heap-use-after-free

Hello, I get a heap use after free error

test code

hold mouse down, either button for a second or so.

Apple M2 Pro
macOS 15.3 (24D60)

physac from master today
raylib 5.5 from release

code "mostly" from examples

#include "include/raylib.h"

#define PHYSAC_IMPLEMENTATION
#define PHYSAC_DEBUG
#include "include/physac.h"

int main(void) {
    const int screen_width = 1920;
    const int screen_height = 1080;

    InitWindow(screen_width, screen_height, "raylib example - basic window");

    SetTargetFPS(61);

    InitPhysics();

    PhysicsBody floor = CreatePhysicsBodyRectangle((Vector2){screen_width >> 1, screen_height}, 500, 100, 10);
    floor->enabled = false;
    SetPhysicsBodyRotation(floor, 10 * DEG2RAD);

    PhysicsBody rectLeft = CreatePhysicsBodyRectangle((Vector2){25, screen_height - 5}, 250, 250, 10);
    rectLeft->enabled = false; // Disable body state to convert it to static (no dynamics, but collisions)
    SetPhysicsBodyRotation(rectLeft, 30 * DEG2RAD);
    PhysicsBody rectRight = CreatePhysicsBodyRectangle((Vector2){screen_width - 25, screen_height - 5}, 250, 250, 10);
    rectRight->enabled = false; // Disable body state to convert it to static (no dynamics, but collisions)
    SetPhysicsBodyRotation(rectRight, 330 * DEG2RAD);

    PhysicsBody bodyB = CreatePhysicsBodyPolygon((Vector2){screen_width - 35, screen_height * 0.6f}, GetRandomValue(20, 80), GetRandomValue(3, 8), 10);
    bodyB->staticFriction = 0.59;
    bodyB->dynamicFriction = 0.59;
    SetPhysicsBodyRotation(bodyB, 330 * DEG2RAD);

    while (!WindowShouldClose()) {
        if (IsMouseButtonDown(MOUSE_LEFT_BUTTON)) {
            PhysicsBody newBod = CreatePhysicsBodyPolygon(GetMousePosition(), GetRandomValue(20, 80), GetRandomValue(3, 8), 10);
            newBod->staticFriction = 0.59;
            newBod->dynamicFriction = 0.59;
        } else if (IsMouseButtonDown(MOUSE_RIGHT_BUTTON))
            CreatePhysicsBodyCircle(GetMousePosition(), GetRandomValue(10, 45), 10);

        floor->position.x = sinf(GetTime() / 10) * (screen_width >> 1) + (screen_width >> 1);

        int bodiesCount = GetPhysicsBodiesCount();

        BeginDrawing();

        ClearBackground(BLACK);

        bodiesCount = GetPhysicsBodiesCount();
        for (int i = 0; i < bodiesCount; i++) {
            PhysicsBody body = GetPhysicsBody(i);

            if (body != NULL) {
                int vertexCount = GetPhysicsShapeVerticesCount(i);
                for (int j = 0; j < vertexCount; j++) {
                    Vector2 vertexA = GetPhysicsShapeVertex(body, j);
                    int jj = (((j + 1) < vertexCount) ? (j + 1) : 0); // Get next vertex or first to close the shape
                    Vector2 vertexB = GetPhysicsShapeVertex(body, jj);

                    Color color = (body->isGrounded) ? GREEN : body->shape.type == PHYSICS_CIRCLE ? RED
                                                                                                  : BLUE;
                    DrawLineV(vertexA, vertexB, color);                    // Draw a line between two vertex positions
                    DrawTriangle(body->position, vertexB, vertexA, color); // Draw a triangle between two vertex and body position
                }
            }
        }

        DrawFPS(10, 10);

        EndDrawing();

        bodiesCount = GetPhysicsBodiesCount();
        for (int i = bodiesCount - 1; i >= 0; i--) {
            PhysicsBody body = GetPhysicsBody(i);

            if ((body != NULL) && (body->position.y > screen_height * 2))
                DestroyPhysicsBody(body);
        }
    }

    ClosePhysics();

    CloseWindow();
    return 0;
}

INFO: Initializing raylib 5.5
INFO: Platform backend: DESKTOP (GLFW)
INFO: Supported raylib modules:
INFO:     > rcore:..... loaded (mandatory)
INFO:     > rlgl:...... loaded (mandatory)
INFO:     > rshapes:... loaded (optional)
INFO:     > rtextures:. loaded (optional)
INFO:     > rtext:..... loaded (optional)
INFO:     > rmodels:... loaded (optional)
INFO:     > raudio:.... loaded (optional)
INFO: DISPLAY: Device initialized successfully
INFO:     > Display size: 2560 x 1440
INFO:     > Screen size:  1920 x 1080
INFO:     > Render size:  1920 x 1080
INFO:     > Viewport offsets: 0, 0
INFO: GLAD: OpenGL extensions loaded successfully
INFO: GL: Supported extensions count: 43
INFO: GL: OpenGL device information:
INFO:     > Vendor:   Apple
INFO:     > Renderer: Apple M2 Pro
INFO:     > Version:  4.1 Metal - 89.3
INFO:     > GLSL:     4.10
INFO: GL: VAO extension detected, VAO functions loaded successfully
INFO: GL: NPOT textures extension detected, full NPOT textures supported
INFO: GL: DXT compressed textures supported
INFO: PLATFORM: DESKTOP (GLFW - Cocoa): Initialized successfully
INFO: TEXTURE: [ID 1] Texture loaded successfully (1x1 | R8G8B8A8 | 1 mipmaps)
INFO: TEXTURE: [ID 1] Default texture loaded successfully
INFO: SHADER: [ID 1] Vertex shader compiled successfully
INFO: SHADER: [ID 2] Fragment shader compiled successfully
INFO: SHADER: [ID 3] Program shader loaded successfully
INFO: SHADER: [ID 3] Default shader loaded successfully
INFO: RLGL: Render batch vertex buffers loaded successfully in RAM (CPU)
INFO: RLGL: Render batch vertex buffers loaded successfully in VRAM (GPU)
INFO: RLGL: Default OpenGL state initialized successfully
INFO: TEXTURE: [ID 2] Texture loaded successfully (128x128 | GRAY_ALPHA | 1 mipmaps)
INFO: FONT: Default font loaded successfully (224 glyphs)
INFO: SYSTEM: Working Directory: /Users/n/Code/Games/ball-go-up
INFO: TIMER: Target time per frame: 16.393 milliseconds
[PHYSAC] physics module initialized successfully
[PHYSAC] created polygon physics body id 0
[PHYSAC] physics thread created successfully
[PHYSAC] created polygon physics body id 1
[PHYSAC] created polygon physics body id 2
[PHYSAC] created polygon physics body id 3
2025-02-14 21:07:56.227 game_debug[5701:121472] +[IMKClient subclass]: chose IMKClient_Modern
2025-02-14 21:07:56.227 game_debug[5701:121472] +[IMKInputSession subclass]: chose IMKInputSession_Modern
[PHYSAC] created polygon physics body id 4
[PHYSAC] created polygon physics body id 5
[PHYSAC] created polygon physics body id 6
[PHYSAC] created polygon physics body id 7
[PHYSAC] created polygon physics body id 8
[PHYSAC] destroyed physics body id 3
=================================================================
==5701==ERROR: AddressSanitizer: heap-use-after-free on address 0x6150000438c4 at pc 0x000100078b98 bp 0x00017004a870 sp 0x00017004a868
READ of size 4 at 0x6150000438c4 thread T6
[PHYSAC] created polygon physics body id 3
[PHYSAC] created polygon physics body id 9
[PHYSAC] created polygon physics body id 10
[PHYSAC] created polygon physics body id 11
[PHYSAC] created polygon physics body id 12
    #0 0x000100078b94 in InitializePhysicsManifolds physac.h:1647
    #1 0x000100076bb4 in PhysicsStep physac.h:1149
    #2 0x00010007618c in RunPhysicsStep physac.h:1210
    #3 0x00010006f0d8 in PhysicsLoop physac.h:1063
    #4 0x00010074eed0 in asan_thread_start(void*)+0x48 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x4eed0)
    #5 0x0001974102e0 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64+0x72e0)
    #6 0x00019740b0f8 in thread_start+0x4 (libsystem_pthread.dylib:arm64+0x20f8)

0x6150000438c4 is located 68 bytes inside of 504-byte region [0x615000043880,0x615000043a78)
freed by thread T0 here:
    #0 0x0001007522b0 in free+0x74 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x522b0)
    #1 0x000100074ac0 in DestroyPhysicsBody physac.h:915
    #2 0x0001000778d0 in main main.c:83
    #3 0x000197090270  (<unknown module>)

previously allocated by thread T0 here:
    #0 0x0001007521c4 in malloc+0x70 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x521c4)
    #1 0x0001000718fc in CreatePhysicsBodyPolygon physac.h:529
    #2 0x0001000771cc in main main.c:29
    #3 0x000197090270  (<unknown module>)

Thread T6 created by T0 here:
    #0 0x000100749c50 in pthread_create+0x58 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x49c50)
    #1 0x00010006ef78 in InitPhysics physac.h:361
    #2 0x000100076f84 in main main.c:16
    #3 0x000197090270  (<unknown module>)

SUMMARY: AddressSanitizer: heap-use-after-free physac.h:1647 in InitializePhysicsManifolds
Shadow bytes around the buggy address:
  0x615000043600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x615000043680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x615000043700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x615000043780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
  0x615000043800: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x615000043880: fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd fd fd
  0x615000043900: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x615000043980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x615000043a00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa
  0x615000043a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x615000043b00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==5701==ABORTING
make: *** [build_osx] Abort trap: 6

I had a quick look trying to solve it, but I did not find anything wrong

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions