ST_UILogForPlayer returning garbage in jDoom64
This appears to be the current major crash issue in jD64.
I've been debugging it on the CMake branch using GDB, and the engine reliably crashes due to a failed assertion in the memory manager (specifically, Z_Realloc). What it looks like is going on becomes apparent in UILog_Push. Essentially, what I'm seeing is that UILog_Post/Push are being passed garbage in place of the parameter `ob`, UILog_Push then goes to get the index of the next available chat message, which is more than likely out of bound. In the event that it has to lengthen the string for that line, it will call `Z_Realloc`. Said string, having never been allocated in the first place, will simply cause `Z_Realloc` to raise an exception (as the object is not inside managed space) which goes uncaught.
#2 Updated by rhargrave over 6 years ago
I've been debugging this, and this is what's going on:
- `UILog_Push` wants to reallocate a log message using `Z_Realloc`
- This message's memory is either not managed, or was allocated using `M_Malloc(size_t)`, or `malloc(size_t)` and does not reside in contiguous space managed by `memoryzone`.
- `Z_Realloc` aborts due to the above