| カテゴリ | 重要度 | ステータス | 解決状況 | 登録日時 | 最終更新 |
|---|---|---|---|---|---|
 その他 | 重要 (本体) | 解決済み | 修正済み | 2022-11-10 19:46 | 2024-12-21 00:31 |
| テスター | Firewave | 担当者 | Ryan Holtz | ソース | |
| バージョン | 0.249 | 発生バージョン | 修正バージョン | 0.252 | |
| 修正コミット | 5671484 | プルリク | |||
| フラグ | |||||
| セット | |||||
| セット詳細 | |||||
| 概 要 | -video bgfx で AddressSanitizer: heap-buffer-overflowが起こる。 | ||||
| 詳 細 |
==1493==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f35ef1f9800 at pc 0x7f362d859297 bp 0x7fffe21f8990 sp 0x7fffe21f8160
READ of size 386048 at 0x7f35ef1f9800 thread T0
#0 0x7f362d859296 in __asan_memcpy (/mnt/s/GitHub/mame/mame+0x24de2296) (BuildId: 7b7aeda5846ab501)
#1 0x7f365701702a in bx::memCopy(void*, void const*, unsigned long) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/bx/src/bx.cpp:43:3
#2 0x7f3656df888c in bgfx::copy(void const*, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/bgfx/src/bgfx.cpp:4024:3
#3 0x7f365402ced1 in bgfx_util::mame_texture_data_to_bgfx_texture_data(bgfx::TextureFormat::Enum&, unsigned int, int, int, rgb_t const*, void*, unsigned short&, int&, int&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/modules/render/bgfxutil.cpp
#4 0x7f3654036e55 in chain_manager::update_screen_textures(unsigned int, render_primitive*, osd_window&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/modules/render/bgfx/chainmanager.cpp:483:29
#5 0x7f36540091ae in renderer_bgfx::draw(int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/modules/render/drawbgfx.cpp:875:35
#6 0x7f36541007ee in sdl_window_info::update() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/window.cpp:627:17
#7 0x7f3653f27333 in sdl_osd_interface::update(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/video.cpp:108:12
#8 0x7f3653dd9c8d in video_manager::frame_update(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/video.cpp:238:18
#9 0x7f3653cd0b78 in screen_device::vblank_begin(int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/screen.cpp:1646:21
#10 0x7f3653cb96b4 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/delegate.h:765:11
#11 0x7f3653cb96b4 in device_scheduler::execute_timers() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:951:5
#12 0x7f3653cb45f8 in device_scheduler::timeslice() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:505:2
#13 0x7f3653b51067 in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:329:17
#14 0x7f364bc60caf in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
#15 0x7f364d018026 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
#16 0x7f364d01bb6f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
#17 0x7f364bc65a8f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
#18 0x7f3653e470fb in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
#19 0x7f3606b89209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#20 0x7f3606b892bb in __libc_start_main csu/../csu/libc-start.c:389:3
#21 0x7f362d7d7120 in _start (/mnt/s/GitHub/mame/mame+0x24d60120) (BuildId: 7b7aeda5846ab501)
0x7f35ef1f9800 is located 0 bytes to the right of 425984-byte region [0x7f35ef191800,0x7f35ef1f9800)
allocated by thread T0 here:
#0 0x7f362d8950dd in operator new[](unsigned long, std::nothrow_t const&) (/mnt/s/GitHub/mame/mame+0x24e1e0dd) (BuildId: 7b7aeda5846ab501)
#1 0x7f3655f58075 in bitmap_t::allocate(int, int, int, int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/bitmap.cpp:242:17
#2 0x7f3653cd0133 in screen_device::register_screen_bitmap(bitmap_t&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/screen.cpp:1627:9
#3 0x7f3653ccc2a4 in screen_device::device_start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/screen.cpp:819:3
#4 0x7f364d2c27d0 in device_t::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/device.cpp:562:2
#5 0x7f3653b4fe9f in running_machine::start_all_devices() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:1013:13
#6 0x7f3653b4de74 in running_machine::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:211:2
#7 0x7f3653b50c9c in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:281:3
#8 0x7f364bc60caf in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
#9 0x7f364d018026 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
#10 0x7f364d01bb6f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
#11 0x7f364bc65a8f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
#12 0x7f3653e470fb in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
#13 0x7f3606b89209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
SUMMARY: AddressSanitizer: heap-buffer-overflow (/mnt/s/GitHub/mame/mame+0x24de2296) (BuildId: 7b7aeda5846ab501) in __asan_memcpy
Shadow bytes around the buggy address:
0x0fe73de372b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe73de372c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe73de372d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe73de372e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe73de372f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0fe73de37300:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe73de37310: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe73de37320: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe73de37330: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe73de37340: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe73de37350: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
| ||||
| 再現手順 | |||||
| 追加情報 | Affected sets: pbobble3 pbobble4 krokha a500 | ||||
| 添付ファイル | |||||