Opened 2 years ago

Closed 2 years ago

#9761 closed defect (fixed)

SCI: GK1: Failed assert at start of day 6

Reported by: esziarko Owned by: csnover
Priority: high Component: Engine: SCI
Keywords: sci32 Cc:
Game: Gabriel Knight 1

Description

ScummVM Version: 1.10.0git3200-g23b6dbb (Apr 30 2017)
OS: Windows 10 x64
Game version: Gabriel Knight 1 CD/Windows/English

When I first reached day 6, when trying to pick the letter that comes through the slot there was a failed assert which said something about invalid Y values, and the game crashed. However, I was unable to ever reproduce this crash. Even so, I've included a savegame at the point where it happened.

Attachments (1)

gk1-cd-win.009 (62.5 KB ) - added by esziarko 2 years ago.

Download all attachments as: .zip

Change History (8)

by esziarko, 2 years ago

Attachment: gk1-cd-win.009 added

comment:1 by csnover, 2 years ago

Thanks for your report! I was able to reproduce the issue by switching to use the “look” action (much easier to reproduce the bug since it will not pick up the letter) and clicking around near the bottom of the letter object until it triggered the assertion.

This is kIsOnMe trying to read row 34 of the letter cel, which has only 33 rows. At the moment, I am not sure if this also happens in SSCI (and just reads garbage memory, since they did not validate anything), or if there is a bug in our implementation.

comment:2 by csnover, 2 years ago

Keywords: sci32 added; crash removed

comment:3 by csnover, 2 years ago

Priority: normalhigh

comment:4 by m-kiewitz, 2 years ago

kIsOnMe gets called by:

envelope::perform(OnMeAndLowY, uEvt)
OnMeAndLowY::doit(envelope, uEvt)
envelope::onMe(uEvt)
kOnMe(91, 96, envelope, 1000h)

event x = 91
event y = 96

envelope.x = 78
envelope.y = 89
envelope.z = 25

comment:5 by m-kiewitz, 2 years ago

envelope::perform - script 64999
OnMeAndLowY::doit - script 64996
envelope::onMe - script 64998

comment:6 by m-kiewitz, 2 years ago

Envelope object full dump for wjp:

(0000) [1000] -objID- = 0000:1234 (4660)
(0001) [1001] -size- = 0000:003e (62)
(0002) [1002] -propDict- = 0004:00c6
(0003) [1003] -methDict- = 0000:00e2 (226)
(0004) [1004] -classScript- = 0000:00d2 (210)
(0005) [1005] -script- = 0000:ffff (65535)
(0006) [1006] -super- = 0004:0fa3 (Prop)
(0007) [1007] -info- = 0000:0010 (16)
(0008) [020] name = 00b5:4d49
(0009) [043] heading = 0000:0000 (0)
(000a) [125] noun = 0000:0022 (34)
(000b) [126] case = 0000:0000 (0)
(000c) [127] modNum = 0000:00d3 (211)
(000d) [012] nsLeft = 0000:004e (78)
(000e) [013] nsTop = 0000:003f (63)
(000f) [014] nsRight = 0000:0053 (83)
(0010) [015] nsBottom = 0000:0040 (64)
(0011) [128] sightAngle = 0000:6789 (26505)
(0012) [123] actions = 0000:0000 (0)
(0013) [129] onMeCheck = 0000:0000 (0)
(0014) [029] state = 0000:0000 (0)
(0015) [12a] approachX = 0000:0000 (0)
(0016) [12b] approachY = 0000:0000 (0)
(0017) [12c] approachDist = 0000:0000 (0)
(0018) [12d] _approachVerbs = 0000:0000 (0)
(0019) [000] plane = 0014:0002 (Plane)
(001a) [001] x = 0000:004e (78)
(001b) [002] y = 0000:0059 (89)
(001c) [003] z = 0000:0019 (25)
(001d) [004] scaleX = 0000:0080 (128)
(001e) [005] scaleY = 0000:0080 (128)
(001f) [006] maxScale = 0000:0080 (128)
(0020) [13f] scaleType = 0000:0000 (0)
(0021) [007] priority = 0000:005a (90)
(0022) [008] fixPriority = 0000:0001 (1)
(0023) [009] inLeft = 0000:0000 (0)
(0024) [00a] inTop = 0000:0000 (0)
(0025) [00b] inRight = 0000:0000 (0)
(0026) [00c] inBottom = 0000:0000 (0)
(0027) [00d] useInsetRect = 0000:0000 (0)
(0028) [00e] view = 0000:0890 (2192)
(0029) [00f] loop = 0000:0001 (1)
(002a) [010] cel = 0000:000c (12)
(002b) [011] bitmap = 0000:0000 (0)
(002c) [040] yStep = 0000:0002 (2)
(002d) [01a] signal = 0000:5021 (20513)
(002e) [016] lsLeft = 0000:0000 (0)
(002f) [017] lsTop = 0000:0000 (0)
(0030) [018] lsRight = 0000:0000 (0)
(0031) [019] lsBottom = 0000:0000 (0)
(0032) [01c] brLeft = 0000:004e (78)
(0033) [01d] brTop = 0000:0058 (88)
(0034) [01e] brRight = 0000:0053 (83)
(0035) [01f] brBottom = 0000:005a (90)
(0036) [071] scaleSignal = 0000:0000 (0)
(0037) [08b] magnifier = 0000:0000 (0)
(0038) [104] cycleSpeed = 0000:0006 (6)
(0039) [0b3] script = 0000:0000 (0)
(003a) [105] cycler = 0000:0000 (0)
(003b) [0ac] timer = 0000:0000 (0)
(003c) [148] detailLevel = 0000:0000 (0)
(003d) [149] scaler = 0000:0000 (0)

comment:7 by csnover, 2 years ago

Owner: set to csnover
Resolution: fixed
Status: newclosed

Thanks for your report! A patch for this issue has been added in commit 832cd25ef1a5cd2dc9cb8062f043fb402dab6ed7 and will be available in daily builds 1.10.0git-3476 and later.

Note: See TracTickets for help on using tickets.