On Mon, Jun 17, 2019 at 09:47:04AM +0300, Niko Tyni wrote: > I can reproduce it on 5.30.0. It seems to be related to version strings > and LC_NUMERIC. I reduced it to this: > > $ LC_NUMERIC=C.UTF-8 ./perl -l -Ilib -e 'require 5.006;' And further to this. It's not clear to me if this is a problem with asan or the code. $ cat t.c; clang -g -fsanitize=address t.c; ./a.out #include <locale.h> int main(void) { char *l; setlocale(LC_NUMERIC, "C.UTF-8"); l = setlocale(LC_NUMERIC, NULL); setlocale(LC_NUMERIC, "C"); setlocale(LC_NUMERIC, l); } ================================================================= ==17625==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000000070 at pc 0x00000045ea3a bp 0x7ffce1e85f70 sp 0x7ffce1e85710 READ of size 2 at 0x602000000070 thread T0 #0 0x45ea39 in __interceptor_setlocale (/home/ntyni/a.out+0x45ea39) #1 0x4f4327 in main /home/ntyni/t.c:7:5 #2 0x7fd77885209a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a) #3 0x41d2d9 in _start (/home/ntyni/a.out+0x41d2d9) 0x602000000070 is located 0 bytes inside of 8-byte region [0x602000000070,0x602000000078) freed by thread T0 here: #0 0x4c4da2 in __interceptor_free (/home/ntyni/a.out+0x4c4da2) #1 0x7fd77885b963 in setlocale (/lib/x86_64-linux-gnu/libc.so.6+0x2d963) previously allocated by thread T0 here: #0 0x4c5123 in malloc (/home/ntyni/a.out+0x4c5123) #1 0x7fd7788b5db9 in __strdup (/lib/x86_64-linux-gnu/libc.so.6+0x87db9) SUMMARY: AddressSanitizer: heap-use-after-free (/home/ntyni/a.out+0x45ea39) in __interceptor_setlocale Shadow bytes around the buggy address: 0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c047fff8000: fa fa fd fa fa fa fd fa fa fa 00 fa fa fa[fd]fa 0x0c047fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==17625==ABORTING -- NikoThread Previous | Thread Next