Opened 9 years ago
Closed 7 years ago
#7018 closed defect (fixed)
SWORD25: use of uninitialised memory when saving a game
| Reported by: | criezy | Owned by: | bgK |
|---|---|---|---|
| Priority: | blocker | Component: | Engine: Sword25 |
| Version: | Keywords: | has-valgrind-logs | |
| Cc: | Game: | Broken Sword 2.5 |
Description
I played a bit BS 2.5 (in English) with valgrind on OS X 10.9 with an up to date ScummVM (4b7d49d). This mostly work well but there are a couple of use of uninitialized memory when saving a game (to be exact loading a game from the menu screen to avoid the pain of crawling with valgrind through the intro and then saving one just after the load - the save game is right at the start of the game outside of Nico's appartment):
Here is the first one:
==33893== Syscall param write(buf) points to uninitialised byte(s)
==33893== at 0x35D8E9A: write$NOCANCEL (in /usr/lib/system/libsystem_kernel.dylib)
==33893== by 0x34F8E1A: __sfvwrite (in /usr/lib/system/libsystem_c.dylib)
==33893== by 0x34F9115: fwrite (in /usr/lib/system/libsystem_c.dylib)
==33893== by 0x101B6C6CB: StdioStream::write(void const, unsigned int) (stdiostream.cpp:72)
==33893== by 0x101B6C714: non-virtual thunk to StdioStream::write(void const, unsigned int) (stdiostream.cpp:73)
==33893== by 0x10145825E: Sword25::PersistenceService::saveGame(unsigned int, Common::String const&) (persistenceservice.cpp:317)
==33893== by 0x101456418: Sword25::saveGame(lua_State) (kernel_script.cpp:441)
==33893== by 0x10147EC8D: luaD_precall(lua_State, lua_TValue, int) (ldo.cpp:343)
==33893== by 0x101496F3E: luaV_execute(lua_State, int) (lvm.cpp:587)
==33893== by 0x10147F491: luaD_call(lua_State, lua_TValue, int) (ldo.cpp:401)
==33893== by 0x10147324E: f_call(lua_State, void) (lapi.cpp:803)
==33893== by 0x10147E2C8: luaD_rawrunprotected(lua_State, void ()(lua_State, void), void) (ldo.cpp:140)
==33893== Address 0x10b02bcf3 is 1,280,243 bytes inside a block of size 2,097,152 alloc'd
==33893== at 0x47E1: malloc (vg_replace_malloc.c:300)
==33893== by 0x101186F79: Common::Array
Ticket imported from: bugs/7018.
Change History (3)
comment:1 by , 7 years ago
| Priority: | normal → blocker |
|---|
comment:2 by , 7 years ago
| Keywords: | has-valgrind-logs added |
|---|
comment:3 by , 7 years ago
| Owner: | set to |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Fixed in 443211d9, free sound handles containing uninitialized memory were being saved. Harmless.
Raising all identified crasher, hang, and memory violation bugs which I could not fully triage myself to blocker priority for the next release.