https://bugzilla.kernel.org/show_bug.cgi?id=198685 --- Comment #9 from Nathaniel McCallum (npmccallum@xxxxxxxxxx) --- The full log is attached. The relevant bit is this: src/device.c:gatt_debug() Primary services found: 3 src/device.c:gatt_debug() start: 0x0001, end: 0x0003, uuid: 00001801-0000-1000-8000-00805f9b34fb src/device.c:gatt_debug() start: 0x0014, end: 0x001a, uuid: 00001800-0000-1000-8000-00805f9b34fb src/device.c:gatt_debug() start: 0x0028, end: 0xffff, uuid: 0000fffd-0000-1000-8000-00805f9b34fb src/device.c:gatt_debug() Registered handler for "Service Changed": 0 src/device.c:gatt_client_ready_cb() status: success, error: 0 src/gatt-client.c:btd_gatt_client_ready() GATT client ready src/gatt-client.c:create_services() Exporting objects for GATT services: AC:37:43:BD:2B:0A src/gatt-client.c:service_create() Exported GATT service: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0001 src/gatt-client.c:characteristic_create() Exported GATT characteristic: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0001/char0002 src/gatt-client.c:service_create() Exported GATT service: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028 src/gatt-client.c:characteristic_create() Exported GATT characteristic: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char0029 src/gatt-client.c:characteristic_create() Exported GATT characteristic: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char002b src/gatt-client.c:descriptor_create() Exported GATT characteristic descriptor: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char002b/desc002d src/gatt-client.c:characteristic_create() Exported GATT characteristic: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char002e src/gatt-client.c:characteristic_create() Exported GATT characteristic: /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char0030 src/device.c:device_svc_resolved() /org/bluez/hci0/dev_AC_37_43_BD_2B_0A err 0 src/gatt-client.c:notify_client_ref() owner :1.302 src/gatt-client.c:characteristic_create_pipe() AcquireNotify: sender :1.302 io 0x7b299c0 src/gatt-client.c:characteristic_pipe_hup() /org/bluez/hci0/dev_AC_37_43_BD_2B_0A/service0028/char002b: io 0x7b299c0 src/gatt-client.c:notify_client_unref() owner :1.302 src/gatt-client.c:notify_client_free() owner :1.302 src/gatt-client.c:notify_client_ref() owner :1.302 ==18279== Invalid read of size 8 ==18279== at 0x181119: register_notify_io_cb (gatt-client.c:1437) ==18279== by 0x1AD2EF: complete_notify_request (gatt-client.c:1215) ==18279== by 0x1AD2EF: enable_ccc_callback (gatt-client.c:1297) ==18279== by 0x1AA597: handle_rsp (att.c:713) ==18279== by 0x1AA597: can_read_data (att.c:885) ==18279== by 0x1B3362: watch_callback (io-glib.c:170) ==18279== by 0x4E87A66: g_main_dispatch (gmain.c:3177) ==18279== by 0x4E87A66: g_main_context_dispatch (gmain.c:3830) ==18279== by 0x4E87E0F: g_main_context_iterate.isra.21 (gmain.c:3903) ==18279== by 0x4E88121: g_main_loop_run (gmain.c:4099) ==18279== by 0x1260FA: main (main.c:770) ==18279== Address 0x7b26a10 is 0 bytes inside a block of size 32 free'd ==18279== at 0x4C30D18: free (vg_replace_malloc.c:530) ==18279== by 0x180602: pipe_io_destroy (gatt-client.c:1082) ==18279== by 0x180667: characteristic_destroy_pipe (gatt-client.c:1104) ==18279== by 0x180717: characteristic_pipe_hup (gatt-client.c:1119) ==18279== by 0x1B3362: watch_callback (io-glib.c:170) ==18279== by 0x4E87A66: g_main_dispatch (gmain.c:3177) ==18279== by 0x4E87A66: g_main_context_dispatch (gmain.c:3830) ==18279== by 0x4E87E0F: g_main_context_iterate.isra.21 (gmain.c:3903) ==18279== by 0x4E88121: g_main_loop_run (gmain.c:4099) ==18279== by 0x1260FA: main (main.c:770) ==18279== Block was alloc'd at ==18279== at 0x4C2FB6B: malloc (vg_replace_malloc.c:299) ==18279== by 0x1A576D: btd_malloc (util.c:46) ==18279== by 0x180923: notify_client_create (gatt-client.c:1330) ==18279== by 0x180C68: characteristic_acquire_notify (gatt-client.c:1486) ==18279== by 0x1A1F8A: process_message.isra.7 (object.c:259) ==18279== by 0x51773DF: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:1020) ==18279== by 0x5168209: dbus_connection_dispatch (dbus-connection.c:4744) ==18279== by 0x19E80F: message_dispatch (mainloop.c:72) ==18279== by 0x4E84436: g_idle_dispatch (gmain.c:5535) ==18279== by 0x4E87A66: g_main_dispatch (gmain.c:3177) ==18279== by 0x4E87A66: g_main_context_dispatch (gmain.c:3830) ==18279== by 0x4E87E0F: g_main_context_iterate.isra.21 (gmain.c:3903) ==18279== by 0x4E88121: g_main_loop_run (gmain.c:4099) ==18279== -- You are receiving this mail because: You are the assignee for the bug.-- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
