Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#3598 closed defect (worksforme)

COMI: Crash in ship-to-ship combat

Reported by: eriktorbjorn Owned by: eriktorbjorn
Priority: normal Component: Engine: SCUMM
Keywords: script Cc:
Game: Monkey Island 3

Description

Latest ScummVM SVN snapshot English version of the game

If the *first* ship I try to attack is Captain Rottingham's, ScummVM crashes with the following error:

(39:2011:0x1E42): readArray: array 395 out of bounds: [1,7] exceeds [9,6]!

If I attack any other ship first, and then Rottingham's, the error does not happen. The original interpreter did not crash when I tried the same thing there.

The easiest way to initiate the ship-to-ship combat is to click once anywhere on the overhead map to get going, and then on the ship you wish to fight. It doesn't matter how far away it is. I have not been able to get this trick to work with the original - I have to sail close enough instead - but I don't know if this is a bug or a feature. (It certainly makes this part of the game less time-consuming.)

Ticket imported from: #1880208. Ticket imported from: bugs/3598.

Attachments (1)

comi.s60 (80.9 KB ) - added by eriktorbjorn 12 years ago.
Savegame before the first ship-to-ship combat

Download all attachments as: .zip

Change History (10)

by eriktorbjorn, 12 years ago

Attachment: comi.s60 added

Savegame before the first ship-to-ship combat

comment:1 by fingolfin, 12 years ago

Hm, does it also crash with 0.11.0? What about 0.10 ?

comment:2 by eriktorbjorn, 12 years ago

Well, 0.11.0 produces the same error when using the same savegame, but perhaps that's not surprising. I'd have to replay the first half of the game with 0.10 and 0.11 to say for sure. (I tried it with boot params, but I can't even repeat the crash with the SVN version then.)

comment:3 by eriktorbjorn, 12 years ago

Though the offset doesn't match, I think this is the part of room-39-2011 that triggers the crash:

[039C] (65) if (array395[var391][1] == 99) { [03B7] (67) breakHere() [03B8] (79) startScript(0,300,[]) [03C8] (66) } else { [03CD] (7D) jumpToScript(0,256,[1,localvar4]) [03E7] (**) }

The var391 variable is set to a number from one through 8 just before. I think these numbers represent the various ships, with 7 being Rottingham's ship. (Perhaps 8 is the glass-bottom boat I've heard can appear as an easter egg?)

I added a debug printf() to ScummEngine_v6::readArray(). Oddly enough, if I attack Rottingham's ship immediately, FROM_LE_16(ah->dim1) is 9 and FROM_LE_16(ah->dim2) is 6. If I attack another ship first, these dimensions are swapped to 6 9.

Oddly enough, as soon as I load the savegame, ScummEngine_v6::defineArray() sets the array's dimension to 6 9, which I assume is correct. Something - and I'm still trying to figure out what - then swaps the dimensions to 9 6.

comment:4 by eriktorbjorn, 12 years ago

The "mysterious" change may be simply loading the savegame. So somewhere along the line, something changed the dimensions of the array? Going back to my old savegames, the dimensions were 6 9 before visiting the Voodoo Lady, but 9 6 at some point shortly afterwards. But I haven't been able to reproduce the swapping now.

I don't remember if I was using the trunk or the 0.11 branch at this point, but one of the savegames is dated December 30th, 20:19, and the other December 31 09:32. Oddly enough, the latter savegame claims to have a much shorter playtime, so maybe all this means nothing after all...

comment:5 by eriktorbjorn, 12 years ago

Just one more comment. :-)

It's strange that script-259 changes the dimensions of array 395 to the correct ones, though. It's as if someone anticipated that the dimensions could be changed during gameplay.

comment:6 by eriktorbjorn, 12 years ago

I've played the game all over again, from the beginning. This time, I wasn't able to trigger whatever bug had changed the dimensions of the array, and so I wasn't able to reproduce the crash. I don't know if the bug is invalid or not.

comment:7 by fingolfin, 12 years ago

Well, if we can't reproduce the issue, I am tempted to close this. Who knows what corrupted the original savegame. Not nice, of course :-/

comment:8 by eriktorbjorn, 12 years ago

I guess I have to agree. Even *if* the bug happens again, it seems the scripts correct the array dimensions if you attack any other ship than Rottingham's (I'm still not sure exactly how the ship-to-ship combat works, though, and the click-to-attack-enemy-immediately is strange), so it's not very likely to ever be noticed.

comment:9 by eriktorbjorn, 12 years ago

Owner: set to eriktorbjorn
Resolution: worksforme
Status: newclosed
Note: See TracTickets for help on using tickets.