#9783 closed defect (fixed)
SCI: castlebrain: Crash in Wordsearch puzzle
| Reported by: | tsoliman | Owned by: | dafioram |
|---|---|---|---|
| Priority: | normal | Component: | Engine: SCI |
| Version: | Keywords: | ||
| Cc: | Game: | Castle of Dr. Brain |
Description (last modified by )
Self compiled from git 8111544bd9
Crashes with:
Uninitialized read for temp 14 from method word::dispatchEvent (room 320, script 325, localCall ffffffff)!
Backtrace:
Call stack (current base: 0x0):
0: script 994 - Brain::replay()
obj@0001:087c pc=0005:042f sp=ST:0000 fp=ST:0000 argp:ST:0001
1: script 994 - Brain::doit()
by 0 obj@0001:087c pc=0005:0564 sp=ST:0003 fp=ST:0002 argp:ST:0001
2: script 996 - User::doit()
by 1 obj@0016:02b2 pc=0016:008e sp=ST:0005 fp=ST:0005 argp:ST:0004
3: script 996 - User::handleEvent(0016:000c)
by 2 obj@0016:02b2 pc=0016:024d sp=ST:000a fp=ST:0008 argp:ST:0006
4: script 999 - features::handleEvent(0016:000c)
by 3 obj@0005:0028 pc=0004:0659 sp=ST:0010 fp=ST:000d argp:ST:000b
5: script 950 - leftFeat::handleEvent(0016:000c)
by 4 obj@0026:0d3e pc=0019:0258 sp=ST:0014 fp=ST:0013 argp:ST:0011
6: script 950 - CueObj::changeState(0000:0003)
by 5 obj@0019:00ae pc=0019:009b sp=ST:0018 fp=ST:0017 argp:ST:0015
7: script 320 - leftFeat::doVerb(0000:0003, 0000:0000)
by 6 obj@0026:0d3e pc=0026:0ce9 sp=ST:001c fp=ST:001c argp:ST:0019
8: script 325 - word::init()
by 7 obj@002a:06ce pc=002a:0068 sp=ST:001f fp=ST:001e argp:ST:001d
9: script 325 - word::show()
by 8 obj@002a:06ce pc=002a:0077 sp=ST:0021 fp=ST:0021 argp:ST:0020
a: script 934 - PuzzleBar::show()
by 9 obj@002a:06ce pc=000b:0531 sp=ST:0028 fp=ST:0023 argp:ST:0022
b: script 934 - word::hide()
by a obj@002a:06ce pc=000b:06eb sp,fp:carry argp:ST:002b
c: script 937 - word::doit()
by a obj@002a:06ce pc=0008:0a79 sp=ST:002d fp=ST:002c argp:ST:0029
d: script 325 - word::dispatchEvent(0021:05a7)
by c obj@002a:06ce pc=002a:0593 sp=ST:0067 fp=ST:0030 argp:ST:002e
Steps to reproduce:
- load the attached savegame
- Open the door on the left (word search puzzle)
- Pick a letter in the middle and aggressively click and double-click it very rapidly
- Crash
Game version is 1.1 for what it's worth.
Attachments (2)
Change History (11)
by , 7 years ago
| Attachment: | castlebrain.001 added |
|---|
comment:1 by , 7 years ago
| Description: | modified (diff) |
|---|---|
| Summary: | SCI: castlebrain: Uninitialized read for temp 14 from method word::dispatchEvent → SCI: castlebrain: Crash in Wordsearch puzzle |
comment:2 by , 7 years ago
Took quite a few tries, but I managed to reproduce this while tracing vm execution. I'm attaching a log of the execution of the word::dispatchEvent function that triggers this uninitialized read.
comment:4 by , 7 years ago
Incidentally, this same bug also exists in the word search puzzles in Island of Dr Brain.
comment:6 by , 7 years ago
Based on my experience with Island of Dr Brain, if you just lean on your RETURN key for a couple of seconds you should be able to reproduce this bug really easily. :)
comment:7 by , 7 years ago
Actually, I don't have Island. I could submit a patch based on what I see in the script and the castle patch I have already done, but I can't test whether or not it fixes it.
comment:8 by , 7 years ago
| Owner: | set to |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Thanks for your report, and for the patch! The patch for this issue has been added in commit ec1cfcbf47593545357ca3730fdb36b345f669de and will be available in daily builds 1.10.0git-5155 and later.
comment:9 by , 7 years ago
| Owner: | changed from to |
|---|
savegame