Comment 5 for bug 365284

I also have reproduced this bug, it also occurs when I download the 1.6.0 source and compile that.

I'm new to this, but below is the output when running with strace.

writev(5, [{"*** glibc detected *** "..., 23}, {"./rdesktop"..., 10}, {": "..., 2}, {"double free or corruption (fastto"..., 35}, {": 0x"..., 4}, {"08f7b560"..., 8}, {" ***\n"..., 5}], 7*** glibc detected *** ./rdesktop: double free or corruption (fasttop): 0x08f7b560 ***
) = 87
open("/etc/ld.so.cache", O_RDONLY) = 6
fstat64(6, {st_mode=S_IFREG|0644, st_size=89683, ...}) = 0
mmap2(NULL, 89683, PROT_READ, MAP_PRIVATE, 6, 0) = 0xb79b7000
close(6) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/libgcc_s.so.1", O_RDONLY) = 6
read(6, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\34\0\0004\0\0\0\234"..., 512) = 512
mmap2(NULL, 2097152, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0xb7746000
munmap(0xb7746000, 761856) = 0
munmap(0xb7900000, 286720) = 0
mprotect(0xb7800000, 135168, PROT_READ|PROT_WRITE) = 0
fstat64(6, {st_mode=S_IFREG|0644, st_size=54740, ...}) = 0
mmap2(NULL, 57864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0xb7937000
mmap2(0xb7944000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 6, 0xc) = 0xb7944000
close(6) = 0
mprotect(0xb7944000, 4096, PROT_READ) = 0
munmap(0xb79b7000, 89683) = 0
write(5, "======= Backtrace: =========\n"..., 29======= Backtrace: =========
) = 29
writev(5, [{"/lib/tls/i686/cmov/libc.so.6"..., 28}, {"[0x"..., 3}, {"b7ba5604"..., 8}, {"]\n"..., 2}], 4/lib/tls/i686/cmov/libc.so.6[0xb7ba5604]
) = 41
writev(5, [{"/lib/tls/i686/cmov/libc.so.6"..., 28}, {"("..., 1}, {"cfree"..., 5}, {"+0x"..., 3}, {"96"..., 2}, {")"..., 1}, {"[0x"..., 3}, {"b7ba75b6"..., 8}, {"]\n"..., 2}], 9/lib/tls/i686/cmov/libc.so.6(cfree+0x96)[0xb7ba75b6]
) = 53
writev(5, [{"/usr/lib/libX11.so.6"..., 20}, {"("..., 1}, {"XFree"..., 5}, {"+0x"..., 3}, {"1d"..., 2}, {")"..., 1}, {"[0x"..., 3}, {"b7cd2e9d"..., 8}, {"]\n"..., 2}], 9/usr/lib/libX11.so.6(XFree+0x1d)[0xb7cd2e9d]
) = 45
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"805dfaf"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x805dfaf]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"80594ce"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x80594ce]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"80611cf"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x80611cf]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"8061548"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x8061548]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"80616b8"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x80616b8]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"8061e83"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x8061e83]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"80626bb"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x80626bb]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"8064253"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x8064253]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"8065159"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x8065159]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"8065c4c"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x8065c4c]
) = 22
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"804e3ca"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x804e3ca]
) = 22
writev(5, [{"/lib/tls/i686/cmov/libc.so.6"..., 28}, {"("..., 1}, {"__libc_start_main"..., 17}, {"+0x"..., 3}, {"e5"..., 2}, {")"..., 1}, {"[0x"..., 3}, {"b7b4c775"..., 8}, {"]\n"..., 2}], 9/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7b4c775]
) = 65
writev(5, [{"./rdesktop"..., 10}, {"[0x"..., 3}, {"804c261"..., 7}, {"]\n"..., 2}], 4./rdesktop[0x804c261]
) = 22
write(5, "======= Memory map: ========\n"..., 29======= Memory map: ========
) = 29
open("/proc/self/maps", O_RDONLY) = 6
read(6, "08048000-0807a000 r-xp 00000000 0"..., 1024) = 1024
write(5, "08048000-0807a000 r-xp 00000000 0"..., 102408048000-0807a000 r-xp 00000000 08:02 60177 /var/tmp/rdesktop-1.6.0/rdesktop
0807a000-0807b000 r--p 00031000 08:02 60177 /var/tmp/rdesktop-1.6.0/rdesktop
0807b000-0807d000 rw-p 00032000 08:02 60177 /var/tmp/rdesktop-1.6.0/rdesktop
0807d000-083d2000 rw-p 0807d000 00:00 0
08f5c000-09062000 rw-p 08f5c000 00:00 0 [heap]
b7800000-b7821000 rw-p b7800000 00:00 0
b7821000-b7900000 ---p b7821000 00:00 0
b7937000-b7944000 r-xp 00000000 08:02 220008 /lib/libgcc_s.so.1
b7944000-b7945000 r--p 0000c000 08:02 220008 /lib/libgcc_s.so.1
b7945000-b7946000 rw-p 0000d000 08:02 220008 /lib/libgcc_s.so.1
b7946000-b794a000 r-xp 00000000 08:02 489025 /usr/lib/libXfixes.so.3.1.0
b794a000-b794b000 rw-p 00003000 08:02 489025 /usr/lib/libXfixes.so.3.1.0
b794b000-b7953000 r-xp 00000000 08:02 489081 /usr/lib/libXrender.so.1.3.0
b7953000-b7954000 r--p 00007000 08:02 489081 /usr/lib/libXrender.so.1.3.0
b7954000-b7955000 rw-p 00008000 08:02 489081 /usr/lib/libXrender.so.1.3.0
b795500) = 1024
read(6, "0-b795d000 r-xp 00000000 08:02 48"..., 1024) = 1024
write(5, "0-b795d000 r-xp 00000000 08:02 48"..., 10240-b795d000 r-xp 00000000 08:02 489015 /usr/lib/libXcursor.so.1.0.2
b795d000-b795e000 rw-p 00007000 08:02 489015 /usr/lib/libXcursor.so.1.0.2
b795e000-b7970000 r-xp 00000000 08:02 552738 /lib/tls/i686/cmov/libresolv-2.9.so
b79) = 237
close(6) = 0
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
tgkill(12320, 12320, SIGABRT) = 0
--- SIGABRT (Aborted) @ 0 (0) ---
+++ killed by SIGABRT +++