DFU upload causes memory corruption (patch)
Werner Almesberger
werner at openmoko.org
Tue Mar 13 11:42:01 CET 2007
Harald Welte wrote:
> I haven't looked at the usbtty code into much detail, but I'm not sure
> how often it allocates/free's URB's. If that happens every character
> (worst case) then we don't want to allocate several kilobytes of memory
> each time.
Well, if we free them soon enough, it doesn't really matter.
> So in any caes, maybe we shoul get rid of that static buffer in 'struct
> urb' alltogether and dynamically allocate, just like "first class
> citizen" usb code does (and the usbdcore code did before somebody hacked
> it for u-boot).
Is the allocator actually re-entrant ? Otherwise, this could cause a
lot of fun :-)
> At least in the DFU case, EP0 would then be allocated with 4096 byte
> data buffer, just to accomodate one 'transfer size' block.
Sounds good, yes.
So, what do we do ? Start the great rewrite now ? Just use my hack for
now to make uploads work, and come back when the other fires have been
put out ? What worries me about this bug is that it breaks the
devirginator. I think we don't want the devirginator broken for long.
(My #212 hack also breaks it, althought a bit less violently. Perhaps
I should reverse the AUX logic after all ...)
- Werner
--
_________________________________________________________________________
/ Werner Almesberger, Buenos Aires, Argentina werner at almesberger.net /
/_http://www.almesberger.net/____________________________________________/
More information about the openmoko-uboot
mailing list