AW: [vdr] *** glibc detected *** double free or corruption 1.4.2-1 Patch

martin martin at air-maxx.net
Mon Sep 4 21:53:44 CEST 2006 

Hi Klaus,

just to let you know: the patch you attached here, did not solve the
problem! My VDR crashed again.

Regards,
Martin

-----Ursprüngliche Nachricht-----
Von: vdr-bounces at linuxtv.org [mailto:vdr-bounces at linuxtv.org] Im Auftrag von
Klaus Schmidinger
Gesendet: Montag, 4. September 2006 19:14
An: vdr at linuxtv.org
Betreff: Re: [vdr] *** glibc detected *** double free or corruption 1.4.2-1
Patch

Klaus Schmidinger wrote:
> Udo Richter wrote:
>> Udo Richter wrote:
>>> ==4652== Invalid free() / delete / delete[]
>>> ==4652==    at 0x1B904B04: free (vg_replace_malloc.c:152)
>>> ==4652==    by 0x8103F5F: cTimer::operator=(cTimer const&) 
>>> (timers.c:108)
>>> ==4652==    by 0x80FE349: cSVDRP::CmdMODT(char const*) (svdrp.c:1136)
>>> ==4652==    by 0x81015C1: cSVDRP::Process() (svdrp.c:1563)
>>> ==4652==    by 0x80B3458: cInterface::GetKey(bool) (interface.c:37)
>>> ==4652==    by 0x810D919: main (vdr.c:866)
>>> ==4652==  Address 0x1BEEAC90 is 0 bytes inside a block of size 63 free'd
>>> ==4652==    at 0x1B904B04: free (vg_replace_malloc.c:152)
>>> ==4652==    by 0x8104D6F: cTimer::Parse(char const*) (timers.c:244)
>>> ==4652==    by 0x80FE493: cSVDRP::CmdMODT(char const*) (svdrp.c:1132)
>>> ==4652==    by 0x81015C1: cSVDRP::Process() (svdrp.c:1563)
>>> ==4652==    by 0x80B3458: cInterface::GetKey(bool) (interface.c:37)
>>> ==4652==    by 0x810D919: main (vdr.c:866)
>>
>>
>> I think I've found it:
>>
>> This is line 1127 of svdrp.c:
>>
>>     cTimer t = *timer;
>>
>> Although this looks like it calls cTimer::operator=, it actually 
>> calls the default copy constructor of cTimer, because in this case = 
>> is not an assignment, but an initialization. Because of that, the aux 
>> field is used by both objects, thus the double free. Try this line to 
>> see if it causes this:
>>
>>     cTimer t;
>>     t = *timer;
> 
> It's probably best to implement an actual copy-constructor.
> 
> Please try the attached patch, which contains both changes.

Opps, sorry, there was a typo.

Attached is the correct version.

(Never code when in a hurry... ;-)

Klaus

More information about the vdr mailing list