Bug 523855 - reproducible glibc detected corrupted double-linked list
Summary: reproducible glibc detected corrupted double-linked list
Status: CLOSED DUPLICATE of bug 521185
Alias: None
Product: Fedora
Classification: Fedora
Component: pulseaudio
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Lennart Poettering
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-09-16 21:21 UTC by Michal Schmidt
Modified: 2009-09-17 05:42 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-09-17 05:42:16 UTC
Type: ---

Attachments (Terms of Use)
log from pulseaudio -vvvvv (189.17 KB, text/plain)
2009-09-16 21:21 UTC, Michal Schmidt
no flags Details

Description Michal Schmidt 2009-09-16 21:21:29 UTC
Created attachment 361379 [details]
log from pulseaudio -vvvvv

I found a reproducible testcase to make PA crash with:
*** glibc detected *** pulseaudio: corrupted double-linked list: 0x00000000021b7860 ***

Just run this:
for i in `seq 1 100`; do (aplay /usr/share/sounds/login.wav &); sleep 0.2; done
(the sound is a 5 s sound from the package gnome-audio)

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. "pulseaudio -vvvvv" in one terminal.
2. Run the herd of aplay processes (see above) in another terminal.
Actual results:
At first the aplays work as expected, but soon they start printing "connection refused". In the other terminal it can be seen that PA crashed with glibc detected corruption.

Expected results:
PA should not crash.

Comment 1 Michal Schmidt 2009-09-16 21:24:16 UTC
I attached the verbose output from pulseaudio. In the terminal I can see:

*** glibc detected *** pulseaudio: corrupted double-linked list: 0x00000000008d6770 ***

... just a few lines from the bottom of the log. You won't find the message in the attachment, because it seems to be printed to the tty, not stdout/stderr.

Comment 2 Michal Schmidt 2009-09-16 21:37:06 UTC
By changing the sleep length between running the aplay processes, I am able to get different crashes, e.g. this one:
*** glibc detected *** pulseaudio: free(): invalid pointer: 0x00000000013705a0 ***

In some cases there was no error message, but PA entered a spinning loop like in bug 521961.

Comment 3 Lubomir Rintel 2009-09-17 05:42:16 UTC

*** This bug has been marked as a duplicate of bug 521185 ***

Note You need to log in before you can comment on or make changes to this bug.