[Scummvm-tracker] [ScummVM :: Bugs] #12739: AGS: Segfault on Urban Witch Story
ScummVM :: Bugs
trac at scummvm.org
Fri Jul 16 07:44:42 UTC 2021
#12739: AGS: Segfault on Urban Witch Story
----------------------------+--------------------------
Reporter: Thunderforge | Owner: (none)
Type: defect | Status: new
Priority: normal | Component: Engine: AGS
Version: | Resolution:
Keywords: urbanwitchstory | Game:
----------------------------+--------------------------
Comment (by digitall):
No crash on x86_64, but there are clear invalid accesses if run with
valgrind including one in the getColor function indicated. Trace follows:
````
==24271== Syscall param write(buf) points to uninitialised byte(s)
==24271== at 0x79EF6CF: write (in /lib64/libc-2.33.so)
==24271== by 0x7981D14: _IO_file_write@@GLIBC_2.2.5 (in
/lib64/libc-2.33.so)
==24271== by 0x79810A5: new_do_write (in /lib64/libc-2.33.so)
==24271== by 0x798240D: _IO_file_xsputn@@GLIBC_2.2.5 (in
/lib64/libc-2.33.so)
==24271== by 0x797703C: fwrite (in /lib64/libc-2.33.so)
==24271== by 0x3AF4162: StdioStream::write(void const*, unsigned int)
(stdiostream.cpp:111)
==24271== by 0x3A9E4DC: Common::OutSaveFile::write(void const*,
unsigned int) (savefile.cpp:52)
==24271== by 0xCA2C02: AGS3::AGS::Shared::FileStream::Close()
(file_stream.cpp:52)
==24271== by 0xCA2AF9: AGS3::AGS::Shared::FileStream::~FileStream()
(file_stream.cpp:43)
==24271== by 0xCA2B31: AGS3::AGS::Shared::FileStream::~FileStream()
(file_stream.cpp:44)
==24271== by 0xCC9069:
Common::DefaultDeleter<AGS3::AGS::Shared::Stream>::operator()(AGS3::AGS::Shared::Stream*)
(ptr.h:383)
==24271== by 0xCC84AE: Common::ScopedPtr<AGS3::AGS::Shared::Stream,
Common::DefaultDeleter<AGS3::AGS::Shared::Stream> >::~ScopedPtr()
(ptr.h:406)
==24271== Address 0x1b668439 is 72,857 bytes inside a block of size
1,085,440 alloc'd
==24271== at 0x6DE27E5: malloc (vg_replace_malloc.c:380)
==24271== by 0x995283:
Common::MemoryWriteStreamDynamic::ensureCapacity(unsigned int)
(memstream.h:196)
==24271== by 0x995450: Common::MemoryWriteStreamDynamic::write(void
const*, unsigned int) (memstream.h:216)
==24271== by 0xCA307B: AGS3::AGS::Shared::FileStream::Write(void
const*, unsigned long) (file_stream.cpp:135)
==24271== by 0xD65A9F:
AGS3::ManagedObjectPool::WriteToDisk(AGS3::AGS::Shared::Stream*)
(managed_object_pool.cpp:272)
==24271== by 0xD63EFE:
AGS3::ccSerializeAllObjects(AGS3::AGS::Shared::Stream*)
(cc_dynamic_object.cpp:86)
==24271== by 0xD78568:
AGS3::AGS::Engine::SavegameComponents::WriteManagedPool(AGS3::AGS::Shared::Stream*)
(savegame_components.cpp:971)
==24271== by 0xD792FF:
AGS3::AGS::Engine::SavegameComponents::WriteComponent(AGS3::AGS::Shared::Stream*,
AGS3::AGS::Engine::SavegameComponents::ComponentHandler&)
(savegame_components.cpp:1237)
==24271== by 0xD7948F:
AGS3::AGS::Engine::SavegameComponents::WriteAllCommon(AGS3::AGS::Shared::Stream*)
(savegame_components.cpp:1250)
==24271== by 0xD72B16:
AGS3::AGS::Engine::SaveGameState(AGS3::AGS::Shared::Stream*)
(savegame.cpp:754)
==24271== by 0xD1341B: AGS3::save_game(int, char const*) (game.cpp:928)
==24271== by 0xD26F58: AGS3::SetRestartPoint() (global_game.cpp:381)
==24271==
==24271== Invalid read of size 4
==24271== at 0xCBC857: AGS3::BITMAP::getColor(unsigned char const*,
unsigned char) const (surface.h:271)
==24271== by 0xCBABAD: AGS3::BITMAP::draw(AGS3::BITMAP const*,
Common::Rect const&, int, int, bool, bool, bool, int, int, int, int)
(surface.cpp:179)
==24271== by 0xCB7A55: AGS3::blit(AGS3::BITMAP const*, AGS3::BITMAP*,
int, int, int, int, int, int) (gfx.cpp:107)
==24271== by 0xCE5852:
AGS3::AGS::Shared::Bitmap::Blit(AGS3::AGS::Shared::Bitmap*, int, int, int,
int, int, int, AGS3::AGS::Shared::BitmapMaskOption)
(allegro_bitmap.cpp:192)
==24271== by 0xE23641: AGS3::DialogOptions::Redraw() (dialog.cpp:779)
==24271== by 0xE2240C: AGS3::DialogOptions::Show() (dialog.cpp:596)
==24271== by 0xE2459F: AGS3::show_dialog_options(int, int, bool)
(dialog.cpp:1020)
==24271== by 0xE24913: AGS3::do_conversation(int) (dialog.cpp:1101)
==24271== by 0xDAD209: AGS3::post_script_cleanup() (script.cpp:530)
==24271== by 0xDAC919:
AGS3::RunScriptFunctionIfExists(AGS3::ccInstance*, char const*, int,
AGS3::RuntimeScriptValue const*) (script.cpp:382)
==24271== by 0xDACA9F: AGS3::RunTextScript(AGS3::ccInstance*, char
const*) (script.cpp:414)
==24271== by 0xDAC3A6: AGS3::RunScriptFunction(AGS3::ScriptInstType,
char const*, unsigned long, AGS3::RuntimeScriptValue const&,
AGS3::RuntimeScriptValue const&) (script.cpp:271)
==24271== Address 0x1f783140 is 0 bytes after a block of size 307,200
alloc'd
==24271== at 0x6DE75B1: calloc (vg_replace_malloc.c:1117)
==24271== by 0x3BEBB79: Graphics::Surface::create(short, short,
Graphics::PixelFormat const&) (surface.cpp:76)
==24271== by 0x3BDB24D: Graphics::ManagedSurface::create(short, short,
Graphics::PixelFormat const&) (managed_surface.cpp:153)
==24271== by 0x3BDAB4A: Graphics::ManagedSurface::ManagedSurface(int,
int, Graphics::PixelFormat const&) (managed_surface.cpp:60)
==24271== by 0xCBC89A: AGS3::Surface::Surface(int, int,
Graphics::PixelFormat const&) (surface.h:284)
==24271== by 0xCBBE7F: AGS3::create_bitmap_ex(int, int, int)
(surface.cpp:450)
==24271== by 0xCE50F0: AGS3::AGS::Shared::Bitmap::Create(int, int, int)
(allegro_bitmap.cpp:71)
==24271== by 0xCE652A:
AGS3::AGS::Shared::BitmapHelper::CreateBitmap(int, int, int)
(bitmap.cpp:35)
==24271== by 0xE21B12: AGS3::DialogOptions::Prepare(int, bool)
(dialog.cpp:484)
==24271== by 0xE24593: AGS3::show_dialog_options(int, int, bool)
(dialog.cpp:1019)
==24271== by 0xE24913: AGS3::do_conversation(int) (dialog.cpp:1101)
==24271== by 0xDAD209: AGS3::post_script_cleanup() (script.cpp:530)
==24271==
***** ENGINE HAS SHUTDOWN
==24271== Mismatched free() / delete / delete []
==24271== at 0x6DE670B: operator delete[](void*)
(vg_replace_malloc.c:938)
==24271== by 0xCC2919: AGS3::GameSetupStructBase::Free()
(game_setup_struct_base.cpp:77)
==24271== by 0xCBD21B: AGS3::GameSetupStruct::Free()
(game_setup_struct.cpp:56)
==24271== by 0xCBD05E: AGS3::GameSetupStruct::~GameSetupStruct()
(game_setup_struct.cpp:52)
==24271== by 0xCB0061: AGS3::Globals::~Globals() (globals.cpp:439)
==24271== by 0xCA91D4: AGS::AGSEngine::~AGSEngine() (ags.cpp:97)
==24271== by 0xCA9241: AGS::AGSEngine::~AGSEngine() (ags.cpp:98)
==24271== by 0x967E83: runGame(Plugin const*, Plugin const*, OSystem&,
Common::String const&) (main.cpp:320)
==24271== by 0x96968D: scummvm_main (main.cpp:604)
==24271== by 0x96535E: main (posix-main.cpp:45)
==24271== Address 0x1b517340 is 0 bytes inside a block of size 16 alloc'd
==24271== at 0x6DE27E5: malloc (vg_replace_malloc.c:380)
==24271== by 0xCA89CD: AGS3::ags_strdup(char const*)
(string_compat.cpp:52)
==24271== by 0xCDEB41:
AGS3::AGS::Shared::SetDefaultGlmsg(AGS3::GameSetupStruct&, int, char
const*) (main_game_file.cpp:631)
==24271== by 0xCDEB7D:
AGS3::AGS::Shared::SetDefaultGlobalMessages(AGS3::GameSetupStruct&)
(main_game_file.cpp:636)
==24271== by 0xCDFAEB:
AGS3::AGS::Shared::UpdateGameData(AGS3::AGS::Shared::LoadedGameEntities&,
AGS3::GameDataVersion) (main_game_file.cpp:803)
==24271== by 0xD92ECF: AGS3::load_game_file() (game_file.cpp:191)
==24271== by 0xD8C170: AGS3::engine_load_game_data() (engine.cpp:430)
==24271== by 0xD908A0:
AGS3::initialize_engine(AGS3::std::map<AGS3::AGS::Shared::String,
AGS3::std::map<AGS3::AGS::Shared::String, AGS3::AGS::Shared::String,
Common::Less<AGS3::AGS::Shared::String> >,
Common::Less<AGS3::AGS::Shared::String> > const&) (engine.cpp:1199)
==24271== by 0xCA981A: AGS::AGSEngine::run() (ags.cpp:183)
==24271== by 0x967D9D: runGame(Plugin const*, Plugin const*, OSystem&,
Common::String const&) (main.cpp:307)
==24271== by 0x96968D: scummvm_main (main.cpp:604)
==24271== by 0x96535E: main (posix-main.cpp:45)
==24271==
````
--
Ticket URL: <https://bugs.scummvm.org/ticket/12739#comment:3>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list