think would be to fix cmdBreakpoint so it doesnt crash when you try to get the backtrace out of the engine
[03:43] <snover> er
[03:44] <snover> Console::cmdBacktrace
[03:44] <snover> mr brain
[03:44] <snover> calls to getObjectName should not ever be crashing due to missing objects, so something is wrong there still
[03:52] <mataniko> cmdBacktrace is called after the fatal error
[03:55] <mataniko> ah i see what's happening
[03:56] <mataniko> when you call it, it calls getObjectName again on that dereferenced segment
[03:56] <snover> yeah, the order of operations for this crash is, game script tries to access invalid object -> error -> debugger opens automatically -> run cmdBacktrace -> error again, game over this time
[03:57] <snover> oops, i missed a step. i should probably stop talking soon :)
[03:57] <snover> game script tries to access invalid object -> error -> debugger opens automatically -> run cmdBacktrace -> cmdBacktrace tries to access invalid object -> error again, game over this time
[03:58] <mataniko> yeah this makes sense
[03:58] <dreammaster> I think it's getting kinda late for me. So goodnight
[03:58] <snover> dreammaster: see you later. have a good night!
[03:58] <mataniko> but cmdBacktrace doesn't handle any exceptions
[03:58] <-- dreammaster left irc:
[04:00] <snover> if you are thinking like c++ exceptions, scummvm disables that
[04:01] <mataniko> yeah i know
[04:02] <snover> ok. just making sure :)
[04:06] <mataniko> ok i hack fixed it
[04:08] <mataniko> i added a check in SegManager::getObjectName to see if the segment number is 21 and not deref it
[04:08] <mataniko> the script runs fine afterwards
[04:08] <mataniko> but this sounds like a hack and not a fix
[04:08] <snover> do you know which thing getObjectName calls that is raising the error?
[04:09] <mataniko> name = derefString(nameReg);
[04:10] <snover> huh. so getObject is actually returning an Object?
[04:11] <mataniko> yes
[04:11] <snover> is the segment of `nameReg` the same as the segment of `pos`?
[04:11] <mataniko> no
[04:11] <mataniko> nameReg is 21
[04:11] <mataniko> pos is 105
[04:11] <snover> huh.
[04:12] <mataniko> ok so you think the bug is in getNameSelector?
[04:13] <snover> not necessarily; it could be a clone object
[04:13] <mataniko> ok that kinda makes sense, clone object was deleted, by the name lookup got it before the actual object
[04:14] <mataniko> does that mean we need a check that the nameReg segment is the same as the pos?
[04:14] <mataniko> i gotta go to bed, but i'll catch up in the AM
[04:15] <snover> im actually thinking it is the opposite, that there is an unfreed clone object that was cloned from an object in a script that was disposed
[04:18] <snover> though, it does seem to be the other way around, which might indicate that i dont know enough about what is going on
[04:19] <mataniko> what do i know, this is the first time i look at this code :)
[04:20] <snover> i have no idea why i was so specific with that fix for torin, it really could just check the offset validity for any segment object
[04:58] <snover> segment management code is becoming a nightmare
[05:00] <snover> checking to see if reg_t(21, 910) is valid, results in looking at an Object at `_heap[21]->_table[910]` with next_free = 910 and data->_pos = reg_t(19, 2059)
[05:26] <snover> i wonder if lldb is getting confused and is calling the wrong things
[05:28] --> Begasus joined #scummvm.
[05:37] <snover> the object pointed to by nameReg in this case is a Str object, so that explains some things.
[05:37] <snover> probably should have thought about that a while ago.
[05:42] --> Begas_VBox joined #scummvm.
[06:20] --> macdude22 joined #scummvm.
[06:22] <-- TAS_2012v left irc:
[06:25] <-- LittleToonCat left irc: Remote host closed the connection
[06:44] --> m_kiewitz joined #scummvm.
[06:44] <-- m_kiewitz left irc: Changing host
[06:44] --> m_kiewitz joined #scummvm.
[06:44] #scummvm: mode change '+o m_kiewitz' by ChanServ!ChanServ@services.
[06:47] --> Joefish joined #scummvm.
[06:47] #scummvm: mode change '+v Joefish' by ChanServ!ChanServ@services.
[06:49] --> Henke37 joined #scummvm.
[06:54] <m_kiewitz> didn't we already fix this castle of dr. brain word search puzzle already? o_O
[06:56] --> frankyboy_ joined #scummvm.
[07:02] <-- Deledrius left irc: Quit: App.Exit
[07:08] --> Deledrius joined #scummvm.
[07:59] <-- Begas_VBox left irc: Quit: Vision[0.9.8]: i've been blurred!
[08:24] --> ajax16384 joined #scummvm.
[08:24] #scummvm: mode change '+o ajax16384' by ChanServ!ChanServ@services.
[08:34] --> Begas_VBox joined #scummvm.
[08:35] <wjp> m_kiewitz: I can only remember something there related to saving/loading and memory becoming invalid (which should now be fixed)
[08:36] <m_kiewitz> ah
[08:40] <wjp> can you reproduce this one?
[08:45] <m_kiewitz> have not tried yet
[08:45] <m_kiewitz> still im using a trackpad and i doubt i can click really fast with it
[08:45] <m_kiewitz> have you?
[08:51] --> t0by joined #scummvm.
[08:51] #scummvm: mode change '+o t0by' by ChanServ!ChanServ@services.
[09:07] <-- ajax16384 left irc: Read error: Connection reset by peer
[09:27] <wjp> took some time, but just managed to
[09:29] --> Farmboy0 joined #scummvm.
[09:29] <-- Farmboy0 left irc: Changing host
[09:29] --> Farmboy0 joined #scummvm.
[09:31] <m_kiewitz> nice
[09:31] <m_kiewitz> i wonder what causes it
[09:31] <m_kiewitz> (script-wise)
[09:31] <m_kiewitz> i guess i will first try to fix the kq6 script patch issue
[09:39] <wjp> ah, I have it reproduced while outputting vm steps now
[09:55] --> WooShell joined #scummvm.
[09:59] <WooShell> good meowning =^.^=
[10:04] <-- frankyboy_ left irc: Quit: ...
[10:06] --> Poly-C joined #scummvm.
[10:07] <-- Poly-C left irc: Remote host closed the connection
[10:09] <-- Polynomial-C left irc: Ping timeout: 268 seconds
[10:18] --> Strangerke_ joined #scummvm.
[10:21] <-- Strangerke left irc: Ping timeout: 268 seconds
[10:21] Nick change: Strangerke_ -> Strangerke
[10:28] --> emilknievel joined #scummvm.
[10:35] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[10:41] --> emilknievel joined #scummvm.
[10:43] <-- Strangerke left irc: Ping timeout: 268 seconds
[10:53] <-- Begas_VBox left irc: Quit: Vision[0.9.8]: i've been blurred!
[10:54] --> ajax16384 joined #scummvm.
[10:54] #scummvm: mode change '+o ajax16384' by ChanServ!ChanServ@services.
[11:07] --> Begas_VBox joined #scummvm.
[11:07] --> ny00123 joined #scummvm.
[11:12] --> NoLifeEmu joined #scummvm.
[11:12] <NoLifeEmu> hello
[11:13] <NoLifeEmu> I want to report some possible GPL violation
[11:14] <NoLifeEmu> regarding an open source project which includes ScummVM code and went closed source (while continuing to distribute new binaries) without any notice
[11:14] <NoLifeEmu> can anyone point me to the right email to write to ?
[11:15] <-- NoLifeEmu left irc: Client Quit
[11:15] --> NoLifeEmu joined #scummvm.
[11:16] <criezy> Hi NoLifeEmu
[11:16] <criezy> You can probably send an email to the team lead: sev (AT) scummvm.org
[11:16] <NoLifeEmu> hi criezy, ok, thanks, will do
[11:16] <NoLifeEmu> have fun guys and keep up the good work coming
[11:16] <-- NoLifeEmu left irc: Client Quit
[11:16] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[11:20] <wjp> hrm, that doesn't sound good
[11:24] <m_kiewitz> well sounds like fun :/
[11:24] <m_kiewitz> I wonder who uses ScummVM code?
[11:29] --> emilknievel joined #scummvm.
[11:31] <-- emilknievel left irc: Client Quit
[11:31] --> _sev|work joined #scummvm.
[11:31] #scummvm: mode change '+o _sev|work' by ChanServ!ChanServ@services.
[11:34] --> emilknievel joined #scummvm.
[11:40] <t0by> Just like fun, minus the fun.
[11:44] <logix> m_kiewitz: surely there's a bunch of "black box emulation stations" that use/come with scummvm
[11:44] <logix> I know that retropie comes with scummvm, I assume there are others too
[11:45] <logix> to the best of my knowledge retropie is open source (there's a github repo), I'm not saying that they're the aforementioned violator
[12:03] --> Strangerke joined #scummvm.
[12:17] <-- t0by left irc: Quit: t0by
[12:19] --> t0by joined #scummvm.
[12:19] <-- t0by left irc: Changing host
[12:19] --> t0by joined #scummvm.
[12:19] #scummvm: mode change '+o t0by' by ChanServ!ChanServ@services.
[12:21] <-- t0by left irc: Client Quit
[12:21] --> t0by joined #scummvm.
[12:21] #scummvm: mode change '+o t0by' by ChanServ!ChanServ@services.
[12:21] <-- t0by left irc: Remote host closed the connection
[12:22] --> t0by joined #scummvm.
[12:22] <-- t0by left irc: Changing host
[12:22] --> t0by joined #scummvm.
[12:22] #scummvm: mode change '+o t0by' by ChanServ!ChanServ@services.
[12:27] --> SylvainTV joined #scummvm.
[12:27] #scummvm: mode change '+o SylvainTV' by ChanServ!ChanServ@services.
[12:45] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[12:50] --> omer_mor_ joined #scummvm.
[12:52] <-- omer_mor left irc: Ping timeout: 240 seconds
[13:20] --> Raziel^ joined #scummvm.
[13:20] #scummvm: mode change '+v Raziel^' by ChanServ!ChanServ@services.
[13:35] <-- _sev|work left irc: Quit: This computer has gone to sleep
[14:02] <-- Begasus left irc: Ping timeout: 246 seconds
[14:06] <-- Raziel^ left irc: Ping timeout: 240 seconds
[14:06] --> Raziel^ joined #scummvm.
[14:06] #scummvm: mode change '+v Raziel^' by ChanServ!ChanServ@services.
[14:09] --> emilknievel joined #scummvm.
[14:12] <mataniko> snover, do you think the fix is to expand on the hack for torin script 64000?
[14:15] --> Begasus joined #scummvm.
[14:40] <-- Joefish left irc: Ping timeout: 272 seconds
[15:02] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[15:08] --> emilknievel joined #scummvm.
[15:12] <Raziel^> ScummVM has a "testbed" engine iirc
[15:13] <Raziel^> that should play through games in a random manner to maybe find bugs and other oddities
[15:13] <Raziel^> would OSS-Fuzz help if ScummVM could use it?
[15:14] <Raziel^> just a question out of curiosity, don't burn me :-)
[15:35] <-- Raziel^ left irc: Read error: Connection reset by peer
[15:35] --> Raziel^ joined #scummvm.
[15:35] #scummvm: mode change '+v Raziel^' by ChanServ!ChanServ@services.
[15:49] <mataniko> wouldn't fuzzing just give a bunch of random inputs to functions?
[15:50] <mataniko> but i assume that generally, the input is very deterministic
[15:50] <mataniko> either script or the limited allowed interaction
[15:52] <Raziel^> probably, but random inputs will sooner or later finish a game...or cause a crash :-)
[15:52] <mataniko> i think the probability of random inputs finishing a game are abysmally low :)
[15:53] <Raziel^> true, but still possible :-D
[15:53] <Raziel^> thinking about the bunch of monkeys with typewriters allegory
[15:54] <mataniko> simian army
[15:55] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[15:56] <Raziel^> i didn't get that
[15:56] <Raziel^> but would the "testbed" functionality not do the same?
[15:56] <mataniko> it's a netflix library
[15:56] <Raziel^> ok
[15:56] <mataniko> to hammer cloud services
[15:57] <Raziel^> i remember reading somewhere that testbed should give the functionilty to play though a game by random events
[15:57] <snover> im not sure how random event inputs could allow a play through of a game
[15:59] --> emilknievel joined #scummvm.
[15:59] <Raziel^> well, if they obey the sandbox of a game, maybe?
[15:59] <Raziel^> i.e. Monkey Island, click around witht he mouse long enough and you will per random execute a command
[15:59] <Raziel^> granted it will take ages
[16:01] <mataniko> probably be easier to script the valid actions so you can feed the VM with valid input that will get you through the game, but introduce fuzzing opportunities
[16:01] <mataniko> like random clicking
[16:01] <mataniko> using different objects
[16:01] <mataniko> etc
[16:03] <snover> mataniko: so, i just looked at the game scripts for the affected object. this is another instance where a game is setting `name` dynamically.
[16:03] <Raziel^> ah, yes, that's what i was trying to tell :-)
[16:03] <Raziel^> Thank you
[16:04] <mataniko> obj at 105:5023
[16:04] <mataniko> i wonder if these are isolated use cases
[16:04] <snover> but in this case it is setting it to a Str object instead of a reference to a string
[16:06] <mataniko> you lost me again
[16:06] --> Strangerke_ joined #scummvm.
[16:06] <mataniko> i don't understand how the torin fix works, but it seems like the same issue
[16:08] <-- Strangerke left irc: Ping timeout: 268 seconds
[16:08] Nick change: Strangerke_ -> Strangerke
[16:09] <snover> no problem, i will try to explain better
[16:10] <snover> mataniko: https://gist.github.com/csnover/7229fa7d3ced22aa2a520c407c5a22fe this is the (decompiled) script that is causing trouble.
[16:10] --> LittleToonCat joined #scummvm.
[16:12] <snover> on lines 63/64, the `name` selector of the object instance `Class_610_17` is being invoked with a Str object thats copied and stored to local var 3.
[16:14] <mataniko> which was copied from var 4>
[16:14] <mataniko> ?
[16:15] <mataniko> so the str is copied from var4 to var3, then var4 is disposed but when we get the name we find the offset of var4?
[16:17] <mataniko> i'm totally just guessing
[16:19] <snover> let me back up a little more
[16:21] <-- emilknievel left irc: Quit: My MacBook has gone to sleep. ZZZzzz&
[16:21] --> Joefish joined #scummvm.
[16:21] #scummvm: mode change '+v Joefish' by ChanServ!ChanServ@services.
[16:21] <snover> there are two kinds of selectors, varselectors and method selectors. `Str::copy` is a method selector, and when it is invoked it causes some script code to run that instantiates a new Str object with a new copy of the raw string data from local4.
[16:21] <snover> and then that new object is assigned to local3
[16:25] <snover> in contrast, the `Class_610_17::name` selector is a varselector, which just assigns the reg_t of the Str object referenced by local3 to the `name` property of the object
[16:25] --> emilknievel joined #scummvm.
[16:27] <mataniko> ok so now my head is spinning more
[16:27] <snover> that reg_t is the nameReg that we get in getObjectName
[16:28] <mataniko> i wonder what this script looks like for regular lsl6, since it doesn't crash
[16:30] <snover> maybe it helps if you think of a reg_t as being a pointer. local3 is a pointer to the new Str object created by invoking Str::copy, and that pointer gets assigned to Class_610_17::name on line 64
[16:31] --> jamm joined #scummvm.
[16:31] <-- jamm left irc: Read error: Connection reset by peer
[16:39] <snover> the problem is that `getObjectName` thinks that `name` is always going to be reference to either a script object instance (which would go to Script::dereference) or a string array (which would go to ArrayTable::dereference) which can be dereferenced via derefString, but in this case the game has assigned it to a dynamically created Str object, so it goes to SegmentObj::dereference and crashes
[16:40] <snover> and then lldb confused me terribly by (apparently) failing at dynamic dispatch and invoking the wrong isValidOffset so it looked like the reg_t was pointing to an invalid offset, but it is not
[16:40] Nick change: omer_mor_ -> omer_mor
[16:41] <omer_mor> snover: hi - I just opened https://bugs.scummvm.org/ticket/9786 about bad palette in kq6 highres inventory
[16:42] <snover> omer_mor: is it broken in 1.9?
[16:42] <omer_mor> I don't know if it happens in SSCI since I can't easily run the highres version - I don't have dosbox with windows
[16:42] <omer_mor> snover: no idea
[16:42] <snover> can i force you to check? ;)
[16:43] <omer_mor> Sure, I'll download 1.9
[16:43] <omer_mor> but in about 1/2 an hour
[16:43] <snover> thank you :)
[16:43] <-- Joefish left irc: Ping timeout: 260 seconds
[16:46] <snover> so i do have a patch for this now, but i am kind of wondering if we should be storing the object name from the script separately and not using the name selector with getObjectName
[16:47] <mataniko> snover this all makes sense, but i think to fully understand what's going on here i'd need to understand more about how the whole engine works
[16:47] <snover> mataniko: that is very understandable
[16:47] <-- Raziel^ left irc: Quit: AmigaOS 4 (Unregistered copy). Evaluation period is over. Program will now quit. Thank you for using AmigaOS.
[16:47] <snover> do you have enough sense yet of how things work that you feel like you can ask reasoned questions about it?
[16:48] <mataniko> meh :)
[16:49] <snover> it took me many months to learn enough to get there, except that i still ask silly questions
[16:50] <mataniko> definitely smarter about this than yesterday
[16:51] <mataniko> I was hoping i'd be simple enough so i can actually do a fix, but even being a trivial change this would affect all SCI32 games
[17:01] <snover> the fix i have right now is simple (just dont dereference if the nameReg segment is the clone segment), but hard to discover unless you know about how ScummVMs SCI VM works (and to a lesser extent how the original VM worked)
[17:02] <snover> i feel like the most correct fix is to store the object name separately but im uneasy since that much of a change could break things like script patches
[17:03] <snover> if some script patch uses an object name that is dynamically assigned by the game, it would stop matching
[17:03] <snover> er. not script patches, but workarounds.
[17:04] <snover> oh, like these kReadNumber workarounds for "dominoes.opt" which looks like a file object with a dynamic filename
[17:08] <mataniko> i just did if ((pos.getSegment() == 105 && pos.getOffset() == 5023)) return "<hack>"; :)
[17:09] <mataniko> what was your fix
[17:12] <snover> adding `nameReg.getSegment() != _clonesSegId` to the preconditions for calling derefString
[17:13] <mataniko> ok that sounds like the more correct hack :)
[17:14] <mataniko> didn't realize that was stored
[17:16] --> Polynomial-C joined #scummvm.
[17:20] <mataniko> but i agree, that whole check in getObjectName feels wrong
[17:21] <-- emilknievel left irc: Quit: Textual IRC Client: www.textualapp.com
[17:23] <snover> wjp, m_kiewitz, what do you guys think? add an extra reg_t on Object that holds the reference to the objects original name in the script, and use that for getObjectName instead of whatever the name selector may have been changed to at runtime?
[17:31] --> omer_mor_ joined #scummvm.
[17:32] --> James|GlideM joined #scummvm.
[17:32] #scummvm: mode change '+v James|GlideM' by ChanServ!ChanServ@services.
[17:33] <-- Begasus left irc: Ping timeout: 260 seconds
[17:34] <-- omer_mor left irc: Ping timeout: 240 seconds
[17:34] Nick change: omer_mor_ -> omer_mor
[17:34] <omer_mor> snover: yeah - bad palette bug reproduces in v1.9
[17:45] --> Begasus joined #scummvm.
[17:45] <-- Begas_VBox left irc: Quit: Vision[0.9.8]: i've been blurred!
[17:46] <-- Begasus left irc: Client Quit
[17:51] <-- James|GlideM left irc: Read error: Connection reset by peer
[17:53] --> omer_mor_ joined #scummvm.
[17:55] <-- omer_mor left irc: Ping timeout: 240 seconds
[18:32] --> dreammaster joined #scummvm.
[18:32] #scummvm: mode change '+o dreammaster' by ChanServ!ChanServ@services.
[18:56] <snover> omer_mor_: phew, then it is probably not my fault ;)
[18:57] --> omer_mor joined #scummvm.
[18:59] <-- omer_mor_ left irc: Ping timeout: 240 seconds
[19:00] <m_kiewitz> which palette bug?
[19:00] --> DJWillis joined #scummvm.
[19:01] #scummvm: mode change '+o DJWillis' by ChanServ!ChanServ@services.
[19:01] <m_kiewitz> ah that one, I saw that a few weeks ago in a Let's Play
[19:02] <omer_mor> m_kiewitz: I've no idea if it's in SSCI as well
[19:02] <omer_mor> it doesn't happen in lowres kq6
[19:10] <m_kiewitz> yes, one has to check that
[19:10] <m_kiewitz> do you know when it happens?
[19:10] <m_kiewitz> i got a working win311 installation with kq6 on here
[19:11] <omer_mor> see the bug - got a quick repro
[19:11] <m_kiewitz> maybe its a wrong palette inside one of the hires views? idk
[19:11] <m_kiewitz> or maybe even a script bug
[19:11] <omer_mor> it happens right at the 1st screen
[19:11] <m_kiewitz> i wonder if that ever worked
[19:11] <omer_mor> me too
[19:12] <omer_mor> which resource holds the hires views?
[19:17] <m_kiewitz> hmm, im not sure on this one
[19:17] <m_kiewitz> it seems it should be inside the main resource file too
[19:17] <m_kiewitz> gabriel knight has a special windows resource file, that gets added when hires is active
[19:18] <omer_mor> I did a quick browse via sv.exe and didn't see the hires portraits
[19:18] <omer_mor> but maybe I just missed it
[19:19] <m_kiewitz> no, the portraits are in separate files
[19:20] <m_kiewitz> im taling about a few hires views
[19:20] <m_kiewitz> those portrait files are inside the ACTORS subdirectory
[19:20] <omer_mor> and the hires inventory items?
[19:21] <m_kiewitz> yes
[19:21] <m_kiewitz> hmm, we currently only set the portrait palette
[19:21] <m_kiewitz> but do not change it back, so that may be the cause
[19:22] <m_kiewitz> maybe they use a few colors on top that are normally used for inventory items too
[19:23] <m_kiewitz> will check win311 now
[19:24] <m_kiewitz> first room, any hires portrait gets drawn and then inventory palette is broken?
[19:24] <m_kiewitz> or how exactly does this work out?
[19:25] <omer_mor> pretty much
[19:25] <omer_mor> on the shore, pick up the plank, pick up the copper coin
[19:25] <omer_mor> then select it in the inventory, and look at the menu bar
[19:25] <m_kiewitz> hmm, that actually sounds like the portrait palette breaks it
[19:25] <m_kiewitz> do we save palette?
[19:25] --> Joefish joined #scummvm.
[19:25] #scummvm: mode change '+v Joefish' by ChanServ!ChanServ@services.
[19:26] <m_kiewitz> if we don't, then the palette should get set again by scripts and it should work fine until hires portraits get drawn
[19:27] <m_kiewitz> hm it seems we do not save the palette, only intensity and palVary stuf
[19:27] <m_kiewitz> stuff
[19:28] <m_kiewitz> hmm palette of an inventory item is even broken right after loading a saved game and then going to inventory
[19:36] Nick change: _sev_ -> _sev
[19:46] --> Strangerke_ joined #scummvm.
[19:49] <-- Strangerke left irc: Ping timeout: 268 seconds
[19:49] Nick change: Strangerke_ -> Strangerke
[20:39] <m_kiewitz> it can't have anything to do with portraits
[20:39] <m_kiewitz> i just grabbed the coin in ScummVM 1.7 without getting any portraits, then selected coin from inventory and the coin in game menu was glitchy too
[20:41] <m_kiewitz> hmmm coin looks fine under win311
[21:04] <-- user9 left irc: Remote host closed the connection
[21:39] --> _sev_ joined #scummvm.
[21:39] #scummvm: mode change '+o _sev_' by ChanServ!ChanServ@services.
[21:40] <-- ny00123 left irc: Quit: Leaving
[21:41] <-- _sev left irc: Ping timeout: 264 seconds
[21:55] <-- Joefish left irc: Ping timeout: 272 seconds
[22:08] <-- ajax16384 left irc: Read error: Connection reset by peer
[22:36] <-- WooShell left irc: Quit: If you understand or if you don't, if you believe or if you doubt - There's a universal justice, and the eyes of truth are always watching you.
[23:14] <-- Henke37 left irc: Quit: ERR_SHUTDOWN
[23:30] --> exmensa joined #scummvm.
[23:39] <-- Farmboy0 left irc: Remote host closed the connection
[00:00] --- Sun May 14 2017