On Sat 2012-10-06 03:18:55, Thomas Orgis wrote: > Am Fri, 5 Oct 2012 22:06:49 +0200 > schrieb Pavel Machek <pa...@ucw.cz>: > > > I cut this from the offending file, and it still causes the > > crash. Is it enough for debugging? > > Thanks for the data and no, I cannot reproduce a crash on my main > system (not debian). I get valgrind to complain about overlapping > memcpy in the ALSA library, but that's not new and not specific to the > file.
It does crash even if I just let it decode into a file. So that should not be alsa. > I checked a i686 chroot, too, no issue. I guess I'd need to whip out a debian > install/vm to reproduce. I have intentionally very old glibc here; > before that infamous memcpy optimization ... which we very well might > be dealing with here. But a test LD_PRELOAD checking for overlapping > memcpy didn't trigger, neither. What is "the infamous memcpy optimization"? I tried brief google, but nothing. This? http://lwn.net/Articles/417881/ It has no details :-(. > Can you run under valgrind to check memory issues? Hopefully I got valgrind right... pavel@amd:/tmp$ efence mpg123 mp3.bug/cut.mp3 -bash: efence: command not found pavel@amd:/tmp$ valgrind mpg123 mp3.bug/cut.mp3 ==18936== Memcheck, a memory error detector ==18936== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==18936== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==18936== Command: mpg123 mp3.bug/cut.mp3 ==18936== High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3. Version 0.59o (1998/Feb/08). Written and copyrights by Michael Hipp. Uses code from various people. See 'README' for more! THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTY! USE AT YOUR OWN RISK! Title : O SNEHURCE Artist: IVAN MLADEK Album : POHADKY A JINE POVIDACKY Year: 1994, Genre: 28 Comment: Directory: mp3.bug/ Playing MPEG stream from cut.mp3 ... MPEG 1.0 layer III, 128 kbit/s, 44100 Hz joint-stereo Illegal Audio-MPEG-Header 0xc7ae608a at offset 0x4e3. Skipped 159 bytes in input. ==18936== ==18936== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==18936== Bad permissions for mapped region at address 0x805EFFC ==18936== at 0x4028E3C: memcpy (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==18936== by 0x804D322: ??? (in /usr/local/bin/mpg123) ==18936== Invalid read of size 1 ==18936== at 0x4008D11: check_match.8610 (dl-lookup.c:134) ==18936== by 0x400936A: do_lookup_x (dl-lookup.c:273) ==18936== by 0x4009661: _dl_lookup_symbol_x (dl-lookup.c:729) ==18936== by 0x400DC15: _dl_fixup (dl-runtime.c:119) ==18936== by 0x40139BF: _dl_runtime_resolve (dl-trampoline.S:37) ==18936== by 0x4035E0F: ??? (in /tmp/mp3.bug/cut.mp3) ==18936== by 0x804D322: ??? (in /usr/local/bin/mpg123) ==18936== Address 0x1eb is not stack'd, malloc'd or (recently) free'd ==18936== ==18936== ==18936== Process terminating with default action of signal 11 (SIGSEGV) ==18936== Access not within mapped region at address 0x1EB ==18936== at 0x4008D11: check_match.8610 (dl-lookup.c:134) ==18936== by 0x400936A: do_lookup_x (dl-lookup.c:273) ==18936== by 0x4009661: _dl_lookup_symbol_x (dl-lookup.c:729) ==18936== by 0x400DC15: _dl_fixup (dl-runtime.c:119) ==18936== by 0x40139BF: _dl_runtime_resolve (dl-trampoline.S:37) ==18936== by 0x4035E0F: ??? (in /tmp/mp3.bug/cut.mp3) ==18936== by 0x804D322: ??? (in /usr/local/bin/mpg123) ==18936== If you believe this happened as a result of a stack ==18936== overflow in your program's main thread (unlikely but ==18936== possible), you can try to increase the size of the ==18936== main thread stack using the --main-stacksize= flag. ==18936== The main thread stack size used in this run was 8388608. ==18936== ==18936== HEAP SUMMARY: ==18936== in use at exit: 33,808 bytes in 2 blocks ==18936== total heap usage: 2 allocs, 0 frees, 33,808 bytes allocated ==18936== ==18936== LEAK SUMMARY: ==18936== definitely lost: 0 bytes in 0 blocks ==18936== indirectly lost: 0 bytes in 0 blocks ==18936== possibly lost: 0 bytes in 0 blocks ==18936== still reachable: 33,808 bytes in 2 blocks ==18936== suppressed: 0 bytes in 0 blocks ==18936== Rerun with --leak-check=full to see details of leaked memory ==18936== ==18936== For counts of detected and suppressed errors, rerun with: -v ==18936== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 13 from 6) Segmentation fault -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
