[Scummvm-tracker] [ScummVM :: Bugs] #13601: AGS: Time Gentlemen, Please - random crashes to desktop in the first scene of the game
ScummVM :: Bugs
trac at scummvm.org
Mon Jun 20 19:07:03 UTC 2022
#13601: AGS: Time Gentlemen, Please - random crashes to desktop in the first scene
of the game
-----------------------+--------------------------
Reporter: antoniou79 | Owner: (none)
Type: defect | Status: new
Priority: normal | Component: Engine: AGS
Version: | Resolution:
Keywords: | Game:
-----------------------+--------------------------
Comment (by criezy):
I can reproduce on macOS. Address sanitizer reports the following issue:
{{{
==63735==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x000130cb00d8 at pc 0x00010312fbf0 bp 0x00016ce35ab0 sp 0x00016ce35aa8
WRITE of size 4 at 0x000130cb00d8 thread T0
#0 in AGS3::putpixel(AGS3::BITMAP*, int, int, int) gfx.cpp:247
#1 in AGS3::alfont_textout_ex(AGS3::BITMAP*, AGS3::ALFONT_FONT*, char
const*, int, int, int, int) alfont.cpp:2391
#2 in AGS3::alfont_textout(AGS3::BITMAP*, AGS3::ALFONT_FONT*, char
const*, int, int, int) alfont.cpp:1823
#3 in AGS3::TTFFontRenderer::RenderText(char const*, int,
AGS3::BITMAP*, int, int, int) ttf_font_renderer.cpp:66
#4 in AGS3::wouttextxy(AGS3::AGS::Shared::Bitmap*, int, int, unsigned
long, int, char const*) fonts.cpp:377
#5 in AGS3::wouttextxy_AutoOutline(AGS3::AGS::Shared::Bitmap*,
unsigned long, int, char const*, int&, int&) display.cpp:479
#6 in AGS3::wouttext_outline(AGS3::AGS::Shared::Bitmap*, int, int,
int, int, char const*) display.cpp:532
#7 in AGS3::wouttext_aligned(AGS3::AGS::Shared::Bitmap*, int, int,
int, int, int, char const*, AGS3::HorAlignment) display.cpp:547
#8 in AGS3::_display_main(int, int, int, char const*, int, int, int,
int, int, bool, bool) display.cpp:231
#9 in AGS3::_display_at(int, int, int, char const*, int, int, int,
int, bool) display.cpp:371
#10 in AGS3::_displayspeech(char const*, int, int, int, int, int)
character.cpp:2704
#11 in AGS3::DisplaySpeech(char const*, int) character.cpp:2750
#12 in AGS3::_DisplaySpeechCore(int, char const*) character.cpp:2259
#13 in AGS3::Character_Say(AGS3::CharacterInfo*, char const*)
character.cpp:702
#14 in AGS3::Sc_Character_Say(void*, AGS3::RuntimeScriptValue const*,
int) character.cpp:3035
#15 in AGS3::ccInstance::Run(int) cc_instance.cpp:1034
#16 in AGS3::ccInstance::CallScriptFunction(char const*, int,
AGS3::RuntimeScriptValue const*) cc_instance.cpp:367
#17 in AGS3::RunScriptFunction(AGS3::ccInstance*, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:362
#18 in AGS3::RunScriptFunctionAuto(AGS3::ScriptInstType, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:451
#19 in AGS3::post_script_cleanup() script.cpp:555
#20 in AGS3::RunScriptFunction(AGS3::ccInstance*, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:374
#21 in AGS3::RunUnclaimableEvent(char const*) script.cpp:419
#22 in AGS3::RunScriptFunctionAuto(AGS3::ScriptInstType, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:439
#23 in AGS3::QueueScriptFunction(AGS3::ScriptInstType, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:282
#24 in AGS3::process_event(AGS3::EventHappened const*) event.cpp:143
#25 in AGS3::processallevents() event.cpp:364
#26 in AGS3::game_loop_update_events() game_run.cpp:648
#27 in AGS3::UpdateGameOnce(bool,
AGS3::AGS::Engine::IDriverDependantBitmap*, int, int) game_run.cpp:780
#28 in AGS3::GameTick() game_run.cpp:929
#29 in AGS3::RunGameUntilAborted() game_run.cpp:1023
#30 in AGS3::initialize_start_and_play_game(int, int)
game_start.cpp:122
#31 in
AGS3::initialize_engine(AGS3::std::map<AGS3::AGS::Shared::String,
AGS3::std::map<AGS3::AGS::Shared::String, AGS3::AGS::Shared::String,
Common::Less<AGS3::AGS::Shared::String> >,
Common::Less<AGS3::AGS::Shared::String> > const&) engine.cpp:1194
#32 in AGS::AGSEngine::run() ags.cpp:195
#33 in runGame(Plugin const*, Plugin const*, OSystem&, Common::String
const&) main.cpp:318
#34 in scummvm_main main.cpp:619
#35 in main macosx-main.cpp:44
#36 in start+0x0 (libdyld.dylib:arm64e+0x1842c)
0x000130cb00d8 is located 312 bytes to the right of 64416-byte region
[0x000130ca0400,0x000130caffa0)
allocated by thread T0 here:
#0 in wrap_calloc+0x9c
(libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3d320)
#1 in Graphics::Surface::create(short, short, Graphics::PixelFormat
const&) surface.cpp:75
#2 in Graphics::ManagedSurface::create(short, short,
Graphics::PixelFormat const&) managed_surface.cpp:152
#3 in Graphics::ManagedSurface::ManagedSurface(int, int,
Graphics::PixelFormat const&) managed_surface.cpp:59
#4 in AGS3::Surface::Surface(int, int, Graphics::PixelFormat const&)
surface.h:288
#5 in AGS3::Surface::Surface(int, int, Graphics::PixelFormat const&)
surface.h:288
#6 in AGS3::create_bitmap_ex(int, int, int) surface.cpp:455
#7 in AGS3::AGS::Shared::Bitmap::Create(int, int, int)
allegro_bitmap.cpp:70
#8 in AGS3::alloc_font_outline_buffers(unsigned long,
AGS3::AGS::Shared::Bitmap**, AGS3::AGS::Shared::Bitmap**, int, int, int)
fonts.cpp:448
#9 in AGS3::wouttextxy_AutoOutline(AGS3::AGS::Shared::Bitmap*,
unsigned long, int, char const*, int&, int&) display.cpp:474
#10 in AGS3::wouttext_outline(AGS3::AGS::Shared::Bitmap*, int, int,
int, int, char const*) display.cpp:532
#11 in AGS3::wouttext_aligned(AGS3::AGS::Shared::Bitmap*, int, int,
int, int, int, char const*, AGS3::HorAlignment) display.cpp:547
#12 in AGS3::_display_main(int, int, int, char const*, int, int, int,
int, int, bool, bool) display.cpp:231
#13 in AGS3::_display_at(int, int, int, char const*, int, int, int,
int, bool) display.cpp:371
#14 in AGS3::_displayspeech(char const*, int, int, int, int, int)
character.cpp:2704
#15 in AGS3::DisplaySpeech(char const*, int) character.cpp:2750
#16 in AGS3::_DisplaySpeechCore(int, char const*) character.cpp:2259
#17 in AGS3::Character_Say(AGS3::CharacterInfo*, char const*)
character.cpp:702
#18 in AGS3::Sc_Character_Say(void*, AGS3::RuntimeScriptValue const*,
int) character.cpp:3035
#19 in AGS3::ccInstance::Run(int) cc_instance.cpp:1034
#20 in AGS3::ccInstance::CallScriptFunction(char const*, int,
AGS3::RuntimeScriptValue const*) cc_instance.cpp:367
#21 in AGS3::RunScriptFunction(AGS3::ccInstance*, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:362
#22 in AGS3::RunScriptFunctionInRoom(char const*, unsigned long,
AGS3::RuntimeScriptValue const*) script.cpp:399
#23 in AGS3::RunScriptFunctionAuto(AGS3::ScriptInstType, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:435
#24 in AGS3::QueueScriptFunction(AGS3::ScriptInstType, char const*,
unsigned long, AGS3::RuntimeScriptValue const*) script.cpp:282
#25 in
AGS3::run_interaction_script(AGS3::AGS::Shared::InteractionScripts*, int,
int) script.cpp:190
#26 in AGS3::process_event(AGS3::EventHappened const*) event.cpp:178
#27 in AGS3::processallevents() event.cpp:364
#28 in AGS3::game_loop_update_events() game_run.cpp:648
#29 in AGS3::UpdateGameOnce(bool,
AGS3::AGS::Engine::IDriverDependantBitmap*, int, int) game_run.cpp:780
SUMMARY: AddressSanitizer: heap-buffer-overflow gfx.cpp:247 in
AGS3::putpixel(AGS3::BITMAP*, int, int, int)
}}}
--
Ticket URL: <https://bugs.scummvm.org/ticket/13601#comment:2>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list