Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use after free in map test #162

Open
DarthGandalf opened this issue Dec 16, 2023 · 0 comments
Open

Use after free in map test #162

DarthGandalf opened this issue Dec 16, 2023 · 0 comments

Comments

@DarthGandalf
Copy link
Contributor 

[23:51:34.059] [debug] -> Loading level: Act 1 - Town 1                                                                                                                                                                                                                           
[23:51:34.059] [debug] -> Loading level alt: Act1/Town/TownN1.ds1                                                                                                                                                                                                                 
[23:51:51.408] [debug] -> Loading level alt: Act1/Town/TownE1.ds1                                                                                                                                                                                                                 
[23:51:54.975] [debug] -> Loading level: Act 1 - Cave Theme S                                                                                                                                                                                                                     
[23:51:54.975] [debug] -> Loading level alt: Act1/Caves/CaveSTheme1.ds1                                                                                                                                                                                                           
[23:52:10.492] [debug] -> Loading level: Act 5 - Barricade 3 Snow
[23:52:10.492] [debug] -> Loading level alt: Expansion/Siege/snowbarrCC1.ds1                                                                                                                                                                                             
=================================================================                                                                                                                                                                                                                 
==20496==ERROR: AddressSanitizer: heap-use-after-free on address 0x7f9c32aef900 at pc 0x556b12a851e1 bp 0x7ffe9b478370 sp 0x7ffe9b478368                                                                                                                                          
WRITE of size 4 at 0x7f9c32aef900 thread T0                                                                                                                                                                                                                                       
    #0 0x556b12a851e0 in Abyss::DataTypes::DT1::DT1(std::__1::basic_string_view<char, std::__1::char_traits<char>>, Abyss::DataTypes::Palette const&) /home/somebody/AbyssEngine/src/Abyss/DataTypes/DT1.cpp:176:71                                                               
    #1 0x556b128292e5 in Abyss::DataTypes::DT1* std::__1::construct_at[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&, Abyss::DataTypes::DT1*>(Abyss::DataType
s::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/construct_at.h:41:46                                                                                         
    #2 0x556b128292e5 in void std::__1::allocator_traits<std::__1::allocator<Abyss::DataTypes::DT1>>::construct[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&
, void, void>(std::__1::allocator<Abyss::DataTypes::DT1>&, Abyss::DataTypes::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/allocator_traits.h:304:9           
    #3 0x556b128292e5 in void std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::__construct_one_at_end[abi:ue170006]<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette con
st&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:919:5                                                                                                              
    #4 0x556b12821cd9 in Abyss::DataTypes::DT1& std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::emplace_back<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&>(s
td::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:1678:9                                                                                                                   
    #5 0x556b12821cd9 in OD2::Scenes::MapTest::MapTest::loadTile(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:178:14                                                
    #6 0x556b12825c4a in OD2::Scenes::MapTest::MapTest::render() /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:218:25                                                                                                                                             
    #7 0x556b12a9be8a in Abyss::AbyssEngine::render() const /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:78:28                                                                                                                                                            
    #8 0x556b12a9f1db in Abyss::AbyssEngine::run() /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:318:9                                                                                                                                                                     
    #9 0x556b12836964 in main /home/somebody/AbyssEngine/src/OD2/main.cpp:206:16                                                                                                                                                                                                  
    #10 0x7f9c55af89c9 in __libc_start_call_main /mnt/portagetmp/portage/sys-libs/glibc-2.37-r7/work/glibc-2.37/csu/../sysdeps/nptl/libc_start_call_main.h:58:16                                                                                                                  
    #11 0x7f9c55af8a84 in __libc_start_main /mnt/portagetmp/portage/sys-libs/glibc-2.37-r7/work/glibc-2.37/csu/../csu/libc-start.c:360:3                                                                                                                                          
    #12 0x556b12699910 in _start (/home/somebody/AbyssEngine/build3/src/OD2/OpenDiablo2+0x147910)                                                                                                                                                                                 
                                                                                                                                                                                                                                                                                  
0x7f9c32aef900 is located 73984 bytes inside of 512000-byte region [0x7f9c32add800,0x7f9c32b5a800)                                                                                                                                                                                
freed by thread T0 here:                                                                                                                                                                                                                                                          
    #0 0x556b1276fbf6 in free /mnt/portagetmp/portage/sys-libs/compiler-rt-sanitizers-17.0.6/work/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3                                                                                                                                 
    #1 0x556b12bf85a4 in real_free /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/stdlib/SDL_malloc.c:5199:43                                                                                                                                           
    #2 0x556b12bf88d8 in SDL_free_REAL /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/stdlib/SDL_malloc.c:5339:5                                                                                                                                        
    #3 0x556b12bca6fe in SDL_UpdateTextureNative /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/render/SDL_render.c:1737:13                                                                                                                             
    #4 0x556b12bc9a97 in SDL_UpdateTexture_REAL /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/render/SDL_render.c:1774:16                                                                                                                              
    #5 0x556b12b9136e in SDL_UpdateTexture /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/dynapi/SDL_dynapi_procs.h:349:1                                                                                                                               
    #6 0x556b12a84a2e in Abyss::DataTypes::DT1::DT1(std::__1::basic_string_view<char, std::__1::char_traits<char>>, Abyss::DataTypes::Palette const&) /home/somebody/AbyssEngine/src/Abyss/DataTypes/DT1.cpp:183:9                                                                
    #7 0x556b128292e5 in Abyss::DataTypes::DT1* std::__1::construct_at[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&, Abyss::DataTypes::DT1*>(Abyss::DataType
s::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/construct_at.h:41:46
    #8 0x556b128292e5 in void std::__1::allocator_traits<std::__1::allocator<Abyss::DataTypes::DT1>>::construct[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&
, void, void>(std::__1::allocator<Abyss::DataTypes::DT1>&, Abyss::DataTypes::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/allocator_traits.h:304:9
    #9 0x556b128292e5 in void std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::__construct_one_at_end[abi:ue170006]<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette con
st&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:919:5
    #10 0x556b12821cd9 in Abyss::DataTypes::DT1& std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::emplace_back<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&>(
std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:1678:9
    #11 0x556b12821cd9 in OD2::Scenes::MapTest::MapTest::loadTile(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:178:14
    #12 0x556b12825c4a in OD2::Scenes::MapTest::MapTest::render() /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:218:25
    #13 0x556b12a9be8a in Abyss::AbyssEngine::render() const /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:78:28
    #14 0x556b12a9f1db in Abyss::AbyssEngine::run() /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:318:9
    #15 0x556b12836964 in main /home/somebody/AbyssEngine/src/OD2/main.cpp:206:16
    #16 0x7f9c55af89c9 in __libc_start_call_main /mnt/portagetmp/portage/sys-libs/glibc-2.37-r7/work/glibc-2.37/csu/../sysdeps/nptl/libc_start_call_main.h:58:16

previously allocated by thread T0 here:
    #0 0x556b1276fe9e in malloc /mnt/portagetmp/portage/sys-libs/compiler-rt-sanitizers-17.0.6/work/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
    #1 0x556b12bf8524 in real_malloc /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/stdlib/SDL_malloc.c:5196:53 
    #2 0x556b12bf877b in SDL_malloc_REAL /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/stdlib/SDL_malloc.c:5295:11
    #3 0x556b12bca68a in SDL_UpdateTextureNative /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/render/SDL_render.c:1729:33
    #4 0x556b12bc9a97 in SDL_UpdateTexture_REAL /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/render/SDL_render.c:1774:16
    #5 0x556b12b9136e in SDL_UpdateTexture /home/somebody/vcpkg/buildtrees/sdl2/src/ase-2.28.5-29008dc59c.clean/src/dynapi/SDL_dynapi_procs.h:349:1
    #6 0x556b12a84a2e in Abyss::DataTypes::DT1::DT1(std::__1::basic_string_view<char, std::__1::char_traits<char>>, Abyss::DataTypes::Palette const&) /home/somebody/AbyssEngine/src/Abyss/DataTypes/DT1.cpp:183:9
    #7 0x556b128292e5 in Abyss::DataTypes::DT1* std::__1::construct_at[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&, Abyss::DataTypes::DT1*>(Abyss::DataType
s::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/construct_at.h:41:46
    #8 0x556b128292e5 in void std::__1::allocator_traits<std::__1::allocator<Abyss::DataTypes::DT1>>::construct[abi:ue170006]<Abyss::DataTypes::DT1, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&
, void, void>(std::__1::allocator<Abyss::DataTypes::DT1>&, Abyss::DataTypes::DT1*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/__memory/allocator_traits.h:304:9
    #9 0x556b128292e5 in void std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::__construct_one_at_end[abi:ue170006]<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette con
st&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:919:5
    #10 0x556b12821cd9 in Abyss::DataTypes::DT1& std::__1::vector<Abyss::DataTypes::DT1, std::__1::allocator<Abyss::DataTypes::DT1>>::emplace_back<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&>(
std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, Abyss::DataTypes::Palette const&) /usr/include/c++/v1/vector:1678:9
    #11 0x556b12821cd9 in OD2::Scenes::MapTest::MapTest::loadTile(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:178:14
    #12 0x556b12825c4a in OD2::Scenes::MapTest::MapTest::render() /home/somebody/AbyssEngine/src/OD2/Scenes/MapTest/MapTest.cpp:218:25
    #13 0x556b12a9be8a in Abyss::AbyssEngine::render() const /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:78:28
    #14 0x556b12a9f1db in Abyss::AbyssEngine::run() /home/somebody/AbyssEngine/src/Abyss/AbyssEngine.cpp:318:9
    #15 0x556b12836964 in main /home/somebody/AbyssEngine/src/OD2/main.cpp:206:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DarthGandalf