luc/openmw

mirror of https://github.com/OpenMW/openmw.git synced 2025-04-13 08:58:35 +00:00

Go to file

Fix crash on LuaManager::clear triggered by vfs

See https://gitlab.com/OpenMW/openmw/-/issues/8370#note_2370896069.

=================================================================
==8699==ERROR: AddressSanitizer: heap-use-after-free on address 0x50800060d4b0 at pc 0x7254de50893e bp 0x7fffa97f9700 sp 0x7fffa97f96f0
READ of size 8 at 0x50800060d4b0 thread T0
    #0 0x7254de50893d  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x6293d) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #1 0x7254de50ccad in lua_rawgeti (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x66cad) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #2 0x7254de5d4cab in luaL_unref (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x12ecab) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #3 0x5f96378dd1e9 in sol::stateless_reference::deref(lua_State*) const /home/elsid/dev/openmw/extern/sol3/sol/reference.hpp:440
    #4 0x5f96378dd1e9 in sol::basic_reference<false>::deref() const /home/elsid/dev/openmw/extern/sol3/sol/reference.hpp:545
    #5 0x5f96378dd1e9 in sol::basic_reference<false>::~basic_reference() /home/elsid/dev/openmw/extern/sol3/sol/reference.hpp:635
    #6 0x5f96378dd1e9 in sol::basic_object_base<sol::basic_reference<false> >::~basic_object_base() /home/elsid/dev/openmw/extern/sol3/sol/object_base.hpp:33
    #7 0x5f96378dd1e9 in sol::basic_object<sol::basic_reference<false> >::~basic_object() /home/elsid/dev/openmw/extern/sol3/sol/object.hpp:35
    #8 0x5f96378dd1e9 in ~<lambda> /home/elsid/dev/openmw/apps/openmw/mwlua/vfsbindings.cpp:195
    #9 0x5f96378dd1e9 in ~functor_function /home/elsid/dev/openmw/extern/sol3/sol/function_types_stateful.hpp:32
    #10 0x5f96378dd1e9 in destroy_at<sol::function_detail::functor_function<MWLua::initVFSPackage(const Context&)::<lambda(sol::this_state, sol::object)>::<lambda()>, false, true> > /usr/include/c++/14.2.1/bits/stl_construct.h:88
    #11 0x5f96378dd1e9 in destroy<sol::function_detail::functor_function<MWLua::initVFSPackage(const Context&)::<lambda(sol::this_state, sol::object)>::<lambda()>, false, true> > /usr/include/c++/14.2.1/bits/alloc_traits.h:599
    #12 0x5f96378dd1e9 in user_alloc_destroy<sol::function_detail::functor_function<MWLua::initVFSPackage(const Context&)::<lambda(sol::this_state, sol::object)>::<lambda()>, false, true> > /home/elsid/dev/openmw/extern/sol3/sol/stack_core.hpp:460
    #13 0x5f963a31e305 in int sol::detail::trampoline<int (*&)(lua_State*)>(lua_State*, int (*&)(lua_State*)) /home/elsid/dev/openmw/extern/sol3/sol/trampoline.hpp:158
    #14 0x5f963a31e89c in sol::detail::c_trampoline(lua_State*, int (*)(lua_State*)) /home/elsid/dev/openmw/extern/sol3/sol/trampoline.hpp:183
    #15 0x7254de4dc13a  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3613a) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #16 0x7254de4deac4  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x38ac4) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #17 0x7254de4df1a2  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x391a2) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #18 0x7254de4e1cf2  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3bcf2) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #19 0x7254de4e2a37  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3ca37) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #20 0x7254de50f4a4 in lua_gc (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x694a4) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #21 0x5f96371f615c in MWLua::LuaManager::clear() /home/elsid/dev/openmw/apps/openmw/mwlua/luamanagerimp.cpp:348
    #22 0x5f96371f91ea in MWLua::LuaManager::noGame() /home/elsid/dev/openmw/apps/openmw/mwlua/luamanagerimp.cpp:397
    #23 0x5f963a1c7170 in MWState::StateManager::cleanup(bool) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:71
    #24 0x5f963a1cabfe in MWState::StateManager::newGame(bool) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:169
    #25 0x5f963a1c7aa4 in MWState::StateManager::update(float) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:761
    #26 0x5f963a230bab in OMW::Engine::frame(unsigned int, float) /home/elsid/dev/openmw/apps/openmw/engine.cpp:238
    #27 0x5f963a2442f3 in OMW::Engine::go() /home/elsid/dev/openmw/apps/openmw/engine.cpp:1032
    #28 0x5f963633b3a7 in runApplication(int, char**) /home/elsid/dev/openmw/apps/openmw/main.cpp:228
    #29 0x5f963b375b45 in Debug::wrapApplication(int (*)(int, char**), int, char**, std::basic_string_view<char, std::char_traits<char> >) /home/elsid/dev/openmw/components/debug/debugging.cpp:457
    #30 0x5f9636331695 in main /home/elsid/dev/openmw/apps/openmw/main.cpp:240
    #31 0x7254db435487  (/usr/lib/libc.so.6+0x27487) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #32 0x7254db43554b in __libc_start_main (/usr/lib/libc.so.6+0x2754b) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #33 0x5f9636331464 in _start (/home/elsid/dev/openmw/build/gcc/asan/openmw+0x10db464) (BuildId: ac74a52ca60e8913bef6eb6b3b23d6de648cf3c9)

0x50800060d4b0 is located 16 bytes inside of 96-byte region [0x50800060d4a0,0x50800060d500)
freed by thread T0 here:
    #0 0x7254e2afc102 in free /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:52
    #1 0x5f963a2f84e7 in LuaUtil::LuaState::trackingAllocator(void*, void*, unsigned long, unsigned long) /home/elsid/dev/openmw/components/lua/luastate.cpp:107
    #2 0x7254de4f7779  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x51779) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #3 0x7254de4de7f3  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x387f3) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #4 0x7254de4e1a9a  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3ba9a) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #5 0x7254de4e2a37  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3ca37) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #6 0x7254de50f4a4 in lua_gc (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x694a4) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #7 0x5f96371f615c in MWLua::LuaManager::clear() /home/elsid/dev/openmw/apps/openmw/mwlua/luamanagerimp.cpp:348
    #8 0x5f96371f91ea in MWLua::LuaManager::noGame() /home/elsid/dev/openmw/apps/openmw/mwlua/luamanagerimp.cpp:397
    #9 0x5f963a1c7170 in MWState::StateManager::cleanup(bool) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:71
    #10 0x5f963a1cabfe in MWState::StateManager::newGame(bool) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:169
    #11 0x5f963a1c7aa4 in MWState::StateManager::update(float) /home/elsid/dev/openmw/apps/openmw/mwstate/statemanagerimp.cpp:761
    #12 0x5f963a230bab in OMW::Engine::frame(unsigned int, float) /home/elsid/dev/openmw/apps/openmw/engine.cpp:238
    #13 0x5f963a2442f3 in OMW::Engine::go() /home/elsid/dev/openmw/apps/openmw/engine.cpp:1032
    #14 0x5f963633b3a7 in runApplication(int, char**) /home/elsid/dev/openmw/apps/openmw/main.cpp:228
    #15 0x5f963b375b45 in Debug::wrapApplication(int (*)(int, char**), int, char**, std::basic_string_view<char, std::char_traits<char> >) /home/elsid/dev/openmw/components/debug/debugging.cpp:457
    #16 0x5f9636331695 in main /home/elsid/dev/openmw/apps/openmw/main.cpp:240
    #17 0x7254db435487  (/usr/lib/libc.so.6+0x27487) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #18 0x7254db43554b in __libc_start_main (/usr/lib/libc.so.6+0x2754b) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #19 0x5f9636331464 in _start (/home/elsid/dev/openmw/build/gcc/asan/openmw+0x10db464) (BuildId: ac74a52ca60e8913bef6eb6b3b23d6de648cf3c9)

previously allocated by thread T20 here:
    #0 0x7254e2afc3c2 in realloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:85
    #1 0x5f963a2f7080 in LuaUtil::LuaState::trackingAllocator(void*, void*, unsigned long, unsigned long) /home/elsid/dev/openmw/components/lua/luastate.cpp:110
    #2 0x7254de4e2fc8  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x3cfc8) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #3 0x7254de4f7476  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x51476) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #4 0x7254de50c456 in lua_newthread (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x66456) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #5 0x7254de5d53e5  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x12f3e5) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
    #6 0x7254de4dc0c5  (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x360c5) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)

Thread T20 created by T0 here:
    #0 0x7254e2af44cb in pthread_create /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_interceptors.cpp:245
    #1 0x7254db6e2071 in __gthread_create /usr/src/debug/gcc/gcc-build/x86_64-pc-linux-gnu/libstdc++-v3/include/x86_64-pc-linux-gnu/bits/gthr-default.h:676
    #2 0x7254db6e2071 in std:🧵:_M_start_thread(std::unique_ptr<std:🧵:_State, std::default_delete<std:🧵:_State> >, void (*)()) /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:172
    #3 0x5f96380fa2eb in thread<MWLua::Worker::Worker(MWLua::LuaManager&)::<lambda()> > /usr/include/c++/14.2.1/bits/std_thread.h:173
    #4 0x5f96380fa2eb in MWLua::Worker::Worker(MWLua::LuaManager&) /home/elsid/dev/openmw/apps/openmw/mwlua/worker.cpp:18
    #5 0x5f963a23faf4 in std::__detail::_MakeUniq<MWLua::Worker>::__single_object std::make_unique<MWLua::Worker, MWLua::LuaManager&>(MWLua::LuaManager&) /usr/include/c++/14.2.1/bits/unique_ptr.h:1077
    #6 0x5f963a23faf4 in OMW::Engine::prepareEngine() /home/elsid/dev/openmw/apps/openmw/engine.cpp:920
    #7 0x5f963a2413ae in OMW::Engine::go() /home/elsid/dev/openmw/apps/openmw/engine.cpp:952
    #8 0x5f963633b3a7 in runApplication(int, char**) /home/elsid/dev/openmw/apps/openmw/main.cpp:228
    #9 0x5f963b375b45 in Debug::wrapApplication(int (*)(int, char**), int, char**, std::basic_string_view<char, std::char_traits<char> >) /home/elsid/dev/openmw/components/debug/debugging.cpp:457
    #10 0x5f9636331695 in main /home/elsid/dev/openmw/apps/openmw/main.cpp:240
    #11 0x7254db435487  (/usr/lib/libc.so.6+0x27487) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #12 0x7254db43554b in __libc_start_main (/usr/lib/libc.so.6+0x2754b) (BuildId: 0b707b217b15b106c25fe51df3724b25848310c0)
    #13 0x5f9636331464 in _start (/home/elsid/dev/openmw/build/gcc/asan/openmw+0x10db464) (BuildId: ac74a52ca60e8913bef6eb6b3b23d6de648cf3c9)

SUMMARY: AddressSanitizer: heap-use-after-free (/home/elsid/dev/LuaJIT/build/gcc/asan/install/lib/libluajit-5.1.so.2+0x6293d) (BuildId: 1249151684379d19b11900f406fea9704a6375cb)
Shadow bytes around the buggy address:
  0x50800060d200: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x50800060d280: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x50800060d300: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x50800060d380: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
  0x50800060d400: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 fa
=>0x50800060d480: fa fa fa fa fd fd[fd]fd fd fd fd fd fd fd fd fd
  0x50800060d500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x50800060d580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x50800060d600: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x50800060d680: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x50800060d700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==8699==ABORTING

2025-03-01 15:54:24 +01:00

.github/workflows

Direct downgrade failed, try uninstalling first

2025-01-31 00:55:17 +00:00

apps

Fix crash on LuaManager::clear triggered by vfs

2025-03-01 15:54:24 +01:00

Replace awscli with s3cmd for macOS

2025-01-31 01:02:49 +03:00

cmake

Remove no longer required FindRecastNavigation.cmake

2024-08-13 10:47:33 +02:00

components

Fix UB when pathgrid geometry is generated and all pathgrid edges are invalid

2025-02-16 17:46:52 +03:00

docker

Don't install boost-filesystem anymore

2023-04-25 23:26:29 +02:00

docs

Merge branch 'deordmitri-master-patch-83688' into 'master'

2025-02-24 08:33:13 +00:00

extern

Migrate videoplayer to OSG logging system

2024-10-18 10:20:22 +04:00

files

Don't disable automove when the player can't move (#8358 )

2025-02-21 01:38:08 +03:00

manual/opencs

Renormalise line endings

2022-09-16 00:53:24 +01:00

scripts

Hoist the FileHandle check and add more tests

2025-01-02 15:55:19 +01:00

.clang-format

Fix .clang-format and .clang-tidy

2023-04-29 14:36:35 +02:00

.clang-tidy

Added a missing comma

2023-05-16 21:06:18 +02:00

.editorconfig

Add CMake to .editorconfig

2023-04-22 22:16:43 +01:00

.git-blame-ignore-revs

Ignore 88ec8a95231341e7962b85716510d414e9f0c424 for git blame

2022-09-25 18:24:23 +02:00

.gitignore

Add Clangd cache to .gitignore

2023-11-02 13:07:22 +04:00

.gitlab-ci.yml

Replace awscli with s3cmd for macOS

2025-01-31 01:02:49 +03:00

.readthedocs.yaml

Add Newline

2023-10-24 08:46:27 -05:00

.resubmitted_merge_requests.txt

added !1471

2021-12-14 09:21:41 +00:00

AUTHORS.md

updated authors and changelog

2024-09-01 15:46:44 +02:00

CHANGELOG.md

Merge branch 'toscrollornottoscroll' into 'master'

2025-02-24 21:35:19 +00:00

CMakeLists.txt

Turn ActorActiveEffects:remove into a delayed action

2025-02-24 17:07:32 +01:00

CONTRIBUTING.md

Update CONTRIBUTING.md

2024-05-25 18:44:47 +03:00

LICENSE

http to https for supported urls (#1625 )

2018-03-08 21:23:24 +01:00

README.md

Exterminate script blacklisting (#8214 )

2024-10-31 14:59:55 +03:00

README.md

OpenMW

OpenMW is an open-source open-world RPG game engine that supports playing Morrowind by Bethesda Softworks. You need to own the game for OpenMW to play Morrowind.

OpenMW also comes with OpenMW-CS, a replacement for Bethesda's Construction Set.

Version: 0.49.0
License: GPLv3 (see LICENSE for more information)
Website: https://www.openmw.org
IRC: #openmw on irc.libera.chat
Discord: https://discord.gg/bWuqq2e

Font Licenses:

DejaVuLGCSansMono.ttf: custom (see files/data/fonts/DejaVuFontLicense.txt for more information)
DemonicLetters.ttf: SIL Open Font License (see files/data/fonts/DemonicLettersFontLicense.txt for more information)
MysticCards.ttf: SIL Open Font License (see files/data/fonts/MysticCardsFontLicense.txt for more information)

Current Status

The main quests in Morrowind, Tribunal and Bloodmoon are all completable. Some issues with side quests are to be expected (but rare). Check the bug tracker for a list of issues we need to resolve before the "1.0" release. Even before the "1.0" release however, OpenMW boasts some new features, such as improved graphics and user interfaces.

Pre-existing modifications created for the original Morrowind engine can be hit-and-miss. The OpenMW script compiler performs more thorough error-checking than Morrowind does, meaning that a mod created for Morrowind may not necessarily run in OpenMW. Some mods also rely on quirky behaviour or engine bugs in order to work. We are considering such compatibility issues on a case-by-case basis - in some cases adding a workaround to OpenMW may be feasible, in other cases fixing the mod will be the only option. If you know of any mods that work or don't work, feel free to add them to the Mod status wiki page.

Getting Started

Official forums
Installation instructions
Build from source
Testing the game
How to contribute
Report a bug - read the guidelines before submitting your first bug!
Known issues

The data path

The data path tells OpenMW where to find your Morrowind files. If you run the launcher, OpenMW should be able to pick up the location of these files on its own, if both Morrowind and OpenMW are installed properly (installing Morrowind under WINE is considered a proper install).

Command line options

Syntax: openmw <options>
Allowed options:
  --help                                print help message
  --version                             print version information and quit
  --data arg (=data)                    set data directories (later directories
                                        have higher priority)
  --data-local arg                      set local data directory (highest
                                        priority)
  --fallback-archive arg (=fallback-archive)
                                        set fallback BSA archives (later
                                        archives have higher priority)
  --resources arg (=resources)          set resources directory
  --start arg                           set initial cell
  --content arg                         content file(s): esm/esp, or
                                        omwgame/omwaddon
  --no-sound [=arg(=1)] (=0)            disable all sounds
  --script-verbose [=arg(=1)] (=0)      verbose script output
  --script-all [=arg(=1)] (=0)          compile all scripts (excluding dialogue
                                        scripts) at startup
  --script-all-dialogue [=arg(=1)] (=0) compile all dialogue scripts at startup
  --script-console [=arg(=1)] (=0)      enable console-only script
                                        functionality
  --script-run arg                      select a file containing a list of
                                        console commands that is executed on
                                        startup
  --script-warn [=arg(=1)] (=1)         handling of warnings when compiling
                                        scripts
                                        0 - ignore warning
                                        1 - show warning but consider script as
                                        correctly compiled anyway
                                        2 - treat warnings as errors
  --load-savegame arg                   load a save game file on game startup
                                        (specify an absolute filename or a
                                        filename relative to the current
                                        working directory)
  --skip-menu [=arg(=1)] (=0)           skip main menu on game startup
  --new-game [=arg(=1)] (=0)            run new game sequence (ignored if
                                        skip-menu=0)
  --encoding arg (=win1252)             Character encoding used in OpenMW game
                                        messages:

                                        win1250 - Central and Eastern European
                                        such as Polish, Czech, Slovak,
                                        Hungarian, Slovene, Bosnian, Croatian,
                                        Serbian (Latin script), Romanian and
                                        Albanian languages

                                        win1251 - Cyrillic alphabet such as
                                        Russian, Bulgarian, Serbian Cyrillic
                                        and other languages

                                        win1252 - Western European (Latin)
                                        alphabet, used by default
  --fallback arg                        fallback values
  --no-grab                             Don't grab mouse cursor
  --export-fonts [=arg(=1)] (=0)        Export Morrowind .fnt fonts to PNG
                                        image and XML file in current directory
  --activate-dist arg (=-1)             activation distance override
  --random-seed arg (=<impl defined>)   seed value for random number generator

Description

OpenMW is an open-source open-world RPG game engine that supports playing Morrowind. Main repo and issue tracker can be found here: https://gitlab.com/OpenMW/openmw/

c-plus-plus foss morrowind open-source openmw rpg-engine tes

Readme GPL-3.0 130 MiB

Languages

C++ 93.8%

Lua 3.2%

CMake 1.1%

C 0.6%

GLSL 0.5%

Other 0.8%