-
-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Documentation] Fixing the "out of memory handles" crash #22
Comments
When calling the eagle/unmounting I still have some random crashes even with 1.13 patch applied to the WHDLoad installation of the game (already double-checked the files) 😔 P.S. |
Can you please try to just mount/unmount the eagle for about 15 times in a row? I am not that familiar with WHDLoad slaves but don't they change the code inside AM2_CPU and AM2_BLIT? Did you replace those files? |
Yes, I replaced the exe files too. No problem after 15 times, but going on it will still happen. |
Confirmed it happened after 25-26 times without moving (so it's not a map border issue or a consequence of sleep day/night at least... we can exclude them)! |
Ok, happened also running the patched game without WHDLoad: An error has occurred : There are not enough memory handles available. This is an internal error. Our most sincere apologies. You can try to play on simply by rebooting your computer Please press RETURN. |
Yes or sometime replace the exes altogether. It is unlikely a WHDload slave will work correctly with a modified compressed executable like Ambermoon (but not impossible). |
As far as I've tested, only "Ambermoon" file has to be Imploder compressed like the original, then you can use modified files for the exes (but AM2_BLIT and AM2_CPU must be decompressed to work with WHDLoad. I use xfddecrunch), data, savegames etc. (indeed I imported my WB game into a WHDLoad installation). In short, to convert it to WHDLoad you can overwrite the data/amberfiles/ subdir of the installed game with the patch files (PyrdacorFixEnglish1.13.lha), and then just have to decompress Imploder files AM2_BLIT and AM2_CPU. WHDLoad installer will still work fine. Are the exe files in PyrdacorFixEnglish1.13.lha already patched, right? |
@a1exh |
They are supposed to be but there is always a possibility that something has gone wrong. This is the commit I'm a little nervous that English AM2_CPU says +0 bytes but AM2_CPU for German version says -4 Bytes. So does AM2_BLT for both English and German say -4 Bytes. This may be nothing. If I had time I would binary diff them and the changes. |
It is also possible that there is a second crash issue. I will check that soon. Can you try with 1.14 as well? It has a complete new exe. But please use without WHDLoad and the full version as a clean state. I didn't have the time to release only the patch nor LHA files so only zip and tar.gz at the moment. |
Still the same auto-quit issue after 26 Eagle mounts, ran from WB no WHDLoad: An error has occurred : There are not enough memory handles available. This is an internal error. Our most sincere apologies. You can try to play on simply by rebooting your computer Please press RETURN. Could be something in the savegame or it can't be? Here is it anyway (use the MEGAHERO savegame): https://1drv.ms/u/s!ApMUGr0cuN39gowEjNyqUlDiqliexg?e=tXiZMq P.S. |
If this is not 100% fixed can we add a bug LABEL? |
BTW, I have to report to WHDLoad team this new single exe change for a new slave... |
@Pyrdacor maybe we (and by that I mean you) should work towards removing any need for a WHDload slave? The source is included in the WHDload slave. I think they only patch 2 places. http://whdload.de/games/Ambermoon.lha Ambermoon Install\src\ambermoon.asm I'm not sure there is really a need for Ambermoon WHDload but I haven't used real 68060 for a long time. |
Yes... I prefer the WHDLoad version as I've had some instability in the past after running Ambermoon from the OS. |
I can try to do this tomorrow. |
News? |
Sorry I will have a look at it asap. |
I'm in contact with Wepl from WHDLoad now. He said he can create a slave for the recent release but I don't know when he will do so. |
Good. Can he also help us fixing the "26 giant eagle mounts" bug? Whd team is very skilled in fixing original games |
I finally had time to have a look. And unfortunately my fix was no longer present in 1.14. I guess when I moved over to Nico's Ghidra project and re-installed the fixes there, I forgot to add the eagle fix. :( So I fixed it now again in Ghidra and will release a new version in the next days. |
@Hexaae Can you please test with this AM2_CPU? |
I released 1.15 with the fix. Hopefully it works. Otherwise feel free to reopen this issue. |
Still unfixed. I used PyrdacorFixEnglish1.15.lha. An error has occurred : There are not enough memory handles available. This is an internal error. Our most sincere apologies. You can try to play on simply by rebooting your computer Please press RETURN. |
Can you test to use the AM2_CPU from the 7z I provided earlier? |
This was only in DE v1.01 which we've never really used. |
That's what I thought too. |
As mentioned before the original behaves strangely with CHIPmem allocation causing random not enough mem issues at launch or quitting the game on 060 and advanced systems... (Imploder, used for some files, also has no reliable compatibility with 060 AFAICR, but in this case an xfddecrunch can decompress them and should solve the problems...). The WHDLoad edition workarounds also all these annoyances... |
The memory allocation in Ambermoon is a bit strange and can easily cause an Out of Memory error. I just recently decoded it. |
It works like this: For each memory type it does 10 iterations. Each iteration asks the OS for the biggest available chunk of memory. If it is at least 5120 bytes, it is allocated. So this is very greedy. It will take all the memory if it can. But there is a value which states how much memory should remain free after all allocations. So after the 10 iterations Ambermoon again asks the OS how much free space there is. If there is not enough left (10240 bytes is the value in Ambermoon for both mem types), the allocated blocks are freed until enough memory is available for the OS. This can also be a partial free (which is a bad thing but works). First this is done for chip mem. Then for fast mem. 280000 bytes is minimum for chip, and 75000 for fast. If not enough chip the error is raised. If not enough fast, chip is checked for the total amount (355000). If not enough the error is also raised. Note that all memory blocks below 5120 are not considered so even if you have enough free memory but in a bad distribution, you will get the error. |
I just released 1.16. First try this please. There was a bug which corrupted the seglist so that the game crashed at quit. Maybe it also caused your RAM disk issues? Give it a try. |
@a1exh FYI: The eagle-related crash should now really be fixed in 1.16. |
Can we split this bug into two? Close the eagle crash bug. Open a Native vs WHDload 060 compatibility bug? |
No, the RamDisk full error requester on quit has always been an original game bug (when running from WB) due to its hacky mem allocations... It just happened again also with 1.16. Will continue testing it to see if besides that is now a bit more reliable (launch & quit, launch & quit... many times). |
mmmh, got 2 gurus: 8000 0025 and 8000 0009 |
Done in #52 |
Can you double-check this fix description? Can't even find 4eb900246f22 in the DE or EN exes of 1.13÷1.16 or in the original AM2_CPU and AM2_BLIT... |
Sorry these are Ghidra addresses. Try 4eb900027f22 instead. In Ghidra the start address is fixed to 0021f000. In the binary, addresses are relative and then are relocated to the real address on startup. So you have to subtract 21f000 from the addresses I mentioned. |
FYI: I edited the initial post to correct this. |
The problem is that you also have to adjust the reloc table. This time two entries as you move two of them. I guess I will write a complete hex editor fix description. But not today. I reopen this until it's done. |
Ok... I'll be curious to test the fix on the original 1.07÷1.13 AM2_BLIT still compatible with WHDLoad... |
@Hexaae I posted a hex editor fix description. Can you test this please? |
Thank you. BTW, the strange thing was that 1.13 already had some of hex-fixes but not all of them... P.S. |
1.14 only merged the two files and I think externalized some data to files. And yes the partial eagle fix was in there in 1.13 already. I only forgot the second one. ;) Can you provide the WHDSlave that is working with 1.16? I would love to play Ambermoon on my A500 mini. |
Here is it: https://1drv.ms/u/s!ApMUGr0cuN39go1avydAuto9-wMRRg?e=hry54N
|
I think that confirms what we thought. There are no real bug fixes in the WHDload slave but somehow in WHDload itself. |
The quick fix
Here is the final quick fix with a hex editor. This example uses english 1.07 AM2_BLIT.
Search for hex 10 28 00 10. You will find two occurences. Start with the first one. It should be at 00006E7E.
Cut out the 4 bytes and insert them before the preceeding 12 bytes which are 4E B9 00 02 7F 22 4E B9 00 02 13 8A. Or cut out the 12 preceeding bytes and insert them after the mentioned 4 bytes. Do as you wish.
Now go to the second occurence of 10 28 00 10. Should be at 0000BDF8. Cut the 4 bytes but this time insert before the preceeding 6 bytes (4E B9 00 02 7F 22).
Now search for the first occurence of 4E F9 in the file. It should be at 00000038 in AM2_BLIT. A search for 4E F9 00 00 00 2A should also work and also return a single hit. This marks the beginning of the first code hunk btw. ;)
Now take a calculator. Use the initial found offsets:
Subtract the offset you found just a second ago:
Now subtract 0A and 04 from the first and 04 from the second value:
Now search for those 3 values. There should be only 1 occurence if you include the zero bytes into the search! The first two values should be found right next to each other:
00 00 6E 3C 00 00 6E 42
.Replace each long (4-bytes value) with the value + 4:
This is it.
Old stuff following
The fix
Open AM2_CPU and AM2_BLIT into a hex editor.
Search for the hex sequence "10 28 00 10 4E B9 00". If you find two occurences, go to the last one. Cut out the 6 bytes just in front of the found sequence and paste it back in after the "10 28 00 10".
Then search for the hex sequence "00 00 BD BC 00 00 BD C6". If you find more than one, pick the first one. Replace the "BC" with a "C0" and you are done.
This will work for english and german.
Explanation
The first change fixes the order of the first two instructions:
The function
FUN_FreeMemoryHandleById
releases a memory handle by its id. The id must be in D0 which is performed by themove
instruction. Unfortunately there is a function call just above which clears(0x10,A0)
internally. This way themove
instruction will then only move the value 0 to D0 and thusFUN_FreeMemoryHandleById
tries to free the memory handle with id 0.Valid memory handle ids are 200 to 224 (there are 25 slots). With the above bug, the slot is not freed and can no longer be used. If this is called often enough, all 25 slots will be occupied and the error is raised. Moreover
FUN_FreeMemoryHandleById
will clear some long-word at the address 800 bytes before the memory handle slots as the function just subtracts 200 from the given id (for 0 this will be -200), multiplies this by 4 and adds it to the start of the memory handle section. Then it clears the long-word there. So this will be -800 bytes relative to the memory handle section.The above bugged code is called by the "Call Eagle" spell function. This is why calling the eagle will mess up the memory handles.
The second change adjusts the relocation table as we moved a function call which uses a global 32 bit address. As we moved the
move
instruction before the function call and the instruction has 4 bytes, the offset inside the RELOC32 hunk must be increased by 4. This is the BC to C0 part.Btw the function we moved (FUN_00246f22) looks exactly like this, so you see that it clears our memorized memory handle id.
EDIT 04-07-2022:
There is a second bug. The above bug avoided freeing the eagle sprite memory handle when calling the eagle. But when unmounting the eagle, there is similar code with the exact same issue. To fix it, again search for 10 28 00 10. This time take the other spot. Move those bytes before the function call (4e b9 00 02 7f 22) again. This will fix the whole issue once and for all!
The text was updated successfully, but these errors were encountered: