[Scummvm-tracker] [ScummVM :: Bugs] #12854: GRIFFON: Quitting with keyboard shortcut sometimes crashes ScummVM

ScummVM :: Bugs trac at scummvm.org
Sat Aug 28 21:14:01 UTC 2021 

#12854: GRIFFON: Quitting with keyboard shortcut sometimes crashes ScummVM
-------------------+-----------------------
Reporter:  criezy  |      Owner:  (none)
    Type:  defect  |     Status:  new
Priority:  normal  |  Component:  --Unset--
 Version:          |   Keywords:
    Game:          |
-------------------+-----------------------
 This is a random crash that is a bit difficult to reproduce. I suspect it
 is related to which part of the code catches the QUIT event.

 This is with current master(18ee050ad) on a M1 Mac.

 Here is the information I managed to get with Address Sanitizer

 {{{
 ==31286==ERROR: AddressSanitizer: heap-use-after-free on address
 0x00012c95d150 at pc 0x000105c10c08 bp 0x00016cf97630 sp 0x00016cf97628
 READ of size 4 at 0x00012c95d150 thread T0
     #0 0x105c10c04 in Griffon::GriffonEngine::updateNPCs() logic.cpp:312
     #1 0x105bf7b08 in Griffon::GriffonEngine::mainLoop() engine.cpp:95
     #2 0x105c02cb0 in Griffon::GriffonEngine::run() griffon.cpp:184
     #3 0x102edb48c in runGame(Plugin const*, Plugin const*, OSystem&,
 Common::String const&) main.cpp:311
     #4 0x102ed6550 in scummvm_main main.cpp:618
     #5 0x102ecdbcc in main macosx-main.cpp:45
     #6 0x18b09d42c in start+0x0 (libdyld.dylib:arm64e+0x1842c)

 0x00012c95d150 is located 35152 bytes inside of 307200-byte region
 [0x00012c954800,0x00012c99f800)
 freed by thread T0 here:
     #0 0x1162472b4 in wrap_free+0x98
 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3f2b4)
     #1 0x12702396c in GLDTextureRec::uploadTextureLevel(unsigned int,
 unsigned int, unsigned int, unsigned int, unsigned int, unsigned int,
 unsigned int, unsigned int, unsigned int, unsigned int, unsigned int,
 unsigned int, unsigned int, GLDBufferRec*, unsigned char*, int, int, int,
 id<MTLCommandBufferSPI> () block_pointer, void
 (objc_object<MTLCommandBufferSPI>, unsigned int) block_pointer, void (void
 () block_pointer) block_pointer, void (void () block_pointer),
 GLDPixelModeRec const*, bool, bool)+0xaa4
 (AppleMetalOpenGLRenderer:arm64e+0x2396c)
     #2 0x127056eac in gldModifyTexSubImage+0x854
 (AppleMetalOpenGLRenderer:arm64e+0x56eac)
     #3 0x1cd35c17c in glTexSubImage2D_Exec+0x600 (GLEngine:arm64e+0x1717c)
     #4 0x1cd33cb04 in glTexSubImage2D+0x50 (libGL.dylib:arm64e+0x2b04)
     #5 0x10b467b0c in OpenGL::GLTexture::updateArea(Common::Rect const&,
 Graphics::Surface const&) texture.cpp:165
     #6 0x10b4699ac in OpenGL::Texture::updateGLTexture() texture.cpp:311
     #7 0x10b451844 in OpenGL::OpenGLGraphicsManager::updateScreen()
 opengl-graphics.cpp:502
     #8 0x10b4cc8c8 in OpenGLSdlGraphicsManager::updateScreen() openglsdl-
 graphics.cpp:276
     #9 0x10b31ef54 in ModularGraphicsBackend::updateScreen() modular-
 backend.cpp:192
     #10 0x105bf7e28 in Griffon::GriffonEngine::updateEngine()
 engine.cpp:113
     #11 0x105bf7b9c in Griffon::GriffonEngine::mainLoop() engine.cpp:108
     #12 0x105c02cb0 in Griffon::GriffonEngine::run() griffon.cpp:184
     #13 0x102edb48c in runGame(Plugin const*, Plugin const*, OSystem&,
 Common::String const&) main.cpp:311
     #14 0x102ed6550 in scummvm_main main.cpp:618
     #15 0x102ecdbcc in main macosx-main.cpp:45
     #16 0x18b09d42c in start+0x0 (libdyld.dylib:arm64e+0x1842c)

 previously allocated by thread T0 here:
     #0 0x116247178 in wrap_malloc+0x94
 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3f178)
     #1 0x127023518 in GLDTextureRec::uploadTextureLevel(unsigned int,
 unsigned int, unsigned int, unsigned int, unsigned int, unsigned int,
 unsigned int, unsigned int, unsigned int, unsigned int, unsigned int,
 unsigned int, unsigned int, GLDBufferRec*, unsigned char*, int, int, int,
 id<MTLCommandBufferSPI> () block_pointer, void
 (objc_object<MTLCommandBufferSPI>, unsigned int) block_pointer, void (void
 () block_pointer) block_pointer, void (void () block_pointer),
 GLDPixelModeRec const*, bool, bool)+0x650
 (AppleMetalOpenGLRenderer:arm64e+0x23518)
     #2 0x127056eac in gldModifyTexSubImage+0x854
 (AppleMetalOpenGLRenderer:arm64e+0x56eac)
     #3 0x1cd35c17c in glTexSubImage2D_Exec+0x600 (GLEngine:arm64e+0x1717c)
     #4 0x1cd33cb04 in glTexSubImage2D+0x50 (libGL.dylib:arm64e+0x2b04)
     #5 0x10b467b0c in OpenGL::GLTexture::updateArea(Common::Rect const&,
 Graphics::Surface const&) texture.cpp:165
     #6 0x10b4699ac in OpenGL::Texture::updateGLTexture() texture.cpp:311
     #7 0x10b451844 in OpenGL::OpenGLGraphicsManager::updateScreen()
 opengl-graphics.cpp:502
     #8 0x10b4cc8c8 in OpenGLSdlGraphicsManager::updateScreen() openglsdl-
 graphics.cpp:276
     #9 0x10b31ef54 in ModularGraphicsBackend::updateScreen() modular-
 backend.cpp:192
     #10 0x105bf7e28 in Griffon::GriffonEngine::updateEngine()
 engine.cpp:113
     #11 0x105bf7b9c in Griffon::GriffonEngine::mainLoop() engine.cpp:108
     #12 0x105c02cb0 in Griffon::GriffonEngine::run() griffon.cpp:184
     #13 0x102edb48c in runGame(Plugin const*, Plugin const*, OSystem&,
 Common::String const&) main.cpp:311
     #14 0x102ed6550 in scummvm_main main.cpp:618
     #15 0x102ecdbcc in main macosx-main.cpp:45
     #16 0x18b09d42c in start+0x0 (libdyld.dylib:arm64e+0x1842c)
 }}}
-- 
Ticket URL: <https://bugs.scummvm.org/ticket/12854>
ScummVM :: Bugs <https://bugs.scummvm.org>
ScummVM

More information about the Scummvm-tracker mailing list