Bug#601663: libffado2 reads from freed memory
Max Kellermann
max at duempel.org
Thu Oct 28 08:35:52 UTC 2010
Package: libffado2
Version: 2.0.1+svn1856-5
Severity: serious
libffado2 reads a lot of values from freed or uninitialized memory.
That is obviously a crash waiting to happen. See attached valgrind
log file.
-------------- next part --------------
Thread 10:
Conditional jump or move depends on uninitialised value(s)
at 0xAEE9C75: CycleTimerHelper::getCycleTimerTicks(unsigned long) (in /usr/lib/libffado.so.2.999.0)
by 0xAEEB8A9: CycleTimerHelper::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D8B: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Conditional jump or move depends on uninitialised value(s)
at 0xAEE9C7A: CycleTimerHelper::getCycleTimerTicks(unsigned long) (in /usr/lib/libffado.so.2.999.0)
by 0xAEEB8A9: CycleTimerHelper::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D8B: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Conditional jump or move depends on uninitialised value(s)
at 0xAEEB8DA: CycleTimerHelper::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D8B: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Conditional jump or move depends on uninitialised value(s)
at 0xAEEB8F7: CycleTimerHelper::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D8B: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Conditional jump or move depends on uninitialised value(s)
at 0xAEEB96F: CycleTimerHelper::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D8B: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Thread 4:
Conditional jump or move depends on uninitialised value(s)
at 0x6403290: inflateReset2 (in /usr/lib/libz.so.1.2.3.4)
by 0x640337F: inflateInit2_ (in /usr/lib/libz.so.1.2.3.4)
by 0x63FCC86: ??? (in /usr/lib/libz.so.1.2.3.4)
by 0xF910635: ??? (in /usr/lib/libxml2.so.2.7.7)
by 0xF910027: __xmlParserInputBufferCreateFilename (in /usr/lib/libxml2.so.2.7.7)
by 0xF8E53FC: xmlNewInputFromFile (in /usr/lib/libxml2.so.2.7.7)
by 0xF8E9785: xmlCreateURLParserCtxt (in /usr/lib/libxml2.so.2.7.7)
by 0xF6A2A55: xmlpp::DomParser::parse_file(Glib::ustring const&) (in /usr/lib/libxml++-2.6.so.2.0.7)
by 0xAF1E6FD: Util::XMLDeserialize::XMLDeserialize(std::string, int) (in /usr/lib/libffado.so.2.999.0)
by 0xAF23A12: BeBoB::Device::loadFromCache() (in /usr/lib/libffado.so.2.999.0)
by 0xAED8732: DeviceManager::discover(bool, bool) (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC6A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
Uninitialised value was created by a heap allocation
at 0x4C244E8: malloc (vg_replace_malloc.c:236)
by 0x640335B: inflateInit2_ (in /usr/lib/libz.so.1.2.3.4)
by 0x63FCC86: ??? (in /usr/lib/libz.so.1.2.3.4)
by 0xF910635: ??? (in /usr/lib/libxml2.so.2.7.7)
by 0xF910027: __xmlParserInputBufferCreateFilename (in /usr/lib/libxml2.so.2.7.7)
by 0xF8E53FC: xmlNewInputFromFile (in /usr/lib/libxml2.so.2.7.7)
by 0xF8E9785: xmlCreateURLParserCtxt (in /usr/lib/libxml2.so.2.7.7)
by 0xF6A2A55: xmlpp::DomParser::parse_file(Glib::ustring const&) (in /usr/lib/libxml++-2.6.so.2.0.7)
by 0xAF1E6FD: Util::XMLDeserialize::XMLDeserialize(std::string, int) (in /usr/lib/libffado.so.2.999.0)
by 0xAF23A12: BeBoB::Device::loadFromCache() (in /usr/lib/libffado.so.2.999.0)
by 0xAED8732: DeviceManager::discover(bool, bool) (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC6A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
Thread 12:
Conditional jump or move depends on uninitialised value(s)
at 0xAEF650C: IsoHandlerManager::IsoHandler::putPacket(unsigned char*, unsigned int, unsigned char, unsigned char, unsigned char, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF484C9B: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Uninitialised value was created by a heap allocation
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0xAEF0D6C: Ieee1394Service::Ieee1394Service() (in /usr/lib/libffado.so.2.999.0)
by 0xAED67B0: DeviceManager::initialize() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDCC4A: ffado_streaming_init (in /usr/lib/libffado.so.2.999.0)
by 0x431A65: ffado_open (ffado_output_plugin.c:240)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
by 0x42E269: audio_output_task (output_thread.c:549)
by 0x7A40783: g_thread_create_proxy (gthread.c:1893)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Thread 11:
Invalid read of size 4
at 0xAEF4013: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc190 is 80 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid read of size 4
at 0xAEF4016: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc158 is 24 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid read of size 4
at 0xAEF3DBD: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc164 is 36 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid read of size 4
at 0xAEF3DC9: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc190 is 80 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid write of size 4
at 0xAEF3DCD: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc16c is 44 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid write of size 4
at 0xAEF3E80: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc164 is 36 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid read of size 8
at 0xAEF3E92: IsoHandlerManager::IsoHandler::getPacket(unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF4BE9: IsoHandlerManager::IsoHandler::iso_transmit_handler(raw1394_handle*, unsigned char*, unsigned int*, unsigned char*, unsigned char*, int, unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xF4843DA: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x1cbcc178 is 56 bytes inside a block of size 96 free'd
at 0x4C23E0F: operator delete(void*) (vg_replace_malloc.c:387)
by 0xAEF7143: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
by 0x42CAB2: ao_plugin_open (output_plugin.h:196)
by 0x42D384: ao_open (output_thread.c:164)
Invalid read of size 4
at 0xF484214: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF484438: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x2398ac74 is 3,748 bytes inside a block of size 20,224 free'd
at 0x4C240FD: free (vg_replace_malloc.c:366)
by 0xF481FF0: raw1394_destroy_handle (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF3A74: IsoHandlerManager::IsoHandler::disable() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF713B: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
Invalid read of size 8
at 0xF484234: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF484438: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x2398acc8 is 3,832 bytes inside a block of size 20,224 free'd
at 0x4C240FD: free (vg_replace_malloc.c:366)
by 0xF481FF0: raw1394_destroy_handle (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF3A74: IsoHandlerManager::IsoHandler::disable() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF713B: IsoHandlerManager::pruneHandlers() (in /usr/lib/libffado.so.2.999.0)
by 0xAEF727F: IsoHandlerManager::unregisterStream(Streaming::StreamProcessor*) (in /usr/lib/libffado.so.2.999.0)
by 0xAF02A69: Streaming::StreamProcessor::~StreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD09E0: Streaming::AmdtpTransmitStreamProcessor::~AmdtpTransmitStreamProcessor() (in /usr/lib/libffado.so.2.999.0)
by 0xAFD1E8D: GenericAVC::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAF23004: BeBoB::Device::~Device() (in /usr/lib/libffado.so.2.999.0)
by 0xAED970D: DeviceManager::~DeviceManager() (in /usr/lib/libffado.so.2.999.0)
by 0xAEDC412: ffado_streaming_finish (in /usr/lib/libffado.so.2.999.0)
by 0x431ADF: ffado_open (ffado_output_plugin.c:248)
Invalid write of size 4
at 0xF48423E: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF484438: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
Address 0x0 is not stack'd, malloc'd or (recently) free'd
Process terminating with default action of signal 11 (SIGSEGV): dumping core
Access not within mapped region at address 0x0
at 0xF48423E: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF484438: ??? (in /usr/lib/libraw1394.so.11.0.1)
by 0xF483CE7: fw_loop_iterate (in /usr/lib/libraw1394.so.11.0.1)
by 0xAEF4A8D: IsoHandlerManager::IsoHandler::iterate(unsigned int) (in /usr/lib/libffado.so.2.999.0)
by 0xAEF60BE: IsoHandlerManager::IsoTask::Execute() (in /usr/lib/libffado.so.2.999.0)
by 0xAF15829: Util::PosixThread::ThreadHandler(void*) (in /usr/lib/libffado.so.2.999.0)
by 0xB4748B9: start_thread (pthread_create.c:300)
by 0xCACC02C: clone (clone.S:112)
More information about the pkg-multimedia-maintainers
mailing list