Skip to content

Instantly share code, notes, and snippets.

@dogbert17

dogbert17/gist:c1f9fe869322ae7eefbf6c6422570694

Created February 15, 2017 21:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dogbert17/c1f9fe869322ae7eefbf6c6422570694 to your computer and use it in GitHub Desktop.
Save dogbert17/c1f9fe869322ae7eefbf6c6422570694 to your computer and use it in GitHub Desktop.
Download ZIP
Kaboom
Raw
gistfile1.txt
=================================================================
==2078== ERROR: AddressSanitizer: heap-buffer-overflow on address 0xb3195320 at pc 0xb593ea5f bp 0xa5b793b8 sp 0xa5b793ac
READ of size 4 at 0xb3195320 thread T1
#0 0xb593ea5e in MVM_string_decodestream_destroy /home/dogbert/repos/rakudo/nqp/MoarVM/src/strings/decode_stream.c:504
#1 0xb5842329 in gc_free /home/dogbert/repos/rakudo/nqp/MoarVM/src/6model/reprs/Decoder.c:33
#2 0xb5735375 in MVM_gc_collect_free_gen2_unmarked /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/collect.c:702
#3 0xb571c735 in run_gc /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/orchestrate.c:358
#4 0xb571eb7d in MVM_gc_enter_from_allocator /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/orchestrate.c:463
#5 0xb571fc57 in MVM_gc_allocate_nursery /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:32
#6 0xb571fd79 in MVM_gc_allocate /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.h:13
#7 0xb571fd79 in MVM_gc_allocate_zeroed /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:49
#8 0xb57208fc in MVM_gc_allocate_object /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:86
#9 0xb567dd39 in MVM_interp_run /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/interp.c:1776
#10 0xb56d5877 in start_thread /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/threads.c:77
#11 0xb59f89b6 in uv__thread_start /home/dogbert/repos/rakudo/nqp/MoarVM/3rdparty/libuv/src/unix/thread.c:49
#12 0xb614e9c6 (/usr/lib/i386-linux-gnu/libasan.so.0+0x1a9c6)
#13 0xb613e2ac (/usr/lib/i386-linux-gnu/libasan.so.0+0xa2ac)
#14 0xb5307f71 in start_thread (/lib/i386-linux-gnu/libpthread.so.0+0x6f71)
#15 0xb5408f8d (/lib/i386-linux-gnu/libc.so.6+0xebf8d)
0xb3195320 is located 0 bytes inside of 76-byte region [0xb3195320,0xb319536c)
freed by thread T12 here:
#0 0xb614a774 (/usr/lib/i386-linux-gnu/libasan.so.0+0x16774)
#1 0xb593e9e5 in MVM_free /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/alloc.h:29
#2 0xb593e9e5 in MVM_string_decodestream_destroy /home/dogbert/repos/rakudo/nqp/MoarVM/src/strings/decode_stream.c:520
#3 0xb5842329 in gc_free /home/dogbert/repos/rakudo/nqp/MoarVM/src/6model/reprs/Decoder.c:33
#4 0xb5735375 in MVM_gc_collect_free_gen2_unmarked /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/collect.c:702
#5 0xb571c735 in run_gc /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/orchestrate.c:358
#6 0xb571eb7d in MVM_gc_enter_from_allocator /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/orchestrate.c:463
#7 0xb571fc57 in MVM_gc_allocate_nursery /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:32
#8 0xb571fd79 in MVM_gc_allocate /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.h:13
#9 0xb571fd79 in MVM_gc_allocate_zeroed /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:49
#10 0xb5720dc6 in MVM_gc_allocate_frame /home/dogbert/repos/rakudo/nqp/MoarVM/src/gc/allocation.c:99
#11 0xb56b22a2 in MVM_frame_force_to_heap /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/frame.c:640
#12 0xb56ba0bf in MVM_frame_takeclosure /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/frame.c:1068
#13 0xb56681c2 in MVM_interp_run /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/interp.c:1103
#14 0xb56d5877 in start_thread /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/threads.c:77
#15 0xb59f89b6 in uv__thread_start /home/dogbert/repos/rakudo/nqp/MoarVM/3rdparty/libuv/src/unix/thread.c:49
#16 0xb5408f8d (/lib/i386-linux-gnu/libc.so.6+0xebf8d)
previously allocated by thread T0 here:
#0 0xb614a905 (/usr/lib/i386-linux-gnu/libasan.so.0+0x16905)
#1 0xb593caa3 in MVM_calloc /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/alloc.h:11
#2 0xb593caa3 in MVM_string_decodestream_create /home/dogbert/repos/rakudo/nqp/MoarVM/src/strings/decode_stream.c:19
#3 0xb5842a22 in MVM_decoder_configure /home/dogbert/repos/rakudo/nqp/MoarVM/src/6model/reprs/Decoder.c:109
#4 0xb56464b5 in MVM_interp_run /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/interp.c:5037
#5 0xb59d6052 in MVM_vm_run_file /home/dogbert/repos/rakudo/nqp/MoarVM/src/moar.c:309
#6 0x80490e1 in main /home/dogbert/repos/rakudo/nqp/MoarVM/src/main.c:192
#7 0xb5336af2 (/lib/i386-linux-gnu/libc.so.6+0x19af2)
Thread T1 created by T0 here:
#0 0xb613e1d0 (/usr/lib/i386-linux-gnu/libasan.so.0+0xa1d0)
#1 0xb59f8a10 in uv_thread_create /home/dogbert/repos/rakudo/nqp/MoarVM/3rdparty/libuv/src/unix/thread.c:66
#2 0xb56413bc in MVM_interp_run /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/interp.c:4003
#3 0xb59d6052 in MVM_vm_run_file /home/dogbert/repos/rakudo/nqp/MoarVM/src/moar.c:309
#4 0x80490e1 in main /home/dogbert/repos/rakudo/nqp/MoarVM/src/main.c:192
#5 0xb5336af2 (/lib/i386-linux-gnu/libc.so.6+0x19af2)
Thread T12 created by T0 here:
#0 0xb613e1d0 (/usr/lib/i386-linux-gnu/libasan.so.0+0xa1d0)
#1 0xb59f8a10 in uv_thread_create /home/dogbert/repos/rakudo/nqp/MoarVM/3rdparty/libuv/src/unix/thread.c:66
#2 0xb56413bc in MVM_interp_run /home/dogbert/repos/rakudo/nqp/MoarVM/src/core/interp.c:4003
#3 0xb59d6052 in MVM_vm_run_file /home/dogbert/repos/rakudo/nqp/MoarVM/src/moar.c:309
#4 0x80490e1 in main /home/dogbert/repos/rakudo/nqp/MoarVM/src/main.c:192
#5 0xb5336af2 (/lib/i386-linux-gnu/libc.so.6+0x19af2)
SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 ??
Shadow bytes around the buggy address:
0x36632a10: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd
0x36632a20: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
0x36632a30: fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa fa
0x36632a40: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
0x36632a50: fd fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x36632a60: fa fa fa fa[fa]fa fa fa fa fa fa fa fa fa fa fa
0x36632a70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x36632a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x36632a90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x36632aa0: fa fa fa fa fa fa fa fa fa fa fd fd fd fd fd fd
0x36632ab0: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap righ redzone: fb
Freed Heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe
==2078== ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment