search

angered-ghandi / OpenAOE

An open source reimplementation of Age of Empires (1997)
Other
66 stars 6 forks source link

SLP 491 crashes the game #53

Closed angered-ghandi closed 8 years ago

angered-ghandi commented 8 years ago

SLP 491 (used for hut smoke) causes the game to crash due to its absurdly large center values in its last three frames:

$ ./tools/slp_viewer/target/debug/slp_viewer -d ../original-data/graphics.drs -i ../original-data/interfac.drs -p 1 491
Loading DRS: ../original-data/graphics.drs
Loading DRS: ../original-data/interfac.drs
Loading SLP: 491
Loading palette
Frame[0]: SlpShapeHeader { shape_data_offsets: 700, shape_outline_offset: 672, palette_offset: 0, properties: 0, width: 10, height: 7, center_x: 6, center_y: 0 }
Frame[1]: SlpShapeHeader { shape_data_offsets: 794, shape_outline_offset: 750, palette_offset: 0, properties: 0, width: 7, height: 11, center_x: 3, center_y: 4 }
Frame[2]: SlpShapeHeader { shape_data_offsets: 919, shape_outline_offset: 867, palette_offset: 0, properties: 0, width: 10, height: 13, center_x: 5, center_y: 7 }
Frame[3]: SlpShapeHeader { shape_data_offsets: 1092, shape_outline_offset: 1024, palette_offset: 0, properties: 0, width: 12, height: 17, center_x: 6, center_y: 9 }
Frame[4]: SlpShapeHeader { shape_data_offsets: 1336, shape_outline_offset: 1252, palette_offset: 0, properties: 0, width: 11, height: 21, center_x: 6, center_y: 11 }
Frame[5]: SlpShapeHeader { shape_data_offsets: 1625, shape_outline_offset: 1541, palette_offset: 0, properties: 0, width: 12, height: 21, center_x: 7, center_y: 13 }
Frame[6]: SlpShapeHeader { shape_data_offsets: 1963, shape_outline_offset: 1859, palette_offset: 0, properties: 0, width: 12, height: 26, center_x: 7, center_y: 16 }
Frame[7]: SlpShapeHeader { shape_data_offsets: 2371, shape_outline_offset: 2267, palette_offset: 0, properties: 0, width: 14, height: 26, center_x: 7, center_y: 17 }
Frame[8]: SlpShapeHeader { shape_data_offsets: 2793, shape_outline_offset: 2693, palette_offset: 0, properties: 0, width: 12, height: 25, center_x: 6, center_y: 18 }
Frame[9]: SlpShapeHeader { shape_data_offsets: 3195, shape_outline_offset: 3091, palette_offset: 0, properties: 0, width: 15, height: 26, center_x: 8, center_y: 20 }
Frame[10]: SlpShapeHeader { shape_data_offsets: 3631, shape_outline_offset: 3535, palette_offset: 0, properties: 0, width: 15, height: 24, center_x: 9, center_y: 20 }
Frame[11]: SlpShapeHeader { shape_data_offsets: 4020, shape_outline_offset: 3920, palette_offset: 0, properties: 0, width: 16, height: 25, center_x: 10, center_y: 22 }
Frame[12]: SlpShapeHeader { shape_data_offsets: 4360, shape_outline_offset: 4272, palette_offset: 0, properties: 0, width: 13, height: 22, center_x: 10, center_y: 22 }
Frame[13]: SlpShapeHeader { shape_data_offsets: 4609, shape_outline_offset: 4545, palette_offset: 0, properties: 0, width: 13, height: 16, center_x: 10, center_y: 19 }
Frame[14]: SlpShapeHeader { shape_data_offsets: 4801, shape_outline_offset: 4741, palette_offset: 0, properties: 0, width: 8, height: 15, center_x: 8, center_y: 21 }
Frame[15]: SlpShapeHeader { shape_data_offsets: 4919, shape_outline_offset: 4899, palette_offset: 0, properties: 0, width: 3, height: 5, center_x: 5, center_y: 15 }
Frame[16]: SlpShapeHeader { shape_data_offsets: 4955, shape_outline_offset: 4951, palette_offset: 0, properties: 0, width: 2, height: 1, center_x: 5, center_y: 17 }
Frame[17]: SlpShapeHeader { shape_data_offsets: 4975, shape_outline_offset: 4963, palette_offset: 0, properties: 0, width: 3, height: 3, center_x: -2147483325, center_y: -2147483372 }
Frame[18]: SlpShapeHeader { shape_data_offsets: 4999, shape_outline_offset: 4987, palette_offset: 0, properties: 0, width: 3, height: 3, center_x: -2147483325, center_y: -2147483372 }
Frame[19]: SlpShapeHeader { shape_data_offsets: 5023, shape_outline_offset: 5011, palette_offset: 0, properties: 0, width: 3, height: 3, center_x: -2147483325, center_y: -2147483372 }

Those centers cause integer overflow and crash the game when rendered. This can be reproduced consistently by scrolling to the North East side of the map in mu0a3a_1.scn.

Backtrace:

frame: 0, position: Vector2 { x: 7680, y: -992 }, src_rect: Rect { x: 0, y: 0, w: 3, h: 3 }, center: Vector2 { x: -2147483183, y: -2147483190 }
thread 'main' panicked at 'attempted to add with overflow', crates/types/src/rect.rs:49
...
  10:     0x564fb16fae4f - open_aoe_types::rect::Rect::translate::h413df165c52956cb
                        at /home/angered-ghandi/src/OpenAOE/crates/types/src/rect.rs:49
  11:     0x564fb16d3997 - open_aoe_resource::shape_manager::Shape::render_frame::h2ee29d5704f106e7
                        at /home/angered-ghandi/src/OpenAOE/crates/resource/src/shape_manager.rs:126
  12:     0x564fb16d4c03 - open_aoe_resource::render_command::RenderCommand::render_all::h05c091e231cf6a4f
                        at /home/angered-ghandi/src/OpenAOE/crates/resource/src/render_command.rs:44
  13:     0x564fb16347a3 - _<open_aoe..game..state..scenario_game_state..ScenarioGameState as open_aoe..game..state..game_state..GameState>::render::hc1cbac43cb66c967
                        at /home/angered-ghandi/src/OpenAOE/src/game/state/scenario_game_state.rs:93
  14:     0x564fb16340cf - open_aoe::game::game::Game::game_loop::h63475e5b089a8ca4
                        at /home/angered-ghandi/src/OpenAOE/src/game/game.rs:113
  15:     0x564fb16351ec - open_aoe::main::h571448b8769fdeb1
...

These center values are close, but not quite equal to the minimum 32-bit integer value. There's also nothing but transparent pixels on these frames, so perhaps the game is just using these crazy center values to tell the engine to never draw them.

angered-ghandi commented 8 years ago

SLP 50405 in interfac.drs also exhibits this behavior:

Frame index 0: SlpShapeHeader { shape_data_offsets: 300, shape_outline_offset: 288, palette_offset: 0, properties: 0, width: 3, height: 3, center_x: -2147483325, center_y: -2147483407 }
Frame index 1: SlpShapeHeader { shape_data_offsets: 424, shape_outline_offset: 312, palette_offset: 0, properties: 0, width: 49, height: 28, center_x: 24, center_y: 16 }
Frame index 2: SlpShapeHeader { shape_data_offsets: 901, shape_outline_offset: 789, palette_offset: 0, properties: 0, width: 45, height: 28, center_x: 21, center_y: 16 }
Frame index 3: SlpShapeHeader { shape_data_offsets: 1476, shape_outline_offset: 1376, palette_offset: 0, properties: 0, width: 38, height: 25, center_x: 18, center_y: 15 }
Frame index 4: SlpShapeHeader { shape_data_offsets: 1983, shape_outline_offset: 1899, palette_offset: 0, properties: 0, width: 30, height: 21, center_x: 15, center_y: 15 }
Frame index 5: SlpShapeHeader { shape_data_offsets: 2459, shape_outline_offset: 2399, palette_offset: 0, properties: 0, width: 21, height: 15, center_x: 10, center_y: 11 }
Frame index 6: SlpShapeHeader { shape_data_offsets: 2787, shape_outline_offset: 2755, palette_offset: 0, properties: 0, width: 15, height: 8, center_x: 7, center_y: 5 }
Frame index 7: SlpShapeHeader { shape_data_offsets: 2936, shape_outline_offset: 2924, palette_offset: 0, properties: 0, width: 3, height: 3, center_x: -2147483325, center_y: -2147483407 }

I think it's just an indicator that the graphic shouldn't be drawn on that frame.