[sane-devel] SEGFAULT in sanei_scsi_close()
Henning Meier-Geinitz
henning@meier-geinitz.de
Tue, 25 Dec 2001 15:00:43 +0100
Hi,
On Mon, Dec 24, 2001 at 12:57:44PM -0500, Karl Heinz Kremer wrote:
> I am trying to debug a problem with the EPSN backend. Whenever
> the backend is running in batch mode to scan via the ADF, the
> frontend will crash with a segmentation fault in sanei_scsi_close().
>
> The reason seems to be that one for the free list elements is not
> valid, and when the next pointer is referenced, the software goes
> down:
>
> req = ((fdparms*) fd_info[fd].pdata)->sane_free_list;
> while (req)
> {
> -> next_req = req->next;
> free(req);
> req = next_req;
> }
What do you mean by "not valid"? Was it freed before and not set to 0?
Where exactly does the segfault occur?
> Has anybody seen this before?
Not me.
> Is this something that could be cause by how I am using the
> sanei_scsi functions?
Maybe. I added The following debug:
next_req = req->next;
DBG (0, "sanei_scsi_close: fd=%d, req=%p, next_req=%p\n",
fd, req, next_req);
free(req);
I'm getting the following output from a Mustek SCSI scanner with ADF
and 3 pieces of paper:
scanimage -d mustek:/dev/scanner --source "Automatic Document Feeder"
--batch >/tmp/out.log 2>&1
[sanei_scsi] sanei_scsi_close: fd=5, req=0x80515b8, next_req=(nil)
[sanei_scsi] sanei_scsi_close: fd=4, req=0x8051670, next_req=(nil)
Scanning -1 pages, incrementing by 1, numbering from 1
Scanning page 1
[sanei_scsi] sanei_scsi_close: fd=3, req=0x40171008, next_req=(nil)
Scanned page 1. (scanner status = 5)
Scanning page 2
[sanei_scsi] sanei_scsi_close: fd=3, req=0x40171008, next_req=(nil)
Scanned page 2. (scanner status = 5)
Scanning page 3
[sanei_scsi] sanei_scsi_close: fd=3, req=0x40171008, next_req=(nil)
Scanned page 3. (scanner status = 5)
Scanning page 4
[sanei_scsi] sanei_scsi_close: fd=3, req=0x40171008, next_req=(nil)
scanimage: sane_start: Document feeder out of documents
Scanned page 4. (scanner status = 7)
hth,
Henning