[ オリジナルレポート ]

BugID: #05878

カテゴリ 重要度 ステータス 解決状況 登録日時 最終更新
その他重要 (本体)解決済みバグではない2015-03-12 02:222018-01-04 01:14
 
テスターFirewave担当者 ソース
バージョン0.159発生バージョン修正バージョン
フラグ
セット
セット詳細
 
概 要-video bgfxでAddressSanitizer: stack-buffer-underflowエラー。
詳 細Happened with ubuntu 14.04.2 64-bit and clang 3.6.0 using VirtualBox 4.3.24.

"-video soft" - works fine
"-video opengl" - doesn't give an error and the X curser is shown, but nothing is being drawn at all

==1721==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7f36ed0963e0 at pc 0x000000eafe23 bp 0x7f36ed095c00 sp 0x7f36ed0953b8
READ of size 1024 at 0x7f36ed0963e0 thread T11
    #0 0xeafe22 in memcpy /home/development/llvm/3.6.0/final/llvm.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:480:3
    #1 0x7f36f7090d6c  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0xf5d6c)
    #2 0x7f36f70966ec  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0xfb6ec)
    #3 0x7f36f70969c1  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0xfb9c1)
    #4 0x7f36f70ede59  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0x152e59)
    #5 0x7f36f70ee8e2  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0x1538e2)
    #6 0x7f36f7084068  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0xe9068)
    #7 0x7f36f70853cf  (/usr/lib/x86_64-linux-gnu/dri/swrast_dri.so+0xea3cf)
    #8 0x66fe8de in bgfx::isTextureFormatValid(bgfx::TextureFormat::Enum) /home/notroot/trunk/3rdparty/bgfx/src/renderer_gl.cpp:896:4
    #9 0x6715ef3 in bgfx::RendererContextGL::init() /home/notroot/trunk/3rdparty/bgfx/src/renderer_gl.cpp:1247:41
    #10 0x66feace in bgfx::rendererCreateGL() /home/notroot/trunk/3rdparty/bgfx/src/renderer_gl.cpp:2574:3
    #11 0x66bc62e in bgfx::rendererCreate(bgfx::RendererType::Enum) /home/notroot/trunk/3rdparty/bgfx/src/bgfx.cpp:1490:33
    #12 0x66bc62e in bgfx::Context::rendererExecCommands(bgfx::CommandBuffer&) /home/notroot/trunk/3rdparty/bgfx/src/bgfx.cpp:1526
    #13 0x66b3f36 in bgfx::Context::renderFrame() /home/notroot/trunk/3rdparty/bgfx/src/bgfx.cpp:1219:3
    #14 0x66d4da7 in bgfx::Context::renderThread(void*) /home/notroot/trunk/3rdparty/bgfx/src/bgfx_p.h:1916:12
    #15 0x66eccf2 in bx::Thread::entry() /home/notroot/trunk/3rdparty/bx/include/bx/thread.h:146:11
    #16 0x66eccf2 in bx::Thread::threadFunc(void*) /home/notroot/trunk/3rdparty/bx/include/bx/thread.h:165
    #17 0x7f3704a1a181 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8181)
    #18 0x7f370160a47c in clone (/lib/x86_64-linux-gnu/libc.so.6+0xfa47c)

Address 0x7f36ed0963e0 is located in stack of thread T11 at offset 0 in frame
    #0 0x66fe69f in bgfx::isTextureFormatValid(bgfx::TextureFormat::Enum) /home/notroot/trunk/3rdparty/bgfx/src/renderer_gl.cpp:876

  This frame has 1 object(s):
    [32, 36) 'id' <== Memory access at offset 0 partially underflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
      (longjmp and C++ exceptions *are* supported)
Thread T11 created by T10 here:
    #0 0xead900 in __interceptor_pthread_create /home/development/llvm/3.6.0/final/llvm.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:222:3
    #1 0x66b48d3 in bx::Thread::init(int (*)(void*), void*, unsigned int) /home/notroot/trunk/3rdparty/bx/include/bx/thread.h:100:13
    #2 0x66b48d3 in bgfx::Context::init(bgfx::RendererType::Enum) /home/notroot/trunk/3rdparty/bgfx/src/bgfx.cpp:964
    #3 0x66c0ada in bgfx::init(bgfx::RendererType::Enum, bgfx::CallbackI*, bx::ReallocatorI*) /home/notroot/trunk/3rdparty/bgfx/src/bgfx.cpp:2023:3
    #4 0x2f97999 in renderer_bgfx::create() /home/notroot/trunk/src/osd/modules/render/drawbgfx.c:168:2
    #5 0x2f2180d in sdl_window_info::complete_create_wt(void*, int) /home/notroot/trunk/src/osd/sdl/window.c:1265:6
    #6 0x676a0ad in worker_thread_process(osd_work_queue*, work_thread_info*) /home/notroot/trunk/src/osd/modules/sync/work_osd.c:744:21
    #7 0x67693da in worker_thread_entry(void*) /home/notroot/trunk/src/osd/modules/sync/work_osd.c:668:4
    #8 0x7f3704a1a181 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8181)

Thread T10 created by T0 here:
    #0 0xead900 in __interceptor_pthread_create /home/development/llvm/3.6.0/final/llvm.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:222:3
    #1 0x676767a in osd_thread_create(void* (*)(void*), void*) /home/notroot/trunk/src/osd/modules/sync/sync_tc.c:320:7
    #2 0x6768f27 in osd_work_queue_alloc(int) /home/notroot/trunk/src/osd/modules/sync/work_osd.c:241:20
    #3 0x2f1f16d in sdl_osd_interface::window_init() /home/notroot/trunk/src/osd/sdl/window.c:218:16
    #4 0x2f1c369 in sdl_osd_interface::video_init() /home/notroot/trunk/src/osd/sdl/video.c:103:7
    #5 0x2f28ef5 in osd_common_t::init_subsystems() /home/notroot/trunk/src/osd/modules/lib/osdobj_common.c:511:7
    #6 0x2f12a7d in sdl_osd_interface::init(running_machine&) /home/notroot/trunk/src/osd/sdl/sdlmain.c:611:2
    #7 0x5c060f1 in running_machine::start() /home/notroot/trunk/src/emu/machine.c:231:2
    #8 0x5c09afa in running_machine::run(bool) /home/notroot/trunk/src/emu/machine.c:351:3
    #9 0x5c02006 in machine_manager::execute() /home/notroot/trunk/src/emu/mame.c:222:11
    #10 0x5a326ec in cli_frontend::execute(int, char**) /home/notroot/trunk/src/emu/clifront.c:220:15
    #11 0x2f11e0f in main /home/notroot/trunk/src/osd/sdl/sdlmain.c:290:9
    #12 0x7f3701531ec4 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)

SUMMARY: AddressSanitizer: stack-buffer-underflow /home/development/llvm/3.6.0/final/llvm.src/projects/compiler-rt/lib/asan/asan_interceptors.cc:480 memcpy
Shadow bytes around the buggy address:
  0x0fe75da0ac20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0ac30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0ac40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0ac50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0ac60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0fe75da0ac70: 00 00 00 00 00 00 00 00 00 00 00 00[f1]f1 f1 f1
  0x0fe75da0ac80: 04 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0ac90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0fe75da0aca0: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f2 04 f2
  0x0fe75da0acb0: 00 00 f2 f2 00 00 f2 f2 00 00 f2 f2 04 f2 00 00
  0x0fe75da0acc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
再現手順 
追加情報 
 
添付ファイルjpg filevirtualbox_bgfx.jpg (2015-03-13 03:22)