Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#10219 closed defect (fixed)

MOHAWK: Riven: Invalid read for RivenVideo::play/load

Reported by: dafioram Owned by: bgK
Priority: normal Component: Engine: Mohawk
Version: Keywords:
Cc: Game: Riven

Description

scummvm: 7a184f0e7fa0af7eca0518af6b46be09fcf25bdc
Valgrind reports this when pressing the button to stop the spinning dome on prison island.
I didn't notice any issues while playing.

==24973== Invalid read of size 4
==24973==    at 0x36E90D: Audio::QuickTimeAudioDecoder::QuickTimeAudioTrack::seek(Audio::Timestamp const (quicktime.cpp:327)
==24973==    by 0x29F386: Video::VideoDecoder::SeekableAudioTrack::seek(Audio::Timestamp const&) (video_decoder.cpp:693)
==24973==    by 0x29E69B: Video::VideoDecoder::Track::rewind() (video_decoder.cpp:530)
==24973==    by 0x29DABC: Video::VideoDecoder::rewind() (video_decoder.cpp:323)
==24973==    by 0x1CC462: Mohawk::RivenVideo::play() (riven_video.cpp:276)
==24973==    by 0x1CC197: Mohawk::RivenVideo::playBlocking(int) (riven_video.cpp:219)
==24973==    by 0x1D11FC: Mohawk::RivenStacks::DomeSpit::runDomeButtonMovie() (domespit.cpp:48)
==24973==    by 0x1DAC13: Mohawk::RivenStacks::PSpit::xpscpbtn(Common::Array<unsigned short> const&) (pspit.cpp:105)
==24973==    by 0x1DB078: Common::Functor1Mem<Common::Array<unsigned short> const&, void, Mohawk::RivenStacks::PSpit>::operator()(Common::Array<unsigned short> const&) const (func.h:451)
==24973==    by 0x1C7FD2: Mohawk::RivenStack::runCommand(unsigned short, Common::Array<unsigned short> const&) (riven_stack.cpp:165)
==24973==    by 0x1C1B20: Mohawk::RivenSimpleCommand::runExternalCommand(unsigned short, Common::Array<unsigned short> const&) (riven_scripts.cpp:584)
==24973==    by 0x1C2EC9: Mohawk::RivenSimpleCommand::execute() (riven_scripts.cpp:794)
==24973==  Address 0x3de1c48c is 8 bytes after a block of size 20 alloc'd
==24973==    at 0x4C2E8BF: operator new[](unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24973==    by 0x3BE47E: Common::QuickTimeParser::readELST(Common::QuickTimeParser::Atom) (quicktime.cpp:438)
==24973==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==24973==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==24973==    by 0x3BDE6D: Common::QuickTimeParser::readTRAK(Common::QuickTimeParser::Atom) (quicktime.cpp:375)
==24973==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==24973==    by 0x3BD575: Common::QuickTimeParser::readMOOV(Common::QuickTimeParser::Atom) (quicktime.cpp:258)
==24973==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==24973==    by 0x3BCC72: Common::QuickTimeParser::parseStream(Common::SeekableReadStream*, DisposeAfterUse::Flag) (quicktime.cpp:104)
==24973==    by 0x298D00: Video::QuickTimeDecoder::loadStream(Common::SeekableReadStream*) (qt_decoder.cpp:68)
==24973==    by 0x1CB73C: Mohawk::RivenVideo::load(unsigned short) (riven_video.cpp:67)
==24973==    by 0x1C26BA: Mohawk::RivenSimpleCommand::activateMLST(Mohawk::MLSTRecord const&) const (riven_scripts.cpp:743)

Change History (4)

comment:1 by dafioram, 7 years ago

A similar looking stack trace also happens when pressing the buttons on the star fissure hatch door.

==25483== Invalid read of size 4
==25483==    at 0x36E90D: Audio::QuickTimeAudioDecoder::QuickTimeAudioTrack::seek(Audio::Timestamp const&) (quicktime.cpp:327)
==25483==    by 0x29F386: Video::VideoDecoder::SeekableAudioTrack::seek(Audio::Timestamp const&) (video_decoder.cpp:693)
==25483==    by 0x29E69B: Video::VideoDecoder::Track::rewind() (video_decoder.cpp:530)
==25483==    by 0x29DABC: Video::VideoDecoder::rewind() (video_decoder.cpp:323)
==25483==    by 0x1CC462: Mohawk::RivenVideo::play() (riven_video.cpp:276)
==25483==    by 0x1C1F73: Mohawk::RivenSimpleCommand::playMovie(unsigned short, Common::Array<unsigned short> const&) (riven_scripts.cpp:648)
==25483==    by 0x1C2EC9: Mohawk::RivenSimpleCommand::execute() (riven_scripts.cpp:794)
==25483==    by 0x1C0A22: Mohawk::RivenScript::run(Mohawk::RivenScriptManager*) (riven_scripts.cpp:226)
==25483==    by 0x1C0421: Mohawk::RivenScriptManager::runQueuedScripts() (riven_scripts.cpp:141)
==25483==    by 0x1AACA7: Mohawk::MohawkEngine_Riven::doFrame() (riven.cpp:272)
==25483==    by 0x1AA7EF: Mohawk::MohawkEngine_Riven::run() (riven.cpp:196)
==25483==    by 0x1643D8: runGame(PluginSubclass<MetaEngine> const*, OSystem&, Common::String const&) (main.cpp:263)
==25483==  Address 0x1a9fb66c is 8 bytes after a block of size 20 alloc'd
==25483==    at 0x4C2E8BF: operator new[](unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==25483==    by 0x3BE47E: Common::QuickTimeParser::readELST(Common::QuickTimeParser::Atom) (quicktime.cpp:438)
==25483==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25483==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25483==    by 0x3BDE6D: Common::QuickTimeParser::readTRAK(Common::QuickTimeParser::Atom) (quicktime.cpp:375)
==25483==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25483==    by 0x3BD575: Common::QuickTimeParser::readMOOV(Common::QuickTimeParser::Atom) (quicktime.cpp:258)
==25483==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25483==    by 0x3BCC72: Common::QuickTimeParser::parseStream(Common::SeekableReadStream*, DisposeAfterUse::Flag) (quicktime.cpp:104)
==25483==    by 0x298D00: Video::QuickTimeDecoder::loadStream(Common::SeekableReadStream*) (qt_decoder.cpp:68)
==25483==    by 0x1CB73C: Mohawk::RivenVideo::load(unsigned short) (riven_video.cpp:67)
==25483==    by 0x1C26BA: Mohawk::RivenSimpleCommand::activateMLST(Mohawk::MLSTRecord const&) const (riven_scripts.cpp:743)

comment:2 by dafioram, 7 years ago

Also at some point during the intro videos

==25846== Invalid read of size 4
==25846==    at 0x36E90D: Audio::QuickTimeAudioDecoder::QuickTimeAudioTrack::seek(Audio::Timestamp const&) (quicktime.cpp:327)
==25846==    by 0x29F386: Video::VideoDecoder::SeekableAudioTrack::seek(Audio::Timestamp const&) (video_decoder.cpp:693)
==25846==    by 0x29E4F4: Video::VideoDecoder::seekIntern(Audio::Timestamp const&) (video_decoder.cpp:498)
==25846==    by 0x29DC8F: Video::VideoDecoder::seek(Audio::Timestamp const&) (video_decoder.cpp:357)
==25846==    by 0x1CC2F7: Mohawk::RivenVideo::playBlocking(int) (riven_video.cpp:248)
==25846==    by 0x1C1F0D: Mohawk::RivenSimpleCommand::playMovieBlocking(unsigned short, Common::Array<unsigned short> const&) (riven_scripts.cpp:641)
==25846==    by 0x1C2EC9: Mohawk::RivenSimpleCommand::execute() (riven_scripts.cpp:794)
==25846==    by 0x1C0A22: Mohawk::RivenScript::run(Mohawk::RivenScriptManager*) (riven_scripts.cpp:226)
==25846==    by 0x1C037C: Mohawk::RivenScriptManager::runScript(Common::SharedPtr<Mohawk::RivenScript> const&, bool) (riven_scripts.cpp:127)
==25846==    by 0x1C3408: Mohawk::RivenSwitchCommand::execute() (riven_scripts.cpp:864)
==25846==    by 0x1C0A22: Mohawk::RivenScript::run(Mohawk::RivenScriptManager*) (riven_scripts.cpp:226)
==25846==    by 0x1C037C: Mohawk::RivenScriptManager::runScript(Common::SharedPtr<Mohawk::RivenScript> const&, bool) (riven_scripts.cpp:127)
==25846==  Address 0x3db3e7cc is 8 bytes after a block of size 20 alloc'd
==25846==    at 0x4C2E8BF: operator new[](unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==25846==    by 0x3BE47E: Common::QuickTimeParser::readELST(Common::QuickTimeParser::Atom) (quicktime.cpp:438)
==25846==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25846==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25846==    by 0x3BDE6D: Common::QuickTimeParser::readTRAK(Common::QuickTimeParser::Atom) (quicktime.cpp:375)
==25846==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25846==    by 0x3BD575: Common::QuickTimeParser::readMOOV(Common::QuickTimeParser::Atom) (quicktime.cpp:258)
==25846==    by 0x3BD424: Common::QuickTimeParser::readDefault(Common::QuickTimeParser::Atom) (quicktime.cpp:232)
==25846==    by 0x3BCC72: Common::QuickTimeParser::parseStream(Common::SeekableReadStream*, DisposeAfterUse::Flag) (quicktime.cpp:104)
==25846==    by 0x298D00: Video::QuickTimeDecoder::loadStream(Common::SeekableReadStream*) (qt_decoder.cpp:68)
==25846==    by 0x1CB73C: Mohawk::RivenVideo::load(unsigned short) (riven_video.cpp:67)
==25846==    by 0x1C26BA: Mohawk::RivenSimpleCommand::activateMLST(Mohawk::MLSTRecord const&) const (riven_scripts.cpp:743)

comment:3 by bgK, 7 years ago

Owner: set to bgK
Resolution: fixed
Status: newclosed

Thanks. I had commit 8547c89b86 ready for when you would find that bug.

comment:4 by dafioram, 7 years ago

I tested those three areas and everything looks good. Thanks bgK.

Note: See TracTickets for help on using tickets.