Misc. asan fixes #13439

oltolm · 2023-02-23T19:29:19Z

Found these bugs using AddressSanitizer.

rpcs3/Emu/Cell/Modules/cellVdec.cpp

oltolm · 2023-12-10T01:13:56Z

Forgot to post the error log that may be useful to other people.

[4484] =================================================================
[4484] ==4484==ERROR: AddressSanitizer: heap-use-after-free on address 0x11ca048eac48 at pc 0x000000517c76 bp 0x0085ee5fe040 sp 0x0085ee5fe088
[4484] WRITE of size 4 at 0x11ca048eac48 thread T109
[4484]     #0 0x517c75 in atomic_storage<unsigned int, 0ull>::fetch_sub(unsigned int&, unsigned int) C:/src/rpcs3/rpcs3/util/atomic.hpp:448:10
[4484]     #1 0x517c01 in atomic_t<unsigned int, 4ull>::fetch_sub(unsigned int const&) C:/src/rpcs3/rpcs3/util/atomic.hpp:1462:11
[4484]     #2 0x517aeb in shared_mutex::unlock() C:/src/rpcs3/Utilities/mutex.h:114:29
[4484]     #3 0x516747 in std::__1::lock_guard<shared_mutex>::~lock_guard[abi:v160002]() C:/msys64/clang64/include/c++/v1/__mutex_base:100:80
[4484]     #4 0x17619c5 in cellVdecClose(ppu_thread&, unsigned int) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:993:1
[4484]     #5 0x177fb1e in error_code ppu_func_detail::call<4u, 256u, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<4u, 256u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:178:10
[4484]     #6 0x177fb1e in error_code ppu_func_detail::call<unsigned int, 4u, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<4u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #7 0x177fb1e in error_code ppu_func_detail::call<ppu_thread&, unsigned int, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #8 0x177fb1e in ppu_func_detail::func_binder<error_code, ppu_thread&, unsigned int>::do_call(ppu_thread&, error_code (*)(ppu_thread&, unsigned int)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:241:61
[4484]     #9 0x177fb1e in void ppu_func_detail::do_call<error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:248:3
[4484]     #10 0x177fb1e in ppu_module_manager::$_4::operator()() const::'lambda4'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::operator()(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) const C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1696:2
[4484]     #11 0x177f1d7 in ppu_module_manager::$_4::operator()() const::'lambda4'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::__invoke(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1696:2
[4484]     #12 0x662e679c  (<unknown module>)
[4484] 
[4484] 0x11ca048eac48 is located 72 bytes inside of 200-byte region [0x11ca048eac00,0x11ca048eacc8)
[4484] freed by thread T109 here:
[4484]     #0 0x7ffd76e228e1 in operator delete(void*) (C:\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x1800528e1)
[4484]     #1 0x349c36 in void std::__1::__libcpp_operator_delete[abi:v160002]<void*>(void*) C:/msys64/clang64/include/c++/v1/new:276:3
[4484]     #2 0x349bda in void std::__1::__do_deallocate_handle_size[abi:v160002]<>(void*, unsigned long long) C:/msys64/clang64/include/c++/v1/new:300:10
[4484]     #3 0x349b86 in std::__1::__libcpp_deallocate[abi:v160002](void*, unsigned long long, unsigned long long) C:/msys64/clang64/include/c++/v1/new:316:14
[4484]     #4 0x17c34fc in std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>::deallocate[abi:v160002](std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>*, unsigned long long) C:/msys64/clang64/include/c++/v1/__memory/allocator.h:131:13
[4484]     #5 0x17c34a6 in std::__1::allocator_traits<std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>>::deallocate[abi:v160002](std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>&, std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>*, unsigned long long) C:/msys64/clang64/include/c++/v1/__memory/allocator_traits.h:288:13
[4484]     #6 0x17c03b2 in std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>::__on_zero_shared_weak() C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:317:9
[4484]     #7 0x354310 in std::__1::__shared_weak_count::__release_shared[abi:v160002]() C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:199:9
[4484]     #8 0x179e4fa in std::__1::shared_ptr<vdec_context>::~shared_ptr[abi:v160002]() C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:745:23
[4484]     #9 0x17617d7 in cellVdecClose(ppu_thread&, unsigned int) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:986:6
[4484]     #10 0x177fb1e in error_code ppu_func_detail::call<4u, 256u, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<4u, 256u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:178:10
[4484]     #11 0x177fb1e in error_code ppu_func_detail::call<unsigned int, 4u, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<4u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #12 0x177fb1e in error_code ppu_func_detail::call<ppu_thread&, unsigned int, error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int), ppu_func_detail::arg_info_pack_t<>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #13 0x177fb1e in ppu_func_detail::func_binder<error_code, ppu_thread&, unsigned int>::do_call(ppu_thread&, error_code (*)(ppu_thread&, unsigned int)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:241:61
[4484]     #14 0x177fb1e in void ppu_func_detail::do_call<error_code, ppu_thread&, unsigned int>(ppu_thread&, error_code (*)(ppu_thread&, unsigned int)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:248:3
[4484]     #15 0x177fb1e in ppu_module_manager::$_4::operator()() const::'lambda4'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::operator()(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) const C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1696:2
[4484]     #16 0x177f1d7 in ppu_module_manager::$_4::operator()() const::'lambda4'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::__invoke(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1696:2
[4484]     #17 0x662e679c  (<unknown module>)
[4484] 
[4484] previously allocated by thread T109 here:
[4484]     #0 0x7ffd76e22081 in operator new(unsigned long long) (C:\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180052081)
[4484]     #1 0x349b26 in void* std::__1::__libcpp_operator_new[abi:v160002]<unsigned long long>(unsigned long long) C:/msys64/clang64/include/c++/v1/new:266:10
[4484]     #2 0x349a7e in std::__1::__libcpp_allocate[abi:v160002](unsigned long long, unsigned long long) C:/msys64/clang64/include/c++/v1/new:292:10
[4484]     #3 0x17bff1e in std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>::allocate[abi:v160002](unsigned long long) C:/msys64/clang64/include/c++/v1/__memory/allocator.h:115:38
[4484]     #4 0x17bfeae in std::__1::allocator_traits<std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>>::allocate[abi:v160002](std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>&, unsigned long long) C:/msys64/clang64/include/c++/v1/__memory/allocator_traits.h:268:20
[4484]     #5 0x17bf749 in std::__1::__allocation_guard<std::__1::allocator<std::__1::__shared_ptr_emplace<vdec_context, std::__1::allocator<vdec_context>>>>::__allocation_guard[abi:v160002]<std::__1::allocator<vdec_context>>(std::__1::allocator<vdec_context>, unsigned long long) C:/msys64/clang64/include/c++/v1/__memory/allocation_guard.h:53:18
[4484]     #6 0x17bf359 in std::__1::shared_ptr<vdec_context> std::__1::allocate_shared[abi:v160002]<vdec_context, std::__1::allocator<vdec_context>, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&, void>(std::__1::allocator<vdec_context> const&, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&) C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:994:48
[4484]     #7 0x17bf0fc in std::__1::shared_ptr<vdec_context> std::__1::make_shared[abi:v160002]<vdec_context, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&, void>(stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&) C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:1004:12
[4484]     #8 0x17bedd7 in std::__1::shared_ptr<vdec_context> idm::make_ptr<vdec_context, vdec_context, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&>(stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&)::'lambda'()::operator()() const C:/src/rpcs3/rpcs3/Emu/IdManager.h:540:51
[4484]     #9 0x17beaa6 in std::__1::pair<id_manager::id_key, std::__1::shared_ptr<void>>* idm::create_id<vdec_context, vdec_context, 
[4484] std::__1::shared_ptr<vdec_context> idm::make_ptr<vdec_context, vdec_context, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&>(stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&)::'lambda'()>(std::__1::shared_ptr<vdec_context> idm::make_ptr<vdec_context, vdec_context, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&>(stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&)::'lambda'()&&, unsigned int) C:/src/rpcs3/rpcs3/Emu/IdManager.h:502:20
[4484]     #10 0x17bd6ca in std::__1::shared_ptr<vdec_context> idm::make_ptr<vdec_context, vdec_context, stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&>(stx::se_t<int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, stx::se_t<unsigned int, true, 4ull> const&, vm::_ptr_base<unsigned int (unsigned int, CellVdecMsgType, int, unsigned int), stx::se_t<unsigned int, true, 4ull>> const&, stx::se_t<unsigned int, true, 4ull> const&) C:/src/rpcs3/rpcs3/Emu/IdManager.h:540:19
[4484]     #11 0x175fae8 in error_code vdecOpen<vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>>(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:896:10
[4484]     #12 0x175ed10 in cellVdecOpenEx(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:940:9
[4484]     #13 0x177db5d in error_code ppu_func_detail::call<4u, 256u, 512u, 768u, 1024u, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:178:10
[4484]     #14 0x177db5d in error_code ppu_func_detail::call<vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>, 4u, 256u, 512u, 768u, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResou
[4484] rceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #15 0x177db5d in error_code ppu_func_detail::call<vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>, 4u, 256u, 512u, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #16 0x177db5d in error_code ppu_func_detail::call<vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>, 4u, 256u, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #17 0x177db5d in error_code ppu_func_detail::call<vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>, 4u, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<4u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #18 0x177db5d in error_code ppu_func_detail::call<ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>, error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>), ppu_func_detail::arg_info_pack_t<>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #19 0x177db5d in ppu_func_detail::func_binder<error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned 
[4484] int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>::do_call(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:241:61
[4484]     #20 0x177db5d in void ppu_func_detail::do_call<error_code, ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<CellVdecTypeEx const, unsigned int>, vm::_ptr_base<CellVdecResourceEx const, unsigned int>, vm::_ptr_base<CellVdecCb const, unsigned int>, vm::_ptr_base<stx::se_t<unsigned int, true, 4ull>, unsigned int>)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:248:3
[4484]     #21 0x177db5d in ppu_module_manager::$_4::operator()() const::'lambda2'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::operator()(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) const C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1694:2
[4484]     #22 0x177c7c7 in ppu_module_manager::$_4::operator()() const::'lambda2'(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*)::__invoke(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) C:/src/rpcs3/rpcs3/Emu/Cell/Modules/cellVdec.cpp:1694:2
[4484]     #23 0x662e679c  (<unknown module>)
[4484] 
[4484] Thread T109 created by T77 here:
[4484]     #0 0x7ffd76e21866 in __asan_wrap_CreateThread (C:\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180051866)
[4484]     #1 0x7ffdc5741896  (C:\WINDOWS\System32\ucrtbase.dll+0x180021896)
[4484]     #2 0xa6ff1a in thread_base::start() C:/src/rpcs3/Utilities/Thread.cpp:2030:13
[4484]     #3 0x5b1a195 in named_thread<ppu_thread>::named_thread<ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int>(ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/src/rpcs3/rpcs3/../Utilities/Thread.h:507:11
[4484]     #4 0x5b19e57 in named_thread<ppu_thread>* std::__1::construct_at[abi:v160002]<named_thread<ppu_thread>, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int, named_thread<ppu_thread>*>(named_thread<ppu_thread>*, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/msys64/clang64/include/c++/v1/__memory/construct_at.h:38:48
[4484]     #5 0x5b19dff in void std::__1::allocator_traits<std::__1::allocator<named_thread<ppu_thread>>>::construct[abi:v160002]<named_thread<ppu_thread>, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int, void, void>(std::__1::allocator<named_thread<ppu_thread>>&, named_thread<ppu_thread>*, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/msys64/clang64/include/c++/v1/__memory/allocator_traits.h:304:9
[4484]     #6 0x5b19d2f in std::__1::__shared_ptr_emplace<named_thread<ppu_thread>, std::__1::allocator<named_thread<ppu_thread>>>::__shared_ptr_emplace[abi:v160002]<ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int>(std::__1::allocator<named_thread<ppu_thread>>, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:284:13
[4484]     #7 0x5b199d2 in std::__1::shared_ptr<named_thread<ppu_thread>> std::__1::allocate_shared[abi:v160002]<named_thread<ppu_thread>, std::__1::allocator<named_thread<ppu_thread>>, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int, void>(std::__1::allocator<named_thread<ppu_thread>> const&, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:995:55
[4484]     #8 0x5b196f1 in std::__1::shared_ptr<named_thread<ppu_thread>> std::__1::make_shared[abi:v160002]<named_thread<ppu_thread>, ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int, void>(ppu_thread_params&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, int&, int&&) C:/msys64/clang64/include/c++/v1/__memory/shared_ptr.h:1004:12
[4484]     #9 0x5b15c6c in _sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)::$_0::operator()() const C:/src/rpcs3/rpcs3/Emu/Cell/lv2/sys_ppu_thread.cpp:481:10
[4484]     #10 0x5b15336 in std::__1::pair<id_manager::id_key, std::__1::shared_ptr<void>>* idm::create_id<named_thread<ppu_thread>, named_thread<ppu_thread>, _sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)::$_0>(_sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long lo
[4484] ng, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)::$_0&&, unsigned int) C:/src/rpcs3/rpcs3/Emu/IdManager.h:502:20
[4484]     #11 0x5b0efbc in unsigned int idm::import<named_thread<ppu_thread>, named_thread<ppu_thread>, _sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)::$_0>(_sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)::$_0&&, unsigned int) C:/src/rpcs3/rpcs3/Emu/IdManager.h:564:19
[4484]     #12 0x5b0e814 in _sys_ppu_thread_create(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>) C:/src/rpcs3/rpcs3/Emu/Cell/lv2/sys_ppu_thread.cpp:471:18
[4484]     #13 0x1835e07 in error_code ppu_func_detail::call<4u, 256u, 512u, 768u, 1024u, 1280u, 1536u, 1792u, 2048u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u, 1280u, 1536u, 1792u, 2048u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:178:10
[4484]     #14 0x1835e07 in error_code ppu_func_detail::call<vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, 768u, 1024u, 1280u, 1536u, 1792u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u, 1280u, 1536u, 1792u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #15 0x1835e07 in error_code ppu_func_detail::call<unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, 768u, 1024u, 1280u, 1536u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u, 1280u, 1536u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #16 0x1835e07 in error_code ppu_func_detail::call<unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, 768u, 1024u, 1280u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long l
[4484] ong, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u, 1280u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #17 0x1835e07 in error_code ppu_func_detail::call<int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, 768u, 1024u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u, 1024u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #18 0x1835e07 in error_code ppu_func_detail::call<unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, 768u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u, 768u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #19 0x1835e07 in error_code ppu_func_detail::call<unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, 512u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u, 512u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #20 0x1835e07 in error_code ppu_func_detail::call<vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, 4u, 256u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u, 256u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #21 0x1835e07 in error_code ppu_func_detail::call<vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char con
[4484] st, unsigned int>, 4u, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<4u>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #22 0x1835e07 in error_code ppu_func_detail::call<ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>, error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>), ppu_func_detail::arg_info_pack_t<>) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:208:10
[4484]     #23 0x1835e07 in ppu_func_detail::func_binder<error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>::do_call(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:241:61
[4484]     #24 0x1835e07 in void ppu_func_detail::do_call<error_code, ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>>(ppu_thread&, error_code (*)(ppu_thread&, vm::_ptr_base<stx::se_t<unsigned long long, true, 8ull>, unsigned int>, vm::_ptr_base<ppu_thread_param_t, unsigned int>, unsigned long long, unsigned long long, int, unsigned int, unsigned long long, vm::_ptr_base<char const, unsigned int>)) C:/src/rpcs3/rpcs3/Emu/Cell/PPUFunction.h:248:3
[4484]     #25 0x1835e07 in $_35::operator()(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) const C:/src/rpcs3/rpcs3/Emu/Cell/lv2/lv2.cpp:161:2
[4484]     #26 0x17d91b7 in $_35::__invoke(ppu_thread&, ppu_opcode_t, stx::se_t<unsigned int, true, 4ull>*, ppu_intrp_func*) C:/src/rpcs3/rpcs3/Emu/Cell/lv2/lv2.cpp:161:2
[4484]     #27 0x17c9df8 in ppu_execute_syscall(ppu_thread&, unsigned long long) C:/src/rpcs3/rpcs3/Emu/Cell/lv2/lv2.cpp:1175:4
[4484]     #28 0x1229295197fa  (<unknown module>)
[4484] 
[4484] Thread T77 created by T68 here:
[4484]     #0 0x7ffd76e21866 in __asan_wrap_CreateThread (C:\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180051866)
[4484]     #1 0x7ffdc5741896  (C:\WINDOWS\System32\ucrtbase.dll+0x180021896)
[4484]     #2 0xa6ff1a in thread_base::start() C:/src/rpcs3/Utilities/Thread.cpp:2030:13
[4484]     #3 0x33bb8da in named_thread<rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*)::'lambda'()>::named_thread<rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*)::'lambda'() const&>(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>, rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*)::'lambda'() const&) C:/src/rpcs3/Utilities/Thread.h:516:11
[4484]     #4 0x33bb459 in named_thread_group<rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*)::'lambda'()>::named_thread_group(std::__1::basic_string_view<char, std::__1::char_traits<char>>, unsigned int, rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*)::'lambda'() const&) C:/src/rpcs3/Utilities/Thread.h:709:44
[4484]     #5 0x33a34d9 in rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::await_workers(unsigned int, unsigned char, std::__1::function<void (unsigned int)>&, atomic_t<unsigned int, 4ull>&, unsigned int, rsx::shader_loading_dialog*) C:/src/rpcs3/rpcs3/Emu/RSX/VK/vkutils/../../rsx_cache.h:168:24
[4484]     #6 0x33a24d9 in rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::load_shaders(unsigned int, lf_fifo<std::__1::tuple<vk::pipeline_props, RSXVertexProgram, RSXFragmentProgram>, 1000ull>&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, std::__1::vector<fs::dir_entry, std::__1::allocator<fs::dir_entry>>&, unsigned int, rsx::shader_loading_dialog*) C:/src/rpcs3/rpcs3/Emu/RSX/VK/vkutils/../../rsx_cache.h:118:4
[4484]     #7 0x3270f1b in void rsx::shaders_cache<vk::pipeline_props, vk::program_cache>::load<VkPipelineLayout_T*&>(rsx::shader_loading_dialog*, VkPipelineLayout_T*&) C:/src/rpcs3/rpcs3/Emu/RSX/VK/vkutils/../../rsx_cache.h:268:4
[4484]     #8 0x3239c8e in VKGSRender::on_init_thread() C:/src/rpcs3/rpcs3/Emu/RSX/VK/VKGSRender.cpp:1428:20
[4484]     #9 0xdad416 in rsx::thread::on_task() C:/src/rpcs3/rpcs3/Emu/RSX/RSXThread.cpp:794:4
[4484]     #10 0xdabb72 in rsx::thread::cpu_task() C:/src/rpcs3/rpcs3/Emu/RSX/RSXThread.cpp:720:4
[4484]     #11 0xd25221 in cpu_thread::operator()() C:/src/rpcs3/rpcs3/Emu/CPU/CPUThread.cpp:607:4
[4484]     #12 0x11c873a in named_thread<VKGSRender>::entry_point2() C:/src/rpcs3/Utilities/Thread.h:464:14
[4484]     #13 0x1156eb6 in named_thread<VKGSRender>::entry_point(thread_base*) C:/src/rpcs3/Utilities/Thread.h:445:45
[4484]     #14 0x662e774a  (<unknown module>)
[4484] 
[4484] Thread T68 created by T0 here:
[4484]     #0 0x7ffd76e21866 in __asan_wrap_CreateThread (C:\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180051866)
[4484]     #1 0x7ffdc5741896  (C:\WINDOWS\System32\ucrtbase.dll+0x180021896)
[4484]     #2 0xa6ff1a in thread_base::start() C:/src/rpcs3/Utilities/Thread.cpp:2030:13
[4484]     #3 0x11ca71b in named_thread<VKGSRender>::named_thread<utils::serial*&>(utils::serial*&) C:/src/rpcs3/Utilities/Thread.h:507:11
[4484]     #4 0x11c9f2c in named_thread<VKGSRender>* stx::manual_typemap<void, 33554432u, 128u>::init<rsx::thread, named_thread<VKGSRender>, utils::serial*&>(utils::serial*&) C:/src/rpcs3/rpcs3/util/fixed_typemap.hpp:385:71
[4484]     #5 0x10c207a in gui_application::InitializeCallbacks()::$_2::operator()(utils::serial*) const C:/src/rpcs3/rpcs3/rpcs3qt/gui_application.cpp:446:11
[4484]     #6 0x10c1ec7 in decltype(std::declval<gui_application::InitializeCallbacks()::$_2&>()(std::declval<utils::serial*>())) std::__1::__invoke[abi:v160002]<gui_application::InitializeCallbacks()::$_2&, utils::serial*>(gui_application::InitializeCallbacks()::$_2&, utils::serial*&&) C:/msys64/clang64/include/c++/v1/__functional/invoke.h:394:23
[4484]     #7 0x10c1e3e in void std::__1::__invoke_void_return_wrapper<void, true>::__call<gui_application::InitializeCallbacks()::$_2&, utils::serial*>(gui_application::InitializeCallbacks()::$_2&, utils::serial*&&) C:/msys64/clang64/include/c++/v1/__functional/invoke.h:487:9
[4484]     #8 0x10c1e16 in std::__1::__function::__alloc_func<gui_application::InitializeCallbacks()::$_2, std::__1::allocator<gui_application::InitializeCallbacks()::$_2>, void (utils::serial*)>::operator()[abi:v160002](utils::serial*&&) C:/msys64/clang64/include/c++/v1/__functional/function.h:185:16
[4484]     #9 0x10bd1d2 in std::__1::__function::__func<gui_application::InitializeCallbacks()::$_2, std::__1::allocator<gui_application::InitializeCallbacks()::$_2>, void (utils::serial*)>::operator()(utils::serial*&&) C:/msys64/clang64/include/c++/v1/__functional/function.h:356:12
[4484]     #10 0x7cb306 in std::__1::__function::__value_func<void (utils::serial*)>::operator()[abi:v160002](utils::serial*&&) const C:/msys64/clang64/include/c++/v1/__functional/function.h:510:16
[4484]     #11 0x764aea in std::__1::function<void (utils::serial*)>::operator()(utils::serial*) const C:/msys64/clang64/include/c++/v1/__functional/function.h:1156:12
[4484]     #12 0x6d89cf in init_fxo_for_exec(utils::serial*, bool) C:/src/rpcs3/rpcs3/Emu/System.cpp:203:2
[4484]     #13 0x143fe73 in ppu_load_exec(elf_object<elf_be, unsigned long long, (elf_machine)21, (elf_os)0, (elf_type)2> const&, utils::serial*) C:/src/rpcs3/rpcs3/Emu/Cell/PPUModule.cpp:2152:2
[4484]     #14 0x6f8a1f in Emulator::Load(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, bool, unsigned long long) C:/src/rpcs3/rpcs3/Emu/System.cpp:1951:8
[4484]     #15 0x6e44a2 in Emulator::BootGame(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, bool, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) C:/src/rpcs3/rpcs3/Emu/System.cpp:766:12
[4484]     #16 0x1288e46 in main_window::Boot(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, bool, bool, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) C:/src/rpcs3/rpcs3/rpcs3qt/main_window.cpp:469:29
[4484]     #17 0x12fb34e in main_window::CreateDockWindows()::$_5::operator()(std::__1::shared_ptr<gui_game_info> const&, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) const C:/src/rpcs3/rpcs3/rpcs3qt/main_window.cpp:2907:3
[4484]     #18 0x12fb1a9 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1, 2, 3>, QtPrivate::List<std::__1::shared_ptr<gui_game_info> const&, cfg_mode, std::__1::ba
[4484] sic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&>, void, main_window::CreateDockWindows()::$_5>::call(main_window::CreateDockWindows()::$_5&, void**) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:146:13
[4484]     #19 0x12faf22 in void QtPrivate::Functor<main_window::CreateDockWindows()::$_5, 4>::call<QtPrivate::List<std::__1::shared_ptr<gui_game_info> const&, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&>, void>(main_window::CreateDockWindows()::$_5&, void*, void**) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:256:13
[4484]     #20 0x12faec2 in QtPrivate::QFunctorSlotObject<main_window::CreateDockWindows()::$_5, 4, QtPrivate::List<std::__1::shared_ptr<gui_game_info> const&, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:443:17
[4484]     #21 0x7ffd7031f5df in void doActivate<false>(QObject*, int, void**) (E:\build-clang\bin\Qt5Core.dll+0x1801ff5df)
[4484]     #22 0x102f092 in game_list_frame::RequestBoot(std::__1::shared_ptr<gui_game_info> const&, cfg_mode, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) E:/build-clang/rpcs3/rpcs3qt/rpcs3_ui_autogen/EWIEGA46WW/moc_game_list_frame.cpp:371:5
[4484]     #23 0x2867734 in game_list_frame::doubleClickedSlot(std::__1::shared_ptr<gui_game_info> const&) C:/src/rpcs3/rpcs3/rpcs3qt/game_list_frame.cpp:858:9
[4484]     #24 0x2866d79 in game_list_frame::doubleClickedSlot(QTableWidgetItem*) C:/src/rpcs3/rpcs3/rpcs3qt/game_list_frame.cpp:847:2
[4484]     #25 0x28e268a in QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QTableWidgetItem*>, void, void (game_list_frame::*)(QTableWidgetItem*)>::call(void (game_list_frame::*)(QTableWidgetItem*), game_list_frame*, void**) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:152:13
[4484]     #26 0x28e23a9 in void QtPrivate::FunctionPointer<void (game_list_frame::*)(QTableWidgetItem*)>::call<QtPrivate::List<QTableWidgetItem*>, void>(void (game_list_frame::*)(QTableWidgetItem*), game_list_frame*, void**) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:185:13
[4484]     #27 0x28e201f in QtPrivate::QSlotObject<void (game_list_frame::*)(QTableWidgetItem*), QtPrivate::List<QTableWidgetItem*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) C:/msys64/clang64/include/QtCore/qobjectdefs_impl.h:418:17
[4484]     #28 0x7ffd7031f5df in void doActivate<false>(QObject*, int, void**) (E:\build-clang\bin\Qt5Core.dll+0x1801ff5df)
[4484]     #29 0x7ffd78bb3c39 in QTableWidgetPrivate::_q_emitItemDoubleClicked(QModelIndex const&) (E:\build-clang\bin\Qt5Widgets.dll+0x1802c3c39)
[4484]     #30 0x7ffd7031f710 in void doActivate<false>(QObject*, int, void**) (E:\build-clang\bin\Qt5Core.dll+0x1801ff710)
[4484]     #31 0x7ffd78b55475 in QAbstractItemView::mouseDoubleClickEvent(QMouseEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x180265475)
[4484]     #32 0x7ffd78936224 in QWidget::event(QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x180046224)
[4484]     #33 0x7ffd789d40c7 in QFrame::event(QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x1800e40c7)
[4484]     #34 0x7ffd78b53d50 in QAbstractItemView::viewportEvent(QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x180263d50)
[4484]     #35 0x7ffd702ecd83 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (E:\build-clang\bin\Qt5Core.dll+0x1801ccd83)
[4484]     #36 0x7ffd788fc68d in QApplicationPrivate::notify_helper(QObject*, QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x18000c68d)
[4484]     #37 0x7ffd788ff25a in QApplication::notify(QObject*, QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x18000f25a)
[4484]   
[4484]   #38 0x7ffd702eca94 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (E:\build-clang\bin\Qt5Core.dll+0x1801cca94)
[4484]     #39 0x7ffd788fcf47 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) (E:\build-clang\bin\Qt5Widgets.dll+0x18000cf47)
[4484]     #40 0x7ffd78952c36 in QWidgetWindow::handleMouseEvent(QMouseEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x180062c36)
[4484]     #41 0x7ffd7895186b in QWidgetWindow::event(QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x18006186b)
[4484]     #42 0x7ffd788fc6a1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x18000c6a1)
[4484]     #43 0x7ffd788fd8ef in QApplication::notify(QObject*, QEvent*) (E:\build-clang\bin\Qt5Widgets.dll+0x18000d8ef)
[4484]     #44 0x7ffd702eca94 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (E:\build-clang\bin\Qt5Core.dll+0x1801cca94)
[4484]     #45 0x7ffd766d6e9f in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (E:\build-clang\bin\Qt5Gui.dll+0x180036e9f)
[4484]     #46 0x7ffd766bd569 in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (E:\build-clang\bin\Qt5Gui.dll+0x18001d569)
[4484]     #47 0x7ffd70340c5b in QEventDispatcherWin32::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (E:\build-clang\bin\Qt5Core.dll+0x180220c5b)
[4484]     #48 0x7ffd788711b4 in QWindowsGuiEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (E:\build-clang\bin\platforms\qwindows.dll+0x1800811b4)
[4484]     #49 0x7ffd702e9d14 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (E:\build-clang\bin\Qt5Core.dll+0x1801c9d14)
[4484]     #50 0x7ffd702ed04c in QCoreApplication::exec() (E:\build-clang\bin\Qt5Core.dll+0x1801cd04c)
[4484]     #51 0x392430 in main C:/src/rpcs3/rpcs3/main.cpp:1320:9
[4484]     #52 0x2b1314 in __tmainCRTStartup C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:272:15
[4484]     #53 0x2b1155 in .l_startw C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:162:9
[4484]     #54 0x7ffdc6d57613  (C:\WINDOWS\System32\KERNEL32.DLL+0x180017613)
[4484]     #55 0x7ffdc7a426a0  (C:\WINDOWS\SYSTEM32\ntdll.dll+0x1800526a0)
[4484] 
[4484] SUMMARY: AddressSanitizer: heap-use-after-free C:/src/rpcs3/rpcs3/util/atomic.hpp:448:10 in atomic_storage<unsigned int, 0ull>::fetch_sub(unsigned int&, unsigned int)
[4484] Shadow bytes around the buggy address:
[4484]   0x11ca048ea980: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eaa00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eaa80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eab00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eab80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484] =>0x11ca048eac00: fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd fd
[4484]   0x11ca048eac80: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa
[4484]   0x11ca048ead00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048ead80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eae00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[4484]   0x11ca048eae80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[4484] Shadow byte legend (one shadow byte represents 8 application bytes):
[4484]   Addressable:           00
[4484]   Partially addressable: 01 02 03 04 05 06 07 
[4484]   Heap left redzone:       fa
[4484]   Freed heap region:       fd
[4484]   Stack left redzone:      f1
[4484]   Stack mid redzone:       f2
[4484]   Stack right redzone:     f3
[4484]   Stack after return:      f5
[4484]   Stack use after scope:   f8
[4484]   Global redzone:          f9
[4484]   Global init order:       f6
[4484]   Poisoned by user:        f7
[4484]   Container overflow:      fc
[4484]   Array cookie:            ac
[4484]   Intra object redzone:    bb
[4484]   ASan internal:           fe
[4484]   Left alloca redzone:     ca
[4484]   Right alloca redzone:    cb
[4484] ==4484==ABORTING

oltolm added 3 commits February 23, 2023 18:15

fix use after move in cellVdec.cpp

11f6b9b

fix: back() called an empty string in PPUThread.cpp

a1b9d9d

fix out-of-bounds in VKGSRenderTypes.hpp

aa7ea8c

elad335 reviewed Feb 23, 2023

View reviewed changes

rpcs3/Emu/Cell/Modules/cellVdec.cpp Outdated Show resolved Hide resolved

cellVdec.cpp: use lock_unlock instead of lock_guard

b984cb1

Megamouse added the Miscellaneous label Feb 23, 2023

Merge branch 'master' into misc_asan_fixes

cfd8441

kd-11 merged commit 1800faf into RPCS3:master Feb 26, 2023

oltolm deleted the misc_asan_fixes branch February 26, 2023 23:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Misc. asan fixes #13439

Misc. asan fixes #13439

oltolm commented Feb 23, 2023

oltolm commented Dec 10, 2023

Misc. asan fixes #13439

Misc. asan fixes #13439

Conversation

oltolm commented Feb 23, 2023

oltolm commented Dec 10, 2023