Created
March 16, 2019 18:42
-
-
Save dogbert17/e6b0d0030b2b9c1d459f2b9513d780cd to your computer and use it in GitHub Desktop.
moar pea problems
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dogbert@dogbert-VirtualBox ~/repos/rakudo $ MVM_SPESH_NODELAY=1 MVM_SPESH_BLOCKING=1 ASAN_OPTIONS=detect_leaks=0 ./perl6 t/spec/S32-array/delete-adverb-native.t | |
| 1..138 | |
| ok 1 - do we have a valid array | |
| ok 2 - Test for delete single element | |
| ok 3 - 3 should be deleted now | |
| ok 4 - array still has same length | |
| ok 5 - Test non-deletion with ! single elem | |
| ok 6 - 9 should not have been deleted | |
| ok 7 - Test non-deletion with (0) single elem | |
| ok 8 - 9 should not have been deleted | |
| ok 9 - Test non-deletion with (False) single elem | |
| ok 10 - 9 should not have been deleted | |
| ok 11 - Test non-deletion with ($dont) single elem | |
| ok 12 - 9 should not have been deleted | |
| ok 13 - Test deletion with (1) single elem | |
| ok 14 - 9 should be deleted now | |
| ok 15 - array should be shortened now | |
| ok 16 - return a single pair out | |
| ok 17 - 8 should not have been deleted | |
| ok 18 - slice a single pair out | |
| ok 19 - 8 should be deleted now | |
| ok 20 - slice unexisting single pair out | |
| ok 21 - slice unexisting single pair out | |
| ok 22 - should have been shortened | |
| ok 23 - return a single elem/value out | |
| ok 24 - 7 should not have been deleted | |
| ok 25 - slice a single elem/value out | |
| ok 26 - 7 should be deleted now | |
| ok 27 - slice unexisting single elem/value | |
| ok 28 - slice unexisting single elem/value | |
| ok 29 - should have been shortened | |
| ok 30 - return a single elem out | |
| ok 31 - 6 should not have been deleted | |
| ok 32 - slice a single elem out | |
| ok 33 - 6 should be deleted now | |
| ================================================================= | |
| ==27199==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b000240098 at pc 0x7f452c91958a bp 0x7f4528c4b2f0 sp 0x7f4528c4b2e0 | |
| READ of size 4 at 0x61b000240098 thread T1 | |
| #0 0x7f452c919589 in copy_facts_resolved src/spesh/optimize.c:78 | |
| #1 0x7f452c919589 in MVM_spesh_copy_facts_resolved src/spesh/optimize.c:93 | |
| #2 0x7f452c95d6f3 in analyze src/spesh/pea.c:679 | |
| #3 0x7f452c95d6f3 in MVM_spesh_pea src/spesh/pea.c:778 | |
| #4 0x7f452c929994 in MVM_spesh_optimize src/spesh/optimize.c:3328 | |
| #5 0x7f452c8fef57 in MVM_spesh_candidate_add src/spesh/candidate.c:85 | |
| #6 0x7f452c93ffb0 in worker src/spesh/worker.c:16 | |
| #7 0x7f452c780da9 in thread_initial_invoke src/core/threads.c:59 | |
| #8 0x7f452c71f45c in MVM_interp_run src/core/interp.c:128 | |
| #9 0x7f452c780f55 in start_thread src/core/threads.c:87 | |
| #10 0x7f452bacc6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9) | |
| #11 0x7f452bde941c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c) | |
| 0x61b000240098 is located 1048 bytes inside of 1456-byte region [0x61b00023fc80,0x61b000240230) | |
| freed by thread T1 here: | |
| #0 0x7f452d8da961 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98961) | |
| #1 0x7f452c95d57c in MVM_realloc src/core/alloc.h:20 | |
| #2 0x7f452c95d57c in create_shadow_facts_c src/spesh/pea.c:375 | |
| #3 0x7f452c95d57c in analyze src/spesh/pea.c:677 | |
| #4 0x7f452c95d57c in MVM_spesh_pea src/spesh/pea.c:778 | |
| #5 0x7f452c929994 in MVM_spesh_optimize src/spesh/optimize.c:3328 | |
| #6 0x7f452c8fef57 in MVM_spesh_candidate_add src/spesh/candidate.c:85 | |
| #7 0x7f452c93ffb0 in worker src/spesh/worker.c:16 | |
| #8 0x7f452c780da9 in thread_initial_invoke src/core/threads.c:59 | |
| #9 0x7f452c71f45c in MVM_interp_run src/core/interp.c:128 | |
| #10 0x7f452c780f55 in start_thread src/core/threads.c:87 | |
| #11 0x7f452bacc6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9) | |
| previously allocated by thread T1 here: | |
| #0 0x7f452d8da961 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98961) | |
| #1 0x7f452c95d939 in MVM_realloc src/core/alloc.h:20 | |
| #2 0x7f452c95d939 in create_shadow_facts_h src/spesh/pea.c:362 | |
| #3 0x7f452c95d939 in analyze src/spesh/pea.c:620 | |
| #4 0x7f452c95d939 in MVM_spesh_pea src/spesh/pea.c:778 | |
| #5 0x7f452c929994 in MVM_spesh_optimize src/spesh/optimize.c:3328 | |
| #6 0x7f452c8fef57 in MVM_spesh_candidate_add src/spesh/candidate.c:85 | |
| #7 0x7f452c93ffb0 in worker src/spesh/worker.c:16 | |
| #8 0x7f452c780da9 in thread_initial_invoke src/core/threads.c:59 | |
| #9 0x7f452c71f45c in MVM_interp_run src/core/interp.c:128 | |
| #10 0x7f452c780f55 in start_thread src/core/threads.c:87 | |
| #11 0x7f452bacc6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9) | |
| Thread T1 created by T0 here: | |
| #0 0x7f452d878253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253) | |
| #1 0x7f452cac0d74 in uv_thread_create 3rdparty/libuv/src/unix/thread.c:202 | |
| #2 0x7f452c781a56 in MVM_thread_run src/core/threads.c:169 | |
| #3 0x7f452ca00cf5 in MVM_vm_create_instance src/moar.c:389 | |
| #4 0x401478 in main src/main.c:277 | |
| #5 0x7f452bd0282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) | |
| SUMMARY: AddressSanitizer: heap-use-after-free src/spesh/optimize.c:78 copy_facts_resolved | |
| Shadow bytes around the buggy address: | |
| 0x0c368003ffc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c368003ffd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c368003ffe0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c368003fff0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3680040000: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| =>0x0c3680040010: fd fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3680040020: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3680040030: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd | |
| 0x0c3680040040: fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa fa | |
| 0x0c3680040050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
| 0x0c3680040060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
| Shadow byte legend (one shadow byte represents 8 application bytes): | |
| Addressable: 00 | |
| Partially addressable: 01 02 03 04 05 06 07 | |
| Heap left redzone: fa | |
| Heap right redzone: fb | |
| Freed heap region: fd | |
| Stack left redzone: f1 | |
| Stack mid redzone: f2 | |
| Stack right redzone: f3 | |
| Stack partial redzone: f4 | |
| Stack after return: f5 | |
| Stack use after scope: f8 | |
| Global redzone: f9 | |
| Global init order: f6 | |
| Poisoned by user: f7 | |
| Container overflow: fc | |
| Array cookie: ac | |
| Intra object redzone: bb | |
| ASan internal: fe | |
| ==27199==ABORTING |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment