Opened 14 years ago
Closed 14 years ago
#4896 closed defect (fixed)
WAXWORKS: Crash retrieving spear from the crocodile carcass
| Reported by: | SF/marecki | Owned by: | Kirben |
|---|---|---|---|
| Priority: | high | Component: | Engine: AGOS |
| Version: | Keywords: | ||
| Cc: | Game: | Waxworks |
Description
Hello,
On my system, ScummVM crashes every time I try to retrieve the spear from the carcass of the crocodile on the first level of the pyramid. This happens both when the save (enclosed) is reloaded and when I get to that point of the waxwork without saving and reloading at all.
Details: - ScummVM version: 1.1.1 (it seems all the commits in engines/agos since that release have been related to other things so I haven't tried the daily build yet) - game version: DOS/floppy - game language: English - platform: Linux/x86, gcc-4.3.4
Ticket imported from: #3011638. Ticket imported from: bugs/4896.
Attachments (1)
Change History (8)
by , 14 years ago
| Attachment: | waxworks-pc.001 added |
|---|
comment:1 by , 14 years ago
| Owner: | set to |
|---|
comment:2 by , 14 years ago
| Summary: | Crash trying to retrieve spear from the crocodile carcass → WAXWORKS: Crash retrieving spear from the crocodile carcass |
|---|
comment:3 by , 14 years ago
This bug is nice to get fixed before the release. Raising priority for keeping the track.
comment:4 by , 14 years ago
| Priority: | normal → high |
|---|
comment:5 by , 14 years ago
I can reproduce this. The problem seems to be related to the nextMaster() function in items.cpp, where it loops through an array of items. It uses _itemArraySize as upper bound, but in allocGamePcVars() in res.cpp it only initializes _itemArrayInited elements of the array.
There are a couple of other functions in item.cpp with the same potential problem.
comment:6 by , 14 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:7 by , 14 years ago
Good work, locating the exact cause of the crash.
The PC version of Waxworks added a check to see if an item pointer is valid in findMaster() and nextMaster(), before trying to use that item pointer. Since the item array size is variable in the PC version, and changes between rooms.
Fixed in ScummVM SVN, use the next daily snapshot of ScummVM SVN.
Right in front of the dead croc