Author Topic: WinXP "Random" FF7 Battle Crash Test (Read 6418 times)

Alhexx · « **on:** 2005-07-24 23:49:26 »

I'm currently trying to kill a bug in the FF7 engine which causes the game to crash when entering a battle after ALT-TABing to windows.

I would like to know if there are other people who have this problem.
I'm running FF7 v1.02 on WinXP Pro SP2 with only the Chocobo Patch applied.

It would be nice if someone of you could make a test with your game.
[list=1]

So, start the game, load a save and run around on the world map.
Then hit ALT-TAB to switch back to windows.
Return back to the game and run around on the map until you get into a battle
If the game didn't crash, run around on the map for let's say 3 more battles. (without switching back to windows)
Tell me if the game crashed or not

a neat side effect.

My explanation:
The "swirl" effect, that appears just before the battle causes the crash.
FF7 seems to create a screenshot, saves this screenshot and then, swirles that screenshot. Either the buffer allocation for the screenshot fails or it simply stores an illegal pointer.
If you NOP out the command that tries to read that buffer, the swirl effect succeeds, however, of course it does not swirl the screenshot :P
It's quite late now, and I wanna go to bed, so I don't have the time to analyze the calls before that crash command right now...

- Alhexx

The SaiNt · « **Reply #1 on:** 2005-07-25 01:10:19 »

I've been running into a similiar problem with the game in WinXP x64.
When I enter a random battle, the game randomly crashes to the desktop or worse still, in one case actually rebooted my system.
However it doesn't always happen and sometimes I'm able to get into battle.
I was going to take a look at this problem as well, but since you've already taken a look at it already, it would be useful if you could point out the offsets to me so it'll save me some time taking a look. The offset for the TNT or US exe would be nice of course.

EmperorSteele · « **Reply #2 on:** 2005-07-25 05:35:56 »

Actually i NEVER had this problem until i updated my video card. Currently running a 6600gt.

I'm also running the high-res patch, but other than that, my specs are comparable to yours.

I shall do a series of my own tests, but i've found that alt tabbing while in battle wont make the battle crash, and subsiquetnly, the next battle wont crash, either.

I think staying on the world map or in the field for several minutes aleviates any stress ff7 is reeling from, and so the crash doesn't happen, but i have to double-check this.

As for the "takes a screenshot" thing, i assume that is correct, as that's what it has to do to swirl Cloud's face after the FMV where he's flying down towards Sephiroth.

I shall edit this post when my computer isn't busy doing anti-virus scans =P

[edit 1] it MAY be service pack 2, also: I don't think i had that before, either. I'm gonna see if i can get my hands on a non sp-2 version of pro and install that (I gotta reinstall my OS soon anyway, my compys been acting farked up)

[edit 2] Okay, ti happens on both the world map, AND in the field; however, something interesting happened in the field. I alt tabed out, and right after i alt tabed in, i went into a battle no problem. So i alt tabed out after, and then, next battle, BAM, it crashed to the desktop.

I had assumed it was the high res patch. hm.

I have access to a few other video cards, and i'll try those out, as well. I'm still thinking it's a high-end video issue. See, i have a whole WEBSITE designed around making screenies of ff7, and i can state with 100% accuracy that this never happend with my voodoo (though i had 95 at the time...), and only occured less than 0.5% of the time under my mx 400.

I have the next 2 days free, so i'll be able to test lots of stuff on my own end for ya =) I'd love for this to get fixed, because it's been annoying the piss out of me.

L. Spiro · « **Reply #3 on:** 2005-07-25 10:27:34 »

It is probably a far-flung pointer created during the restoration of the device (specifically, a surface) when you alt-tab back into the game, then used (causing the crash) when you load the battle.

Itâ€™s never happened to me so I probably wonâ€™t be able to help much unless someone gives me addresses.

L. Spiro

Alhexx · « **Reply #4 on:** 2005-07-25 17:16:05 »

Quote from: The SaiNt

The offset for the TNT or US exe would be nice of course.

I would like to give them to you, however, I only have the german FF7.exe.
But I can post a few lines of code that is around that crash command area, so you can search for the opcodes in your exe.
Here's what my favorite debugger OllyDbg tells me:

Code: [Select]

 Address  | OpCode          | command
----------+-----------------+-----------------------------
00673E82  |> 8B4D 08        |/MOV ECX,DWORD PTR SS:[EBP+8]
00673E85  |. 8B55 C8        ||MOV EDX,DWORD PTR SS:[EBP-38]
00673E88  |. 0351 14        ||ADD EDX,DWORD PTR DS:[ECX+14]
00673E8B  |. 8955 C8        ||MOV DWORD PTR SS:[EBP-38],EDX
00673E8E  |> 8B45 C8        | MOV EAX,DWORD PTR SS:[EBP-38]
00673E91  |. 3B45 C0        ||CMP EAX,DWORD PTR SS:[EBP-40]
00673E94  |. 7D 3E          ||JGE SHORT Kopie_vo.00673ED4
00673E96  |. 8B4D D4        ||MOV ECX,DWORD PTR SS:[EBP-2C]
00673E99  |. 8B55 C8        ||MOV EDX,DWORD PTR SS:[EBP-38]
00673E9C  |. 3B91 54090000  ||CMP EDX,DWORD PTR DS:[ECX+954]
00673EA2  |. 7D 0E          ||JGE SHORT Kopie_vo.00673EB2
00673EA4  |. 8B45 BC        ||MOV EAX,DWORD PTR SS:[EBP-44]
00673EA7  |. 8B4D D0        ||MOV ECX,DWORD PTR SS:[EBP-30]
00673EAA  |. 66:8B11        ||MOV DX,WORD PTR DS:[ECX]
00673EAD  |. 66:8910        ||MOV WORD PTR DS:[EAX],DX
00673EB0  |. EB 08          ||JMP SHORT Kopie_vo.00673EBA
00673EB2  |> 8B45 BC        ||MOV EAX,DWORD PTR SS:[EBP-44]
00673EB5  |. 66:C700 0000   ||MOV WORD PTR DS:[EAX],0
00673EBA  |> 8B4D 08        ||MOV ECX,DWORD PTR SS:[EBP+8]
00673EBD  |. 8B51 14        ||MOV EDX,DWORD PTR DS:[ECX+14]
00673EC0  |. 8B45 D0        ||MOV EAX,DWORD PTR SS:[EBP-30]
00673EC3  |. 8D0C50         ||LEA ECX,DWORD PTR DS:[EAX+EDX*2]
00673EC6  |. 894D D0        ||MOV DWORD PTR SS:[EBP-30],ECX
00673EC9  |. 8B55 BC        ||MOV EDX,DWORD PTR SS:[EBP-44]
00673ECC  |. 83C2 02        ||ADD EDX,2
00673ECF  |. 8955 BC        ||MOV DWORD PTR SS:[EBP-44],EDX
00673ED2  |.^EB AE          |\JMP SHORT Kopie_vo.00673E82

This should be the whole function. The call that causes the crash is command #0x00673EAA.

I hope this helps.

EmperorSteele @[edit 2] :
It seems to happens everywhere a battle can start. I have first encountered that problem in the ancient forest, because I was tabbin back to windows to read the FAQ...

- Alhexx

- edit -
As a temporary solution, you can NOP out that command. The game won't crash anymore - but the swirl effect will be blue...

EmperorSteele · « **Reply #5 on:** 2005-07-25 18:57:22 »

NOP out a command?

You're like, telling a 2-year-old to fly a space ship, my friend =) IE: I have no clue what you mean, or how to do it if I did, heh.

I'll test with a different video card later today and post my results.

Alhexx · « **Reply #6 on:** 2005-07-25 19:11:39 »

Erm, that edit note was meant to SaiNt if he needs to get around that crash for his High-Res work.

NOPing out a command means overwriting the command opcodes (the ASM commandos) with No Operation command.
In this case you would overwrite the opcodes "66:8B11" with "909090". "90" is the opcode for NOP.

This was how the chocobo crash was solved.

- Alhexx

EmperorSteele · « **Reply #7 on:** 2005-07-26 22:19:45 »

BREAKTHROUGHHHHH

While testing, i noticed that the ff7 icon in my taskbar would change. This was a precurser to a crash.

If i alt tabed back INTO windows BEFORE a battle, it would change back to the ff7 icon.

When this happened, i was crash free =D I've also found that some combinations/modes didnt crash at all, though this is rare.

Heres my notes so far. I've not tested this on my good video card...

Quote

NOTE: "1.01" is the 1.02 version of the ff7config patched, but with the original ff.exe. A "C" denotes that he chocobo patch has been applied to the EXE.

MX 200: Win2k driver version 6.49

1.00   software render mode: PASS, No crashes.
   hardware render mode: NA

1.00C   software render mode: PASS, No crashes
   hardware render mode: NA

1.01   software render mode: PASS, no crashes
   hardware render mode: --
         RIVA: FAIL, would not go back into game at all. Additionally, the game had wierd texture problems. Also, i've found that the ff7 logo would change into the firefox logo in my taskbar =/
          TNT: FAIL, same as above.

1.01C   software render mode: PASS, no crashes
   hardware render mode: --
         RIVA: FAIL, would not go back into game at all.
          TNT: FAIL, same as above.

1.02   software render mode: PASS, no crashes
   hardware render mode: --
         RIVA: FAIL! Would not go back to game, had rendering problems (ie the screen was black). Game would not come back, but i could sort of get the menu to come up (see screenshot 1). Could not evne alt-tab out of battle and get back in (see screenshot 2)
          TNT: FAIL! Same as above.

1.02C   software render mode: PASS, no crash
   hardware render mode: --
         RIVA: FAIL! Same as above
          TNT: FAIL! same as above

***

MX 200: Win2k driver version 53.03

1.00   software render mode: PASS
   hardware render mode: NA

1.00C   software render mode: PASS
   hardware render mode: NA

1.01   software render mode: PASS
   hardware render mode: FAIL @ battle
         RIVA: FAIL @ battle
          TNT: PASS.. BUT, sometimes failed, too. I noticed that when the taskbar icon for ff7 changed, a crash would occure. BUT, if it stayed normal, there wouldnt be a crash.

1.01C   software render mode: PASS
   hardware render mode: FAIL Crashed at battle
         RIVA: FAIL same as above
          TNT: PASS! PASS MUTHAFUGGA YAH!! =D

1.02   software render mode: PASS
   hardware render mode: PASS! BUT... When you alt-tab out, make note of ff7's taskbar icon. If it changes, go back in game, but IMMEDIATLY alt tab back out. Repeat until the ff7 icon is present. This will avert the crash, it seems.
         RIVA: Wouldn't even work =/
          TNT: Same as above, wtf?

1.02C   software render mode: PASS. BUT...Auuh, crashed as I won the battle... eh?! o_O This only occured once durring 3 tests, though, so i think it was an isolated incident.
   hardware render mode: FORCED PASS. The icon changed, i alt tabed back out, made sure it was correct, went back in, and everything was fine.
         RIVA:
          TNT:

As we can see, the software mode is immune to this crash, and only the hardware modes are affected. I should probably re-test my "Alt tab back into windows and make ff7s icon normal" theory on the older driver set, but for right now i want to test this on my good video card.

Hopefully this is helpful =) If anything, we have a good round-about solution to preventing the crash. See if this works for you guys =)

[edit] screenshots as mentioned above:

http://img.photobucket.com/albums/v398/emperorsteele/Screenshot1.jpg
http://img.photobucket.com/albums/v398/emperorsteele/Screenshot2.jpg

[edit] Ok, under my 6600gt (Driver 71.84, ff7 1.02C, TNT hardware), the icon doesn't change, BUT, i've found tht alt tabbing back and forth a few times seems to make the bug less apt to happen. Like, the game paused up, but the swirl occured and i went into battle just fine =)

[edit 2] ooorrr not. Thing just crashed on me again.

In any case, i'm more apt to believe it's a driver/videocard issue than a winxp one

[edit THREE] Ok, to hell with the scientific method, now the damn game's just bein RANDOM /=.