search

yvt / openspades

Compatible client of Ace of Spades 0.75
http://openspades.yvt.jp/
GNU General Public License v3.0
1.13k stars 218 forks source link

Use of deallocated memory #529

Closed yvt closed 7 years ago

yvt commented 7 years ago

AddressSanitizer output:

=================================================================
==93797==ERROR: AddressSanitizer: heap-use-after-free on address 0x60800009cf20 at pc 0x0001008223cf bp 0x7fff5fbf7660 sp 0x7fff5fbf7658
READ of size 4 at 0x60800009cf20 thread T0
    #0 0x1008223ce in spades::gui::SDLSWPort::~SDLSWPort() SDLRunner.cpp:298
    #1 0x100821e5d in spades::gui::SDLSWPort::~SDLSWPort() SDLRunner.cpp:297
    #2 0x100602349 in spades::draw::SWRenderer::Shutdown() RefCountedObject.h:92
    #3 0x100601363 in spades::draw::SWRenderer::~SWRenderer() SWRenderer.cpp:94
    #4 0x100601c1d in spades::draw::SWRenderer::~SWRenderer() SWRenderer.cpp:91
    #5 0x1005d868b in spades::ngclient::FTFont::~FTFont() RefCountedObject.h:62
    #6 0x1005d880d in spades::ngclient::FTFont::~FTFont() FTFont.cpp:218
    #7 0x1002cb8db in asCScriptEngine::CallObjectMethod(void*, int) const as_scriptengine.cpp:4029
    #8 0x1002f7329 in asCScriptObject::ReleaseAllHandles(asIScriptEngine*) as_scriptobject.cpp:762
    #9 0x1002a9204 in asCScriptEngine::CallObjectMethod(void*, void*, asSSystemFunctionInterface*, asCScriptFunction*) const as_scriptengine.cpp:4419
    #10 0x1001a8535 in asCGarbageCollector::IdentifyGarbageWithCyclicRefs() as_gc.cpp:883
    #11 0x1001ab2e5 in asCGarbageCollector::GarbageCollect(unsigned int, unsigned int) as_gc.cpp:240
    #12 0x1002cd285 in asCScriptEngine::GarbageCollect(unsigned int, unsigned int) as_scriptengine.cpp:4565
    #13 0x100189113 in asCContext::Execute() as_context.cpp:1322
    #14 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
    #15 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
    #16 0x100430408 in spades::client::ScriptIToolSkin::SetSprintState(float) IToolSkin.cpp:40
    #17 0x1004c16aa in spades::client::ClientPlayer::SetCommonSkinParameter(asIScriptObject*) ClientPlayer.cpp:599
    #18 0x1004c275b in spades::client::ClientPlayer::AddToSceneFirstPersonView() ClientPlayer.cpp:691
    #19 0x1004c6f1d in spades::client::ClientPlayer::AddToScene() ClientPlayer.cpp:995
    #20 0x100526619 in spades::client::Client::DrawScene() Client_Scene.cpp:568
    #21 0x1004d3f08 in spades::client::Client::RunFrame(float) Client.cpp:454
    #22 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
    #23 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
    #24 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
    #25 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
    #26 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
    #27 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
    #28 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295
    #29 0x1008102f0 in main Main.cpp:582
    #30 0x1000018b3 in start (OpenSpades+0x1000018b3)

0x60800009cf20 is located 0 bytes inside of 96-byte region [0x60800009cf20,0x60800009cf80)
freed by thread T0 here:
    #0 0x100f73bbb in wrap__ZdlPv (libclang_rt.asan_osx_dynamic.dylib+0x57bbb)
    #1 0x1005852df in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__match_at_start_ecma<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type, bool) const vector:1615
    #2 0x1005a12e1 in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__search<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type) const regex:5746
    #3 0x1005a056e in bool std::__1::regex_match<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > >, char, std::__1::regex_traits<char> >(std::__1::__wrap_iter<char const*>, std::__1::__wrap_iter<char const*>, std::__1::match_results<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > > >&, std::__1::basic_regex<char, std::__1::regex_traits<char> > const&, std::__1::regex_constants::match_flag_type) regex:5818
    #4 0x10066dfab in spades::OpenAudioStream(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) regex:5939
    #5 0x10032137e in spades::audio::YsrDevice::CreateChunk(char const*) YsrDevice.cpp:419
    #6 0x10032195f in spades::audio::YsrDevice::RegisterSound(char const*) YsrDevice.cpp:436
    #7 0x1003c3e12 in spades::client::AudioDeviceRegistrar::RegisterSound(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, spades::client::IAudioDevice*) IAudioDevice.cpp:36
    #8 0x1000c0281 in endstack as_callfunc_x64_gcc.cpp:74
    #9 0x1000bfcdf in CallSystemFunctionNative(asCContext*, asCScriptFunction*, void*, unsigned int*, void*, unsigned long&, void*) as_callfunc_x64_gcc.cpp:468
    #10 0x1000bda35 in CallSystemFunction(int, asCContext*) as_callfunc.cpp:712
    #11 0x10018ae4f in asCContext::ExecuteNext() as_context.cpp:2514
    #12 0x100188e6a in asCContext::Execute() as_context.cpp:1296
    #13 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
    #14 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
    #15 0x1004be511 in spades::client::ClientPlayer::initScriptFactory(spades::ScriptFunction&, spades::client::IRenderer*, spades::client::IAudioDevice*) ClientPlayer.cpp:286
    #16 0x1004bdeb8 in spades::client::ClientPlayer::ClientPlayer(spades::client::Player*, spades::client::Client*) ClientPlayer.cpp:260
    #17 0x1004e9666 in spades::client::Client::PlayerObjectSet(int) Client_Update.cpp:548
    #18 0x1005ec15c in spades::client::World::SetPlayer(int, spades::client::Player*) World.cpp:158
    #19 0x1004a0979 in spades::client::NetClient::Handle(spades::client::NetPacketReader&) NetClient.cpp:967
    #20 0x100495c27 in spades::client::NetClient::DoEvents(int) NetClient.cpp:556
    #21 0x1004d3c50 in spades::client::Client::RunFrame(float) Client.cpp:410
    #22 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
    #23 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
    #24 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
    #25 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
    #26 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
    #27 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
    #28 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295
    #29 0x1008102f0 in main Main.cpp:582

previously allocated by thread T0 here:
    #0 0x100f735fb in wrap__Znwm (libclang_rt.asan_osx_dynamic.dylib+0x575fb)
    #1 0x100586a6b in void std::__1::vector<std::__1::__state<char>, std::__1::allocator<std::__1::__state<char> > >::__push_back_slow_path<std::__1::__state<char> >(std::__1::__state<char>&&) new:169
    #2 0x100584a3d in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__match_at_start_ecma<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type, bool) const vector:1615
    #3 0x1005a12e1 in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__search<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type) const regex:5746
    #4 0x1005a056e in bool std::__1::regex_match<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > >, char, std::__1::regex_traits<char> >(std::__1::__wrap_iter<char const*>, std::__1::__wrap_iter<char const*>, std::__1::match_results<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > > >&, std::__1::basic_regex<char, std::__1::regex_traits<char> > const&, std::__1::regex_constants::match_flag_type) regex:5818
    #5 0x10066dfab in spades::OpenAudioStream(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) regex:5939
    #6 0x10032137e in spades::audio::YsrDevice::CreateChunk(char const*) YsrDevice.cpp:419
    #7 0x10032195f in spades::audio::YsrDevice::RegisterSound(char const*) YsrDevice.cpp:436
    #8 0x1003c3e12 in spades::client::AudioDeviceRegistrar::RegisterSound(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, spades::client::IAudioDevice*) IAudioDevice.cpp:36
    #9 0x1000c0281 in endstack as_callfunc_x64_gcc.cpp:74
    #10 0x1000bfcdf in CallSystemFunctionNative(asCContext*, asCScriptFunction*, void*, unsigned int*, void*, unsigned long&, void*) as_callfunc_x64_gcc.cpp:468
    #11 0x1000bda35 in CallSystemFunction(int, asCContext*) as_callfunc.cpp:712
    #12 0x10018ae4f in asCContext::ExecuteNext() as_context.cpp:2514
    #13 0x100188e6a in asCContext::Execute() as_context.cpp:1296
    #14 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
    #15 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
    #16 0x1004be511 in spades::client::ClientPlayer::initScriptFactory(spades::ScriptFunction&, spades::client::IRenderer*, spades::client::IAudioDevice*) ClientPlayer.cpp:286
    #17 0x1004bdeb8 in spades::client::ClientPlayer::ClientPlayer(spades::client::Player*, spades::client::Client*) ClientPlayer.cpp:260
    #18 0x1004e9666 in spades::client::Client::PlayerObjectSet(int) Client_Update.cpp:548
    #19 0x1005ec15c in spades::client::World::SetPlayer(int, spades::client::Player*) World.cpp:158
    #20 0x1004a0979 in spades::client::NetClient::Handle(spades::client::NetPacketReader&) NetClient.cpp:967
    #21 0x100495c27 in spades::client::NetClient::DoEvents(int) NetClient.cpp:556
    #22 0x1004d3c50 in spades::client::Client::RunFrame(float) Client.cpp:410
    #23 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
    #24 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
    #25 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
    #26 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
    #27 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
    #28 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
    #29 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295

SUMMARY: AddressSanitizer: heap-use-after-free SDLRunner.cpp:298 in spades::gui::SDLSWPort::~SDLSWPort()
Shadow bytes around the buggy address:
  0x1c1000013990: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x1c10000139a0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x1c10000139b0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa
  0x1c10000139c0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x1c10000139d0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
=>0x1c10000139e0: fa fa fa fa[fd]fd fd fd fd fd fd fd fd fd fd fd
  0x1c10000139f0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x1c1000013a00: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c1000013a10: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x1c1000013a20: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
  0x1c1000013a30: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
 =================================================================
 ==93797==ERROR: AddressSanitizer: heap-use-after-free on address 0x60800009cf20 at pc 0x0001008223cf bp 0x7fff5fbf7660 sp 0x7fff5fbf7658
 READ of size 4 at 0x60800009cf20 thread T0
     #0 0x1008223ce in spades::gui::SDLSWPort::~SDLSWPort() SDLRunner.cpp:298
     #1 0x100821e5d in spades::gui::SDLSWPort::~SDLSWPort() SDLRunner.cpp:297
     #2 0x100602349 in spades::draw::SWRenderer::Shutdown() RefCountedObject.h:92
     #3 0x100601363 in spades::draw::SWRenderer::~SWRenderer() SWRenderer.cpp:94
     #4 0x100601c1d in spades::draw::SWRenderer::~SWRenderer() SWRenderer.cpp:91
     #5 0x1005d868b in spades::ngclient::FTFont::~FTFont() RefCountedObject.h:62
     #6 0x1005d880d in spades::ngclient::FTFont::~FTFont() FTFont.cpp:218
     #7 0x1002cb8db in asCScriptEngine::CallObjectMethod(void*, int) const as_scriptengine.cpp:4029
     #8 0x1002f7329 in asCScriptObject::ReleaseAllHandles(asIScriptEngine*) as_scriptobject.cpp:762
     #9 0x1002a9204 in asCScriptEngine::CallObjectMethod(void*, void*, asSSystemFunctionInterface*, asCScriptFunction*) const as_scriptengine.cpp:4419
     #10 0x1001a8535 in asCGarbageCollector::IdentifyGarbageWithCyclicRefs() as_gc.cpp:883
     #11 0x1001ab2e5 in asCGarbageCollector::GarbageCollect(unsigned int, unsigned int) as_gc.cpp:240
     #12 0x1002cd285 in asCScriptEngine::GarbageCollect(unsigned int, unsigned int) as_scriptengine.cpp:4565
     #13 0x100189113 in asCContext::Execute() as_context.cpp:1322
     #14 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
     #15 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
     #16 0x100430408 in spades::client::ScriptIToolSkin::SetSprintState(float) IToolSkin.cpp:40
     #17 0x1004c16aa in spades::client::ClientPlayer::SetCommonSkinParameter(asIScriptObject*) ClientPlayer.cpp:599
     #18 0x1004c275b in spades::client::ClientPlayer::AddToSceneFirstPersonView() ClientPlayer.cpp:691
     #19 0x1004c6f1d in spades::client::ClientPlayer::AddToScene() ClientPlayer.cpp:995
     #20 0x100526619 in spades::client::Client::DrawScene() Client_Scene.cpp:568
     #21 0x1004d3f08 in spades::client::Client::RunFrame(float) Client.cpp:454
     #22 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
     #23 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
     #24 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
     #25 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
     #26 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
     #27 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
     #28 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295
     #29 0x1008102f0 in main Main.cpp:582
     #30 0x1000018b3 in start (OpenSpades+0x1000018b3)

 0x60800009cf20 is located 0 bytes inside of 96-byte region [0x60800009cf20,0x60800009cf80)
 freed by thread T0 here:
     #0 0x100f73bbb in wrap__ZdlPv (libclang_rt.asan_osx_dynamic.dylib+0x57bbb)
     #1 0x1005852df in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__match_at_start_ecma<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type, bool) const vector:1615
     #2 0x1005a12e1 in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__search<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type) const regex:5746
     #3 0x1005a056e in bool std::__1::regex_match<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > >, char, std::__1::regex_traits<char> >(std::__1::__wrap_iter<char const*>, std::__1::__wrap_iter<char const*>, std::__1::match_results<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > > >&, std::__1::basic_regex<char, std::__1::regex_traits<char> > const&, std::__1::regex_constants::match_flag_type) regex:5818
     #4 0x10066dfab in spades::OpenAudioStream(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) regex:5939
     #5 0x10032137e in spades::audio::YsrDevice::CreateChunk(char const*) YsrDevice.cpp:419
     #6 0x10032195f in spades::audio::YsrDevice::RegisterSound(char const*) YsrDevice.cpp:436
     #7 0x1003c3e12 in spades::client::AudioDeviceRegistrar::RegisterSound(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, spades::client::IAudioDevice*) IAudioDevice.cpp:36
     #8 0x1000c0281 in endstack as_callfunc_x64_gcc.cpp:74
     #9 0x1000bfcdf in CallSystemFunctionNative(asCContext*, asCScriptFunction*, void*, unsigned int*, void*, unsigned long&, void*) as_callfunc_x64_gcc.cpp:468
     #10 0x1000bda35 in CallSystemFunction(int, asCContext*) as_callfunc.cpp:712
     #11 0x10018ae4f in asCContext::ExecuteNext() as_context.cpp:2514
     #12 0x100188e6a in asCContext::Execute() as_context.cpp:1296
     #13 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
     #14 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
     #15 0x1004be511 in spades::client::ClientPlayer::initScriptFactory(spades::ScriptFunction&, spades::client::IRenderer*, spades::client::IAudioDevice*) ClientPlayer.cpp:286
     #16 0x1004bdeb8 in spades::client::ClientPlayer::ClientPlayer(spades::client::Player*, spades::client::Client*) ClientPlayer.cpp:260
     #17 0x1004e9666 in spades::client::Client::PlayerObjectSet(int) Client_Update.cpp:548
     #18 0x1005ec15c in spades::client::World::SetPlayer(int, spades::client::Player*) World.cpp:158
     #19 0x1004a0979 in spades::client::NetClient::Handle(spades::client::NetPacketReader&) NetClient.cpp:967
     #20 0x100495c27 in spades::client::NetClient::DoEvents(int) NetClient.cpp:556
     #21 0x1004d3c50 in spades::client::Client::RunFrame(float) Client.cpp:410
     #22 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
     #23 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
     #24 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
     #25 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
     #26 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
     #27 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
     #28 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295
     #29 0x1008102f0 in main Main.cpp:582

 previously allocated by thread T0 here:
     #0 0x100f735fb in wrap__Znwm (libclang_rt.asan_osx_dynamic.dylib+0x575fb)
     #1 0x100586a6b in void std::__1::vector<std::__1::__state<char>, std::__1::allocator<std::__1::__state<char> > >::__push_back_slow_path<std::__1::__state<char> >(std::__1::__state<char>&&) new:169
     #2 0x100584a3d in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__match_at_start_ecma<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type, bool) const vector:1615
     #3 0x1005a12e1 in bool std::__1::basic_regex<char, std::__1::regex_traits<char> >::__search<std::__1::allocator<std::__1::sub_match<char const*> > >(char const*, char const*, std::__1::match_results<char const*, std::__1::allocator<std::__1::sub_match<char const*> > >&, std::__1::regex_constants::match_flag_type) const regex:5746
     #4 0x1005a056e in bool std::__1::regex_match<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > >, char, std::__1::regex_traits<char> >(std::__1::__wrap_iter<char const*>, std::__1::__wrap_iter<char const*>, std::__1::match_results<std::__1::__wrap_iter<char const*>, std::__1::allocator<std::__1::sub_match<std::__1::__wrap_iter<char const*> > > >&, std::__1::basic_regex<char, std::__1::regex_traits<char> > const&, std::__1::regex_constants::match_flag_type) regex:5818
     #5 0x10066dfab in spades::OpenAudioStream(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) regex:5939
     #6 0x10032137e in spades::audio::YsrDevice::CreateChunk(char const*) YsrDevice.cpp:419
     #7 0x10032195f in spades::audio::YsrDevice::RegisterSound(char const*) YsrDevice.cpp:436
     #8 0x1003c3e12 in spades::client::AudioDeviceRegistrar::RegisterSound(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, spades::client::IAudioDevice*) IAudioDevice.cpp:36
     #9 0x1000c0281 in endstack as_callfunc_x64_gcc.cpp:74
     #10 0x1000bfcdf in CallSystemFunctionNative(asCContext*, asCScriptFunction*, void*, unsigned int*, void*, unsigned long&, void*) as_callfunc_x64_gcc.cpp:468
     #11 0x1000bda35 in CallSystemFunction(int, asCContext*) as_callfunc.cpp:712
     #12 0x10018ae4f in asCContext::ExecuteNext() as_context.cpp:2514
     #13 0x100188e6a in asCContext::Execute() as_context.cpp:1296
     #14 0x1003abad3 in spades::ScriptContextUtils::ExecuteChecked() ScriptManager.cpp:339
     #15 0x1003ab82e in spades::ScriptContextHandle::ExecuteChecked() ScriptManager.cpp:278
     #16 0x1004be511 in spades::client::ClientPlayer::initScriptFactory(spades::ScriptFunction&, spades::client::IRenderer*, spades::client::IAudioDevice*) ClientPlayer.cpp:286
     #17 0x1004bdeb8 in spades::client::ClientPlayer::ClientPlayer(spades::client::Player*, spades::client::Client*) ClientPlayer.cpp:260
     #18 0x1004e9666 in spades::client::Client::PlayerObjectSet(int) Client_Update.cpp:548
     #19 0x1005ec15c in spades::client::World::SetPlayer(int, spades::client::Player*) World.cpp:158
     #20 0x1004a0979 in spades::client::NetClient::Handle(spades::client::NetPacketReader&) NetClient.cpp:967
     #21 0x100495c27 in spades::client::NetClient::DoEvents(int) NetClient.cpp:556
     #22 0x1004d3c50 in spades::client::Client::RunFrame(float) Client.cpp:410
     #23 0x1008290a5 in spades::gui::MainScreen::RunFrame(float) MainScreen.cpp:240
     #24 0x10082036a in spades::gui::SDLRunner::RunClientLoop(spades::client::IRenderer*, spades::client::IAudioDevice*) SDLRunner.cpp:180
     #25 0x100821505 in spades::gui::SDLRunner::Run(int, int) SDLRunner.cpp:461
     #26 0x1008364ff in spades::gui::Runner::Run() Runner.cpp:101
     #27 0x100835a47 in spades::gui::Runner::RunProtected() Runner.cpp:47
     #28 0x10080dc8d in spades::StartMainScreen() Main.cpp:254
     #29 0x10083bc43 in spades::gui::StartupScreen::Run() StartupScreen.cpp:295

 SUMMARY: AddressSanitizer: heap-use-after-free SDLRunner.cpp:298 in spades::gui::SDLSWPort::~SDLSWPort()
 Shadow bytes around the buggy address:
   0x1c1000013990: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
   0x1c10000139a0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
   0x1c10000139b0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa
   0x1c10000139c0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
   0x1c10000139d0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
 =>0x1c10000139e0: fa fa fa fa[fd]fd fd fd fd fd fd fd fd fd fd fd
   0x1c10000139f0: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
   0x1c1000013a00: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
   0x1c1000013a10: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
   0x1c1000013a20: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
   0x1c1000013a30: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
 Shadow byte legend (one shadow byte represents 8 application bytes):
   Addressable:           00
   Partially addressable: 01 02 03 04 05 06 07
   Heap left redzone:       fa
   Heap right redzone:      fb
   Freed heap region:       fd
   Stack left redzone:      f1
   Stack mid redzone:       f2
   Stack right redzone:     f3
   Stack partial redzone:   f4
   Stack after return:      f5
   Stack use after scope:   f8
   Global redzone:          f9
   Global init order:       f6
   Poisoned by user:        f7
   Container overflow:      fc
   Array cookie:            ac
   Intra object redzone:    bb
   ASan internal:           fe
   Left alloca redzone:     ca
   Right alloca redzone:    cb

==93797==ABORTING
yvt commented 7 years ago

Looks like this is no longer occurring after 6be6bd3541b812693cf55ece4cc612e5f47842d2.