Skip to content

There is a code error here

In hw/usb/redirect.c, when function usbredir_buffered_bulk_packet call function bufp_alloc, parameter data use offset (data + i). But in function bufp_alloc call function free free paramter data memory.

static void usbredir_buffered_bulk_packet(...)

......
    for (i = 0; i < data_len; i += len) {
        int r;
        if (len >= (data_len - i)) {
            len = data_len - i;
            status = buffered_bulk_packet->status;
            free_on_destroy = data;
        }
        /* bufp_alloc also adds the packet to the ep queue */
        r = bufp_alloc(dev, data + i, len, status, ep, free_on_destroy);
        if (r) {
            break;
        }
    }
......

static int bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len, uint8_t status, uint8_t ep, void *free_on_destroy)

......
    if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) {
        if (dev->endpoint[EP2I(ep)].bufpq_size >
                dev->endpoint[EP2I(ep)].bufpq_target_size) {
            free(data);
            return -1;
        }
        dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0;
    }
......
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information