From: bugzilla-daemon@bugzilla.kernel.org
To: linux-bluetooth@vger.kernel.org
Subject: [Bug 202213] bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9)
Date: Fri, 11 Jan 2019 13:53:04 +0000 [thread overview]
Message-ID: <bug-202213-62941-Uf7UxkKq5g@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-202213-62941@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=202213
--- Comment #10 from Martin Liška (mliska@suse.cz) ---
Yes, it's problematic, please see explanation:
https://gcc.gnu.org/ml/gcc-patches/2019-01/msg00629.html
and there's a reduced example:
$ cat /tmp/x.c
struct test_data_de {
const void *input_data;
int input_size;
};
int main()
{
struct test_data_de *ptr;
{
static struct test_data_de data;
data.input_size = sizeof((const unsigned char[]) { 0x25, 0x00 });
data.input_data = ((const unsigned char[]) { 0x25, 0x00 });
ptr = &data;
}
*(char*)ptr->input_data = 'x';
return 0;
}
$ gcc /tmp/x.c -fsanitize=address && ./a.out
=================================================================
==17535==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffffffdc20 at pc 0x0000004012d9 bp 0x7fffffffdbe0 sp 0x7fffffffdbd8
WRITE of size 1 at 0x7fffffffdc20 thread T0
#0 0x4012d8 in main (/home/marxin/Programming/bluez/a.out+0x4012d8)
#1 0x7ffff7018fea in __libc_start_main ../csu/libc-start.c:308
#2 0x4010c9 in _start (/home/marxin/Programming/bluez/a.out+0x4010c9)
Address 0x7fffffffdc20 is located in stack of thread T0 at offset 32 in frame
#0 0x401181 in main (/home/marxin/Programming/bluez/a.out+0x401181)
This frame has 1 object(s):
[32, 34) '<unknown>' <== Memory access at offset 32 is inside this variable
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope
(/home/marxin/Programming/bluez/a.out+0x4012d8) in main
Shadow bytes around the buggy address:
0x10007fff7b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10007fff7b80: f1 f1 f1 f1[f8]f3 f3 f3 00 00 00 00 00 00 00 00
0x10007fff7b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007fff7bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
--
You are receiving this mail because:
You are the assignee for the bug.
next prev parent reply other threads:[~2019-01-11 13:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-10 13:45 [Bug 202213] New: bluez trunk tests fail with GCC 9 (or with -fsanitize=address with GCC 9) bugzilla-daemon
2019-01-10 16:05 ` [Bug 202213] " bugzilla-daemon
2019-01-10 18:57 ` bugzilla-daemon
2019-01-10 19:16 ` bugzilla-daemon
2019-01-10 20:05 ` bugzilla-daemon
2019-01-11 9:49 ` bugzilla-daemon
2019-01-11 12:01 ` bugzilla-daemon
2019-01-11 13:07 ` bugzilla-daemon
2019-01-11 13:09 ` bugzilla-daemon
2019-01-11 13:31 ` bugzilla-daemon
2019-01-11 13:53 ` bugzilla-daemon [this message]
2019-01-11 16:36 ` bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-202213-62941-Uf7UxkKq5g@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@bugzilla.kernel.org \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.