Bug#644146: Double free in C++ destructor

Max Kellermann max at duempel.org
Mon Oct 3 10:27:17 UTC 2011


Package: libffado2
Version: 2.0.99+svn1995-1

A program that is linked with libffado aborts on exit.  This command
reproduces the problem:

echo 'int main() {}' |gcc -x c -lffado - && ./a.out

Command output follows (amd64):

Cannot create thread 1 Operation not permitted
Cleaning up leftover debug module: DeviceManager
*** glibc detected *** ./a.out: free(): invalid pointer: 0x00007fc333e1f9c0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x72606)[0x7fc333924606]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x6c)[0x7fc33392933c]
/usr/lib/libffado.so.2(_ZN18DebugModuleManagerD2Ev+0x81)[0x7fc333cf33e1]
/usr/lib/libffado.so.2(+0xbb236)[0x7fc333cf1236]
/lib64/ld-linux-x86-64.so.2(+0xe21c)[0x7fc333e2f21c]
/lib/x86_64-linux-gnu/libc.so.6(+0x36d82)[0x7fc3338e8d82]
/lib/x86_64-linux-gnu/libc.so.6(+0x36dd5)[0x7fc3338e8dd5]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x104)[0x7fc3338d0eb4]
./a.out[0x4004f9]
======= Memory map: ========
00400000-00401000 r-xp 00000000 00:13 34146                              /tmp/a.out
00401000-00402000 rw-p 00000000 00:13 34146                              /tmp/a.out
01364000-01385000 rw-p 00000000 00:00 0                                  [heap]
7fc32c000000-7fc32c021000 rw-p 00000000 00:00 0 
7fc32c021000-7fc330000000 ---p 00000000 00:00 0 
7fc330335000-7fc330336000 ---p 00000000 00:00 0 
7fc330336000-7fc330d37000 rw-p 00000000 00:00 0 
7fc330d37000-7fc330d73000 r-xp 00000000 08:02 4849738                    /lib/x86_64-linux-gnu/libpcre.so.3.12.1
7fc330d73000-7fc330f72000 ---p 0003c000 08:02 4849738                    /lib/x86_64-linux-gnu/libpcre.so.3.12.1
7fc330f72000-7fc330f73000 rw-p 0003b000 08:02 4849738                    /lib/x86_64-linux-gnu/libpcre.so.3.12.1
7fc330f73000-7fc330f76000 r-xp 00000000 08:02 797451                     /usr/lib/libgmodule-2.0.so.0.2800.6
7fc330f76000-7fc331175000 ---p 00003000 08:02 797451                     /usr/lib/libgmodule-2.0.so.0.2800.6
7fc331175000-7fc331176000 rw-p 00002000 08:02 797451                     /usr/lib/libgmodule-2.0.so.0.2800.6
7fc331176000-7fc33118d000 r-xp 00000000 08:02 799367                     /usr/lib/libz.so.1.2.3.4
7fc33118d000-7fc33138c000 ---p 00017000 08:02 799367                     /usr/lib/libz.so.1.2.3.4
7fc33138c000-7fc33138d000 rw-p 00016000 08:02 799367                     /usr/lib/libz.so.1.2.3.4
7fc33138d000-7fc33138f000 r-xp 00000000 08:02 4850295                    /lib/x86_64-linux-gnu/libdl-2.13.so
7fc33138f000-7fc33158f000 ---p 00002000 08:02 4850295                    /lib/x86_64-linux-gnu/libdl-2.13.so
7fc33158f000-7fc331590000 r--p 00002000 08:02 4850295                    /lib/x86_64-linux-gnu/libdl-2.13.so
7fc331590000-7fc331591000 rw-p 00003000 08:02 4850295                    /lib/x86_64-linux-gnu/libdl-2.13.so
7fc331591000-7fc3315a6000 r-xp 00000000 08:02 4849679                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3315a6000-7fc3317a6000 ---p 00015000 08:02 4849679                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3317a6000-7fc3317a7000 rw-p 00015000 08:02 4849679                    /lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3317a7000-7fc331828000 r-xp 00000000 08:02 4850218                    /lib/x86_64-linux-gnu/libm-2.13.so
7fc331828000-7fc331a27000 ---p 00081000 08:02 4850218                    /lib/x86_64-linux-gnu/libm-2.13.so
7fc331a27000-7fc331a28000 r--p 00080000 08:02 4850218                    /lib/x86_64-linux-gnu/libm-2.13.so
7fc331a28000-7fc331a29000 rw-p 00081000 08:02 4850218                    /lib/x86_64-linux-gnu/libm-2.13.so
7fc331a29000-7fc331b15000 r-xp 00000000 08:02 1189696                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.16
7fc331b15000-7fc331d14000 ---p 000ec000 08:02 1189696                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.16
7fc331d14000-7fc331d1c000 r--p 000eb000 08:02 1189696                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.16
7fc331d1c000-7fc331d1e000 rw-p 000f3000 08:02 1189696                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.16
7fc331d1e000-7fc331d33000 rw-p 00000000 00:00 0 
7fc331d33000-7fc331e23000 r-xp 00000000 08:02 4849897                    /lib/libglib-2.0.so.0.2800.6
7fc331e23000-7fc332022000 ---p 000f0000 08:02 4849897                    /lib/libglib-2.0.so.0.2800.6
7fc332022000-7fc332023000 rw-p 000ef000 08:02 4849897                    /lib/libglib-2.0.so.0.2800.6
7fc332023000-7fc332024000 rw-p 00000000 00:00 0 
7fc332024000-7fc33202b000 r-xp 00000000 08:02 4850305                    /lib/x86_64-linux-gnu/librt-2.13.so
7fc33202b000-7fc33222a000 ---p 00007000 08:02 4850305                    /lib/x86_64-linux-gnu/librt-2.13.so
7fc33222a000-7fc33222b000 r--p 00006000 08:02 4850305                    /lib/x86_64-linux-gnu/librt-2.13.so
7fc33222b000-7fc33222c000 rw-p 00007000 08:02 4850305                    /lib/x86_64-linux-gnu/librt-2.13.so
7fc33222c000-7fc332230000 r-xp 00000000 08:02 795214                     /usr/lib/libgthread-2.0.so.0.2800.6
7fc332230000-7fc33242f000 ---p 00004000 08:02 795214                     /usr/lib/libgthread-2.0.so.0.2800.6
7fc33242f000-7fc332430000 rw-p 00003000 08:02 795214                     /usr/lib/libgthread-2.0.so.0.2800.6
7fc332430000-7fc332435000 r-xp 00000000 08:02 796794                     /usr/lib/libsigc-2.0.so.0.0.0
7fc332435000-7fc332634000 ---p 00005000 08:02 796794                     /usr/lib/libsigc-2.0.so.0.0.0
7fc332634000-7fc332635000 rw-p 00004000 08:02 796794                     /usr/lib/libsigc-2.0.so.0.0.0
7fc332635000-7fc332685000 r-xp 00000000 08:02 796213                     /usr/lib/libgobject-2.0.so.0.2800.6
7fc332685000-7fc332884000 ---p 00050000 08:02 796213                     /usr/lib/libgobject-2.0.so.0.2800.6
7fc332884000-7fc332886000 rw-p 0004f000 08:02 796213                     /usr/lib/libgobject-2.0.so.0.2800.6
7fc332886000-7fc332887000 rw-p 00000000 00:00 0 
7fc332887000-7fc3328eb000 r-xp 00000000 08:02 794616                     /usr/lib/libglibmm-2.4.so.1.3.0
7fc3328eb000-7fc332aeb000 ---p 00064000 08:02 794616                     /usr/lib/libglibmm-2.4.so.1.3.0
7fc332aeb000-7fc332aef000 rw-p 00064000 08:02 794616                     /usr/lib/libglibmm-2.4.so.1.3.0
7fc332aef000-7fc332c35000 r-xp 00000000 08:02 793822                     /usr/lib/libxml2.so.2.7.8
7fc332c35000-7fc332e34000 ---p 00146000 08:02 793822                     /usr/lib/libxml2.so.2.7.8
7fc332e34000-7fc332e3e000 rw-p 00145000 08:02 793822                     /usr/lib/libxml2.so.2.7.8
7fc332e3e000-7fc332e3f000 rw-p 00000000 00:00 0 
7fc332e3f000-7fc332e63000 r-xp 00000000 08:02 796288                     /usr/lib/libxml++-2.6.so.2.0.7
7fc332e63000-7fc333063000 ---p 00024000 08:02 796288                     /usr/lib/libxml++-2.6.so.2.0.7
7fc333063000-7fc333065000 rw-p 00024000 08:02 796288                     /usr/lib/libxml++-2.6.so.2.0.7
7fc333065000-7fc33307b000 r-xp 00000000 08:02 799240                     /usr/lib/libconfig++.so.8.0.0
7fc33307b000-7fc33327b000 ---p 00016000 08:02 799240                     /usr/lib/libconfig++.so.8.0.0
7fc33327b000-7fc33327c000 rw-p 00016000 08:02 799240                     /usr/lib/libconfig++.so.8.0.0
7fc33327c000-7fc333289000 r-xp 00000000 08:02 795356                     /usr/lib/libraw1394.so.11.0.1
7fc333289000-7fc333489000 ---p 0000d000 08:02 795356                     /usr/lib/libraw1394.so.11.0.1
7fc333489000-7fc33348a000 rw-p 0000d000 08:02 795356                     /usr/lib/libraw1394.so.11.0.1
7fc33348a000-7fc333496000 r-xp 00000000 08:02 798940                     /usr/lib/libiec61883.so.0.1.1
7fc333496000-7fc333695000 ---p 0000c000 08:02 798940                     /usr/lib/libiec61883.so.0.1.1
7fc333695000-7fc333696000 rw-p 0000b000 08:02 798940                     /usr/lib/libiec61883.so.0.1.1
7fc333696000-7fc3336ad000 r-xp 00000000 08:02 4850302                    /lib/x86_64-linux-gnu/libpthread-2.13.so
7fc3336ad000-7fc3338ac000 ---p 00017000 08:02 4850302                    /lib/x86_64-linux-gnu/libpthread-2.13.so
7fc3338ac000-7fc3338ad000 r--p 00016000 08:02 4850302                    /lib/x86_64-linux-gnu/libpthread-2.13.so
7fc3338ad000-7fc3338ae000 rw-p 00017000 08:02 4850302                    /lib/x86_64-linux-gnu/libpthread-2.13.so
7fc3338ae000-7fc3338b2000 rw-p 00000000 00:00 0 
7fc3338b2000-7fc333a2c000 r-xp 00000000 08:02 4849735                    /lib/x86_64-linux-gnu/libc-2.13.so
7fc333a2c000-7fc333c2c000 ---p 0017a000 08:02 4849735                    /lib/x86_64-linux-gnu/libc-2.13.so
7fc333c2c000-7fc333c30000 r--p 0017a000 08:02 4849735                    /lib/x86_64-linux-gnu/libc-2.13.so
7fc333c30000-7fc333c31000 rw-p 0017e000 08:02 4849735                    /lib/x86_64-linux-gnu/libc-2.13.so
7fc333c31000-7fc333c36000 rw-p 00000000 00:00 0 
7fc333c36000-7fc333e07000 r-xp 00000000 08:02 795403                     /usr/lib/libffado.so.2.999.0
7fc333e07000-7fc333e20000 rw-p 001d1000 08:02 795403                     /usr/lib/libffado.so.2.999.0
7fc333e20000-7fc333e21000 rw-p 00000000 00:00 0 
7fc333e21000-7fc333e40000 r-xp 00000000 08:02 4850308                    /lib/x86_64-linux-gnu/ld-2.13.so
7fc33400f000-7fc33401b000 rw-p 00000000 00:00 0 
7fc33403e000-7fc334040000 rw-p 00000000 00:00 0 
7fc334040000-7fc334041000 r--p 0001f000 08:02 4850308                    /lib/x86_64-linux-gnu/ld-2.13.so
7fc334041000-7fc334042000 rw-p 00020000 08:02 4850308                    /lib/x86_64-linux-gnu/ld-2.13.so
7fc334042000-7fc334043000 rw-p 00000000 00:00 0 
7fff4907b000-7fff4909c000 rw-p 00000000 00:00 0                          [stack]
7fff49114000-7fff49115000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted





More information about the pkg-multimedia-maintainers mailing list