| f49d9f75 |
core/device: Fix breakage of Bluetooth pairing
This patch converts old propertis containing list of services available
on remote devices. Without that previously paired devices, i.e.
keyboards, will not work properly. |
Jakub Pawlowski |
9 years ago |
1 file, +58, -15 |
| b4841296 |
HACKING: Add necessary commands to configure git send-email
This is convenient for people not involved with projects using email to
as review process. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +27, -0 |
| 20ab2909 |
systemd: Enable ProtectHome and ProtectSystem options
These options protect from unintended access to the filesystem see
SYSTEMD.EXEC(5) for mode detail. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +2, -0 |
| 0628449e |
doc/gatt-api: Make Notifying property optional
If the characteristic does not support nofications nor indications the
Notifying property can be omitted as it will never going to be used. |
Luiz Augusto von Dentz |
9 years ago |
2 files, +12, -2 |
| 6aa37338 |
tools: Change test-runner license to LGPL easy reuse |
Marcel Holtmann |
9 years ago |
1 file, +9, -9 |
| 969cc06e |
Release 5.39 |
Marcel Holtmann |
9 years ago |
2 files, +11, -1 |
| 49ad9f86 |
lib: Update company identifiers |
Marcel Holtmann |
9 years ago |
1 file, +50, -0 |
| 55bcfbc3 |
shared/gatt-server: Add support for long write
With this patch long write and nested long write reliable is supported.
GATT server is responsible now to do aggregation of prep write data
for long write session.
Note: We consider long write as the consequtive prepare writes with
continues offsets.
E.g. 1
prep_write: handle 1, offset 0, value_len 10
prep_write: handle 1, offset 10, value_len 10
prep_write: handle 2, offset 0, value_len 10
prep_write: handle 2, offset 10, value_len 10
Will result with following calles to app:
exec_write: handle 1: offset 0, value_len 20
exec_write: handle 2: offset 0, value_len 20
E.g. 2
prep_write: handle 1, offset 0, value_len 10
prep_write: handle 1, offset 2, value_len 5
prep_write: handle 2, offset 0, value_len 10
prep_write: handle 2, offset 4, value_len 5
Will result with following calles to app:
exec_write: handle 1: offset 0, value_len 10
exec_write: handle 1: offset 2, value_len 5
exec_write: handle 2: offset 0, value_len 10
exec_write: handle 2: offset 4, value_len 5
E.g. 3
prep_write: handle 1, offset 0, value_len 10
prep_write: handle 1, offset 5, value_len 5
prep_write: handle 1, offset 10, value_len 6
will result with following calles to app:
exec_write: handle 1, offset 0, value 10
exec_write: handle 1, offset 5, value 11 |
Łukasz Rymanowski |
9 years ago |
1 file, +67, -20 |
| 08bca88c |
client: Fix code style problems
Only tabs shall be used for indentation. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +15, -17 |
| eeaa5a1a |
input/hog: Fix crash if uhid is not enabled
If /dev/uhid is not present bt_hog_new_default() returns NULL.
This was resulting in NULL pointer dereference in attio_connected_cb. |
Szymon Janc |
9 years ago |
1 file, +9, -1 |
| 1721258a |
audio: Fix double free
Because avdtp_unref can now cause a state change the stream reference
shall be dropped before a2dp_cancel is called otherwise the code may
attempt to unref once more using the same reference:
Invalid read of size 8
at 0x41F33B: avdtp_set_state (avdtp.c:695)
by 0x420CE7: connection_lost (avdtp.c:1118)
by 0x4216C4: avdtp_unref (avdtp.c:1178)
by 0x418098: source_disconnect (source.c:395)
by 0x41D417: a2dp_source_disconnect (a2dp.c:2312)
by 0x49A64B: btd_service_disconnect (service.c:273)
by 0x49E120: dev_disconn_service (device.c:1325)
by 0x50E6DAC: g_slist_foreach (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x4A3894: device_request_disconnect (device.c:1357)
by 0x4A3A3C: dev_disconnect (device.c:1442)
by 0x4C7F22: process_message.isra.3 (object.c:259)
by 0x4C877C: generic_message (object.c:1071)
Address 0x929b0c0 is 16 bytes inside a block of size 1,160 free'd
at 0x4C29E00: free (vg_replace_malloc.c:530)
by 0x50CE5ED: g_free (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x42163B: avdtp_free (avdtp.c:1101)
by 0x42163B: avdtp_unref (avdtp.c:1182)
by 0x417808: source_set_state (source.c:108)
by 0x4178F9: avdtp_state_callback (source.c:122)
by 0x41F386: avdtp_set_state (avdtp.c:698)
by 0x420CE7: connection_lost (avdtp.c:1118)
by 0x4216C4: avdtp_unref (avdtp.c:1178)
by 0x418098: source_disconnect (source.c:395)
by 0x41D417: a2dp_source_disconnect (a2dp.c:2312)
by 0x49A64B: btd_service_disconnect (service.c:273)
by 0x49E120: dev_disconn_service (device.c:1325) |
Luiz Augusto von Dentz |
9 years ago |
2 files, +6, -6 |
| 158248f2 |
audio/avdtp: Fix code style |
Luiz Augusto von Dentz |
9 years ago |
2 files, +2, -1 |
| 25bce135 |
build: Make old GATT plugins deprecated
This disables building plugins that are no longer supported by the core
since the transition to gatt-db. In the future these plugins will have to
be ported to use gatt-db or be removed if the profile can be implemented
using the GATT D-Bus APIs. |
Luiz Augusto von Dentz |
9 years ago |
2 files, +6, -1 |
| cc235a8d |
audio/avrcp: Fix registering to player events
If controller does not have a player skip registering to events which
requires a player. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +3, -2 |
| 3d1a3daa |
audio/avdtp: Fix crash on outgoing connection failure
This fix double free if outgoing connection failed. This was due to
connection_lost() being called from avdtp_unref which could result
in another call to connection_lost when session ref is already 0.
Fix this in similar way pairing agent is handled: takes extra reference
before calling callbacks and unref it before exit. Then only unref is
suppose to free session.
connect error: Host is down (112)
profiles/audio/avdtp.c:connection_lost() Disconnected from 00:0C:8A:FB:D4:16
profiles/audio/a2dp.c:discover_cb() err 0xfff000240
profiles/audio/avdtp.c:avdtp_unref() 0x85a88f0: ref=1
src/service.c:change_state() 0x7f7c710: device 00:0C:8A:FB:D4:16 profile
a2dp-sink state changed: connecting -> disconnected (-11)
src/device.c:device_profile_connected() a2dp-sink Resource temporarily
unavailable (11)
src/device.c:device_profile_connected() returning response to :1.37
profiles/audio/a2dp.c:setup_unref() 0x85b0380: ref=0
profiles/audio/a2dp.c:setup_free() 0x85b0380
profiles/audio/avdtp.c:avdtp_unref() 0x85a88f0: ref=0
profiles/audio/avdtp.c:connection_lost() Disconnected from 00:0C:8A:FB:D4:16
profiles/audio/a2dp.c:discover_cb() err 0xfff000170
profiles/audio/sink.c:sink_set_state() State changed /org/bluez/hci0/
dev_00_0C_8A_FB_D4_16: SINK_STATE_CONNECTING -> SINK_STATE_DISCONNECTED
profiles/audio/a2dp.c:channel_remove() chan 0x85a8780
profiles/audio/avdtp.c:avdtp_free() 0x85a88f0
Invalid free() / delete / delete[] / realloc()
at 0x4C29CF0: free (vg_replace_malloc.c:530)
by 0x50CE5ED: g_free (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x4177E3: finalize_discovery (avdtp.c:1039)
by 0x41789A: connection_lost (avdtp.c:1114)
by 0x41A7FD: avdtp_connect_cb (avdtp.c:2339)
by 0x44CBFB: connect_cb (btio.c:232)
by 0x50C8E39: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C91CF: ??? (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C94F1: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x40B7B7: main (main.c:687)
Address 0x85b4c30 is 0 bytes inside a block of size 24 free'd
at 0x4C29CF0: free (vg_replace_malloc.c:530)
by 0x50CE5ED: g_free (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x4177E3: finalize_discovery (avdtp.c:1039)
by 0x41789A: connection_lost (avdtp.c:1114)
by 0x413EE2: setup_free (a2dp.c:163)
by 0x413EE2: setup_unref (a2dp.c:178)
by 0x413F5F: setup_cb_free (a2dp.c:201)
by 0x41638D: finalize_discover (a2dp.c:346)
by 0x41638D: discover_cb (a2dp.c:1855)
by 0x4177DB: finalize_discovery (avdtp.c:1037)
by 0x41789A: connection_lost (avdtp.c:1114)
by 0x41A7FD: avdtp_connect_cb (avdtp.c:2339)
by 0x44CBFB: connect_cb (btio.c:232)
by 0x50C8E39: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4600.2)
Block was alloc'd at
at 0x4C2A988: calloc (vg_replace_malloc.c:711)
by 0x50CE530: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x4190FB: avdtp_discover (avdtp.c:3186)
by 0x416C19: a2dp_discover (a2dp.c:1872)
by 0x413642: sink_setup_stream (sink.c:265)
by 0x4136C4: sink_connect (sink.c:294)
by 0x470165: btd_service_connect (service.c:238)
by 0x47583C: connect_next.isra.18 (device.c:1455)
by 0x478500: connect_profiles (device.c:1710)
by 0x48EC4A: process_message.isra.5 (object.c:259)
by 0x53DD1A2: ??? (in /usr/lib64/libdbus-1.so.3.14.6)
by 0x53CE733: dbus_connection_dispatch (in /usr/lib64/libdbus-1.so.3.14.6) |
Szymon Janc |
9 years ago |
1 file, +13, -8 |
| c082d4d9 |
tools/btattach: Add command line switch for specifying the baudrate |
Johan Hedberg |
9 years ago |
1 file, +67, -7 |
| 0178f463 |
tests/example-gatt-client: Fix using invalid property
This fixes the following trace caused by GattServices1 no longer
containing a property called Characteristics:
Traceback (most recent call last):
File "./example-gatt-client", line 221, in <module>
main()
File "./example-gatt-client", line 207, in main
if not process_hr_service(service_path):
File "./example-gatt-client", line 167, in process_hr_service
chrc_paths = service_props['Characteristics']
KeyError: 'Characteristics' |
Luiz Augusto von Dentz |
9 years ago |
1 file, +22, -20 |
| 830e1a91 |
audio/a2dp: Simplify error handling
Don't expose avdtp_error in a2dp.h instead handle it internally
converting to posix error whenever necessary. |
Luiz Augusto von Dentz |
9 years ago |
5 files, +56, -57 |
| 8c53182e |
audio/avdtp: Fix passing wrong error code
finalize_discovery actually expect positive codes since it passes to
avdtp_error_init. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +1, -1 |
| 3fbd76ff |
audio/avdtp: Only set disconnect timer if connected
If the session is not connected it makes no sense to enable the
disconnect timer. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +6, -1 |
| 177d27c8 |
audio/avrcp: Fix crash when connecting to controllers
Patch 70fdb77d0af137aa859f267da976f610cd9bbbd2 has actually caused the
following regression since no player is set:
Invalid read of size 8
at 0x435B8E: avrcp_player_value_rsp (avrcp.c:2150)
by 0x42FB83: control_response (avctp.c:831)
by 0x42FB83: session_cb (avctp.c:996)
by 0x50C8E39: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C91CF: ??? (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C94F1: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x40C258: main (main.c:687)
Address 0x58 is not stack'd, malloc'd or (recently) free'd |
Luiz Augusto von Dentz |
9 years ago |
1 file, +1, -1 |
| 89931dd1 |
shared/gatt-server: Fix handle error on execute write
If there is an error during execute write we should drop all
outstanding prep_write data. This patch fix that. |
Łukasz Rymanowski |
9 years ago |
1 file, +5, -0 |
| 54279633 |
unit/test-gatt: Fix long write test
This patch change characteristic we are writing too in the nested
long write reliable testcase.
Basically characteristic with handle 0x0072 already have characteristic
extended descriptor required for reliable session |
Łukasz Rymanowski |
9 years ago |
1 file, +4, -4 |
| ab93e230 |
unit/test-gatt: Extend large-db
This patch adds characteristic extended descriptor to characteristic
handle 0x0081. Also fixes testes using this.
We need this to make script pass when following patches start
to look into this descriptor on reliable write session |
Łukasz Rymanowski |
9 years ago |
1 file, +6, -4 |
| e4d7cb7b |
unit/test-gatt: Modify small-db
This patch adds Characteristic Extended descriptor to characteristic
with handle 0x0002 nad 0x0014.
Also fixes scripts using small-db.
We need this as next patches will start to look into this descriptor
on reliable write session. |
Łukasz Rymanowski |
9 years ago |
1 file, +29, -22 |
| 0a1a030d |
unit/test-gatt: Fix long write testcases
Idea of long write is that each part of data is continuation
of previous one. There shall be not gaps in the offsets between.
If there are gaps in offset then we have reliable write rather than
long write |
Łukasz Rymanowski |
9 years ago |
1 file, +8, -8 |
| e1e14517 |
shared/gatt-client: Forward events from parent to clones
Some events such as ready and service changed shall be forward to clones
since the clones may have set callbacks as well. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +39, -0 |
| 555ab133 |
shared/gatt-client: Make it possible to clone non-ready clients
This is necessary in order to be possible to send commands while the
discovery is in progress. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +1, -1 |
| 71d9bac2 |
core/gatt-client: Fix crash on service changed
The following crash can be observed when a service is removed from the
remote device leading to remove a client but instead a different
pointer was given causing which may leave the notification queue with
invalid clients:
Invalid read of size 8
at 0x4A80D1: remove_client (gatt-client.c:1311)
by 0x4DA16E: queue_remove_all (queue.c:351)
by 0x4A7DF3: unregister_characteristic (gatt-client.c:1331)
by 0x4DA16E: queue_remove_all (queue.c:351)
by 0x4A7D65: unregister_service (gatt-client.c:1447)
by 0x4DA0D5: queue_remove_all (queue.c:336)
by 0x4AB11C: btd_gatt_client_service_removed (gatt-client.c:1747)
by 0x4AFEA3: gatt_service_removed (device.c:3448)
by 0x4E8FD1: handle_notify (gatt-db.c:249)
by 0x4D9DC3: queue_foreach (queue.c:220)
by 0x4E9ECB: notify_service_changed (gatt-db.c:266)
by 0x4E9F7C: gatt_db_service_destroy (gatt-db.c:277)
Address 0x8cf8620 is 0 bytes inside a block of size 32 free'd
at 0x4C29E00: free (vg_replace_malloc.c:530)
by 0x4A9405: register_notify (gatt-client.c:1669)
by 0x4D9DC3: queue_foreach (queue.c:220)
by 0x4AAFBB: btd_gatt_client_connected (gatt-client.c:1714)
by 0x4B2DAA: gatt_client_init (device.c:4591)
by 0x4B2DAA: device_attach_att (device.c:4705)
by 0x4B4712: att_connect_cb (device.c:4742)
by 0x47375B: connect_cb (btio.c:232)
by 0x50C8E39: g_main_context_dispatch (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C91CF: ??? (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x50C94F1: g_main_loop_run (in /usr/lib64/libglib-2.0.so.0.4600.2)
by 0x40C258: main (main.c:687) |
Luiz Augusto von Dentz |
9 years ago |
1 file, +2, -2 |
| 2e45ec63 |
tools: make parse_companies.pl more forgiving of weird HTML
Several company identifier lines do not end in a </td> but rather <br/>
followed by newline followed by </td>. This dirty hack is more forgiving
of HTML weirdnesses in the SIGs company identifiers page. |
Mike Ryan |
9 years ago |
1 file, +1, -1 |
| 4d7b1d2b |
unit/test-crypto: Add test based on sample data from errata 4243 |
Szymon Janc |
9 years ago |
1 file, +34, -5 |
| 90af4e53 |
Release 5.38 |
Marcel Holtmann |
9 years ago |
2 files, +11, -1 |
| 63233aa0 |
monitor: Update vendor defined 16-bit UUID entries |
Marcel Holtmann |
9 years ago |
1 file, +21, -0 |
| 9deb4d86 |
lib: Update company identifiers |
Marcel Holtmann |
9 years ago |
1 file, +159, -1 |
| fde1929f |
build: Update library version |
Marcel Holtmann |
9 years ago |
1 file, +1, -1 |
| 469ebe6c |
shared/gatt-client: Simplify service changed handling
Don't reset the range since the discovery should be able to detect
modifications and in case the service was removed the code calls
gatt_db_clear_range to reset it at the end. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +0, -10 |
| 017dd382 |
shared/gatt-client: Don't remove notification handlers
The notification handlers shall not be removed automatically when service
changed is received and the handle is in range. The user should be able to
decide whether to keep the registration or not since it will get events of
the service changed via gatt_db. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +0, -51 |
| 1c595a1a |
core/gatt-client: Use of bt_gatt_client_clone
This uses bt_gatt_client_clone to track pending requests and cancel
them if bt_gatt_client_unref is called. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +9, -45 |
| 2efa6c8a |
shared/gatt-client: Add bt_gatt_client_clone
This adds bt_gatt_client_clone which can clone existing client skipping
the discovery phase and creating separate queues so that all requests
done using the clone can be cancelled separately. |
Luiz Augusto von Dentz |
9 years ago |
2 files, +42, -10 |
| 1d8f94e7 |
core/advertising: Fix byte order for MGMT_OP_ADD_ADVERTISING flags
Fix byte order for MGMT_OP_ADD_ADVERTISING flags |
Andrejs Hanins |
9 years ago |
1 file, +1, -1 |
| bfec482d |
core/device: Make sure ServicesResolved is triggered last
Service objects shall show up before ServicesResolved as that will be
used to trigger enumeration of the services at the higher layers. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +2, -2 |
| 2f3c4b2f |
doc/gatt-api: Remove Characteristics and Descriptors properties
These properties are no longer needed since the objects shall be managed
with use of ObjectManager both in case of client and server. |
Luiz Augusto von Dentz |
9 years ago |
2 files, +0, -110 |
| 88199592 |
TODO: Update GATT/ATT items |
Luiz Augusto von Dentz |
9 years ago |
1 file, +0, -100 |
| 4ed99044 |
doc/device-api: Replace GattServices with ServicesDiscovered property
GattServices is not really doing was it was meant to do which was to
track progress of service discovery since it only worked for the very
first time a device is connected but since we no longer remove the
attributes an application would have the false impression the service are
all resolved by the time it reconnects when in fact the service may have
changed.
Furthermore object tracking like it is doing has been obsolete by
ObjectManager so this propose to replace the service discovery tracking
with a boolean property which works both with SDP as well as GATT
discovery. |
Luiz Augusto von Dentz |
9 years ago |
2 files, +28, -60 |
| 5c1ffd0c |
doc/mgmt-api: Mark 4.5 kernel as released |
Johan Hedberg |
9 years ago |
1 file, +1, -1 |
| 2664ec71 |
shared/gatt-client: Don't send Exchange MTU for default value
If the MTU to be exchange is the default there is no pointing in sending
it since the remote already assumes it anyway. |
Luiz Augusto von Dentz |
9 years ago |
1 file, +19, -0 |
| 262cb18e |
doc: Fix data length in Advertising API description
LE Advertising Data is 31 bytes long. |
Szymon Janc |
9 years ago |
1 file, +1, -1 |
| c8a81f43 |
doc/mgmt-api: Document mgmt version 1.12 features |
Johan Hedberg |
9 years ago |
1 file, +3, -0 |
| 48064a26 |
doc/mgmt-api: Update privacy mode 0x02 description |
Johan Hedberg |
9 years ago |
1 file, +3, -5 |
| 7a176b49 |
uuid: fix 1 byte stack overflow
scanf requires that '[' convertion specifiers have enough room for all
characters in the string, _plus a terminating null byte_. We were
previously not providing room for the terminating null byte.
This was detected by AddressSanitizer:
==15036==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffe4e774401 at pc 0x7fd33f572c98 bp 0x7ffe4e774270 sp 0x7ffe4e7739f8
WRITE of size 2 at 0x7ffe4e774401 thread T0
#0 0x7fd33f572c97 in scanf_common /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:340
#1 0x7fd33f5739ea in __interceptor_vsscanf /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:769
#2 0x7fd33f573b49 in __interceptor_sscanf /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:793
#3 0x650db5 in is_base_uuid128 lib/uuid.c:191
#4 0x65196e in bt_string_to_uuid lib/uuid.c:267
#5 0x56f28e in parse_uuid src/gatt-database.c:1473
#6 0x5729e0 in database_add_service src/gatt-database.c:2053
#7 0x57329f in database_add_app src/gatt-database.c:2106
#8 0x573adc in client_ready_cb src/gatt-database.c:2211
#9 0x6695fd in get_managed_objects_reply gdbus/client.c:1097
#10 0x7fd33efd5391 (/usr/lib/libdbus-1.so.3+0x13391)
#11 0x7fd33efd8db0 in dbus_connection_dispatch (/usr/lib/libdbus-1.so.3+0x16db0)
#12 0x651ecd in message_dispatch gdbus/mainloop.c:72
#13 0x7fd33f25cc39 in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x49c39)
#14 0x7fd33f25cfdf (/usr/lib/libglib-2.0.so.0+0x49fdf)
#15 0x7fd33f25d301 in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x4a301)
#16 0x54b7d1 in main src/main.c:687
#17 0x7fd33d90870f in __libc_start_main (/usr/lib/libc.so.6+0x2070f)
#18 0x40bba8 in _start (/home/cody/g/bluez/src/bluetoothd+0x40bba8)
Address 0x7ffe4e774401 is located in stack of thread T0 at offset 33 in frame
#0 0x650ccd in is_base_uuid128 lib/uuid.c:184
This frame has 2 object(s):
[32, 33) 'dummy' <== Memory access at offset 33 overflows this variable
[96, 98) 'uuid'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow /build/gcc-multilib/src/gcc-5-20160209/libsanitizer/sanitizer_common/sanitizer_common_interceptors_format.inc:340 scanf_common
Shadow bytes around the buggy address:
0x100049ce6830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100049ce6840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100049ce6850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100049ce6860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100049ce6870: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
=>0x100049ce6880:[01]f4 f4 f4 f2 f2 f2 f2 02 f4 f4 f4 f3 f3 f3 f3
0x100049ce6890: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
0x100049ce68a0: 00 f4 f4 f4 f2 f2 f2 f2 00 00 04 f4 f2 f2 f2 f2
0x100049ce68b0: 00 00 00 00 00 00 00 00 00 f4 f4 f4 f3 f3 f3 f3
0x100049ce68c0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
0x100049ce68d0: 01 f4 f4 f4 f2 f2 f2 f2 00 00 04 f4 f3 f3 f3 f3
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==15036==ABORTING |
Cody P Schafer |
9 years ago |
1 file, +2, -2 |