linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
@ 2019-01-10 13:45 bugzilla-daemon
  2019-01-10 16:05 ` [Bug 202213] " bugzilla-daemon
                   ` (10 more replies)
  0 siblings, 11 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-10 13:45 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

            Bug ID: 202213
           Summary: bluez trunk tests fail with GCC 9 (or with
                    -fsanitize=address with GCC 9)
           Product: Drivers
           Version: 2.5
    Kernel Version: master
          Hardware: All
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: Bluetooth
          Assignee: linux-bluetooth@vger.kernel.org
          Reporter: mliska@suse.cz
        Regression: No

As of GCC r259641 there are new sanitizer errors:

$ export CFLAGS='-fsanitize=address -g'
$ make && make test
...

./unit/test-sdp
bluetoothd[24441]: Bluetooth daemon 5.50

/TP/SERVER/SS/BV-01-C/UUID-16 - init
/TP/SERVER/SS/BV-01-C/UUID-16 - setup
/TP/SERVER/SS/BV-01-C/UUID-16 - setup complete
/TP/SERVER/SS/BV-01-C/UUID-16 - run
=================================================================
==24441==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffffff1a20 at pc 0x7ffff73fbbd8 bp 0x7fffffff1250 sp 0x7fffffff0a00
READ of size 13 at 0x7fffffff1a20 thread T0
    #0 0x7ffff73fbbd7 in __interceptor_memcpy
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
    #1 0x404431 in send_pdu unit/test-sdp.c:204
    #2 0x7ffff7ed8626  (/usr/lib64/libglib-2.0.so.0+0x4d626)
    #3 0x7ffff7edbc14 in g_main_context_dispatch
(/usr/lib64/libglib-2.0.so.0+0x50c14)
    #4 0x7ffff7edbfd7  (/usr/lib64/libglib-2.0.so.0+0x50fd7)
    #5 0x7ffff7edc2d1 in g_main_loop_run (/usr/lib64/libglib-2.0.so.0+0x512d1)
    #6 0x4a2783 in mainloop_run src/shared/mainloop-glib.c:79
    #7 0x4a31ee in mainloop_run_with_signal src/shared/mainloop-notify.c:201
    #8 0x4a180a in tester_run src/shared/tester.c:870
    #9 0x461163 in main unit/test-sdp.c:2834
    #10 0x7ffff7018fea in __libc_start_main ../csu/libc-start.c:308
    #11 0x4039a9 in _start
(/home/marxin/Programming/bluez/unit/test-sdp+0x4039a9)

Address 0x7fffffff1a20 is located in stack of thread T0 at offset 1392 in frame
    #0 0x40876c in main unit/test-sdp.c:779

  This frame has 590 object(s):
    [48, 49) '<unknown>'
    [64, 66) '<unknown>'
    [80, 82) '<unknown>'
    [96, 98) '<unknown>'
    [112, 114) '<unknown>'
    [128, 131) '<unknown>'
    [144, 147) '<unknown>'
    [160, 164) 'argc' (line 778)
    [176, 181) '<unknown>'
    [208, 213) '<unknown>'
    [240, 246) '<unknown>'
    [272, 279) '<unknown>'
    [304, 311) '<unknown>'
    [336, 343) '<unknown>'
    [368, 375) '<unknown>'
    [400, 407) '<unknown>'
    [432, 439) '<unknown>'
    [464, 471) '<unknown>'
    [496, 503) '<unknown>'
    [528, 535) '<unknown>'
    [560, 567) '<unknown>'
    [592, 599) '<unknown>'
    [624, 631) '<unknown>'
    [656, 663) '<unknown>'
    [688, 695) '<unknown>'
    [720, 727) '<unknown>'
    [752, 759) '<unknown>'
    [784, 791) '<unknown>'
    [816, 824) 'argv' (line 778)
    [848, 857) '<unknown>'
    [880, 889) '<unknown>'
    [912, 922) '<unknown>'
    [944, 954) '<unknown>'
    [976, 986) '<unknown>'
    [1008, 1018) '<unknown>'
    [1040, 1050) '<unknown>'
    [1072, 1082) '<unknown>'
    [1104, 1114) '<unknown>'
    [1136, 1146) '<unknown>'
    [1168, 1178) '<unknown>'
    [1200, 1210) '<unknown>'
    [1232, 1242) '<unknown>'
    [1264, 1274) '<unknown>'
    [1296, 1306) '<unknown>'
    [1328, 1339) '<unknown>'
    [1360, 1372) '<unknown>'
    [1392, 1405) '<unknown>' <== Memory access at offset 1392 is inside this
variable
    [1424, 1437) '<unknown>'
    [1456, 1469) '<unknown>'
    [1488, 1501) '<unknown>'
    [1520, 1533) '<unknown>'
    [1552, 1565) '<unknown>'
    [1584, 1597) '<unknown>'
    [1616, 1629) '<unknown>'
    [1648, 1661) '<unknown>'
    [1680, 1694) '<unknown>'
    [1712, 1726) '<unknown>'
    [1744, 1758) '<unknown>'
    [1776, 1790) '<unknown>'
    [1808, 1822) '<unknown>'
    [1840, 1854) '<unknown>'
    [1872, 1886) '<unknown>'
    [1904, 1918) '<unknown>'
    [1936, 1950) '<unknown>'
    [1968, 1982) '<unknown>'
    [2000, 2014) '<unknown>'
    [2032, 2046) '<unknown>'
    [2064, 2078) '<unknown>'
    [2096, 2110) '<unknown>'
    [2128, 2142) '<unknown>'
    [2160, 2174) '<unknown>'
    [2192, 2206) '<unknown>'
    [2224, 2238) '<unknown>'
    [2256, 2270) '<unknown>'
    [2288, 2302) '<unknown>'
    [2320, 2334) '<unknown>'
    [2352, 2366) '<unknown>'
    [2384, 2398) '<unknown>'
    [2416, 2430) '<unknown>'
    [2448, 2462) '<unknown>'
    [2480, 2494) '<unknown>'
    [2512, 2526) '<unknown>'
    [2544, 2558) '<unknown>'
    [2576, 2590) '<unknown>'
    [2608, 2622) '<unknown>'
    [2640, 2654) '<unknown>'
    [2672, 2686) '<unknown>'
    [2704, 2718) '<unknown>'
    [2736, 2750) '<unknown>'
    [2768, 2782) '<unknown>'
    [2800, 2815) '<unknown>'
    [2832, 2847) '<unknown>'
    [2864, 2879) '<unknown>'
    [2896, 2911) '<unknown>'
    [2928, 2943) '<unknown>'
    [2960, 2975) '<unknown>'
    [2992, 3007) '<unknown>'
    [3024, 3039) '<unknown>'
    [3056, 3071) '<unknown>'
    [3088, 3103) '<unknown>'
    [3120, 3135) '<unknown>'
    [3152, 3167) '<unknown>'
    [3184, 3199) '<unknown>'
    [3216, 3231) '<unknown>'
    [3248, 3263) '<unknown>'
    [3280, 3295) '<unknown>'
    [3312, 3327) '<unknown>'
    [3344, 3359) '<unknown>'
    [3376, 3391) '<unknown>'
    [3408, 3424) '<unknown>'
    [3440, 3456) '<unknown>'
    [3472, 3488) '<unknown>'
    [3504, 3520) '<unknown>'
    [3536, 3552) '<unknown>'
    [3568, 3585) '<unknown>'
    [3632, 3649) '<unknown>'
    [3696, 3713) '<unknown>'
    [3760, 3777) '<unknown>'
    [3824, 3841) '<unknown>'
    [3888, 3905) '<unknown>'
    [3952, 3969) '<unknown>'
    [4016, 4033) '<unknown>'
    [4080, 4097) '<unknown>'
    [4144, 4161) '<unknown>'
    [4208, 4225) '<unknown>'
    [4272, 4289) '<unknown>'
    [4336, 4353) '<unknown>'
    [4400, 4417) '<unknown>'
    [4464, 4481) '<unknown>'
    [4528, 4545) '<unknown>'
    [4592, 4609) '<unknown>'
    [4656, 4673) '<unknown>'
    [4720, 4737) '<unknown>'
    [4784, 4801) '<unknown>'
    [4848, 4865) '<unknown>'
    [4912, 4929) '<unknown>'
    [4976, 4993) '<unknown>'
    [5040, 5057) '<unknown>'
    [5104, 5121) '<unknown>'
    [5168, 5185) '<unknown>'
    [5232, 5249) '<unknown>'
    [5296, 5313) '<unknown>'
    [5360, 5377) '<unknown>'
    [5424, 5441) '<unknown>'
    [5488, 5505) '<unknown>'
    [5552, 5569) '<unknown>'
    [5616, 5633) '<unknown>'
    [5680, 5697) '<unknown>'
    [5744, 5761) '<unknown>'
    [5808, 5825) '<unknown>'
    [5872, 5889) '<unknown>'
    [5936, 5953) '<unknown>'
    [6000, 6017) '<unknown>'
    [6064, 6081) '<unknown>'
    [6128, 6145) '<unknown>'
    [6192, 6209) '<unknown>'
    [6256, 6273) '<unknown>'
    [6320, 6337) '<unknown>'
    [6384, 6401) '<unknown>'
    [6448, 6465) '<unknown>'
    [6512, 6529) '<unknown>'
    [6576, 6593) '<unknown>'
    [6640, 6657) '<unknown>'
    [6704, 6721) '<unknown>'
    [6768, 6785) '<unknown>'
    [6832, 6849) '<unknown>'
    [6896, 6913) '<unknown>'
    [6960, 6977) '<unknown>'
    [7024, 7041) '<unknown>'
    [7088, 7105) '<unknown>'
    [7152, 7169) '<unknown>'
    [7216, 7233) '<unknown>'
    [7280, 7297) '<unknown>'
    [7344, 7361) '<unknown>'
    [7408, 7425) '<unknown>'
    [7472, 7489) '<unknown>'
    [7536, 7553) '<unknown>'
    [7600, 7617) '<unknown>'
    [7664, 7681) '<unknown>'
    [7728, 7745) '<unknown>'
    [7792, 7809) '<unknown>'
    [7856, 7873) '<unknown>'
    [7920, 7937) '<unknown>'
    [7984, 8001) '<unknown>'
    [8048, 8065) '<unknown>'
    [8112, 8129) '<unknown>'
    [8176, 8193) '<unknown>'
    [8240, 8257) '<unknown>'
    [8304, 8321) '<unknown>'
    [8368, 8385) '<unknown>'
    [8432, 8449) '<unknown>'
    [8496, 8513) '<unknown>'
    [8560, 8577) '<unknown>'
    [8624, 8641) '<unknown>'
    [8688, 8706) '<unknown>'
    [8752, 8770) '<unknown>'
    [8816, 8834) '<unknown>'
    [8880, 8898) '<unknown>'
    [8944, 8962) '<unknown>'
    [9008, 9026) '<unknown>'
    [9072, 9090) '<unknown>'
    [9136, 9154) '<unknown>'
    [9200, 9218) '<unknown>'
    [9264, 9282) '<unknown>'
    [9328, 9346) '<unknown>'
    [9392, 9410) '<unknown>'
    [9456, 9474) '<unknown>'
    [9520, 9538) '<unknown>'
    [9584, 9602) '<unknown>'
    [9648, 9666) '<unknown>'
    [9712, 9730) '<unknown>'
    [9776, 9794) '<unknown>'
    [9840, 9858) '<unknown>'
    [9904, 9922) '<unknown>'
    [9968, 9986) '<unknown>'
    [10032, 10050) '<unknown>'
    [10096, 10114) '<unknown>'
    [10160, 10178) '<unknown>'
    [10224, 10242) '<unknown>'
    [10288, 10306) '<unknown>'
    [10352, 10370) '<unknown>'
    [10416, 10434) '<unknown>'
    [10480, 10498) '<unknown>'
    [10544, 10562) '<unknown>'
    [10608, 10626) '<unknown>'
    [10672, 10690) '<unknown>'
    [10736, 10754) '<unknown>'
    [10800, 10818) '<unknown>'
    [10864, 10882) '<unknown>'
    [10928, 10946) '<unknown>'
    [10992, 11010) '<unknown>'
    [11056, 11074) '<unknown>'
    [11120, 11138) '<unknown>'
    [11184, 11202) '<unknown>'
    [11248, 11266) '<unknown>'
    [11312, 11330) '<unknown>'
    [11376, 11394) '<unknown>'
    [11440, 11458) '<unknown>'
    [11504, 11522) '<unknown>'
    [11568, 11586) '<unknown>'
    [11632, 11650) '<unknown>'
    [11696, 11714) '<unknown>'
    [11760, 11778) '<unknown>'
    [11824, 11842) '<unknown>'
    [11888, 11906) '<unknown>'
    [11952, 11970) '<unknown>'
    [12016, 12034) '<unknown>'
    [12080, 12098) '<unknown>'
    [12144, 12162) '<unknown>'
    [12208, 12226) '<unknown>'
    [12272, 12290) '<unknown>'
    [12336, 12354) '<unknown>'
    [12400, 12418) '<unknown>'
    [12464, 12482) '<unknown>'
    [12528, 12546) '<unknown>'
    [12592, 12610) '<unknown>'
    [12656, 12674) '<unknown>'
    [12720, 12738) '<unknown>'
    [12784, 12802) '<unknown>'
    [12848, 12866) '<unknown>'
    [12912, 12930) '<unknown>'
    [12976, 12994) '<unknown>'
    [13040, 13058) '<unknown>'
    [13104, 13122) '<unknown>'
    [13168, 13186) '<unknown>'
    [13232, 13250) '<unknown>'
    [13296, 13314) '<unknown>'
    [13360, 13378) '<unknown>'
    [13424, 13442) '<unknown>'
    [13488, 13506) '<unknown>'
    [13552, 13570) '<unknown>'
    [13616, 13634) '<unknown>'
    [13680, 13698) '<unknown>'
    [13744, 13762) '<unknown>'
    [13808, 13826) '<unknown>'
    [13872, 13890) '<unknown>'
    [13936, 13954) '<unknown>'
    [14000, 14018) '<unknown>'
    [14064, 14082) '<unknown>'
    [14128, 14146) '<unknown>'
    [14192, 14210) '<unknown>'
    [14256, 14274) '<unknown>'
    [14320, 14338) '<unknown>'
    [14384, 14404) '<unknown>'
    [14448, 14468) '<unknown>'
    [14512, 14532) '<unknown>'
    [14576, 14596) '<unknown>'
    [14640, 14660) '<unknown>'
    [14704, 14724) '<unknown>'
    [14768, 14788) '<unknown>'
    [14832, 14852) '<unknown>'
    [14896, 14916) '<unknown>'
    [14960, 14980) '<unknown>'
    [15024, 15044) '<unknown>'
    [15088, 15108) '<unknown>'
    [15152, 15172) '<unknown>'
    [15216, 15236) '<unknown>'
    [15280, 15300) '<unknown>'
    [15344, 15364) '<unknown>'
    [15408, 15428) '<unknown>'
    [15472, 15492) '<unknown>'
    [15536, 15556) '<unknown>'
    [15600, 15620) '<unknown>'
    [15664, 15684) '<unknown>'
    [15728, 15748) '<unknown>'
    [15792, 15812) '<unknown>'
    [15856, 15876) '<unknown>'
    [15920, 15940) '<unknown>'
    [15984, 16004) '<unknown>'
    [16048, 16068) '<unknown>'
    [16112, 16132) '<unknown>'
    [16176, 16196) '<unknown>'
    [16240, 16260) '<unknown>'
    [16304, 16324) '<unknown>'
    [16368, 16388) '<unknown>'
    [16432, 16452) '<unknown>'
    [16496, 16516) '<unknown>'
    [16560, 16580) '<unknown>'
    [16624, 16644) '<unknown>'
    [16688, 16708) '<unknown>'
    [16752, 16772) '<unknown>'
    [16816, 16836) '<unknown>'
    [16880, 16900) '<unknown>'
    [16944, 16964) '<unknown>'
    [17008, 17028) '<unknown>'
    [17072, 17092) '<unknown>'
    [17136, 17156) '<unknown>'
    [17200, 17220) '<unknown>'
    [17264, 17284) '<unknown>'
    [17328, 17348) '<unknown>'
    [17392, 17412) '<unknown>'
    [17456, 17476) '<unknown>'
    [17520, 17540) '<unknown>'
    [17584, 17604) '<unknown>'
    [17648, 17668) '<unknown>'
    [17712, 17733) '<unknown>'
    [17776, 17797) '<unknown>'
    [17840, 17861) '<unknown>'
    [17904, 17926) '<unknown>'
    [17968, 17990) '<unknown>'
    [18032, 18054) '<unknown>'
    [18096, 18119) '<unknown>'
    [18160, 18183) '<unknown>'
    [18224, 18247) '<unknown>'
    [18288, 18311) '<unknown>'
    [18352, 18375) '<unknown>'
    [18416, 18439) '<unknown>'
    [18480, 18504) '<unknown>'
    [18544, 18568) '<unknown>'
    [18608, 18632) '<unknown>'
    [18672, 18696) '<unknown>'
    [18736, 18760) '<unknown>'
    [18800, 18825) '<unknown>'
    [18864, 18889) '<unknown>'
    [18928, 18953) '<unknown>'
    [18992, 19017) '<unknown>'
    [19056, 19081) '<unknown>'
    [19120, 19145) '<unknown>'
    [19184, 19209) '<unknown>'
    [19248, 19274) '<unknown>'
    [19312, 19338) '<unknown>'
    [19376, 19402) '<unknown>'
    [19440, 19466) '<unknown>'
    [19504, 19530) '<unknown>'
    [19568, 19594) '<unknown>'
    [19632, 19658) '<unknown>'
    [19696, 19722) '<unknown>'
    [19760, 19786) '<unknown>'
    [19824, 19850) '<unknown>'
    [19888, 19914) '<unknown>'
    [19952, 19978) '<unknown>'
    [20016, 20042) '<unknown>'
    [20080, 20107) '<unknown>'
    [20144, 20171) '<unknown>'
    [20208, 20235) '<unknown>'
    [20272, 20299) '<unknown>'
    [20336, 20363) '<unknown>'
    [20400, 20427) '<unknown>'
    [20464, 20491) '<unknown>'
    [20528, 20555) '<unknown>'
    [20592, 20619) '<unknown>'
    [20656, 20683) '<unknown>'
    [20720, 20747) '<unknown>'
    [20784, 20811) '<unknown>'
    [20848, 20875) '<unknown>'
    [20912, 20939) '<unknown>'
    [20976, 21003) '<unknown>'
    [21040, 21067) '<unknown>'
    [21104, 21131) '<unknown>'
    [21168, 21195) '<unknown>'
    [21232, 21259) '<unknown>'
    [21296, 21323) '<unknown>'
    [21360, 21387) '<unknown>'
    [21424, 21451) '<unknown>'
    [21488, 21515) '<unknown>'
    [21552, 21579) '<unknown>'
    [21616, 21643) '<unknown>'
    [21680, 21707) '<unknown>'
    [21744, 21771) '<unknown>'
    [21808, 21835) '<unknown>'
    [21872, 21899) '<unknown>'
    [21936, 21963) '<unknown>'
    [22000, 22027) '<unknown>'
    [22064, 22092) '<unknown>'
    [22128, 22156) '<unknown>'
    [22192, 22220) '<unknown>'
    [22256, 22286) '<unknown>'
    [22320, 22350) '<unknown>'
    [22384, 22416) '<unknown>'
    [22448, 22480) '<unknown>'
    [22512, 22544) '<unknown>'
    [22576, 22608) '<unknown>'
    [22640, 22672) '<unknown>'
    [22704, 22736) '<unknown>'
    [22768, 22800) '<unknown>'
    [22832, 22864) '<unknown>'
    [22896, 22928) '<unknown>'
    [22960, 22992) '<unknown>'
    [23024, 23056) '<unknown>'
    [23088, 23120) '<unknown>'
    [23152, 23184) '<unknown>'
    [23216, 23248) '<unknown>'
    [23280, 23312) '<unknown>'
    [23344, 23376) '<unknown>'
    [23408, 23440) '<unknown>'
    [23472, 23504) '<unknown>'
    [23536, 23568) '<unknown>'
    [23600, 23632) '<unknown>'
    [23664, 23696) '<unknown>'
    [23728, 23760) '<unknown>'
    [23792, 23824) '<unknown>'
    [23856, 23888) '<unknown>'
    [23920, 23952) '<unknown>'
    [23984, 24016) '<unknown>'
    [24048, 24080) '<unknown>'
    [24112, 24144) '<unknown>'
    [24176, 24208) '<unknown>'
    [24240, 24272) '<unknown>'
    [24304, 24336) '<unknown>'
    [24368, 24400) '<unknown>'
    [24432, 24466) '<unknown>'
    [24512, 24546) '<unknown>'
    [24592, 24626) '<unknown>'
    [24672, 24707) '<unknown>'
    [24752, 24787) '<unknown>'
    [24832, 24867) '<unknown>'
    [24912, 24948) '<unknown>'
    [24992, 25028) '<unknown>'
    [25072, 25108) '<unknown>'
    [25152, 25190) '<unknown>'
    [25232, 25270) '<unknown>'
    [25312, 25350) '<unknown>'
    [25392, 25430) '<unknown>'
    [25472, 25510) '<unknown>'
    [25552, 25590) '<unknown>'
    [25632, 25670) '<unknown>'
    [25712, 25750) '<unknown>'
    [25792, 25830) '<unknown>'
    [25872, 25910) '<unknown>'
    [25952, 25990) '<unknown>'
    [26032, 26070) '<unknown>'
    [26112, 26154) '<unknown>'
    [26192, 26234) '<unknown>'
    [26272, 26314) '<unknown>'
    [26352, 26394) '<unknown>'
    [26432, 26474) '<unknown>'
    [26512, 26554) '<unknown>'
    [26592, 26682) '<unknown>'
    [26720, 26810) '<unknown>'
    [26848, 26938) '<unknown>'
    [26976, 27066) '<unknown>'
    [27104, 27194) '<unknown>'
    [27232, 27322) '<unknown>'
    [27360, 27456) 'pdus' (line 790)
    [27488, 27584) 'pdus' (line 795)
    [27616, 27712) 'pdus' (line 800)
    [27744, 27840) 'pdus' (line 861)
    [27872, 27968) 'pdus' (line 866)
    [28000, 28096) 'pdus' (line 873)
    [28128, 28224) 'pdus' (line 885)
    [28256, 28352) 'pdus' (line 889)
    [28384, 28480) 'pdus' (line 893)
    [28512, 28608) 'pdus' (line 906)
    [28640, 28736) 'pdus' (line 910)
    [28768, 28864) 'pdus' (line 914)
    [28896, 28992) 'pdus' (line 1359)
    [29024, 29120) 'pdus' (line 1407)
    [29152, 29248) 'pdus' (line 1413)
    [29280, 29376) 'pdus' (line 1419)
    [29408, 29504) 'pdus' (line 1434)
    [29536, 29632) 'pdus' (line 1440)
    [29664, 29760) 'pdus' (line 1446)
    [29792, 29888) 'pdus' (line 1461)
    [29920, 30016) 'pdus' (line 1467)
    [30048, 30144) 'pdus' (line 1473)
    [30176, 30272) 'pdus' (line 1488)
    [30304, 30400) 'pdus' (line 1495)
    [30432, 30528) 'pdus' (line 1502)
    [30560, 30656) 'pdus' (line 1580)
    [30688, 30784) 'pdus' (line 1587)
    [30816, 30912) 'pdus' (line 1594)
    [30944, 31040) 'pdus' (line 1610)
    [31072, 31168) 'pdus' (line 1617)
    [31200, 31296) 'pdus' (line 1624)
    [31328, 31424) 'pdus' (line 1640)
    [31456, 31552) 'pdus' (line 1647)
    [31584, 31680) 'pdus' (line 1654)
    [31712, 31808) 'pdus' (line 1670)
    [31840, 31936) 'pdus' (line 1677)
    [31968, 32064) 'pdus' (line 1684)
    [32096, 32192) 'pdus' (line 1700)
    [32224, 32320) 'pdus' (line 1709)
    [32352, 32448) 'pdus' (line 1718)
    [32480, 32576) 'pdus' (line 1736)
    [32608, 32704) 'pdus' (line 1743)
    [32736, 32832) 'pdus' (line 1750)
    [32864, 32960) 'pdus' (line 1766)
    [32992, 33088) 'pdus' (line 1774)
    [33120, 33216) 'pdus' (line 1782)
    [33248, 33344) 'pdus' (line 1799)
    [33376, 33472) 'pdus' (line 1806)
    [33504, 33600) 'pdus' (line 1813)
    [33632, 33728) 'pdus' (line 1829)
    [33760, 33856) 'pdus' (line 1838)
    [33888, 33984) 'pdus' (line 1847)
    [34016, 34112) 'pdus' (line 2027)
    [34144, 34240) 'pdus' (line 2034)
    [34272, 34368) 'pdus' (line 2041)
    [34400, 34496) 'pdus' (line 2057)
    [34528, 34624) 'pdus' (line 2065)
    [34656, 34752) 'pdus' (line 2073)
    [34784, 34880) 'pdus' (line 2090)
    [34912, 35008) 'pdus' (line 2099)
    [35040, 35136) 'pdus' (line 2108)
    [35168, 35264) 'pdus' (line 2126)
    [35296, 35392) 'pdus' (line 2135)
    [35424, 35520) 'pdus' (line 2144)
    [35552, 35648) 'pdus' (line 2162)
    [35680, 35776) 'pdus' (line 2170)
    [35808, 35904) 'pdus' (line 2178)
    [35936, 36032) 'pdus' (line 2195)
    [36064, 36160) 'pdus' (line 2199)
    [36192, 36288) 'pdus' (line 2204)
    [36320, 36416) 'pdus' (line 2218)
    [36448, 36544) 'pdus' (line 2223)
    [36576, 36672) 'pdus' (line 2228)
    [36704, 36864) 'pdus' (line 814)
    [36928, 37088) 'pdus' (line 826)
    [37152, 37312) 'pdus' (line 838)
    [37376, 37536) 'pdus' (line 926)
    [37600, 37760) 'pdus' (line 975)
    [37824, 37984) 'pdus' (line 994)
    [38048, 38208) 'pdus' (line 1015)
    [38272, 38432) 'pdus' (line 1035)
    [38496, 38656) 'pdus' (line 1055)
    [38720, 38880) 'pdus' (line 1075)
    [38944, 39104) 'pdus' (line 1095)
    [39168, 39328) 'pdus' (line 1114)
    [39392, 39552) 'pdus' (line 1215)
    [39616, 39776) 'pdus' (line 1235)
    [39840, 40000) 'pdus' (line 1255)
    [40064, 40224) 'pdus' (line 1275)
    [40288, 40448) 'pdus' (line 1297)
    [40512, 40672) 'pdus' (line 1319)
    [40736, 40896) 'pdus' (line 1338)
    [40960, 41120) 'pdus' (line 1371)
    [41184, 41344) 'pdus' (line 1388)
    [41408, 41568) 'pdus' (line 1865)
    [41632, 41792) 'pdus' (line 1880)
    [41856, 42016) 'pdus' (line 1895)
    [42080, 42240) 'pdus' (line 1920)
    [42304, 42464) 'pdus' (line 1935)
    [42528, 42688) 'pdus' (line 1950)
    [42752, 42912) 'pdus' (line 1975)
    [42976, 43136) 'pdus' (line 1989)
    [43200, 43360) 'pdus' (line 2003)
    [43424, 43648) 'pdus' (line 1136)
    [43712, 43936) 'pdus' (line 1163)
    [44000, 44224) 'pdus' (line 1189)
    [44288, 44512) 'pdus' (line 1518)
    [44576, 44800) 'pdus' (line 1534)
    [44864, 45088) 'pdus' (line 1550)
    [45152, 45376) 'pdus' (line 2620)
    [45440, 45664) 'pdus' (line 2657)
    [45728, 45952) 'pdus' (line 2694)
    [46016, 46240) 'pdus' (line 2817)
    [46304, 46592) 'pdus' (line 946)
    [46656, 47968) 'pdus' (line 2241)
    [48096, 49408) 'pdus' (line 2363)
    [49536, 50848) 'pdus' (line 2485)
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
in __interceptor_memcpy
Shadow bytes around the buggy address:
  0x10007fff62f0: f8 f2 f2 f2 f8 f2 f2 f2 f8 f2 00 00 00 f2 00 00
  0x10007fff6300: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6310: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6320: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6330: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
=>0x10007fff6340: f8 f8 00 00[f8]f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6350: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6360: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6370: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6380: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
  0x10007fff6390: f8 f8 00 00 f8 f8 00 00 f8 f8 00 00 f8 f8 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==24441==ABORTING

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
@ 2019-01-10 16:05 ` bugzilla-daemon
  2019-01-10 18:57 ` bugzilla-daemon
                   ` (9 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-10 16:05 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

Luiz Von Dentz (luiz.dentz@gmail.com) changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |luiz.dentz@gmail.com

--- Comment #1 from Luiz Von Dentz (luiz.dentz@gmail.com) ---
Can you try again after applying the following patch:

https://gist.github.com/Vudentz/eb85c3a3d02b2a9bef74d9d6a110561d

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
  2019-01-10 16:05 ` [Bug 202213] " bugzilla-daemon
@ 2019-01-10 18:57 ` bugzilla-daemon
  2019-01-10 19:16 ` bugzilla-daemon
                   ` (8 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-10 18:57 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

Stefan Seyfried (stefan.seyfried@googlemail.com) changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |stefan.seyfried@googlemail.
                   |                            |com

--- Comment #2 from Stefan Seyfried (stefan.seyfried@googlemail.com) ---
I'm trying the patch right now.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
  2019-01-10 16:05 ` [Bug 202213] " bugzilla-daemon
  2019-01-10 18:57 ` bugzilla-daemon
@ 2019-01-10 19:16 ` bugzilla-daemon
  2019-01-10 20:05 ` bugzilla-daemon
                   ` (7 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-10 19:16 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #3 from Stefan Seyfried (stefan.seyfried@googlemail.com) ---
I needed to massage the patch a bit to apply on bluez 5.50
http://paste.opensuse.org/63512977 this is the patch I used.

Builds and works with gcc8, could not really test with gcc9 due to OBS
shortcomings but will submit to openSUSE Factory, so it will get to the gcc9
staging area, too.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (2 preceding siblings ...)
  2019-01-10 19:16 ` bugzilla-daemon
@ 2019-01-10 20:05 ` bugzilla-daemon
  2019-01-11  9:49 ` bugzilla-daemon
                   ` (6 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-10 20:05 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #4 from Stefan Seyfried (stefan.seyfried@googlemail.com) ---
With gcc9 (finally found a way to use it in OBS :-), it asserts:

abuild@strolchi:~/rpmbuild/BUILD/bluez-5.50> cat unit/test-sdp.log
bluetoothd[3066]: Bluetooth daemon 5.50
len: 7 raw_size: 14 cont_len: 0
**
ERROR:unit/test-sdp.c:258:client_handler: assertion failed: ((size_t) len ==
rsp_pdu->raw_size + rsp_pdu->cont_len)
FAIL unit/test-sdp (exit status: 134)

I added a printf before the assert (and shifted it down one line)

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (3 preceding siblings ...)
  2019-01-10 20:05 ` bugzilla-daemon
@ 2019-01-11  9:49 ` bugzilla-daemon
  2019-01-11 12:01 ` bugzilla-daemon
                   ` (5 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11  9:49 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #5 from Martin Liška (mliska@suse.cz) ---
(In reply to Stefan Seyfried from comment #4)
> With gcc9 (finally found a way to use it in OBS :-), it asserts:
> 
> abuild@strolchi:~/rpmbuild/BUILD/bluez-5.50> cat unit/test-sdp.log
> bluetoothd[3066]: Bluetooth daemon 5.50
> len: 7 raw_size: 14 cont_len: 0
> **
> ERROR:unit/test-sdp.c:258:client_handler: assertion failed: ((size_t) len ==
> rsp_pdu->raw_size + rsp_pdu->cont_len)
> FAIL unit/test-sdp (exit status: 134)
> 
> I added a printf before the assert (and shifted it down one line)

The patch does not fix the root problem.
#define define_test(name, _mtu, args...) \
        do {                                                            \
                const struct sdp_pdu pdus[] = {                         \
                        args, { }                                       \
                };                                                      \
                static struct test_data data;                           \
                data.mtu = _mtu;                                        \
                data.pdu_list = g_memdup(pdus, sizeof(pdus));           \
                tester_add(name, &data, NULL, test_sdp, NULL);          \
        } while (0)

here you copy pdus, but you should also memdup .raw_data, otherwise
it will reach it's end of scope.

Slightly reduced test-case that illustrates that:

$ cat test-sdp.i
struct a {
  void *b;
  long c
};
enum { d = 5 } typedef *e;
e g_malloc0_n();
typedef enum { f, g } h;
*g_io_channel_unix_new();
e g_memdup();
struct i {
  _Bool j;
  void *k;
  long l
};
struct m {
  struct i *n
};
struct context {
  int o;
  int fd;
  struct m *data
};
int q;
struct i r;
struct a s[];
t(e u) {
  struct context *context = u;
  r = context->data->n[q];
  s[0].b = r.k;
  s[0].c = r.l;
  writev(context->fd, s, 2);
  return 0;
}
v(int channel, h cond, e u) {
  struct context *context = u;
  g_source_remove(context->o);
  g_free(u);
  tester_test_passed();
}
int *w;
int aa[];
*x(data) {
  struct context *context = g_malloc0_n(1, sizeof(struct context));
  socketpair(1, d, 0, aa);
  w = g_io_channel_unix_new(aa[0]);
  context->o = g_io_add_watch(w, g, v, context);
  context->fd = aa[1];
  context->data = data;
}
y() {
  struct context *context = x();
  g_idle_add(t, context);
}
z;
main() {
  tester_init(z);
  {
    struct i ab[] = {.1, (char[]){4, 11, 0, 1}, sizeof(0)};
    static struct m data;
    data.n = g_memdup(ab, sizeof(ab));
    tester_add("", &data, 0, y);
  }
  tester_run();
}

$ ./test

 - init
 - setup
 - setup complete
 - run
=================================================================
==29724==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffffffdc00 at pc 0x7ffff744c678 bp 0x7fffffffd9e0 sp 0x7fffffffd190
READ of size 4 at 0x7fffffffdc00 thread T0
    #0 0x7ffff744c677 in read_iovec
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:956
    #1 0x7ffff744cded in __interceptor_writev
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1150
    #2 0x408160 in t
/home/marxin/BIG/osc/Base:System/bluez/bluez-5.50/xxx/test-sdp.i:31
    #3 0x7ffff7ed8626  (/usr/lib64/libglib-2.0.so.0+0x4d626)
    #4 0x7ffff7edbc14 in g_main_context_dispatch
(/usr/lib64/libglib-2.0.so.0+0x50c14)
    #5 0x7ffff7edbfd7  (/usr/lib64/libglib-2.0.so.0+0x50fd7)
    #6 0x7ffff7edc2d1 in g_main_loop_run (/usr/lib64/libglib-2.0.so.0+0x512d1)
    #7 0x41ad10 in tester_run src/shared/tester.c:830
    #8 0x408603 in main
/home/marxin/BIG/osc/Base:System/bluez/bluez-5.50/xxx/test-sdp.i:63
    #9 0x7ffff7018fea in __libc_start_main ../csu/libc-start.c:308
    #10 0x403789 in _start
(/home/marxin/BIG/osc/Base:System/bluez/bluez-5.50/xxx/test+0x403789)

Address 0x7fffffffdc00 is located in stack of thread T0 at offset 48 in frame
    #0 0x408394 in main
/home/marxin/BIG/osc/Base:System/bluez/bluez-5.50/xxx/test-sdp.i:55

  This frame has 2 object(s):
    [48, 52) '<unknown>' <== Memory access at offset 48 is inside this variable
    [64, 88) 'ab' (line 58)
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope
/home/marxin/Programming/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:956
in read_iovec
Shadow bytes around the buggy address:
  0x10007fff7b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b70: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1
=>0x10007fff7b80:[f8]f2 f8 f8 f8 f3 f3 f3 f3 f3 00 00 00 00 00 00
  0x10007fff7b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (4 preceding siblings ...)
  2019-01-11  9:49 ` bugzilla-daemon
@ 2019-01-11 12:01 ` bugzilla-daemon
  2019-01-11 13:07 ` bugzilla-daemon
                   ` (4 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 12:01 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #6 from Luiz Von Dentz (luiz.dentz@gmail.com) ---
So something like the following is required:

@@ -59,7 +60,7 @@ struct test_data {
 #define raw_pdu(args...) \
        {                                                       \
                .valid = true,                                  \
-               .raw_data = raw_data(args),                     \
+               .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))),   
        \
                .raw_size = sizeof(raw_data(args)),             \
        }

Most test actually build packets like that so I guess all of them are affected,
is there any particular reason why this behavior has changed in GCC 9?

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (5 preceding siblings ...)
  2019-01-11 12:01 ` bugzilla-daemon
@ 2019-01-11 13:07 ` bugzilla-daemon
  2019-01-11 13:09 ` bugzilla-daemon
                   ` (3 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 13:07 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #7 from Martin Liška (mliska@suse.cz) ---
The test works for me with:

diff --git a/unit/test-sdp.c b/unit/test-sdp.c
index 5a50cbbf1..ebe00571d 100644
--- a/unit/test-sdp.c
+++ b/unit/test-sdp.c
@@ -59,14 +59,14 @@ struct test_data {
 #define raw_pdu(args...) \
        {                                                       \
                .valid = true,                                  \
-               .raw_data = raw_data(args),                     \
+    .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \
                .raw_size = sizeof(raw_data(args)),             \
        }

 #define raw_pdu_cont(cont, args...) \
        {                                                       \
                .valid = true,                                  \
-               .raw_data = raw_data(args),                     \
+    .raw_data = g_memdup(raw_data(args), sizeof(raw_data(args))), \
                .raw_size = sizeof(raw_data(args)),             \
                .cont_len = cont,                               \
        }
@@ -104,7 +104,7 @@ struct test_data_de {
 #define define_test_de_attr(name, input, exp) \
        do {                                                            \
                static struct test_data_de data;                        \
-               data.input_data = input;                                \
+               data.input_data = g_memdup(input, sizeof (input));             
                \
                data.input_size = sizeof(input);                        \
                data.expected = exp;                                    \
                tester_add("/sdp/DE/ATTR/" name, &data, NULL,           \

thanks for help.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply related	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (6 preceding siblings ...)
  2019-01-11 13:07 ` bugzilla-daemon
@ 2019-01-11 13:09 ` bugzilla-daemon
  2019-01-11 13:31 ` bugzilla-daemon
                   ` (2 subsequent siblings)
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 13:09 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #8 from Martin Liška (mliska@suse.cz) ---
But similar happens in following failing tests with -fsanitize=address:

FAIL: unit/test-avdtp
FAIL: unit/test-avctp
FAIL: unit/test-avrcp
FAIL: unit/test-hfp
FAIL: unit/test-gatt
FAIL: unit/test-hog

can you please prepare a patch where you'll factor out macros like
#define raw_pdu(args...) into a header file?

Thanks.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (7 preceding siblings ...)
  2019-01-11 13:09 ` bugzilla-daemon
@ 2019-01-11 13:31 ` bugzilla-daemon
  2019-01-11 13:53 ` bugzilla-daemon
  2019-01-11 16:36 ` bugzilla-daemon
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 13:31 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #9 from Luiz Von Dentz (luiz.dentz@gmail.com) ---
(In reply to Martin Liška from comment #8)
> But similar happens in following failing tests with -fsanitize=address:
> 
> FAIL: unit/test-avdtp
> FAIL: unit/test-avctp
> FAIL: unit/test-avrcp
> FAIL: unit/test-hfp
> FAIL: unit/test-gatt
> FAIL: unit/test-hog
> 
> can you please prepare a patch where you'll factor out macros like
> #define raw_pdu(args...) into a header file?
> 
> Thanks.

Im fixing that, though it is not possible to have it in a common header because
the PDUs are different in each case.

Btw, does define_test_de_attr really needs to be changed? There is no
intermediate variable like in define_test so the variable should not go out of
scope since it is static.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (8 preceding siblings ...)
  2019-01-11 13:31 ` bugzilla-daemon
@ 2019-01-11 13:53 ` bugzilla-daemon
  2019-01-11 16:36 ` bugzilla-daemon
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 13:53 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #10 from Martin Liška (mliska@suse.cz) ---
Yes, it's problematic, please see explanation:
https://gcc.gnu.org/ml/gcc-patches/2019-01/msg00629.html

and there's a reduced example:

$ cat /tmp/x.c
struct test_data_de {
 const void *input_data;
 int input_size;
};


int main()
{
  struct test_data_de *ptr;
  {
    static struct test_data_de data;
    data.input_size = sizeof((const unsigned char[]) { 0x25, 0x00 });
    data.input_data = ((const unsigned char[]) { 0x25, 0x00 });
    ptr = &data;
  }

  *(char*)ptr->input_data = 'x';

  return 0;
}

$ gcc /tmp/x.c -fsanitize=address && ./a.out 
=================================================================
==17535==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffffffdc20 at pc 0x0000004012d9 bp 0x7fffffffdbe0 sp 0x7fffffffdbd8
WRITE of size 1 at 0x7fffffffdc20 thread T0
    #0 0x4012d8 in main (/home/marxin/Programming/bluez/a.out+0x4012d8)
    #1 0x7ffff7018fea in __libc_start_main ../csu/libc-start.c:308
    #2 0x4010c9 in _start (/home/marxin/Programming/bluez/a.out+0x4010c9)

Address 0x7fffffffdc20 is located in stack of thread T0 at offset 32 in frame
    #0 0x401181 in main (/home/marxin/Programming/bluez/a.out+0x401181)

  This frame has 1 object(s):
    [32, 34) '<unknown>' <== Memory access at offset 32 is inside this variable
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope
(/home/marxin/Programming/bluez/a.out+0x4012d8) in main
Shadow bytes around the buggy address:
  0x10007fff7b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10007fff7b80: f1 f1 f1 f1[f8]f3 f3 f3 00 00 00 00 00 00 00 00
  0x10007fff7b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10007fff7bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
  2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
                   ` (9 preceding siblings ...)
  2019-01-11 13:53 ` bugzilla-daemon
@ 2019-01-11 16:36 ` bugzilla-daemon
  10 siblings, 0 replies; 12+ messages in thread
From: bugzilla-daemon @ 2019-01-11 16:36 UTC (permalink / raw)
  To: linux-bluetooth

https://bugzilla.kernel.org/show_bug.cgi?id=202213

--- Comment #11 from Luiz Von Dentz (luiz.dentz@gmail.com) ---
Ive sent the patches to the mailing list.

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] 12+ messages in thread

end of thread, other threads:[~2019-01-11 16:36 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
2019-01-10 16:05 ` [Bug 202213] " bugzilla-daemon
2019-01-10 18:57 ` bugzilla-daemon
2019-01-10 19:16 ` bugzilla-daemon
2019-01-10 20:05 ` bugzilla-daemon
2019-01-11  9:49 ` bugzilla-daemon
2019-01-11 12:01 ` bugzilla-daemon
2019-01-11 13:07 ` bugzilla-daemon
2019-01-11 13:09 ` bugzilla-daemon
2019-01-11 13:31 ` bugzilla-daemon
2019-01-11 13:53 ` bugzilla-daemon
2019-01-11 16:36 ` bugzilla-daemon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).