Skip to content

Instantly share code, notes, and snippets.

@dogbert17

dogbert17/gist:21d8f4fc1ae488d6fad4ed4b9d9cbe2d

Created March 30, 2018 10:27
Show Gist options
  • Save dogbert17/21d8f4fc1ae488d6fad4ed4b9d9cbe2d to your computer and use it in GitHub Desktop.
Save dogbert17/21d8f4fc1ae488d6fad4ed4b9d9cbe2d to your computer and use it in GitHub Desktop.
Download ZIP
Elusive bug
Raw
gistfile1.txt
dilbert@Linux-Mint18 ~ $ MVM_JIT_DISABLE=1 ASAN_OPTIONS=detect_leaks=0 perl6 scratch.pl6
http://docs.perl6.org
https://rakudo.perl6.org/downloads/rakudo/rakudo-2017.10.tar.gz
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
http://docs.perl6.org
https://rakudo.perl6.org/downloads/rakudo/rakudo-2017.10.tar.gz
http://docs.perl6.org
https://rakudo.perl6.org/downloads/rakudo/rakudo-2017.10.tar.gz
=================================================================
==27016==ERROR: AddressSanitizer: heap-use-after-free on address 0x61900191dd80 at pc 0x7fd1a60a4cb2 bp 0x7fd19254a8d0 sp 0x7fd19254a8c0
READ of size 8 at 0x61900191dd80 thread T12
#0 0x7fd1a60a4cb1 in MVM_gc_mark_collectable src/gc/collect.c:367
#1 0x7fd1a60a49a5 in process_worklist src/gc/collect.c:341
#2 0x7fd1a60a2ab2 in MVM_gc_collect src/gc/collect.c:66
#3 0x7fd1a608a2f5 in process_in_tray src/gc/orchestrate.c:110
#4 0x7fd1a608a49f in finish_gc src/gc/orchestrate.c:141
#5 0x7fd1a608b761 in run_gc src/gc/orchestrate.c:411
#6 0x7fd1a608c1cb in MVM_gc_enter_from_allocator src/gc/orchestrate.c:524
#7 0x7fd1a608d0ad in MVM_gc_allocate_nursery src/gc/allocation.c:32
#8 0x7fd1a608cece in MVM_gc_allocate src/gc/allocation.h:13
#9 0x7fd1a608d181 in MVM_gc_allocate_zeroed src/gc/allocation.c:49
#10 0x7fd1a608d9d4 in MVM_gc_allocate_object src/gc/allocation.c:86
#11 0x7fd1a601331b in MVM_frame_takeclosure src/core/frame.c:1151
#12 0x7fd1a5f82293 in MVM_interp_run src/core/interp.c:1185
#13 0x7fd1a602ba7a in start_thread src/core/threads.c:87
#14 0x7fd1a53036b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
#15 0x7fd1a562041c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
0x61900191dd80 is located 512 bytes inside of 944-byte region [0x61900191db80,0x61900191df30)
freed by thread T6 here:
#0 0x7fd1a71de2ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
#1 0x7fd1a606304b in MVM_free src/core/alloc.h:40
#2 0x7fd1a60644ba in MVM_fixed_size_free src/core/fixedsizealloc.c:309
#3 0x7fd1a600ffa3 in remove_one_frame src/core/frame.c:861
#4 0x7fd1a6011ee1 in MVM_frame_unwind_to src/core/frame.c:1060
#5 0x7fd1a5f6163f in run_handler src/core/exceptions.c:361
#6 0x7fd1a5f65541 in MVM_exception_throwpayload src/core/exceptions.c:777
#7 0x7fd1a5fe28ca in MVM_interp_run src/core/interp.c:5062
#8 0x7fd1a602ba7a in start_thread src/core/threads.c:87
#9 0x7fd1a53036b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
previously allocated by thread T6 here:
#0 0x7fd1a71de602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x7fd1a6062f72 in MVM_malloc src/core/alloc.h:2
#2 0x7fd1a6064081 in MVM_fixed_size_alloc src/core/fixedsizealloc.c:194
#3 0x7fd1a60640ae in MVM_fixed_size_alloc_zeroed src/core/fixedsizealloc.c:201
#4 0x7fd1a600a55b in allocate_frame src/core/frame.c:293
#5 0x7fd1a600bfad in MVM_frame_invoke src/core/frame.c:491
#6 0x7fd1a6137a01 in invoke_handler src/6model/reprs/MVMCode.c:10
#7 0x7fd1a5f7da21 in MVM_interp_run src/core/interp.c:917
#8 0x7fd1a602ba7a in start_thread src/core/threads.c:87
#9 0x7fd1a53036b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
Thread T12 created by T11 here:
#0 0x7fd1a717c253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7fd1a63a0e1f in uv_thread_create (//home/dilbert/.rakudobrew/moar-master/nqp/MoarVM/../../install/lib/libmoar.so+0xabde1f)
Thread T11 created by T3 here:
#0 0x7fd1a717c253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7fd1a63a0e1f in uv_thread_create (//home/dilbert/.rakudobrew/moar-master/nqp/MoarVM/../../install/lib/libmoar.so+0xabde1f)
Thread T3 created by T0 here:
#0 0x7fd1a717c253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7fd1a63a0e1f in uv_thread_create (//home/dilbert/.rakudobrew/moar-master/nqp/MoarVM/../../install/lib/libmoar.so+0xabde1f)
Thread T6 created by T3 here:
#0 0x7fd1a717c253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
#1 0x7fd1a63a0e1f in uv_thread_create (//home/dilbert/.rakudobrew/moar-master/nqp/MoarVM/../../install/lib/libmoar.so+0xabde1f)
SUMMARY: AddressSanitizer: heap-use-after-free src/gc/collect.c:367 MVM_gc_mark_collectable
Shadow bytes around the buggy address:
0x0c328031bb60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c328031bb70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bb80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bb90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bba0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c328031bbb0:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bbc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bbd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c328031bbe0: fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa fa
0x0c328031bbf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c328031bc00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==27016==ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment