[Xastir-Dev] Bus error happened again
Jack Twilley
jmt at twilley.org
Thu Nov 20 17:01:15 EST 2003
WARNING: Unsanitized content follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I did a little more analysis this time.
There were 219 stations according to the stations global. There were
219 stations in the linked list. The linked list ended in 0x0. All
is good there.
Something about this part of the code concerns me.
- --begin source--
while (p_station != NULL && !done) {
if (p_station->sec_heard < t_rem) {
if ( (is_my_call(p_station->call_sign,1)) // It's my station or
|| ( (is_my_call(p_station->origin,1)) // Station is owned by me
&& ( ((p_station->flag & ST_OBJECT) != 0) // and it's an object
|| ((p_station->flag & ST_ITEM ) != 0) ) ) ) { // or an item
// It's one of mine, leave it alone!
}
else { // Not one of mine, so start deleting
mdelete_messages(p_station->call_sign); // delete messages
station_del_ptr(p_station);
//(void)delete_trail(p_station); // Free track storage if it exists.
//(void)delete_weather(p_station); // free weather memory, if allocated
//delete_station_memory(p_station); // free memory
}
} else
done++; // all other stations are newer...
p_station = p_station->t_next;
}
- --end source--
The line "p_station = p_station->t_next;" gets run after
"station_del_ptr(p_station);" when a station gets deleted.
The last line of station_del_ptr(DataRow *p_name) is
"delete_station_memory(p_name)". The next to last line of
delete_station_memory(DataRow *p_del) is "free(p_del)".
I'm pretty sure this is bad, because it appears to leave p_station
pointing to a chunk of memory which has been free()'d (and which now
contains 0xd0).
Jack.
- --
Jack Twilley
jmt at twilley dot org
http colon slash slash www dot twilley dot org slash tilde jmt slash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQE/vTmxGPFSfAB/ezgRAlUoAJoCQSbuu3LnISPhW5VH+RpAf7UvqACfTunn
rqd1EXpdygp02cbomd0keSo=
=Mv6l
-----END PGP SIGNATURE-----
More information about the Xastir-dev
mailing list