Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

memory leak 10 #6652

Open
bird8693 opened this issue Mar 17, 2021 · 0 comments
Open

memory leak 10 #6652

bird8693 opened this issue Mar 17, 2021 · 0 comments

Comments

@bird8693
Copy link

enviroment

ubuntu 16

poc

X1 = -2;
var SEQH = new RegExp(null);
Y1 = -2;
X2 = 2;
Y2 = 2;
PX = 32;
PY = 32;
var Yeki = Date;
for (var ijjkkk = 0; ijjkkk < 100000; ++ijjkkk) {
    var btpP = Error;
}
lines = [];
var epAW = new ArrayBuffer(673720360);
var Hthx = -1.7976931348623157e+308 == 4294967295;
for (y = 0; y < PY; y++) {
    line = '';
    var NNZk = Proxy;
    var fEDk = 2147483647 < 1518500249;
    var jxbb = 3037000498 ^ 673720360;
    var Hjen = Proxy;
    for (x = 0; x < PX; x++) {
        Xr = 0;
        Xi = 0;
        var GmEH = Promise;
        Cr = X1 + (X2 - X1) * x / PX;
        var hkmy = Proxy;
        var bPNm = -9007199254740994 >>> 759250124;
        var Batd = NaN ^ 1;
        var zPSQ = 1 ** 1.7976931348623157e+308;
        Ci = Y1 + (Y2 - Y1) * y / PY;
        var tJQK = 4294967296 | 2147483648;
        var cntB = Proxy;
        iterations = 0;
        var mrDR = 1200 + 3.141592653589793;
        while (iterations < 32 && Xr * Xr + Xi * Xi < 4) {
            t = Xr * Xr - Xi * Xi + Cr;
            var jeFG = !1e-81;
            var YcQk = 1073741822 * -9007199254740990;
            var JReX = Proxy;
            var GZsz = Date;
            Xi = 2 * Xr * Xi + Ci;
            var GcDm = NaN > -9007199254740991;
            Xr = t;
            var ehrc = Date;
            iterations++;
            var iSCN = new Int16Array([
                1200,
                759250124,
                0
            ]);
            var CSEp = !NaN;
        }
        if (iterations & 1)
            line += '*';
        else
            line += ' ';
    }
    lines[y] = line;
}
result = lines[0] == '********************************' && lines[1] == '***********           **********' && lines[2] == '*********               ********' && lines[3] == '*******                   ******' && lines[4] == '******                     *****' && lines[5] == '*****                       ****' && lines[6] == '****     *******             ***' && lines[7] == '***   ******* ** **           **' && lines[8] == '***  ******  * *   *          **' && lines[9] == '** *******   ** **  **         *' && lines[10] == '** ******  * *   ** **         *' && lines[11] == '* *****  ***      ** **         ' && lines[12] == '****** ***         *****        ' && lines[13] == '***  * * *         ** **        ' && lines[14] == '*   * *   *         * **        ' && lines[15] == '*   ***            ** **        ' && lines[16] == '*                  ** **        ' && lines[17] == '*   ***            ** **        ' && lines[18] == '*   * *   *         * **        ' && lines[19] == '***  * * *         ** **        ' && lines[20] == '****** ***         *****        ' && lines[21] == '* *****  ***      ** **         ' && lines[22] == '** ******  * *   ** **         *' && lines[23] == '** *******   ** **  **         *' && lines[24] == '***  ******  * *   *          **' && lines[25] == '***   ******* ** **           **' && lines[26] == '****     *******             ***' && lines[27] == '*****                       ****' && lines[28] == '******                     *****' && lines[29] == '*******                   ******' && lines[30] == '*********               ********' && lines[31] == '***********           **********';
var HrHy = Math;

asan output

==52606==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 24 byte(s) in 3 object(s) allocated from:
    #0 0x562fd5af0948 in __interceptor_malloc (/root/AFL/tt/chnew/ch2+0x38f948)
    #1 0x562fd5d8e59b in char* Memory::HeapAllocator::AllocT<false>(unsigned long) /root/AFL/compile/ChakraCore/lib/Common/Memory/HeapAllocator.cpp:86:30
    #2 0x562fd6ff0e8d in Memory::HeapAllocator::Alloc(unsigned long) /root/AFL/compile/ChakraCore/lib/Common/Memory/HeapAllocator.h:153:16
    #3 0x562fd6ff0e8d in Memory::HeapAllocator::AllocZero(unsigned long) /root/AFL/compile/ChakraCore/lib/Common/Memory/HeapAllocator.h:171
    #4 0x562fd6ff0e8d in void* operator new<Memory::HeapAllocator>(unsigned long, Memory::HeapAllocator*, char* (Memory::HeapAllocator::*)(unsigned long)) /root/AFL/compile/ChakraCore/lib/Common/DataStructures/../Memory/Allocator.h:486
    #5 0x562fd6ff0e8d in NativeCodeGenerator::CodeGen(Memory::PageAllocatorBase<Memory::VirtualAllocWrapper, Memory::SegmentBase<Memory::VirtualAllocWrapper>, Memory::PageSegmentBase<Memory::VirtualAllocWrapper> >*, CodeGenWorkItem*, bool) /root/AFL/compile/ChakraCore/lib/Backend/NativeCodeGenerator.cpp:1137
    #6 0x562fd6ff28ea in NativeCodeGenerator::Process(JsUtil::Job*, JsUtil::ParallelThreadData*) /root/AFL/compile/ChakraCore/lib/Backend/NativeCodeGenerator.cpp
    #7 0x562fd702a7f6 in JsUtil::BackgroundJobProcessor::Process(JsUtil::Job*, JsUtil::ParallelThreadData*) /root/AFL/compile/ChakraCore/lib/Common/Common/Jobs.cpp:1037:36
    #8 0x562fd702ab7e in JsUtil::BackgroundJobProcessor::Run(JsUtil::ParallelThreadData*) /root/AFL/compile/ChakraCore/lib/Common/Common/Jobs.cpp:1135:44
    #9 0x562fd70265d4 in JsUtil::BackgroundJobProcessor::StaticThreadProc(void*) /root/AFL/compile/ChakraCore/lib/Common/Common/Jobs.cpp:1319:20
    #10 0x562fd5c04258 in CorUnix::CPalThread::ThreadEntry(void*) /root/AFL/compile/ChakraCore/pal/src/thread/pal_thread.cpp:1605:16
    #11 0x7f88028786b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)

SUMMARY: AddressSanitizer: 24 byte(s) leaked in 3 allocation(s).
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bird8693