[Bug 196621] bluez-5.46: unit/test-gatt segfaults when running tests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.kernel.org/show_bug.cgi?id=196621

--- Comment #1 from Pacho Ramos (pachoramos1@xxxxxxxxx) ---
[New LWP 27563]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `./unit/test-gatt'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000000000441be5 in timeout_cb (user_data=0x21d2200) at
src/shared/att.c:405
405             if (att->pending_req && att->pending_req->id == timeout->id) {

Thread 1 (Thread 0x7f96c6fe1700 (LWP 27563)):
#0  0x0000000000441be5 in timeout_cb (user_data=0x21d2200) at
src/shared/att.c:405
        timeout = 0x21d2200
        att = 0x21d2740
        op = 0x0
#1  0x000000000044e42d in timeout_callback (user_data=<error reading variable:
value has been optimized out>) at src/shared/timeout-glib.c:34
        data = <error reading variable data (value has been optimized out)>
#2  0x0000003f9e24afc3 in g_timeout_dispatch (source=0x21d0800,
callback=<optimized out>, user_data=<optimized out>) at
/var/tmp/portage/dev-libs/glib-2.50.3-r1/work/glib-2.50.3/glib/gmain.c:4674
        timeout_source = 0x21d0800
        again = <optimized out>
#3  0x0000003f9e24a52d in g_main_dispatch (context=0x21c4830) at
/var/tmp/portage/dev-libs/glib-2.50.3-r1/work/glib-2.50.3/glib/gmain.c:3203
        dispatch = 0x3f9e24afb0 <g_timeout_dispatch>
        prev_source = 0x0
        was_in_call = 0
        user_data = 0x21d1420
        callback = 0x44e420 <timeout_callback>
        cb_funcs = <optimized out>
        cb_data = 0x21d2050
        need_destroy = <optimized out>
        source = 0x21d0800
        current = 0x21c4940
        i = 0
#4  g_main_context_dispatch (context=context@entry=0x21c4830) at
/var/tmp/portage/dev-libs/glib-2.50.3-r1/work/glib-2.50.3/glib/gmain.c:3856
No locals.
#5  0x0000003f9e24a900 in g_main_context_iterate (context=0x21c4830,
block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at
/var/tmp/portage/dev-libs/glib-2.50.3-r1/work/glib-2.50.3/glib/gmain.c:3929
        max_priority = 2147483647
        timeout = 29928
        some_ready = 1
        nfds = <optimized out>
        allocated_nfds = 4
        fds = 0x21eca80
#6  0x0000003f9e24ac22 in g_main_loop_run (loop=0x21c4a80) at
/var/tmp/portage/dev-libs/glib-2.50.3-r1/work/glib-2.50.3/glib/gmain.c:4125
        __FUNCTION__ = "g_main_loop_run"
#7  0x0000000000441848 in tester_run () at src/shared/tester.c:830
No locals.
#8  0x000000000043e68b in main (argc=1, argv=0x7ffcc2215f78) at
unit/test-gatt.c:4474
No locals.
>From                To                  Syms Read   Shared Object Library
0x0000003f9e21acf0  0x0000003f9e292c29  Yes         /usr/lib64/libglib-2.0.so.0
0x0000003f9be1f7a0  0x0000003f9bf47c34  Yes (*)     /lib64/libc.so.6
0x0000003f9da01650  0x0000003f9da52b2d  Yes (*)     /lib64/libpcre.so.1
0x0000003f9c605a10  0x0000003f9c6124d1  Yes (*)     /lib64/libpthread.so.0
0x0000003f9ba00a10  0x0000003f9ba1c300  Yes (*)     /lib64/ld-linux-x86-64.so.2
(*): Shared library is missing debugging information.
$1 = 0x0
$2 = 0x0
rax            0xc      12
rbx            0x4545454545454545       4991471925827290437
rcx            0x0      0
rdx            0x21d1420        35460128
rsi            0x44e420 4514848
rdi            0x21d2200        35463680
rbp            0x21d2740        0x21d2740
rsp            0x7ffcc2209b40   0x7ffcc2209b40
r8             0x1      1
r9             0x3f9e512940     273239058752
r10            0x1      1
r11            0x246    582
r12            0x21c4830        35407920
r13            0x21c4940        35408192
r14            0x21d0800        35457024
r15            0x3f9e24afb0     273236144048
rip            0x441be5 0x441be5 <timeout_cb+21>
eflags         0x10202  [ IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
Dump of assembler code for function timeout_cb:
   0x0000000000441bd0 <+0>:     push   %rbp
   0x0000000000441bd1 <+1>:     push   %rbx
   0x0000000000441bd2 <+2>:     sub    $0x8,%rsp
   0x0000000000441bd6 <+6>:     mov    (%rdi),%rbp
   0x0000000000441bd9 <+9>:     mov    0x20(%rbp),%rbx
   0x0000000000441bdd <+13>:    test   %rbx,%rbx
   0x0000000000441be0 <+16>:    je     0x441be9 <timeout_cb+25>
   0x0000000000441be2 <+18>:    mov    0x8(%rdi),%eax
=> 0x0000000000441be5 <+21>:    cmp    %eax,(%rbx)
   0x0000000000441be7 <+23>:    je     0x441c08 <timeout_cb+56>
   0x0000000000441be9 <+25>:    mov    0x30(%rbp),%rbx
   0x0000000000441bed <+29>:    test   %rbx,%rbx
   0x0000000000441bf0 <+32>:    je     0x441bf9 <timeout_cb+41>
   0x0000000000441bf2 <+34>:    mov    0x8(%rdi),%eax
   0x0000000000441bf5 <+37>:    cmp    %eax,(%rbx)
   0x0000000000441bf7 <+39>:    je     0x441c70 <timeout_cb+160>
   0x0000000000441bf9 <+41>:    add    $0x8,%rsp
   0x0000000000441bfd <+45>:    xor    %eax,%eax
   0x0000000000441bff <+47>:    pop    %rbx
   0x0000000000441c00 <+48>:    pop    %rbp
   0x0000000000441c01 <+49>:    retq   
   0x0000000000441c02 <+50>:    nopw   0x0(%rax,%rax,1)
   0x0000000000441c08 <+56>:    movq   $0x0,0x20(%rbp)
   0x0000000000441c10 <+64>:    movzbl 0xc(%rbx),%ecx
   0x0000000000441c14 <+68>:    mov    0xa0(%rbp),%rsi
   0x0000000000441c1b <+75>:    lea    0x12baa(%rip),%rdx        # 0x4547cc
   0x0000000000441c22 <+82>:    mov    0x90(%rbp),%rdi
   0x0000000000441c29 <+89>:    xor    %eax,%eax
   0x0000000000441c2b <+91>:    callq  0x4405d0 <util_debug>
   0x0000000000441c30 <+96>:    mov    0x78(%rbp),%rax
   0x0000000000441c34 <+100>:   test   %rax,%rax
   0x0000000000441c37 <+103>:   je     0x441c48 <timeout_cb+120>
   0x0000000000441c39 <+105>:   movzbl 0xc(%rbx),%esi
   0x0000000000441c3d <+109>:   mov    0x88(%rbp),%rdx
   0x0000000000441c44 <+116>:   mov    (%rbx),%edi
   0x0000000000441c46 <+118>:   callq  *%rax
   0x0000000000441c48 <+120>:   mov    %rbx,%rdi
   0x0000000000441c4b <+123>:   movl   $0x0,0x4(%rbx)
   0x0000000000441c52 <+130>:   callq  0x441b20 <destroy_att_send_op>
   0x0000000000441c57 <+135>:   mov    0x8(%rbp),%rdi
   0x0000000000441c5b <+139>:   callq  0x44e3e0 <io_shutdown>
   0x0000000000441c60 <+144>:   add    $0x8,%rsp
   0x0000000000441c64 <+148>:   xor    %eax,%eax
   0x0000000000441c66 <+150>:   pop    %rbx
   0x0000000000441c67 <+151>:   pop    %rbp
   0x0000000000441c68 <+152>:   retq   
   0x0000000000441c69 <+153>:   nopl   0x0(%rax)
   0x0000000000441c70 <+160>:   movq   $0x0,0x30(%rbp)
   0x0000000000441c78 <+168>:   jmp    0x441c10 <timeout_cb+64>
End of assembler dump.

-- 
You are receiving this mail because:
You are the assignee for the bug.--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux