[Scummvm-tracker] [ScummVM :: Bugs] #12950: TITANIC: Asking "what should I do?" will cause a crash (was: Asking "what should I do?" will cause a crash)

ScummVM :: Bugs trac at scummvm.org
Mon Sep 20 11:54:16 UTC 2021 

#12950: TITANIC: Asking "what should I do?" will cause a crash
-----------------------+-------------------------------
Reporter:  tylerszabo  |       Owner:  (none)
    Type:  defect      |      Status:  new
Priority:  normal      |   Component:  Engine: Titanic
 Version:              |  Resolution:
Keywords:              |        Game:  Starship Titanic
-----------------------+-------------------------------
Changes (by antoniou79):

 * summary:  Asking "what should I do?" will cause a crash => TITANIC:
     Asking "what should I do?" will cause a crash

Comment:

 I think I can reproduce this on the latest code (master branch) on Windows
 10, msys2 build.
 Just writing "should" suffices to trigger the crash (segmentation fault).

 Seems to occur because in this part of code
 (TTparser::considerRequests()), in this case, _conceptP is nullptr but
 there's no check for it. For some reason the execution seems to go into
 findByWordClass() and there "this" is treated as non-null which leads to
 segmentation fault.

 {{{
 TTconcept *conceptP = _conceptP->findByWordClass(WC_ACTION);
 }}}
 https://github.com/scummvm/scummvm/blob/dc1717067322bade8c43536679ece9a9b9a87b49/engines/titanic/true_talk/tt_parser.cpp#L1000

 Oddly, while debugging with Visual Studio, the execution goes into
 findByWordClass() but this is treated as null and the method returns
 nullptr.

 We could fix this by doing something like:

 {{{
 TTconcept *conceptP = (_conceptP != nullptr) ?
 _conceptP->findByWordClass(WC_ACTION) : nullptr;
 }}}

 However, I can see multiple other instances in the same class, where we
 use _conceptP methods and members unchecked. Not sure if we should fix all
 the other cases too, or fix the reason why _conceptP is nullptr at that
 part of the code -- maybe the code wrongly assumes that it should have
 been initialized earlier or maybe it should have been initialized and it's
 not?
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/12950#comment:1>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM

More information about the Scummvm-tracker mailing list