On Tue, 28 Jun 2011 15:14:35 +0200
Uwe Bonnes <bon@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> >>>>> "Matthias" == Matthias Janke
> >>>>> <matthias.janke@xxxxxxxxxxxxxxxxxxxxxxx> writes:
>
> Matthias> Am Mon, 27 Jun 2011 15:33:29 +0200 schrieb Matthias
> Matthias> Janke <matthias.janke@xxxxxxxxxxxxxxxxxxxxxxx>:
>
> >> As far as I could locate it they all come from
> >> ftdi_usb_get_strings downwards.
>
> Matthias> That was actually wrong. The root of the problem is
> Matthias> that in ftdi_usb_find_all at line 307 devs is
> Matthias> completely freed, while devlist has still references to
> Matthias> elements in dev. So using devlist in any way causes
> Matthias> invalid reads, writes and frees. A solution would be to
> Matthias> add an else to the if in line 294 which frees just the
> Matthias> non ftdi elements of devs. but would that be a clean
> Matthias> solution? why is devlist aliased to currdev?
>
> What about the solution in the just sent patch to keep the devlist in
> ftdi_context and only free it on exit.
Well, that solution should work (not tested yet) but is rather
invasive. I was thinking of something which plays with the refcount
mechanism of libusb changing:
(*curdev)->dev = dev;
to
(*curdev)->dev = libusb_ref_device(dev);
but I didn't find any docs on the behaviour of this mechanism, yet. so I'm not
sure if it would work.
--
libftdi - see http://www.intra2net.com/en/developer/libftdi for details.
To unsubscribe send a mail to libftdi+unsubscribe@xxxxxxxxxxxxxxxxxxxxxxx
|