Crash in AES driver
Using a AES2501 device:
==27555== Invalid read of size 4
==27555== at 0x48931E1: continue_write_regv (aeslib.c:100)
==27555== by 0x4893527: write_regv_trf_complete (aeslib.c:61)
==27555== by 0x7F1FB45: ??? (in /usr/lib64/libusb-1.0.so.0.1.0)
==27555== by 0x7F23EBB: ??? (in /usr/lib64/libusb-1.0.so.0.1.0)
==27555== by 0x7F25857: ??? (in /usr/lib64/libusb-1.0.so.0.1.0)
==27555== by 0x7F1F4A2: ??? (in /usr/lib64/libusb-1.0.so.0.1.0)
==27555== by 0x7F2062B: libusb_handle_events_timeout_completed (in /usr/lib64/libusb-1.0.so.0.1.0)
==27555== by 0x4870DB4: fp_handle_events_timeout (fpi-poll.c:318)
==27555== by 0x403FCC: source_dispatch (loop.c:86)
==27555== by 0x7B11A11: g_main_dispatch (gmain.c:3182)
==27555== by 0x7B11A11: g_main_context_dispatch (gmain.c:3857)
==27555== by 0x7B11E1F: g_main_context_iterate.isra.0 (gmain.c:3930)
==27555== by 0x7B120F2: g_main_loop_run (gmain.c:4124)
==27555== by 0x403D45: main (main.c:216)
==27555== Address 0x885d8f8 is 24 bytes inside a block of size 48 free'd
==27555== at 0x4839A0C: free (vg_replace_malloc.c:540)
==27555== by 0x48935CD: aes_write_regv (aeslib.c:159)
==27555== by 0x48803C5: activate_run_state (aes2501.c:755)
==27555== by 0x486E691: __ssm_call_handler (fpi-ssm.c:153)
==27555== by 0x486E803: fpi_ssm_start (fpi-ssm.c:172)
==27555== by 0x487F1E2: dev_activate (aes2501.c:801)
==27555== by 0x486C1B3: dev_activate (fpi-dev-img.c:550)
==27555== by 0x486C1B3: generic_acquire_start.isra.0 (fpi-dev-img.c:573)
==27555== by 0x486C2E9: img_dev_enroll_start (fpi-dev-img.c:597)
==27555== by 0x4865C2D: fp_async_enroll_start (fpi-async.c:204)
==27555== by 0x405863: fprint_device_enroll_start (device.c:1158)
==27555== by 0x77FAF55: ??? (in /usr/lib64/libdbus-glib-1.so.2.3.4)
==27555== by 0x78460B7: ??? (in /usr/lib64/libdbus-1.so.3.19.11)
==27555== by 0x7836763: dbus_connection_dispatch (in /usr/lib64/libdbus-1.so.3.19.11)
==27555== by 0x780CB78: ??? (in /usr/lib64/libdbus-glib-1.so.2.3.4)
==27555== by 0x7B11A11: g_main_dispatch (gmain.c:3182)
==27555== by 0x7B11A11: g_main_context_dispatch (gmain.c:3857)
==27555== by 0x7B11E1F: g_main_context_iterate.isra.0 (gmain.c:3930)
==27555== by 0x7B120F2: g_main_loop_run (gmain.c:4124)
==27555== by 0x403D45: main (main.c:216)
==27555== Block was alloc'd at
==27555== at 0x483880B: malloc (vg_replace_malloc.c:309)
==27555== by 0x7B17528: g_malloc (gmem.c:99)
==27555== by 0x4893591: aes_write_regv (aeslib.c:150)
==27555== by 0x48803C5: activate_run_state (aes2501.c:755)
==27555== by 0x486E691: __ssm_call_handler (fpi-ssm.c:153)
==27555== by 0x486E803: fpi_ssm_start (fpi-ssm.c:172)
==27555== by 0x487F1E2: dev_activate (aes2501.c:801)
==27555== by 0x486C1B3: dev_activate (fpi-dev-img.c:550)
==27555== by 0x486C1B3: generic_acquire_start.isra.0 (fpi-dev-img.c:573)
==27555== by 0x486C2E9: img_dev_enroll_start (fpi-dev-img.c:597)
==27555== by 0x4865C2D: fp_async_enroll_start (fpi-async.c:204)
==27555== by 0x405863: fprint_device_enroll_start (device.c:1158)
==27555== by 0x77FAF55: ??? (in /usr/lib64/libdbus-glib-1.so.2.3.4)
==27555== by 0x78460B7: ??? (in /usr/lib64/libdbus-1.so.3.19.11)
==27555== by 0x7836763: dbus_connection_dispatch (in /usr/lib64/libdbus-1.so.3.19.11)
==27555== by 0x780CB78: ??? (in /usr/lib64/libdbus-glib-1.so.2.3.4)
==27555== by 0x7B11A11: g_main_dispatch (gmain.c:3182)
==27555== by 0x7B11A11: g_main_context_dispatch (gmain.c:3857)
==27555== by 0x7B11E1F: g_main_context_iterate.isra.0 (gmain.c:3930)
==27555== by 0x7B120F2: g_main_loop_run (gmain.c:4124)
==27555== by 0x403D45: main (main.c:216)