[Scummvm-tracker] [ScummVM :: Bugs] #12932: Grim Fandango crash after solving the signpost in the Petrified Forest
ScummVM :: Bugs
trac at scummvm.org
Wed Sep 15 12:58:17 UTC 2021
#12932: Grim Fandango crash after solving the signpost in the Petrified Forest
---------------------+----------------------------
Reporter: Die4Ever | Owner: (none)
Type: defect | Status: new
Priority: blocker | Component: Engine: Grim
Version: | Resolution:
Keywords: crash | Game: Grim Fandango
---------------------+----------------------------
Comment (by eriktorbjorn):
Valgrind log of the error happening:
{{{
==2424215== Thread 11 SDLTimer:
==2424215== Invalid read of size 8
==2424215== at 0x1915C5D: Grim::Imuse::callback() (imuse.cpp:280)
==2424215== by 0x1914DF7: Grim::Imuse::timerHandler(void*)
(imuse.cpp:48)
==2424215== by 0x3A39BE8: DefaultTimerManager::handler() (default-
timer.cpp:111)
==2424215== by 0x3A2F6F0: timer_handler(unsigned int, void*) (sdl-
timer.cpp:37)
==2424215== by 0x6DCCE31: ??? (in /usr/lib/x86_64-linux-
gnu/libSDL2-2.0.so.0.16.0)
==2424215== by 0x6DCC8B0: ??? (in /usr/lib/x86_64-linux-
gnu/libSDL2-2.0.so.0.16.0)
==2424215== by 0x6E5A138: ??? (in /usr/lib/x86_64-linux-
gnu/libSDL2-2.0.so.0.16.0)
==2424215== by 0x8477EAD: start_thread (pthread_create.c:463)
==2424215== by 0x83A1A5E: clone (clone.S:95)
==2424215== Address 0x259dbfd0 is 0 bytes inside a block of size 48
free'd
==2424215== at 0x6CD769B: operator delete(void*) (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==2424215== by 0x3DE3E0D:
Audio::QueuingAudioStreamImpl::~QueuingAudioStreamImpl()
(audiostream.cpp:368)
==2424215== by 0x2A4BD6D:
Common::DefaultDeleter<Audio::AudioStream>::operator()(Audio::AudioStream*)
(ptr.h:383)
==2424215== by 0x3DFAED0: Common::DisposablePtr<Audio::AudioStream,
Common::DefaultDeleter<Audio::AudioStream> >::~DisposablePtr() (ptr.h:450)
==2424215== by 0x3DFA61D: Audio::Channel::~Channel() (mixer.cpp:527)
==2424215== by 0x3DF984C:
Audio::MixerImpl::stopHandle(Audio::SoundHandle) (mixer.cpp:336)
==2424215== by 0x1919A58: Grim::Imuse::startSound(char const*, int,
int, int, int, int, Grim::Track*) (imuse_track.cpp:87)
==2424215== by 0x19178FD: Grim::Imuse::startMusic(char const*, int,
int, int) (imuse_script.cpp:85)
==2424215== by 0x191734A: Grim::Imuse::playMusic(Grim::ImuseTable
const*, int, bool) (imuse_music.cpp:142)
==2424215== by 0x1916E39: Grim::Imuse::setMusicState(int)
(imuse_music.cpp:50)
==2424215== by 0x18F926E: Grim::SoundPlayer::setMusicState(int)
(sound.cpp:80)
==2424215== by 0x18BA99D: Grim::GrimEngine::mainLoop() (grim.cpp:1115)
==2424215== Block was alloc'd at
==2424215== at 0x6CD4F2F: operator new(unsigned long) (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==2424215== by 0x3DE4098: Audio::makeQueuingAudioStream(int, bool)
(audiostream.cpp:404)
==2424215== by 0x19154A7: Grim::Imuse::restoreState(Grim::SaveGame*)
(imuse.cpp:145)
==2424215== by 0x18F930D:
Grim::SoundPlayer::restoreState(Grim::SaveGame*) (sound.cpp:96)
==2424215== by 0x18BAF73: Grim::GrimEngine::savegameRestore()
(grim.cpp:1215)
==2424215== by 0x18BA3A5: Grim::GrimEngine::mainLoop() (grim.cpp:978)
==2424215== by 0x18B6CA4: Grim::GrimEngine::run() (grim.cpp:437)
==2424215== by 0x918816: runGame(Plugin const*, Plugin const*,
OSystem&, Common::String const&) (main.cpp:311)
==2424215== by 0x91A0FF: scummvm_main (main.cpp:621)
==2424215== by 0x915D26: main (posix-main.cpp:45)
==2424215==
}}}
So it's trying to access memory after it was freed.
--
Ticket URL: <https://bugs.scummvm.org/ticket/12932#comment:3>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list