Double free or corruption with latest GIT tree

Jouni Malinen j
Sat Jan 2 15:15:35 PST 2010


On Fri, Jan 01, 2010 at 05:30:56PM -0800, Marcel Holtmann wrote:

> so I got this double free out of the blue while using the latest GIT
> tree from today.

> *** glibc detected *** ./wpa_supplicant: double free or corruption (out): 0x0000000002511340 ***

It could be more likely that corruption option or well, double free
somewhere else..

> #4  0x000000000043c931 in free_dbus_object_desc (obj_dsc=0x251b260)
>     at dbus/dbus_new_helpers.c:506
> #5  0x0000003924c1cf1c in _dbus_object_tree_unregister_and_unlock (tree=<value optimized out>, 
>     path=<value optimized out>) at dbus-object-tree.c:514
> #6  0x0000003924c0c6ba in dbus_connection_unregister_object_path (connection=0x24f1460, 

Assuming libdbus works, I don't see how we could get here twice. The
second attempt would result in libdbus complaining about the path not
being registered..

I'll take a closer look at how the BSS entry removal is done to figure
out what could have triggered the other issue you reported. That may be
enough to explain this one, too. In addition, the freeing part that was
reported here does not actually exist anymore since I removed
duplication of the object descriptor methods/properties/signals and the
error here was reported for a line that was freeing duplicated data. The
user data part is still there, though, so if this really was a double
call to free_dbus_object_desc, the error would likely still show up.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list