[Scummvm-tracker] [ScummVM :: Bugs] #12314: AGS: The Shivah: Segfault when leaving the synagogue

ScummVM :: Bugs trac at scummvm.org
Mon Mar 15 01:18:33 UTC 2021 

#12314: AGS: The Shivah: Segfault when leaving the synagogue
-------------------+--------------------------
Reporter:  Tea23   |       Owner:  (none)
    Type:  defect  |      Status:  new
Priority:  normal  |   Component:  Engine: AGS
 Version:          |  Resolution:
Keywords:          |        Game:
-------------------+--------------------------
Comment (by criezy):

 Debug output from the AGS engine is:
 {{{
 (room:6) Loading room 6
 (room:6) Mouse bounds constrained to (0,0)-(319,199)
 (room:6) Now in room 6
 (room:6) Cursor mode set to 2
 (room:6) AudioClip.Play: failed to play sound file
 (room:6) Room camera released back to engine control
 (room:6)[G 2021] GUI 4 Button 5 normal set to slot 191
 (room:6)[G 645] GUIOff(26) ignored (already off)
 (room:6)[G 1364] GUI 5 turned on
 (room:6)[G 1430] GUIOff(14) ignored (already off)
 (room:6)[G 1431] GUIOff(16) ignored (already off)
 (room:6)[R 36] GUI 3 Button 6 normal set to slot -1
 Assertion failed: (idx < _size), function operator[], file
 ./common/array.h, line 238.
 }}}

 The assert is caused by using that slot -1 as an index in a
 `Common::Array` and it is casted to an unsigned int with a very big value.

 I have no idea why this happens though. Looking at the original source
 code I think it would also crash if it was getting an index of -1.

 The call stack for this crash is:
 {{{
   frame 4: Common::Array<AGS3::SpriteInfo>::operator[](idx=4294967295) at
 array.h:238:3
   frame 5: AGS3::Button_SetNormalGraphic(guil, slotn=-1) at
 button.cpp:158:16
   frame 6: AGS3::Sc_Button_SetNormalGraphic(self, params, param_count=1)
 at button.cpp:362:2
   frame 7: AGS3::ccInstance::Run(this, curpc=100) at
 cc_instance.cpp:1003:21
   frame 8: AGS3::ccInstance::CallScriptFunction(this, funcname="room_b",
 numargs=0, params) at cc_instance.cpp:339:15
   frame 9: AGS3::RunScriptFunctionIfExists(sci, tsname="room_b",
 numParam=0, params) at script.cpp:355:32
   frame 10: scummvm`AGS3::RunTextScript(sci, tsname="room_b") at
 script.cpp:401:14
   frame 11: AGS3::RunScriptFunction(sc_inst=kScInstRoom, fn_name="room_b",
 param_count=0, p1, p2) at script.cpp:266:4
   frame 12: AGS3::QueueScriptFunction(sc_inst=kScInstRoom,
 fn_name="room_b", param_count=0, p1, p2) at script.cpp:255:3
   frame 13: AGS3::run_interaction_script(nint, evnt=6, chkAny=-1, isInv=0)
 at script.cpp:184:3
   frame 14: AGS3::process_event(evp) at event.cpp:175:4
 }}}
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/12314#comment:1>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM

More information about the Scummvm-tracker mailing list