Front page | perl.perl5.porters |
Postings from June 2019
On Mon, Jun 17, 2019 at 09:47:04AM +0300, Niko Tyni wrote:
> I can reproduce it on 5.30.0. It seems to be related to version strings
> and LC_NUMERIC. I reduced it to this:
>
> $ LC_NUMERIC=C.UTF-8 ./perl -l -Ilib -e 'require 5.006;'
And further to this. It's not clear to me if this is a problem with asan
or the code.
$ cat t.c; clang -g -fsanitize=address t.c; ./a.out
#include <locale.h>
int main(void) {
char *l;
setlocale(LC_NUMERIC, "C.UTF-8");
l = setlocale(LC_NUMERIC, NULL);
setlocale(LC_NUMERIC, "C");
setlocale(LC_NUMERIC, l);
}
=================================================================
==17625==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000000070 at pc 0x00000045ea3a bp 0x7ffce1e85f70 sp 0x7ffce1e85710
READ of size 2 at 0x602000000070 thread T0
#0 0x45ea39 in __interceptor_setlocale (/home/ntyni/a.out+0x45ea39)
#1 0x4f4327 in main /home/ntyni/t.c:7:5
#2 0x7fd77885209a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
#3 0x41d2d9 in _start (/home/ntyni/a.out+0x41d2d9)
0x602000000070 is located 0 bytes inside of 8-byte region [0x602000000070,0x602000000078)
freed by thread T0 here:
#0 0x4c4da2 in __interceptor_free (/home/ntyni/a.out+0x4c4da2)
#1 0x7fd77885b963 in setlocale (/lib/x86_64-linux-gnu/libc.so.6+0x2d963)
previously allocated by thread T0 here:
#0 0x4c5123 in malloc (/home/ntyni/a.out+0x4c5123)
#1 0x7fd7788b5db9 in __strdup (/lib/x86_64-linux-gnu/libc.so.6+0x87db9)
SUMMARY: AddressSanitizer: heap-use-after-free (/home/ntyni/a.out+0x45ea39) in __interceptor_setlocale
Shadow bytes around the buggy address:
0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa fd fa fa fa fd fa fa fa 00 fa fa fa[fd]fa
0x0c047fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==17625==ABORTING
--
Niko
Thread Previous
|
Thread Next