[Scummvm-tracker] [ScummVM :: Bugs] #14633: AGS: In daily 2.8.0 builds many games are unplayable and/or affected by graphical glitches or crashes

ScummVM :: Bugs trac at scummvm.org
Mon Nov 27 23:34:44 UTC 2023


#14633: AGS: In daily 2.8.0 builds many games are unplayable and/or affected by
graphical glitches or crashes
--------------------+---------------------------
Reporter:  tag2015  |       Owner:  fracturehill
    Type:  defect   |      Status:  new
Priority:  high     |   Component:  Engine: AGS
 Version:           |  Resolution:
Keywords:           |        Game:
--------------------+---------------------------
Comment (by criezy):

 There is still some issues with the latest code.
 Commit: 8c9bf72f50 (Monday Nov 27)
 Platform: macOS M1
 Game: QFGII AGDI

 How to reproduce: In the hero type selection screen before starting a game
 select a type (for example fighter) and then press 'h'

 ASAN report:
 {{{
 =================================================================
 ==98302==ERROR: AddressSanitizer: heap-buffer-overflow on address
 0x0001383366bb at pc 0x000105adaf5c bp 0x00016b948f20 sp 0x00016b948f18
 READ of size 16 at 0x0001383366bb thread T0
     #0 0x105adaf58 in void AGS3::DrawInnerImpl_NEON::drawPixelSIMD<4,
 2>(unsigned char*, unsigned char const*, __simd128_uint32_t,
 __simd128_uint32_t, __simd128_uint32_t, __simd128_uint32_t, int, int, int,
 int, bool, bool, __simd128_uint32_t) surface_neon.cpp:399
     #1 0x105ac105c in void
 AGS3::DrawInnerImpl_NEON::drawInner4BppWithConv<4, 2,
 false>(AGS3::BITMAP::DrawInnerArgs&) surface_neon.cpp:518
     #2 0x105ab7bf4 in void
 AGS3::BITMAP::drawNEON<false>(AGS3::BITMAP::DrawInnerArgs&)
 surface_neon.cpp:929
     #3 0x105292914 in AGS3::BITMAP::draw(AGS3::BITMAP const*, Common::Rect
 const&, int, int, bool, bool, bool, int, int, int, int) surface.cpp:205
     #4 0x105284448 in AGS3::blit(AGS3::BITMAP const*, AGS3::BITMAP*, int,
 int, int, int, int, int) gfx.cpp:106
     #5 0x105360504 in
 AGS3::AGS::Shared::Bitmap::CreateCopy(AGS3::AGS::Shared::Bitmap*, int)
 allegro_bitmap.cpp:105
     #6 0x105364be4 in
 AGS3::AGS::Shared::BitmapHelper::CreateBitmapCopy(AGS3::AGS::Shared::Bitmap*,
 int) bitmap.cpp:71
     #7 0x105499aa4 in
 AGS3::AdjustBitmapForUseWithDisplayMode(AGS3::AGS::Shared::Bitmap*,
 bool)+0x2cc (scummvm:arm64+0x100ff5aa4)
     #8 0x105499f78 in
 AGS3::PrepareSpriteForUse(AGS3::AGS::Shared::Bitmap*, bool)+0x28
 (scummvm:arm64+0x100ff5f78)

 0x0001383366bb is located 3 bytes to the right of 40-byte region
 [0x000138336690,0x0001383366b8)
 allocated by thread T0 here:
     #0 0x122ea3074 in wrap_calloc+0x9c
 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3f074)
     #1 0x11214c4cc in Graphics::Surface::create(short, short,
 Graphics::PixelFormat const&) surface.cpp:79
     #2 0x1120c5eb8 in Graphics::ManagedSurface::create(short, short,
 Graphics::PixelFormat const&) managed_surface.cpp:153
     #3 0x1120c4908 in Graphics::ManagedSurface::ManagedSurface(int, int,
 Graphics::PixelFormat const&) managed_surface.cpp:60
     #4 0x1052965fc in AGS3::Surface::Surface(int, int,
 Graphics::PixelFormat const&) surface.h:332
     #5 0x10529594c in AGS3::Surface::Surface(int, int,
 Graphics::PixelFormat const&) surface.h:332
     #6 0x10529581c in AGS3::create_bitmap_ex(int, int, int)
 surface.cpp:368
 }}}

 Same screen, do not press 'h', finish your character selection, and start
 a game
 {{{
 =================================================================
 ==98321==ERROR: AddressSanitizer: heap-buffer-overflow on address
 0x000140a392bb at pc 0x00010243ef5c bp 0x00016efe3d60 sp 0x00016efe3d58
 READ of size 16 at 0x000140a392bb thread T0
     #0 0x10243ef58 in void AGS3::DrawInnerImpl_NEON::drawPixelSIMD<4,
 2>(unsigned char*, unsigned char const*, __simd128_uint32_t,
 __simd128_uint32_t, __simd128_uint32_t, __simd128_uint32_t, int, int, int,
 int, bool, bool, __simd128_uint32_t) surface_neon.cpp:399
     #1 0x10242505c in void
 AGS3::DrawInnerImpl_NEON::drawInner4BppWithConv<4, 2,
 false>(AGS3::BITMAP::DrawInnerArgs&) surface_neon.cpp:518
     #2 0x10241bbf4 in void
 AGS3::BITMAP::drawNEON<false>(AGS3::BITMAP::DrawInnerArgs&)
 surface_neon.cpp:929
     #3 0x101bf6914 in AGS3::BITMAP::draw(AGS3::BITMAP const*, Common::Rect
 const&, int, int, bool, bool, bool, int, int, int, int) surface.cpp:205
     #4 0x101be8448 in AGS3::blit(AGS3::BITMAP const*, AGS3::BITMAP*, int,
 int, int, int, int, int) gfx.cpp:106
     #5 0x101cc4504 in
 AGS3::AGS::Shared::Bitmap::CreateCopy(AGS3::AGS::Shared::Bitmap*, int)
 allegro_bitmap.cpp:105
     #6 0x101cc8be4 in
 AGS3::AGS::Shared::BitmapHelper::CreateBitmapCopy(AGS3::AGS::Shared::Bitmap*,
 int) bitmap.cpp:71
     #7 0x101dfdaa4 in
 AGS3::AdjustBitmapForUseWithDisplayMode(AGS3::AGS::Shared::Bitmap*,
 bool)+0x2cc (scummvm:arm64+0x100ff5aa4)
     #8 0x101dfdf78 in
 AGS3::PrepareSpriteForUse(AGS3::AGS::Shared::Bitmap*, bool)+0x28
 (scummvm:arm64+0x100ff5f78)

 0x000140a392bb is located 3 bytes to the right of 40-byte region
 [0x000140a39290,0x000140a392b8)
 allocated by thread T0 here:
     #0 0x11f80f074 in wrap_calloc+0x9c
 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3f074)
     #1 0x10eab04cc in Graphics::Surface::create(short, short,
 Graphics::PixelFormat const&) surface.cpp:79
     #2 0x10ea29eb8 in Graphics::ManagedSurface::create(short, short,
 Graphics::PixelFormat const&) managed_surface.cpp:153
     #3 0x10ea28908 in Graphics::ManagedSurface::ManagedSurface(int, int,
 Graphics::PixelFormat const&) managed_surface.cpp:60
     #4 0x101bfa5fc in AGS3::Surface::Surface(int, int,
 Graphics::PixelFormat const&) surface.h:332
     #5 0x101bf994c in AGS3::Surface::Surface(int, int,
 Graphics::PixelFormat const&) surface.h:332
     #6 0x101bf981c in AGS3::create_bitmap_ex(int, int, int)
 surface.cpp:368
 }}}

 These two crashes are likely to be caused by the same bug given that the
 call stack is the same.
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/14633#comment:8>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM


More information about the Scummvm-tracker mailing list