Crash: Difference between revisions

From Ukikipedia
Jump to navigation Jump to search
m (→‎CPU Crashes: Health is set to 4, not 3)
Tags: Reverted Mobile edit Mobile web edit Advanced mobile edit
Line 22: Line 22:
| Bully/Bob-omb Angle Overflow || style="background-color: #ff9696"| Floating-Point Overflow || When a Bully or Bob-omb is out-of-bounds, the code to keep their angle between -32768 and 32767 doesn't run, and eventually it becomes big enough that a floating-point overflow exception occurs when casted back to an int.<ref>[https://www.youtube.com/watch?v=ZrMxO1eZPGU "Game Crash from Bully Angle Double-to-Int Conversion" by UncommentatedPannen]</ref><ref>[https://www.youtube.com/watch?v=kwQu5qQg-M0 "Game Crash from Bob-omb Angle Double-to-Int Conversion" by UncommentatedPannen]</ref>
| Bully/Bob-omb Angle Overflow || style="background-color: #ff9696"| Floating-Point Overflow || When a Bully or Bob-omb is out-of-bounds, the code to keep their angle between -32768 and 32767 doesn't run, and eventually it becomes big enough that a floating-point overflow exception occurs when casted back to an int.<ref>[https://www.youtube.com/watch?v=ZrMxO1eZPGU "Game Crash from Bully Angle Double-to-Int Conversion" by UncommentatedPannen]</ref><ref>[https://www.youtube.com/watch?v=kwQu5qQg-M0 "Game Crash from Bob-omb Angle Double-to-Int Conversion" by UncommentatedPannen]</ref>
|-
|-
| Deleting a non-existent file on the File Select Screen<ref>[https://youtu.be/-N5OQPgA6YI "How to crash Super Mario 64 in 20 seconds" by rattleman123456]</ref> ||  style="background-color: #fffca8"| Address Error || The game tries to find the button object corresponding to the file and set its state to erased. However, the button object doesn't exist (a New File button is there instead), so it ends up trying to write to NULL.
| Deleting a non-existent file on the File Select Screen<ref>[https://youtu.be/-N5OQPgA6YI "How to crash Super Mario 64 in 20 seconds" by rattleman123456]</ref> ||  style="background-color: #fffca8"| Address Error || The game tries to find the button object corresponding to the file and set its state to erased. However, the button object doesn't exist (a New File button is there instead), so it ends up trying to write to NULL  
In different versions like the new switch version it could not crash instead say file 9 has been deleted.
|-
|-
| Moving a shadow above [[surface]] 12 while it's over OOB || style="background-color: #fffca8"| Address Error || The surface SURFACE_INTANGIBLE (surface 12) has the special property that in some cases find_floor will look for floors below an intangible surface if it finds one. If there's no floor below the intangible surface, find_floor will return NULL for the found floor but the height of the intangible floor. As floors are null-checked by checking if their height is the default value of -11000, this will cause a NULL dereference the next time the game tries to use the floor variable.
| Moving a shadow above [[surface]] 12 while it's over OOB || style="background-color: #fffca8"| Address Error || The surface SURFACE_INTANGIBLE (surface 12) has the special property that in some cases find_floor will look for floors below an intangible surface if it finds one. If there's no floor below the intangible surface, find_floor will return NULL for the found floor but the height of the intangible floor. As floors are null-checked by checking if their height is the default value of -11000, this will cause a NULL dereference the next time the game tries to use the floor variable.

Revision as of 23:09, 8 December 2024

A Crash, Freeze, or Hardlock is when the game thread of SM64 stops executing instructions (as opposed to a softlock, where the game is still running as normal but is stuck in a loop without any way to get out). Crashes can occur in several different ways, such as a game thread exception or an RCP (graphics) crash.

CPU Crashes

Cause Exception Type Notes
Exceed the object limit N/A This is technically not a crash as the game developers accounted for this scenario and made the game enter an infinite loop. However, this infinite loop has the same symptoms as a crash and is one for all practical purposes, so it is included here. This "crash" can be done via a variety of methods including cloning, hat duplication, monty-mole pellet build-up, or money-bag duplication.
Sending the camera into a PU Floating-Point Overflow
Walking at PU speed for only a portion of the 4 quarter steps on a frame Floating-Point Overflow
Moving at PU speed with no joystick input for all 4 quarter steps on a frame Floating-Point Overflow
Moving 16384 distance into a wall (Often a PU Crash) Floating-Point Overflow
Walking with a speed greater than or equal to 2^31 / 170 (~12.632M) Floating-Point Overflow Mario's speed is multiplied by 170 in some intermediate calculations and casted to an int. When this cast exceeds 2^31 an FPE occurs.
Turning during a walking action such that speed times change in yaw is greater than or equal to 2^31 * 12 (~12.583M with dyaw = 2048) Floating-Point Overflow Similar to the above.
Bully Knockback Division-by-Zero Floating-Point Division-by-Zero By positioning Mario at the exact same X and Z coordinates as the bully, a division-by-zero exception occurs when the game divides by the lateral distance between Mario and the bully to calculate Mario and the bully's new speed after the collision.[1]
Bully/Bob-omb Angle Overflow Floating-Point Overflow When a Bully or Bob-omb is out-of-bounds, the code to keep their angle between -32768 and 32767 doesn't run, and eventually it becomes big enough that a floating-point overflow exception occurs when casted back to an int.[2][3]
Deleting a non-existent file on the File Select Screen[4] Address Error The game tries to find the button object corresponding to the file and set its state to erased. However, the button object doesn't exist (a New File button is there instead), so it ends up trying to write to NULL

In different versions like the new switch version it could not crash instead say file 9 has been deleted.

Moving a shadow above surface 12 while it's over OOB Address Error The surface SURFACE_INTANGIBLE (surface 12) has the special property that in some cases find_floor will look for floors below an intangible surface if it finds one. If there's no floor below the intangible surface, find_floor will return NULL for the found floor but the height of the intangible floor. As floors are null-checked by checking if their height is the default value of -11000, this will cause a NULL dereference the next time the game tries to use the floor variable.
Killing a Monty Mole remotely Address Error The game tries to find which hole the Monty Mole should spawn in, but all the available holes are too far away from Mario, so no hole is chosen and the Monty Mole tries to go to a null hole.[5]
Killing an uninitialized Monty Mole[6] Address Error Similar to above.
Going out of bounds in a room with a painting Address Error Paintings use the floor type of Mario's floor to decide how they should ripple. Going out-of-bounds causes them to try to read the floor type of null.
Being pushed off of a hangable ceiling while hanging and stationary without another ceiling above Address Error The game has a check to make Mario enter freefall if the ceiling above him is not hangable. The programmers failed to account for the ceiling being NULL, so if Mario is pushed off the ceiling and has no ceiling above him the game will try to read the type of a null ceiling and crash.
Sound glitch Unknown "Sound glitch" refers to when the audio thread encounters an exception (usually an address error exception), therefore causing the sound to cut out. When the game thread next tries to interface with the audio thread on a level load, the game thread crashes as well. Sound glitch is often treated as one singular glitch even though it is really a class of glitches in the audio library. Sound glitches are usually J-exclusive, however some instances such as the BitS sound glitch are not.
Teleporting while passing over a loading zone Address Error Since the area changed, there is now no teleporter with the same ID as the one Mario used to warp. Thus the game returns NULL when trying to find an associated warp node to warp to, and crashes when trying to access information about its destination. Under certain conditions, this can cause a Wrong Warp on PAL or Shindou VC.
Warping out of a level while passing over a loading zone Address Error Similar to above, but only hypothetical. Maybe possible in DDD using the Sub Gate warp and whirlpool cloning to reach the instant loading zone, but not yet achieved without hacks.
Entering Wiggler's Cave on the Disk Drive version Floating-Point Unimplemented Operation When Wiggler is initialized, his health value is 2048 for a single frame before being reset to 4. Wiggler uses his health to index into a table to get his speed (to move faster when at lower health); 2048 causes it to index out of range and read a denormalized floating-point number as his health, which causes an unimplemented operation exception since the N64 does not implement any operations on denormalized floats except comparisons.
Having an object too far away from the camera make a noise (JP only) Floating-Point Unimplemented Operation When a noise's pan is determined, it uses the position of the object to calculate the pan. When the object's absolute z-position relative to the camera is large (>= 22000 units) and the x-position relative to the camera is very negative (< -66000), an index for the pan will be generated outside of the bounds of the array for the pan. When the value outside of the array is an invalid float, the audio thread will crash (sound glitch). Does not happen when sound mode is set to Mono.
Casting a shadow on a corrupted triangle Floating-Point Unimplemented Operation The limit of surface triangle loaded at once in the game is 2300. However, in Hazy Maze Cave, when using Mario's Platform Adventure, it is possible to load more triangle than this limit. This causes the surfaceList to overwrite part of the face table. If the game tries to cast a shadow on one of the "triangles" created by this situation, the normalX of the triangle will be a pointer and be processed as a denormalized float, which crashes the game when used for arithmethic.[7]
Having the same position as the camera's position Floating-Point Division-by-Zero When Mario stands in the same position as the camera, the game will crash due to a division by zero error.[8]
Rotating a Pendulum using pendulum manipulation beyond the float angle limit. Floating-Point Overflow Manipulating the pendulum to rotate beyond the range of an int will error when truncating the float. Verification of this crash took 39 days.[9]
Touching a recovery heart with more than ~10.7M speed. Floating-Point Overflow Touching a recovery heart with more than ~10.7M speed will cause float-to-int conversion with a float value that's greater than the max integer value.[10]

RCP (Graphics) Crashes

Cause Exception Type Notes
Have too many 3D models on screen at once Invalid F3D command The main display list buffer has two sides, the left side holds F3D commands the game runs, and the right side holds allocated buffers for matrices. When an object's graphics are drawn, 16 bytes are used from the left side and 64 from the right side for each separate 3D model from the object. These two sides overlap when there are too many of these models on screen, leading to both sides being overwritten with garbage data and invalid F3D commands.
Moving the camera immediately when entering VCutM Invalid F3D command The object that spawns the rotating checkerboard platforms in VCutM references a model that doesn't exist. Normally this isn't a problem, since it's not on screen so it's culled before any damage occurs, and it despawns 1 frame after loading the level. However rotating the camera on the first frame, right before it despawns, it just barely comes into view. The non-existent model ends up sending invalid F3D commands to the RCP.

See Also

Address Error Exception

References