================================================================= ==18==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f7ff7a9b478 at pc 0x7f7ff786fb22 bp 0x7f7fffffd590 sp 0x7f7fffffd588 READ of size 8 at 0x7f7ff7a9b478 thread T0 #0 0x7f7ff786fb21 in doupdate (/usr/lib/libcurses.so.8+0x6fb21) // /usr/src/lib/libcurses/refresh.c:2013 #1 0x7f7ff7865c19 in wrefresh (/usr/lib/libcurses.so.8+0x65c19) // /usr/src/lib/libcurses/refresh.c:481 #2 0x38ff0c in do_configmenu (/usr/sbin/sysinst+0x18ff0c) // /usr/src/usr.sbin/sysinst/arch/amd64/../../configmenu.c:460 #3 0x364cce in do_install (/usr/sbin/sysinst+0x164cce) // /usr/src/usr.sbin/sysinst/arch/amd64/../../install.c:211 #4 0x35d76e in opt_act_2_0 (/usr/sbin/sysinst+0x15d76e) // /public/netbsd.asan/usr.sbin/sysinst/arch/amd64/menu_defs.c:254 #5 0x35ae43 in process_menu (/usr/sbin/sysinst+0x15ae43) // /public/netbsd.asan/usr.sbin/sysinst/arch/amd64/menu_defs.c:3208 #6 0x364281 in main (/usr/sbin/sysinst+0x164281) // /usr/src/usr.sbin/sysinst/arch/amd64/../../main.c:277 #7 0x262e1c in ___start (/usr/sbin/sysinst+0x62e1c) 0x7f7ff7a9b478 is located 40 bytes to the left of global variable 'buf' defined in '/usr/src/lib/libcurses/refresh.c:1465:16' (0x7f7ff7a9b4a0) of size 2048 0x7f7ff7a9b478 is located 8 bytes to the right of global variable 'blank' define d in '/usr/src/lib/libcurses/refresh.c:1119:17' (0x7f7ff7a9b460) of size 16 SUMMARY: AddressSanitizer: global-buffer-overflow (/usr/lib/libcurses.so.8+0x6fb 21) in doupdate Shadow bytes around the buggy address: 0x4feffef53630: 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 0x4feffef53640: 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x4feffef53650: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 0x4feffef53660: f9 f9 f9 f9 00 00 00 00 f9 f9 f9 f9 04 f9 f9 f9 0x4feffef53670: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 =>0x4feffef53680: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 00 f9[f9] 0x4feffef53690: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 0x4feffef536a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x4feffef536b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x4feffef536c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x4feffef536d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==18==ABORTING