Created
May 9, 2020 14:04
-
-
Save jmaslak/544665019eba87c95a2482e21a79bfde to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
==41858==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fc959bf7da8 at pc 0x7fc982a4d070 bp 0x7fc9662bc9b0 sp 0x7fc9662bc9a0 | |
WRITE of size 8 at 0x7fc959bf7da8 thread T23 | |
#0 0x7fc982a4d06f in MVMHash_gc_mark src/6model/reprs/MVMHash.c:49 | |
#1 0x7fc9829e3b0c in process_worklist src/gc/collect.c:347 | |
#2 0x7fc9829e5016 in MVM_gc_collect src/gc/collect.c:163 | |
#3 0x7fc9829d3527 in run_gc src/gc/orchestrate.c:444 | |
#4 0x7fc9829d6572 in MVM_gc_enter_from_allocator src/gc/orchestrate.c:599 | |
#5 0x7fc9829d7714 in MVM_gc_allocate_nursery src/gc/allocation.c:37 | |
#6 0x7fc9829d8015 in MVM_gc_allocate_frame src/gc/allocation.c:106 | |
#7 0x7fc9829510e5 in allocate_frame src/core/frame.c:268 | |
#8 0x7fc982951a92 in MVM_frame_invoke src/core/frame.c:511 | |
#9 0x7fc982a69f22 in invoke_handler src/6model/reprs/MVMCode.c:10 | |
#10 0x7fc9829354d2 in MVM_interp_run src/core/interp.c:1054 | |
#11 0x7fc9829704d1 in start_thread src/core/threads.c:87 | |
#12 0x7fc98181c6da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da) | |
#13 0x7fc981f6188e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x12188e) | |
0x7fc959bf7da8 is located 0 bytes to the right of 1566120-byte region [0x7fc959a79800,0x7fc959bf7da8) | |
allocated by thread T23 here: | |
#0 0x7fc983d44f30 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdef30) | |
#1 0x7fc9829d840d in MVM_realloc src/core/alloc.h:20 | |
#2 0x7fc9829d840d in MVM_gc_worklist_presize_for src/gc/worklist.c:27 | |
#3 0x7fc982a4cbae in MVMHash_gc_mark src/6model/reprs/MVMHash.c:47 | |
#4 0x7fc9829e3b0c in process_worklist src/gc/collect.c:347 | |
#5 0x7fc9829e5016 in MVM_gc_collect src/gc/collect.c:163 | |
#6 0x7fc9829d3527 in run_gc src/gc/orchestrate.c:444 | |
#7 0x7fc9829d6572 in MVM_gc_enter_from_allocator src/gc/orchestrate.c:599 | |
#8 0x7fc9829d7714 in MVM_gc_allocate_nursery src/gc/allocation.c:37 | |
#9 0x7fc9829d8015 in MVM_gc_allocate_frame src/gc/allocation.c:106 | |
#10 0x7fc9829510e5 in allocate_frame src/core/frame.c:268 | |
#11 0x7fc982951a92 in MVM_frame_invoke src/core/frame.c:511 | |
#12 0x7fc982a69f22 in invoke_handler src/6model/reprs/MVMCode.c:10 | |
#13 0x7fc9829354d2 in MVM_interp_run src/core/interp.c:1054 | |
#14 0x7fc9829704d1 in start_thread src/core/threads.c:87 | |
#15 0x7fc98181c6da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da) | |
Thread T23 created by T3 here: | |
#0 0x7fc983c9dd2f in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d2f) | |
#1 0x7fc982d6100a in uv_thread_create_ex 3rdparty/libuv/src/unix/thread.c:258 | |
#2 0x7fc982d611d7 in uv_thread_create 3rdparty/libuv/src/unix/thread.c:212 | |
#3 0x7fc9829711f7 in MVM_thread_run src/core/threads.c:171 | |
#4 0x7fc9828f4e30 in MVM_interp_run src/core/interp.c:4086 | |
#5 0x7fc9829704d1 in start_thread src/core/threads.c:87 | |
#6 0x7fc98181c6da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da) | |
Thread T3 created by T0 here: | |
#0 0x7fc983c9dd2f in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d2f) | |
#1 0x7fc982d6100a in uv_thread_create_ex 3rdparty/libuv/src/unix/thread.c:258 | |
#2 0x7fc982d611d7 in uv_thread_create 3rdparty/libuv/src/unix/thread.c:212 | |
#3 0x7fc9829711f7 in MVM_thread_run src/core/threads.c:171 | |
#4 0x7fc9828f4e30 in MVM_interp_run src/core/interp.c:4086 | |
#5 0x55fdbd3c7acf in main src/vm/moar/runner/main.c:392 | |
#6 0x7fc981e61b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) | |
SUMMARY: AddressSanitizer: heap-buffer-overflow src/6model/reprs/MVMHash.c:49 in MVMHash_gc_mark | |
Shadow bytes around the buggy address: | |
0x0ff9ab376f60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
0x0ff9ab376f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
0x0ff9ab376f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
0x0ff9ab376f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
0x0ff9ab376fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
=>0x0ff9ab376fb0: 00 00 00 00 00[fa]fa fa fa fa fa fa fa fa fa fa | |
0x0ff9ab376fc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
0x0ff9ab376fd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
0x0ff9ab376fe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
0x0ff9ab376ff0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
0x0ff9ab377000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | |
Shadow byte legend (one shadow byte represents 8 application bytes): | |
Addressable: 00 | |
Partially addressable: 01 02 03 04 05 06 07 | |
Heap left redzone: fa | |
Freed heap region: fd | |
Stack left redzone: f1 | |
Stack mid redzone: f2 | |
Stack right redzone: f3 | |
Stack after return: f5 | |
Stack use after scope: f8 | |
Global redzone: f9 | |
Global init order: f6 | |
Poisoned by user: f7 | |
Container overflow: fc | |
Array cookie: ac | |
Intra object redzone: bb | |
ASan internal: fe | |
Left alloca redzone: ca | |
Right alloca redzone: cb | |
==41858==ABORTING |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ya, I think this might be the code with the problem on my end - run inside a hyper().map(), with %last-path being shared by everyone.