ASAN memory error opening ROM

[ghost]

Using latest HEAD, I get this crash on startup when loading a ROM:

=================================================================
==26092== ERROR: AddressSanitizer: strcpy-param-overlap: memory ranges [0x600c0000a5a0,0x600c0000a5a4) and [0x600c0000a5a0, 0x600c0000a5a4) overlap
    #0 0x7fbdf0d07601 in __interceptor_strcpy (/usr/lib/x86_64-linux-gnu/libasan.so.0+0xe601)
    #1 0x7fbdc11e2130 in EMUFILE_FILE::open(char const*, char const*) /home/bp/desmume/desmume/src/frontend/libretro/../../utils/../emufile.h:306
    #2 0x7fbdc11ffc4a in EMUFILE_FILE::truncate(int) /home/bp/desmume/desmume/src/frontend/libretro/../../emufile.cpp:74
    #3 0x7fbdc1bfcb38 in BackupDevice::BackupDevice() /home/bp/desmume/desmume/src/frontend/libretro/../../mc.cpp:339
    #4 0x7fbdc1c1c8ee in MMU_struct_new::MMU_struct_new() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:2045
    #5 0x7fbdc1c356b9 in void reconstruct<MMU_struct_new>(MMU_struct_new*) /home/bp/desmume/desmume/src/frontend/libretro/../../types.h:451
    #6 0x7fbdc1c17b11 in MMU_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:1032
    #7 0x7fbdc1c4e79e in NDS_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:2621
    #8 0x7fbdc1c40157 in NDS_LoadROM(char const*, char const*, char const*) /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:780
    #9 0x7fbdc1e950c1 in retro_load_game /home/bp/desmume/desmume/src/frontend/libretro/../../frontend/libretro/libretro.cpp:1920
    #10 0x4193cc in core_load_game /home/bp/RetroArch/core_impl.c:289
    #11 0x43ef9e in content_file_load /home/bp/RetroArch/tasks/task_content.c:626
    #12 0x43fcd3 in content_file_init /home/bp/RetroArch/tasks/task_content.c:807
    #13 0x4452fd in content_init /home/bp/RetroArch/tasks/task_content.c:1919
    #14 0x429255 in event_init_content /home/bp/RetroArch/command.c:1214
    #15 0x4294d5 in command_event_init_core /home/bp/RetroArch/command.c:1272
    #16 0x42bebb in command_event /home/bp/RetroArch/command.c:2224
    #17 0x41ca5d in retroarch_main_init /home/bp/RetroArch/retroarch.c:1279
    #18 0x43daca in content_load /home/bp/RetroArch/tasks/task_content.c:279
    #19 0x4401e0 in task_load_content /home/bp/RetroArch/tasks/task_content.c:874
    #20 0x443e93 in task_load_content_callback /home/bp/RetroArch/tasks/task_content.c:1557
    #21 0x4440d5 in task_push_load_content_from_cli /home/bp/RetroArch/tasks/task_content.c:1621
    #22 0x4166d6 in rarch_main /home/bp/RetroArch/frontend/frontend.c:115
    #23 0x416792 in main /home/bp/RetroArch/frontend/frontend.c:154
    #24 0x7fbdec0b9f44 in __libc_start_main /build/eglibc-ripdx6/eglibc-2.19/csu/libc-start.c:287
    #25 0x40e2d8 in _start (/home/bp/RetroArch/retroarch+0x40e2d8)
0x600c0000a5a0 is located 32 bytes inside of 64-byte region [0x600c0000a580,0x600c0000a5c0)
allocated by thread T0 here:
    #0 0x7fbdf0d0a81a in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x1181a)
    #1 0x7fbdc1bfc790 in BackupDevice::BackupDevice() /home/bp/desmume/desmume/src/frontend/libretro/../../mc.cpp:326
    #2 0x7fbdc1c1c8ee in MMU_struct_new::MMU_struct_new() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:2045
    #3 0x7fbdc1c356b9 in void reconstruct<MMU_struct_new>(MMU_struct_new*) /home/bp/desmume/desmume/src/frontend/libretro/../../types.h:451
    #4 0x7fbdc1c17b11 in MMU_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:1032
    #5 0x7fbdc1c4e79e in NDS_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:2621
    #6 0x7fbdc1c40157 in NDS_LoadROM(char const*, char const*, char const*) /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:780
    #7 0x7fbdc1e950c1 in retro_load_game /home/bp/desmume/desmume/src/frontend/libretro/../../frontend/libretro/libretro.cpp:1920
    #8 0x4193cc in core_load_game /home/bp/RetroArch/core_impl.c:289
    #9 0x43ef9e in content_file_load /home/bp/RetroArch/tasks/task_content.c:626
    #10 0x43fcd3 in content_file_init /home/bp/RetroArch/tasks/task_content.c:807
    #11 0x4452fd in content_init /home/bp/RetroArch/tasks/task_content.c:1919
    #12 0x429255 in event_init_content /home/bp/RetroArch/command.c:1214
    #13 0x4294d5 in command_event_init_core /home/bp/RetroArch/command.c:1272
    #14 0x42bebb in command_event /home/bp/RetroArch/command.c:2224
    #15 0x41ca5d in retroarch_main_init /home/bp/RetroArch/retroarch.c:1279
    #16 0x43daca in content_load /home/bp/RetroArch/tasks/task_content.c:279
    #17 0x4401e0 in task_load_content /home/bp/RetroArch/tasks/task_content.c:874
    #18 0x443e93 in task_load_content_callback /home/bp/RetroArch/tasks/task_content.c:1557
    #19 0x4440d5 in task_push_load_content_from_cli /home/bp/RetroArch/tasks/task_content.c:1621
    #20 0x4166d6 in rarch_main /home/bp/RetroArch/frontend/frontend.c:115
    #21 0x416792 in main /home/bp/RetroArch/frontend/frontend.c:154
    #22 0x7fbdec0b9f44 in __libc_start_main /build/eglibc-ripdx6/eglibc-2.19/csu/libc-start.c:287
0x600c0000a5a0 is located 32 bytes inside of 64-byte region [0x600c0000a580,0x600c0000a5c0)
allocated by thread T0 here:
    #0 0x7fbdf0d0a81a in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.0+0x1181a)
    #1 0x7fbdc1bfc790 in BackupDevice::BackupDevice() /home/bp/desmume/desmume/src/frontend/libretro/../../mc.cpp:326
    #2 0x7fbdc1c1c8ee in MMU_struct_new::MMU_struct_new() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:2045
    #3 0x7fbdc1c356b9 in void reconstruct<MMU_struct_new>(MMU_struct_new*) /home/bp/desmume/desmume/src/frontend/libretro/../../types.h:451
    #4 0x7fbdc1c17b11 in MMU_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../MMU.cpp:1032
    #5 0x7fbdc1c4e79e in NDS_Reset() /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:2621
    #6 0x7fbdc1c40157 in NDS_LoadROM(char const*, char const*, char const*) /home/bp/desmume/desmume/src/frontend/libretro/../../NDSSystem.cpp:780
    #7 0x7fbdc1e950c1 in retro_load_game /home/bp/desmume/desmume/src/frontend/libretro/../../frontend/libretro/libretro.cpp:1920
    #8 0x4193cc in core_load_game /home/bp/RetroArch/core_impl.c:289
    #9 0x43ef9e in content_file_load /home/bp/RetroArch/tasks/task_content.c:626
    #10 0x43fcd3 in content_file_init /home/bp/RetroArch/tasks/task_content.c:807
    #11 0x4452fd in content_init /home/bp/RetroArch/tasks/task_content.c:1919
    #12 0x429255 in event_init_content /home/bp/RetroArch/command.c:1214
    #13 0x4294d5 in command_event_init_core /home/bp/RetroArch/command.c:1272
    #14 0x42bebb in command_event /home/bp/RetroArch/command.c:2224
    #15 0x41ca5d in retroarch_main_init /home/bp/RetroArch/retroarch.c:1279
    #16 0x43daca in content_load /home/bp/RetroArch/tasks/task_content.c:279
    #17 0x4401e0 in task_load_content /home/bp/RetroArch/tasks/task_content.c:874
    #18 0x443e93 in task_load_content_callback /home/bp/RetroArch/tasks/task_content.c:1557
    #19 0x4440d5 in task_push_load_content_from_cli /home/bp/RetroArch/tasks/task_content.c:1621
    #20 0x4166d6 in rarch_main /home/bp/RetroArch/frontend/frontend.c:115
    #21 0x416792 in main /home/bp/RetroArch/frontend/frontend.c:154
    #22 0x7fbdec0b9f44 in __libc_start_main /build/eglibc-ripdx6/eglibc-2.19/csu/libc-start.c:287
SUMMARY: AddressSanitizer: strcpy-param-overlap ??:0 __interceptor_strcpy
==26092== ABORTING

Using latest RA on Linux x64.

[ghost]

It appears to be confused about variables:

https://github.com/libretro/desmume/blob/master/desmume/src/emufile.h#L306

It's acting like this->mode and mode are pointing to the same thing, except somehow they're actually 4 bytes apart. Simply renaming the mode function parameter seems to make it go away though.

[bearoso]

So this is a false positive?

[i30817]

Is it really? That mode comes from emufile.cpp but isn't declared there. Isn't it just taking emufile.h 'protected' declaration and copied it into itself?

https://github.com/libretro/desmume/blob/e25b33bcb1df5f514df5129d9905107e39bec4f4/desmume/src/emufile.cpp#L74

I've never touched C++ in my life more than compiling some projects mind you.

Not sure it matters because it's just closing the file and re-opening because of truncation (for some reason) so it wants to end up with the same mode.