[Scummvm-tracker] [ScummVM :: Bugs] #14614: SIGSEGV in Scumm::ScummEngine_v5::saveLoadWithSerializer(Common::Serializer&)
ScummVM :: Bugs
trac at scummvm.org
Sat Sep 9 09:17:50 UTC 2023
#14614: SIGSEGV in
Scumm::ScummEngine_v5::saveLoadWithSerializer(Common::Serializer&)
--------------------------+---------------------------
Reporter: lephilousophe | Owner: (none)
Type: defect | Status: new
Priority: normal | Component: Engine: SCUMM
Version: | Keywords:
Game: |
--------------------------+---------------------------
Version 2.7.1
Here is a crash report from Google Play console:
{{{
backtrace:
#00 pc 0x0000000001a05138
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so
(Scumm::ScummEngine_v5::saveLoadWithSerializer(Common::Serializer&)+392)
#01 pc 0x0000000001a00dc4
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so
(Scumm::ScummEngine::loadState(int, bool, Common::String&)+788)
#02 pc 0x0000000001a00a90
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so
(Scumm::ScummEngine::loadState(int, bool)+36)
#03 pc 0x0000000001a0cf44
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so
(Scumm::ScummEngine::go()+96)
#04 pc 0x0000000001a10464
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so
(Scumm::ScummEngine::run()+128)
#05 pc 0x00000000019e90f4
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so (scummvm_main+7012)
#06 pc 0x00000000019db3a8
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/lib/arm64/libscummvm.so (JNI::main(_JNIEnv*,
_jobject*, _jobjectArray*)+340)
#07 pc 0x000000000001d260
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/oat/arm64/base.odex (art_jni_trampoline+112)
#08 pc 0x00000000000471d8
/data/app/~~_TYEzaW_0VjS1b33x2EjvQ==/org.scummvm.scummvm-
mOccEg7CYf8ujARyKMfNbA==/oat/arm64/base.odex
(org.scummvm.scummvm.ScummVM.run+520)
#09 pc 0x00000000001bf1cc /apex/com.android.art/javalib/arm64/boot.oat
(java.lang.Thread.run+76)
#10 pc 0x0000000000218964 /apex/com.android.art/lib64/libart.so
(art_quick_invoke_stub+548)
#11 pc 0x00000000002851f0 /apex/com.android.art/lib64/libart.so
(art::ArtMethod::Invoke(art::Thread*, unsigned int*, unsigned int,
art::JValue*, char const*)+184)
#12 pc 0x0000000000628a24 /apex/com.android.art/lib64/libart.so
(art::JValue
art::InvokeVirtualOrInterfaceWithJValues<art::ArtMethod*>(art::ScopedObjectAccessAlreadyRunnable
const&, _jobject*, art::ArtMethod*, jvalue const*)+460)
#13 pc 0x0000000000678488 /apex/com.android.art/lib64/libart.so
(art::Thread::CreateCallback(void*)+1184)
#14 pc 0x00000000000b4ad8
/apex/com.android.runtime/lib64/bionic/libc.so
(__pthread_start(void*)+264)
#15 pc 0x0000000000052c08
/apex/com.android.runtime/lib64/bionic/libc.so (__start_thread+64)
}}}
From disassembly, it looks like the crash happens in
engines/scumm/saveload.cpp at line 2031:
{{{
_16BitPalette[i] = get16BitColor(_currentPalette[i * 3 + 0],
_currentPalette[i * 3 + 1], _currentPalette[i * 3 + 2]);
}}}
It seems _16BitPalette is not initialized correctly as it happens when
storing the result of get16BitColor call.
--
Ticket URL: <https://bugs.scummvm.org/ticket/14614>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM
More information about the Scummvm-tracker
mailing list