【预置条件】
本地编译OpenHarmony4.0release asan版本；
【测试步骤】
使用wukong脚本进行系统遍历测试；
【预期结果】
压测结束后，设备路径 /data/log/sanitizer/下不产生任何错误文件；
【实际结果】
压测结束后，设备路径 /data/log/sanitizer/ubsan/目录下有libbtcommon.z.so踩内存问题；
【恢复方法】无
【问题概率】 低概率
【关联用例】（如是测试手工用例发现的问题，则填写用例编号。非手工用例发现的不填）
【对比测试结果】xxx
【日志&&截图】见附件
【发现日期&时间点】2024/1/21
【开发确认人】xxx
【测试确认人】XXX
堆栈：
sa_main==512==ERROR: AddressSanitizer: heap-use-after-free on address 0x00220b20f850 at pc 0x004016ab4314 bp 0x0040215a8450 sp 0x0040215a8448
READ of size 1 at 0x00220b20f850 thread T16
#0 0x4016ab4310 (/system/asan/lib64/chipset-sdk/libbtcommon.z.so+0x34310)
#1 0x4015c4db1c (/system/asan/lib64/libbluetooth_server.z.so+0x10db1c)
#2 0x4015c4c50c (/system/asan/lib64/libbluetooth_server.z.so+0x10c50c)
#3 0x4015c4b318 (/system/asan/lib64/libbluetooth_server.z.so+0x10b318)
#4 0x4016297644 (/system/asan/lib64/libbtservice.z.so+0x417644)
#5 0x401629435c (/system/asan/lib64/libbtservice.z.so+0x41435c)
#6 0x4016220d3c (/system/asan/lib64/libbtservice.z.so+0x3a0d3c)
#7 0x4016222948 (/system/asan/lib64/libbtservice.z.so+0x3a2948)
#8 0x20070eb058 (/lib/ld-musl-aarch64-asan.so.1+0xd3058)

0x00220b20f850 is located 0 bytes inside of 19-byte region [0x00220b20f850,0x00220b20f863)
freed by thread T16 here:
#0 0x2007c59d08 (/system/asan/lib64/libclang_rt.asan.so+0xd9d08)
#1 0x40162944d0 (/system/asan/lib64/libbtservice.z.so+0x4144d0)
#2 0x4016220d3c (/system/asan/lib64/libbtservice.z.so+0x3a0d3c)
#3 0x4016222948 (/system/asan/lib64/libbtservice.z.so+0x3a2948)
#4 0x20070eb058 (/lib/ld-musl-aarch64-asan.so.1+0xd3058)

previously allocated by thread T16 here:
#0 0x2007c594a0 (/system/asan/lib64/libclang_rt.asan.so+0xd94a0)
#1 0x4016293bdc (/system/asan/lib64/libbtservice.z.so+0x413bdc)
#2 0x4016220d3c (/system/asan/lib64/libbtservice.z.so+0x3a0d3c)
#3 0x4016222948 (/system/asan/lib64/libbtservice.z.so+0x3a2948)
#4 0x20070eb058 (/lib/ld-musl-aarch64-asan.so.1+0xd3058)

Thread T16 created by T2 here:
#0 0x2007c3aa04 (/system/asan/lib64/libclang_rt.asan.so+0xbaa04)
#1 0x40162225bc (/system/asan/lib64/libbtservice.z.so+0x3a25bc)
#2 0x401622092c (/system/asan/lib64/libbtservice.z.so+0x3a092c)
#3 0x40161a8b5c (/system/asan/lib64/libbtservice.z.so+0x328b5c)
#4 0x40161a7bf0 (/system/asan/lib64/libbtservice.z.so+0x327bf0)
#5 0x4015c8f600 (/system/asan/lib64/libbluetooth_server.z.so+0x14f600)
#6 0x4015c93494 (/system/asan/lib64/libbluetooth_server.z.so+0x153494)
#7 0x4015c932c8 (/system/asan/lib64/libbluetooth_server.z.so+0x1532c8)
#8 0x2007efcd0c (/system/asan/lib64/platformsdk/libsystem_ability_fwk.z.so+0x3cd0c)
#9 0x2007ee3f50 (/system/asan/lib64/platformsdk/libsystem_ability_fwk.z.so+0x23f50)
#10 0x2007f861a8 (/system/asan/lib64/chipset-pub-sdk/libutils.z.so+0x461a8)
#11 0x2007f877ec (/system/asan/lib64/chipset-pub-sdk/libutils.z.so+0x477ec)
#12 0x20070eb058 (/lib/ld-musl-aarch64-asan.so.1+0xd3058)
#13 0x200708e294 (/lib/ld-musl-aarch64-asan.so.1+0x76294)

Thread T2 created by T0 (bluetooth_servi) here:
#0 0x2007c3aa04 (/system/asan/lib64/libclang_rt.asan.so+0xbaa04)
#1 0x2007f85990 (/system/asan/lib64/chipset-pub-sdk/libutils.z.so+0x45990)
#2 0x2007eda698 (/system/asan/lib64/platformsdk/libsystem_ability_fwk.z.so+0x1a698)
#3 0x2007ed811c (/system/asan/lib64/platformsdk/libsystem_ability_fwk.z.so+0x1811c)
#4 0x558ebac9ac (/system/asan/bin/sa_main+0xf9ac)
#5 0x20070fbf28 (/lib/ld-musl-aarch64-asan.so.1+0xe3f28)
#6 0x558eba3068 (/system/asan/bin/sa_main+0x6068)

SUMMARY: AddressSanitizer: heap-use-after-free (/system/asan/lib64/chipset-sdk/libbtcommon.z.so+0x34310)
Shadow bytes around the buggy address:
0x001441641eb0: fa fa fd fd fd fd fa fa fa fa fa fa fa fa fa fa
0x001441641ec0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x001441641ed0: fa fa fa fa fa fa fa fa fa fa fd fd fd fd fa fa
0x001441641ee0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x001441641ef0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x001441641f00: fa fa fa fa fa fa fa fa fa fa[fd]fd fd fa fa fa
0x001441641f10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x001441641f20: fa fa fa fa fa fa fa fa fa fa fd fd fd fd fa fa
0x001441641f30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x001441641f40: fa fa fd fd fd fa fa fa fa fa fd fd fd fd fa fa
0x001441641f50: fa fa fa fa fa fa fa fa fa fa fd fd fd fd fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb

反编译堆栈
llvm-addr2line.exe -fCpie ../libbtcommon.z.so 0x34310

D:\支持项目\19lafone\01wifi问题\【拆分单】【B309 asan版本】【稳定性专项】【系统遍历】1月21日-1月22日进行12小时随机测试，出现踩内存问题，进程：bluetooth_servi，so：libbtcommon.z.so\bin>llvm-addr2line.exe -fCpie ../libbtcommon.z.so 0x34310
std::__h::enable_if<__is_cpp17_forward_iterator<unsigned char*>::value, void>::type std::__h::basic_string<char, std::__h::char_traits, std::__h::allocator >::__init<unsigned char*>(unsigned char*, unsigned char*) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/string:2270
(inlined by) std::__h::basic_string<char, std::__h::char_traits, std::__h::allocator >::basic_string[abi:v15004]<unsigned char*, void>(unsigned char*, unsigned char*) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/string:2289
(inlined by) OHOS::bluetooth::ScanResult::ScanResult(OHOS::bluetooth::BleScanResultImpl const&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../foundation/communication/bluetooth/frameworks/inner/ipc/common/ble_parcel_data.cpp:57

D:\支持项目\19lafone\01wifi问题\【拆分单】【B309 asan版本】【稳定性专项】【系统遍历】1月21日-1月22日进行12小时随机测试，出现踩内存问题，进程：bluetooth_servi，so：libbtcommon.z.so\bin>

llvm-addr2line.exe -fCpie ../libbluetooth_server.z.so 0x10db1c 0x10c50c 0x10b318

D:\支持项目\19lafone\01wifi问题\【拆分单】【B309 asan版本】【稳定性专项】【系统遍历】1月21日-1月22日进行12小时随机测试，出现踩内存问题，进程：bluetooth_servi，so：libbtcommon.z.so\bin>llvm-addr2line.exe -fCpie ../libbluetooth_server.z.so 0x10db1c 0x10c50c 0x10b318
std::__h::lock_guardstd::__h::mutex::~lock_guardabi:v15004 at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/__mutex_base:100
(inlined by) OHOS::Bluetooth::BluetoothBleCentralManagerServer::IsProxyUid(int) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../foundation/communication/bluetooth_service/services/bluetooth/server/src/bluetooth_ble_central_manager_server.cpp:330
(inlined by) OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)::operator()(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*) const at /opt/ohos/laphone_4.0Release_2/out/laphone/../../foundation/communication/bluetooth_service/services/bluetooth/server/src/bluetooth_ble_central_manager_server.cpp:88
OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback::sptr(OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback const&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../commonlibrary/c_utils/base/include/refbase.h:852
(inlined by) OHOS::Bluetooth::RemoteObserverList<OHOS::Bluetooth::IBluetoothBleCentralManagerCallback, int>::ForEach(std::__h::function<void (OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback)> const&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../foundation/communication/bluetooth_service/services/bluetooth/server/include/remote_observer_list.h:147
std::__h::__function::__func<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*), std::__h::allocator<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)>, void (OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback)>::__func[abi:v15004](OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)&&, std::__h::allocator<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)>&&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/__functional/function.h:304
(inlined by) std::__h::__function::__value_func<void (OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback)>::__value_func[abi:v15004]<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*), std::__h::allocator<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)> >(OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)&&, std::__h::allocator<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)> const&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/__functional/function.h:425
(inlined by) std::__h::__function::__value_func<void (OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback)>::__value_func[abi:v15004]<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*), void>(OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)&&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/__functional/function.h:434
(inlined by) std::__h::function<void (OHOS::sptrOHOS::Bluetooth::IBluetoothBleCentralManagerCallback)>::function<OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*), void>(OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&)::'lambda'(OHOS::Bluetooth::IBluetoothBleCentralManagerCallback*)) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../prebuilts/clang/ohos/linux-x86_64/llvm/bin/../include/libcxx-ohos/include/c++/v1/__functional/function.h:1140
(inlined by) OHOS::Bluetooth::BluetoothBleCentralManagerServer::impl::BleCentralManagerCallback::OnScanCallback(OHOS::bluetooth::BleScanResultImpl const&) at /opt/ohos/laphone_4.0Release_2/out/laphone/../../foundation/communication/bluetooth_service/services/bluetooth/server/src/bluetooth_ble_central_manager_server.cpp:85