Over the past few hours, I have been carefully navigating breakpoints in an attempt to resolve an issue whereby the application terminates during debugging with Clang and Address Sanitizer. Unfortunately, I have been unable to determine the source of the underflow error.
My investigation has revealed that the problem appears to be associated with the VM_Call and CIN_PlayCinematic functions. Specifically, the error occurs shortly after the net ports are configured, but just prior to the start of the cinematic playback process.
Using CMake, Clang64, Standard IOQ3 x64 build. Debug without address sanitizer is fine, Release runs fine.
Also noticed a few exceptions thrown when stepping through the file hash generation processes.
--- Common Initialization Complete ---
Winsock Initialized
Hostname: DESKTOP-PEEPEEPOOPOOPEPE
IP6: fe80::559e:d0ed:c64e:b6f4%5
IP: 192.168.0.196
Opening IP6 socket: [::]:27960
Opening IP socket: 0.0.0.0:27960
CL_PlayCinematic_f
=================================================================
==9180==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x0063e7afe960 at pc 0x7ff687288f4d bp 0x0063e7afe6a0 sp 0x0063e7afe6e8READ of size 4 at 0x0063e7afe960 thread T0
#0 0x7ff687288f4c in VM_Call C:/Source/ioq3/source/qcommon/vm.c:795:16
#1 0x7ff68709abfd in CIN_PlayCinematic C:/Source/ioq3/source/client/cl_cin.c:1487:15
#2 0x7ff6870a041a in CL_PlayCinematic_f C:/Source/ioq3/source/client/cl_cin.c:1674:17
#3 0x7ff6871d7a69 in Cmd_ExecuteString C:/Source/ioq3/source/qcommon/cmd.c:786:5
#4 0x7ff6871d7ed5 in Cbuf_Execute C:/Source/ioq3/source/qcommon/cmd.c:248:3
#5 0x7ff6871eed3c in Com_Frame C:/Source/ioq3/source/qcommon/common.c:3157:2
#6 0x7ff6872fb038 in SDL_main C:/Source/ioq3/source/sys/sys_main.c:772:3
#7 0x7ff687301c9e in main_getcmdline (C:\Source\ioq3\app\ioquake3x64.exe+0x140491c9e)
#8 0x7ff6872ffd37 in main C:/M/mingw-w64-crt-git/src/mingw-w64/mingw-w64-crt/crt/crtexewin.c:70:10
#9 0x7ff686e71315 in __tmainCRTStartup C:/M/mingw-w64-crt-git/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:272:15
#10 0x7ff686e71365 in .l_start C:/M/mingw-w64-crt-git/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:193:9
#11 0x7ffe8e697613 (C:\Windows\System32\KERNEL32.DLL+0x180017613)
#12 0x7ffe8ec026a0 (C:\Windows\SYSTEM32\ntdll.dll+0x1800526a0)
Address 0x0063e7afe960 is located in stack of thread T0 at offset 0 in frame
#0 0x7ff68709a2ef in CIN_PlayCinematic C:/Source/ioq3/source/client/cl_cin.c:1437
This frame has 1 object(s):
[32, 292) 'name' (line 1439)
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp, SEH and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-underflow C:/Source/ioq3/source/qcommon/vm.c:795:16 in VM_Call
Shadow bytes around the buggy address:
0x0213868dfcd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0213868dfce0: 00 00 00 00 f1 f1 f1 f1 f8 f8 f8 f8 f8 f8 f2 f2
0x0213868dfcf0: f2 f2 f8 f2 f2 f2 00 00 00 00 00 00 04 f2 f2 f2
0x0213868dfd00: f2 f2 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00
0x0213868dfd10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0213868dfd20: 00 00 00 00 00 00 00 00 00 00 00 00[f1]f1 f1 f1
0x0213868dfd30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0213868dfd40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0213868dfd50: 04 f3 f3 f3 f3 f3 f3 f3 f3 f3 f3 f3 00 00 00 00
0x0213868dfd60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0213868dfd70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==9180==ABORTING
Over the past few hours, I have been carefully navigating breakpoints in an attempt to resolve an issue whereby the application terminates during debugging with Clang and Address Sanitizer. Unfortunately, I have been unable to determine the source of the underflow error.
My investigation has revealed that the problem appears to be associated with the VM_Call and CIN_PlayCinematic functions. Specifically, the error occurs shortly after the net ports are configured, but just prior to the start of the cinematic playback process.
Using CMake, Clang64, Standard IOQ3 x64 build. Debug without address sanitizer is fine, Release runs fine. Also noticed a few exceptions thrown when stepping through the file hash generation processes.