#1369 closed defect (fixed)
DIG: Crash in bundle decoder
| Reported by: | Kirben | Owned by: | fingolfin |
|---|---|---|---|
| Priority: | normal | Component: | Engine: SCUMM |
| Version: | Keywords: | ||
| Cc: | Game: | The Dig |
Description
Latest ScummVM cvs version. English version of The Dig [PC]. Compiled under mingw with GCC 3.2.3 and running under Windows XP.
The Dig crash when launching the Pig at start of game. A gdb back trace is below:
Program received signal SIGSEGV, Segmentation fault. [Switching to thread 1964.0x144] 0x0049f9ff in Scumm::compDecode(unsigned char*, unsigned char*) (src=0x24761e0 "ż\003x", dst=0x2bc055c "x") at scumm/bundle.cpp:458 458 *dstptr++ = *srcptr++; (gdb) bt #0 0x0049f9ff in Scumm::compDecode(unsigned char*, unsigned char*) (src=0x24761e0 "ż\003x", dst=0x2bc055c "x") at scumm/bundle.cpp:458 #1 0x004a04a1 in Scumm::Bundle::decompressCodec (int, unsigned char*, unsigned char*, int) ( this=0x14489a0, codec=12, comp_input=0x24761e0 "ż\003x", comp_output=0x2bc055c "x", input_size=4317) at scumm/bundle.cpp:756 #2 0x0049f71a in Scumm::Bundle::decompressMusicSampleByIndex(int, int, unsigned char*) ( this=0x14489a0, index=0, number=375, comp_final=0x2bc055c "x") at scumm/bundle.cpp:362 #3 0x0049f86c in Scumm::Bundle::decompressMusicSampleByName(char const*, int, unsigned char*) ( this=0x14489a0, name=0x43d5fc "ASTERO~1.IMU", number=375, comp_final=0x2bc055c "x") at scumm/bundle.cpp:402 #4 0x0043c2c0 in Scumm::IMuseDigital::bundleMusicHandler() (this=0x2320048) at scumm/imuse_digi.cpp:1298 #5 0x0043bc96 in Scumm::IMuseDigital::music_handler (void*) (refCon=0x2320048) at scumm/imuse_digi.cpp:1196 #6 0x005db931 in Timer::handler(int) (this=0x13768f8, t=10) at common/timer.cpp:99 #7 0x005db7c8 in Timer::timer_handler(int) (t=10) at common/timer.cpp:79 #8 0x10024339 in SDL_SetTimer () from C:\msys\1.0 \local\bin\SDL.dll
Ticket imported from: #869045. Ticket imported from: bugs/1369.
Change History (5)
comment:1 by , 20 years ago
| Summary: | DIG: Crash when launching Pig → DIG: Crash in bundle decoder |
|---|
comment:2 by , 20 years ago
comment:3 by , 20 years ago
Some more info: when inited, the bundle decoder stores these values: _compMusicTable[380] = (1645675, 4329, 10) _compMusicTable[381] = (1650004, 4352, 12) _compMusicTable[382] = (1654356, 4246, 11)
When it crashes, i get something like this: offset = -2030663794, size = -276327955, codec = -2020153721
Looks indeed like memory corruption.
comment:4 by , 20 years ago
| Owner: | set to |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
comment:5 by , 5 years ago
| Component: | → Engine: SCUMM |
|---|---|
| Game: | → The Dig |
The crash is not related to the pig scene. Rather, just start the dig, skip the intro, and wait. For me it always crashes when number=382 (at least in all test runs I made so far). INterestingly for you it crashes for number=375...
Maybe this is a buffer overrund, or a stack smasher... that would explain why it crashes after some time only, and why for slightly different values for us two.
BTW, my recent bundle.cpp changes are only whitespace changes, and as thus I am sure they are not related. Rather the ImuseDigital changes will likely be the cause (and/or mixer changes).