Created
August 27, 2018 15:46
-
-
Save DrMcCoy/549d6f2ed5ea7532539ee148a02f75a7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| READ of size 8 at 0x61e00013f880 thread T7 (GameInstance) | |
| #0 0x55bfeda133c8 in Aurora::NWScript::ObjectReference::operator=(Aurora::NWScript::Object const*) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/objectref.cpp:55 | |
| #1 0x55bfed9b9efe in Aurora::NWScript::NCSFile::execute(Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:377 | |
| #2 0x55bfed9c1e66 in Aurora::NWScript::NCSFile::run(Aurora::NWScript::ScriptState const&, Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:373 | |
| #3 0x55bfec33d275 in Engines::KotOR::ScriptContainer::runScript(Common::UString const&, Aurora::NWScript::ScriptState const&, Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/script/container.cpp:172 | |
| #4 0x55bfec2e8327 in Engines::KotOR::Module::handleActions() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:680 | |
| #5 0x55bfec308162 in Engines::KotOR::Module::processEventQueue() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:535 | |
| #6 0x55bfec23d4ed in Engines::KotOR::Game::runModule() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:96 | |
| #7 0x55bfec241c7a in Engines::KotOR::Game::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:76 | |
| #8 0x55bfec2213f0 in Engines::KotOR::KotOREngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/kotor.cpp:128 | |
| #9 0x55bfeca4c976 in Engines::GameInstanceEngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:222 | |
| #10 0x55bfeca4e570 in Engines::EngineManager::run(Engines::GameInstance&) const /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:249 | |
| #11 0x55bfeca4ff3b in Engines::GameThread::threadMethod() /home/drmccoy/projects/xoreos/xoreos/src/engines/gamethread.cpp:87 | |
| #12 0x55bfedac5543 in Common::Thread::threadHelper(void*) /home/drmccoy/projects/xoreos/xoreos/src/common/thread.cpp:113 | |
| #13 0x7fe7c4d297bb in SDL_RunThread /var/tmp/portage/media-libs/libsdl2-2.0.8-r2/work/SDL2-2.0.8/src/thread/SDL_thread.c:283 | |
| #14 0x7fe7c4d90228 in RunThread /var/tmp/portage/media-libs/libsdl2-2.0.8-r2/work/SDL2-2.0.8/src/thread/pthread/SDL_systhread.c:74 | |
| #15 0x7fe7c59859a9 in start_thread /var/tmp/portage/sys-libs/glibc-2.27-r6/work/glibc-2.27/nptl/pthread_create.c:463 | |
| #16 0x7fe7c134c56e in clone (/lib64/libc.so.6+0x10456e) | |
| 0x61e00013f880 is located 0 bytes inside of 2536-byte region [0x61e00013f880,0x61e000140268) | |
| freed by thread T7 (GameInstance) here: | |
| #0 0x7fe7c5c8e738 in operator delete(void*, unsigned long) /var/tmp/portage/sys-devel/gcc-8.2.0-r2/work/gcc-8.2.0/libsanitizer/asan/asan_new_delete.cc:151 | |
| #1 0x55bfec2acf52 in void Common::DeallocatorDefault::destroy<Engines::KotOR::Object>(Engines::KotOR::Object*) /home/drmccoy/projects/xoreos/xoreos/src/common/deallocator.h:44 | |
| #2 0x55bfec2acf52 in Common::PtrList<Engines::KotOR::Object, Common::DeallocatorDefault>::erase(std::_List_iterator<Engines::KotOR::Object*>) /home/drmccoy/projects/xoreos/xoreos/src/common/ptrlist.h:65 | |
| #3 0x55bfec2acf52 in Common::PtrList<Engines::KotOR::Object, Common::DeallocatorDefault>::remove(Engines::KotOR::Object* const&) /home/drmccoy/projects/xoreos/xoreos/src/common/ptrlist.h:97 | |
| #4 0x55bfec2acf52 in Engines::KotOR::Area::removeObject(Engines::KotOR::Object*) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/area.cpp:747 | |
| #5 0x55bfec3403c2 in boost::_mfi::mf1<void, Engines::KotOR::Functions, Aurora::NWScript::FunctionContext&>::operator()(Engines::KotOR::Functions*, Aurora::NWScript::FunctionContext&) const /usr/include/boost/bind/mem_fn_template.hpp:165 | |
| #6 0x55bfec3403c2 in void boost::_bi::list2<boost::_bi::value<Engines::KotOR::Functions*>, boost::arg<1> >::operator()<boost::_mfi::mf1<void, Engines::KotOR::Functions, Aurora::NWScript::FunctionContext&>, boost::_bi::rrlist1<Aurora::NWScript::FunctionContext&> >(boost::_bi::type<void>, boost::_mfi::mf1<void, Engines::KotOR::Functions, Aurora::NWScript::FunctionContext&>&, boost::_bi::rrlist1<Aurora::NWScript::FunctionContext&>&, int) /usr/include/boost/bind/bind.hpp:319 | |
| #7 0x55bfec3403c2 in void boost::_bi::bind_t<void, boost::_mfi::mf1<void, Engines::KotOR::Functions, Aurora::NWScript::FunctionContext&>, boost::_bi::list2<boost::_bi::value<Engines::KotOR::Functions*>, boost::arg<1> > >::operator()<Aurora::NWScript::FunctionContext&>(Aurora::NWScript::FunctionContext&) /usr/include/boost/bind/bind.hpp:1306 | |
| #8 0x55bfec3403c2 in boost::detail::function::void_function_obj_invoker1<boost::_bi::bind_t<void, boost::_mfi::mf1<void, Engines::KotOR::Functions, Aurora::NWScript::FunctionContext&>, boost::_bi::list2<boost::_bi::value<Engines::KotOR::Functions*>, boost::arg<1> > >, void, Aurora::NWScript::FunctionContext&>::invoke(boost::detail::function::function_buffer&, Aurora::NWScript::FunctionContext&) /usr/include/boost/function/function_template.hpp:159 | |
| #9 0x55bfed999c69 in boost::function1<void, Aurora::NWScript::FunctionContext&>::operator()(Aurora::NWScript::FunctionContext&) const /usr/include/boost/function/function_template.hpp:759 | |
| #10 0x55bfed999c69 in Aurora::NWScript::FunctionManager::call(unsigned int, Aurora::NWScript::FunctionContext&) const /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/functionman.cpp:109 | |
| #11 0x55bfed9dc460 in Aurora::NWScript::NCSFile::callEngine(Aurora::NWScript::FunctionContext&, unsigned int, unsigned char) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:580 | |
| #12 0x55bfed9dd989 in Aurora::NWScript::NCSFile::o_action(Aurora::NWScript::NCSFile::InstructionType) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:627 | |
| #13 0x55bfed9b82ec in Aurora::NWScript::NCSFile::executeStep() /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:411 | |
| #14 0x55bfed9b9f69 in Aurora::NWScript::NCSFile::execute(Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:380 | |
| #15 0x55bfed9c1e66 in Aurora::NWScript::NCSFile::run(Aurora::NWScript::ScriptState const&, Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/ncsfile.cpp:373 | |
| #16 0x55bfec33d275 in Engines::KotOR::ScriptContainer::runScript(Common::UString const&, Aurora::NWScript::ScriptState const&, Aurora::NWScript::Object*, Aurora::NWScript::Object*) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/script/container.cpp:172 | |
| #17 0x55bfec2e8327 in Engines::KotOR::Module::handleActions() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:680 | |
| #18 0x55bfec308162 in Engines::KotOR::Module::processEventQueue() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:535 | |
| #19 0x55bfec23d4ed in Engines::KotOR::Game::runModule() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:96 | |
| #20 0x55bfec241c7a in Engines::KotOR::Game::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:76 | |
| #21 0x55bfec2213f0 in Engines::KotOR::KotOREngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/kotor.cpp:128 | |
| #22 0x55bfeca4c976 in Engines::GameInstanceEngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:222 | |
| #23 0x55bfeca4e570 in Engines::EngineManager::run(Engines::GameInstance&) const /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:249 | |
| #24 0x55bfeca4ff3b in Engines::GameThread::threadMethod() /home/drmccoy/projects/xoreos/xoreos/src/engines/gamethread.cpp:87 | |
| #25 0x55bfedac5543 in Common::Thread::threadHelper(void*) /home/drmccoy/projects/xoreos/xoreos/src/common/thread.cpp:113 | |
| #26 0x7fe7c4d297bb in SDL_RunThread /var/tmp/portage/media-libs/libsdl2-2.0.8-r2/work/SDL2-2.0.8/src/thread/SDL_thread.c:283 | |
| previously allocated by thread T7 (GameInstance) here: | |
| #0 0x7fe7c5c8d1c0 in operator new(unsigned long) /var/tmp/portage/sys-devel/gcc-8.2.0-r2/work/gcc-8.2.0/libsanitizer/asan/asan_new_delete.cc:90 | |
| #1 0x55bfec29ff13 in Engines::KotOR::Area::loadCreatures(std::vector<Aurora::GFF3Struct const*, std::allocator<Aurora::GFF3Struct const*> > const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/area.cpp:440 | |
| #2 0x55bfec2a1d0c in Engines::KotOR::Area::loadGIT(Aurora::GFF3Struct const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/area.cpp:352 | |
| #3 0x55bfec2a27ba in Engines::KotOR::Area::load() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/area.cpp:108 | |
| #4 0x55bfec2a427d in Engines::KotOR::Area::Area(Engines::KotOR::Module&, Common::UString const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/area.cpp:78 | |
| #5 0x55bfec2dce62 in Engines::KotOR::Module::loadArea() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:251 | |
| #6 0x55bfec304b84 in Engines::KotOR::Module::loadModule(Common::UString const&, Common::UString const&, Engines::KotOR::ObjectType) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/module.cpp:140 | |
| #7 0x55bfec3c9688 in Engines::KotOR::CharacterGenerationMenu::start() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/gui/chargen/charactergeneration.cpp:220 | |
| #8 0x55bfec3d9e5a in Engines::KotOR::QuickCharPanel::callbackActive(Engines::Widget&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/gui/chargen/quickchar.cpp:75 | |
| #9 0x55bfecadbde9 in Engines::GUI::checkWidgetActive(Engines::Widget*) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:492 | |
| #10 0x55bfecae411e in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:539 | |
| #11 0x55bfecae6434 in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:526 | |
| #12 0x55bfecae6434 in Engines::GUI::processEventQueue() /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:204 | |
| #13 0x55bfecaecfaf in Engines::GUI::run(unsigned int) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:134 | |
| #14 0x55bfecaf125e in Engines::GUI::sub(Engines::GUI&, unsigned int, bool, bool) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:371 | |
| #15 0x55bfec3b57c8 in Engines::KotOR::ClassSelectionMenu::callbackActive(Engines::Widget&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/gui/chargen/classselection.cpp:218 | |
| #16 0x55bfecadbde9 in Engines::GUI::checkWidgetActive(Engines::Widget*) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:492 | |
| #17 0x55bfecae411e in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:539 | |
| #18 0x55bfecae6434 in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:526 | |
| #19 0x55bfecae6434 in Engines::GUI::processEventQueue() /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:204 | |
| #20 0x55bfecaecd8c in Engines::GUI::run(unsigned int) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:132 | |
| #21 0x55bfecaf125e in Engines::GUI::sub(Engines::GUI&, unsigned int, bool, bool) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:371 | |
| #22 0x55bfec360d11 in Engines::KotOR::MainMenu::callbackActive(Engines::Widget&) /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/gui/main/main.cpp:197 | |
| #23 0x55bfecadbde9 in Engines::GUI::checkWidgetActive(Engines::Widget*) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:492 | |
| #24 0x55bfecae411e in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:539 | |
| #25 0x55bfecae6434 in Engines::GUI::mouseUp(SDL_Event const&) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:526 | |
| #26 0x55bfecae6434 in Engines::GUI::processEventQueue() /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:204 | |
| #27 0x55bfecaecd8c in Engines::GUI::run(unsigned int) /home/drmccoy/projects/xoreos/xoreos/src/engines/aurora/gui.cpp:132 | |
| #28 0x55bfec240fc9 in Engines::KotOR::Game::mainMenu() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:150 | |
| #29 0x55bfec241c5f in Engines::KotOR::Game::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/game.cpp:75 | |
| #30 0x55bfec2213f0 in Engines::KotOR::KotOREngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/kotor/kotor.cpp:128 | |
| #31 0x55bfeca4c976 in Engines::GameInstanceEngine::run() /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:222 | |
| #32 0x55bfeca4e570 in Engines::EngineManager::run(Engines::GameInstance&) const /home/drmccoy/projects/xoreos/xoreos/src/engines/enginemanager.cpp:249 | |
| Thread T7 (GameInstance) created by T0 here: | |
| #0 0x7fe7c5be8b73 in __interceptor_pthread_create /var/tmp/portage/sys-devel/gcc-8.2.0-r2/work/gcc-8.2.0/libsanitizer/asan/asan_interceptors.cc:202 | |
| #1 0x7fe7c4d90296 in SDL_SYS_CreateThread /var/tmp/portage/media-libs/libsdl2-2.0.8-r2/work/SDL2-2.0.8/src/thread/pthread/SDL_systhread.c:115 | |
| SUMMARY: AddressSanitizer: heap-use-after-free /home/drmccoy/projects/xoreos/xoreos/src/aurora/nwscript/objectref.cpp:55 in Aurora::NWScript::ObjectReference::operator=(Aurora::NWScript::Object const*) | |
| Shadow bytes around the buggy address: | |
| 0x0c3c8001fec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| 0x0c3c8001fed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| 0x0c3c8001fee0: 00 00 00 fa fa fa fa fa fa fa fa fa fa fa fa fa | |
| 0x0c3c8001fef0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
| 0x0c3c8001ff00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
| =>0x0c3c8001ff10:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3c8001ff20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3c8001ff30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3c8001ff40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3c8001ff50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3c8001ff60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| Shadow byte legend (one shadow byte represents 8 application bytes): | |
| Addressable: 00 | |
| Partially addressable: 01 02 03 04 05 06 07 | |
| Heap left redzone: fa | |
| Freed heap region: fd | |
| Stack left redzone: f1 | |
| Stack mid redzone: f2 | |
| Stack right redzone: f3 | |
| Stack after return: f5 | |
| Stack use after scope: f8 | |
| Global redzone: f9 | |
| Global init order: f6 | |
| Poisoned by user: f7 | |
| Container overflow: fc | |
| Array cookie: ac | |
| Intra object redzone: bb | |
| ASan internal: fe | |
| Left alloca redzone: ca | |
| Right alloca redzone: cb | |
| ==11839==ABORTING |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment