Opened 4 years ago

Closed 4 years ago

#12314 closed defect (fixed)

AGS: The Shivah: Segfault when leaving the synagogue

Reported by: Tea23 Owned by: dreammaster
Priority: normal Component: Engine: AGS
Version: Keywords:
Cc: Game:

Description

At the very start of the game, after Stone decides to pay his Shivah call the Jack Lauder, leaving the synagogue and opening the map crashes ScummVM with the following:

scummvm: ./common/array.h:238: T& Common::Array<T>::operator[](Common::Array<T>::size_type) [with T = AGS3::SpriteInfo; Common::Array<T>::size_type = unsigned int]: Assertion `idx < _size' failed.

Change History (2)

comment:1 by criezy, 4 years ago

Debug output from the AGS engine is:

(room:6) Loading room 6
(room:6) Mouse bounds constrained to (0,0)-(319,199)
(room:6) Now in room 6
(room:6) Cursor mode set to 2
(room:6) AudioClip.Play: failed to play sound file
(room:6) Room camera released back to engine control
(room:6)[G 2021] GUI 4 Button 5 normal set to slot 191
(room:6)[G 645] GUIOff(26) ignored (already off)
(room:6)[G 1364] GUI 5 turned on
(room:6)[G 1430] GUIOff(14) ignored (already off)
(room:6)[G 1431] GUIOff(16) ignored (already off)
(room:6)[R 36] GUI 3 Button 6 normal set to slot -1
Assertion failed: (idx < _size), function operator[], file ./common/array.h, line 238.

The assert is caused by using that slot -1 as an index in a Common::Array and it is casted to an unsigned int with a very big value.

I have no idea why this happens though. Looking at the original source code I think it would also crash if it was getting an index of -1.

The call stack for this crash is:

  frame 4: Common::Array<AGS3::SpriteInfo>::operator[](idx=4294967295) at array.h:238:3
  frame 5: AGS3::Button_SetNormalGraphic(guil, slotn=-1) at button.cpp:158:16
  frame 6: AGS3::Sc_Button_SetNormalGraphic(self, params, param_count=1) at button.cpp:362:2
  frame 7: AGS3::ccInstance::Run(this, curpc=100) at cc_instance.cpp:1003:21
  frame 8: AGS3::ccInstance::CallScriptFunction(this, funcname="room_b", numargs=0, params) at cc_instance.cpp:339:15
  frame 9: AGS3::RunScriptFunctionIfExists(sci, tsname="room_b", numParam=0, params) at script.cpp:355:32
  frame 10: scummvm`AGS3::RunTextScript(sci, tsname="room_b") at script.cpp:401:14
  frame 11: AGS3::RunScriptFunction(sc_inst=kScInstRoom, fn_name="room_b", param_count=0, p1, p2) at script.cpp:266:4
  frame 12: AGS3::QueueScriptFunction(sc_inst=kScInstRoom, fn_name="room_b", param_count=0, p1, p2) at script.cpp:255:3
  frame 13: AGS3::run_interaction_script(nint, evnt=6, chkAny=-1, isInv=0) at script.cpp:184:3
  frame 14: AGS3::process_event(evp) at event.cpp:175:4

comment:2 by dreammaster, 4 years ago

Owner: set to dreammaster
Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.