Invalid read in hid_close

[luke-jr]

Seems hidapi is accessing data after it's freed it :(

==16412== Invalid read of size 4
==16412==    at 0x41AA085D: do_close (core.c:1195)
==16412==    by 0x41AA0BB9: libusb_close (core.c:1295)
==16412==    by 0x401EB0C: hid_close (hid.c:1164)
==16412==    by 0x810D061: mcp2210_close (mcp2210.c:131)
==16412==    by 0x810C116: nanofury_lowl_probe (driver-nanofury.c:288)
==16412==    by 0x807987F: probe_device_thread (miner.c:11288)
==16412==    by 0x4E336D42: start_thread (pthread_create.c:308)
==16412==    by 0x4E22631D: clone (clone.S:131)
==16412==  Address 0x5519d20 is 8 bytes inside a block of size 116 free'd
==16412==    at 0x4008708: free (vg_replace_malloc.c:468)
==16412==    by 0x41AA4FFD: libusb_free_transfer (io.c:1363)
==16412==    by 0x401EAE8: hid_close (hid.c:1158)
==16412==    by 0x810D061: mcp2210_close (mcp2210.c:131)
==16412==    by 0x810C116: nanofury_lowl_probe (driver-nanofury.c:288)
==16412==    by 0x807987F: probe_device_thread (miner.c:11288)
==16412==    by 0x4E336D42: start_thread (pthread_create.c:308)
==16412==    by 0x4E22631D: clone (clone.S:131)

[signal11]

Are you able to figure out what's going on? Are you sure its hidapi and not libusb?

[luke-jr]

No, I'm afraid this is a bit over my head; I suppose it could just as well be a libusb issue.

[signal11]

It might be hidapi. See if the problem exists in just a basic hidapi test program.

[signal11]

For what it's worth, I just ran up a valgrind here on the hidtest (opening and reading from a joystick) and it shows clean. If you find out anything else, feel free to re-open.