Is there a way to splice this bug into two bugs, one for the SIGSEGV
at boot, one for SIGILL at boot? It'll get pretty confusing
otherwise...
I see the following symptoms now:
1) When audacious starts and ~/.config/audacious/playlist.xspf exists,
audacious segfaults. GDB output attached as audacious-start.log
2) When I try to add a file in audacious that contains spaces in its
path, audacious segfaults. GDB output attached as audacious-add.log
3) When audacious exits, audacious segfaults. GDB output attached as
audacious-stop.log
Note regarding 1 and 2:
I can start audacious when I remove my playlist file. At that point, I
can also add files to the (now empty) playlist. I noticed however that
audacious still segfaults when I add certain items to the playlist.
There doesn't seem to be an obvious pattern. The crashes seem to be
unrelated to file/directory permissions, spaces or other weird
characters in path, or the hierarchies the files are in (I copied a
file from a hierarchy of files that never seem to fail into a
hierarchy that always seems to fail, and adding the copy to the
playlist didn't fail).
Main problems seem to be happening in vfs.c at line 159, and
ui_fileinfopopup.c at line 466.
vfs.c, line 159 (function vfs_fread):
return file->base->vfs_fread_impl(ptr, size, nmemb, file);
The function only checks wether file is not NULL, but I think
file->base may be invalid at this point. Investigation of the struct
using GDB is attached in audacious-vfs.log.
Note how the octets of the addresses in the struct are all in the
ASCII plane, spelling "double free or corruption (f". How did that end
up in there?
ui_fileinfopopup.c, line 466 (function fileinfopopup_hide):
if (GTK_WIDGET_VISIBLE(filepopup_win))
This pointer filepopup_win is never checked for nullity. I don't know
how exactly this problem works -- it seems that fileinfopopup_hide is
called as a result of gp->cleanup() (from plugin_system_cleanup's
frame), but I can't exactly see how. It does seem that gp->handle is 0
though.
(gdb) run
Starting program: /usr/bin/audacious
[Thread debugging using libthread_db enabled]
[New Thread 0x2b791399c660 (LWP 10036)]
[New Thread 0x40800950 (LWP 10039)]
amidi-plug(amidi-plug.c:amidiplug_init:97): init, read configuration
amidi-plug(i_backend.c:i_backend_load:107): loading backend '/usr/lib/audacious/Input/amidi-plug/ap-alsa.so'
amidi-plug(i_backend.c:i_backend_load:145): backend /usr/lib/audacious/Input/amidi-plug/ap-alsa.so (name 'alsa') successfully loaded
[New Thread 0x41001950 (LWP 10040)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2b791399c660 (LWP 10036)]
0x0000000000463789 in vfs_fread (ptr=0x7fff9dfab2be, size=2, nmemb=1, file=0x2b7910525f08)
at vfs.c:159
159 vfs.c: No such file or directory.
in vfs.c
(gdb) bt full
#0 0x0000000000463789 in vfs_fread (ptr=0x7fff9dfab2be, size=2, nmemb=1,
file=0x2b7910525f08) at vfs.c:159
No locals.
#1 0x00000000004644bf in vfs_fget_le16 (value=0xa3fd60, stream=0x2b7910525f08)
at vfs_common.c:213
tmp = <value optimized out>
#2 0x00002aaab9e6c10b in ?? () from /usr/lib/audacious/Container/xspf.so
No symbol table info available.
#3 0x000000000041f1ab in playlist_load_ins (playlist=0xa3bff0,
filename=0x702ce0 "/home/tinctorius/.config/audacious/playlist.xspf", pos=-1)
at playlist.c:1753
plc = (PlaylistContainer *) 0x2aaaba06cca0
__PRETTY_FUNCTION__ = "playlist_load_ins"
#4 0x000000000041f220 in playlist_load (playlist=0xa3bff0,
filename=0x702ce0 "/home/tinctorius/.config/audacious/playlist.xspf") at playlist.c:1648
ret = <value optimized out>
__PRETTY_FUNCTION__ = "playlist_load"
#5 0x00000000004198c7 in main (argc=1, argv=0x7fff9dfab4f8) at main.c:617
No locals.
#6 0x00002b79104331c4 in __libc_start_main () from /lib/libc.so.6
No symbol table info available.
#7 0x0000000000413f69 in _start ()
No symbol table info available.
(gdb) info registers
rax 0x6f6974707572726f 8028075837120213615
rbx 0xa3fd60 10747232
rcx 0x2b7910525f08 47798964870920
rdx 0x1 1
rsi 0x2 2
rdi 0x7fff9dfab2be 140735843840702
rbp 0xa456a0 0xa456a0
rsp 0x7fff9dfab2a8 0x7fff9dfab2a8
r8 0x9b7e20 10190368
r9 0x1 1
r10 0x1 1
r11 0x2b7910203be0 47798961585120
r12 0xa45ae0 10771168
r13 0xa45be0 10771424
r14 0x0 0
r15 0xa3fd60 10747232
rip 0x463789 0x463789 <vfs_fread+9>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb) run
Starting program: /usr/bin/audacious
[Thread debugging using libthread_db enabled]
[New Thread 0x2ac254b13660 (LWP 10302)]
[New Thread 0x40800950 (LWP 10305)]
amidi-plug(amidi-plug.c:amidiplug_init:97): init, read configuration
amidi-plug(i_backend.c:i_backend_load:107): loading backend '/usr/lib/audacious/Input/amidi-plug/ap-alsa.so'
amidi-plug(i_backend.c:i_backend_load:145): backend /usr/lib/audacious/Input/amidi-plug/ap-alsa.so (name 'alsa') successfully loaded
[New Thread 0x41001950 (LWP 10306)]
I/O warning : failed to load external entity "/home/tinctorius/.config/audacious/playlist.xspf"
[New Thread 0x41802950 (LWP 10307)]
[New Thread 0x42003950 (LWP 10308)]
[New Thread 0x42804950 (LWP 10309)]
[Thread 0x42003950 (LWP 10308) exited]
[Thread 0x42804950 (LWP 10309) exited]
[New Thread 0x42804950 (LWP 10310)]
[New Thread 0x42003950 (LWP 10311)]
[Thread 0x42003950 (LWP 10311) exited]
[Thread 0x42804950 (LWP 10310) exited]
[New Thread 0x42804950 (LWP 10312)]
[Thread 0x42804950 (LWP 10312) exited]
[New Thread 0x42804950 (LWP 10313)]
[Thread 0x42804950 (LWP 10313) exited]
[New Thread 0x42804950 (LWP 10314)]
[Thread 0x42804950 (LWP 10314) exited]
[New Thread 0x42804950 (LWP 10315)]
[New Thread 0x42003950 (LWP 10316)]
[Thread 0x42003950 (LWP 10316) exited]
[Thread 0x42804950 (LWP 10315) exited]
[New Thread 0x42804950 (LWP 10317)]
[Thread 0x42804950 (LWP 10317) exited]
[New Thread 0x42804950 (LWP 10318)]
[New Thread 0x42003950 (LWP 10319)]
[Thread 0x42804950 (LWP 10318) exited]
[Thread 0x42003950 (LWP 10319) exited]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2ac254b13660 (LWP 10302)]
0x0000000000463789 in vfs_fread (ptr=0x7fff5ce3005e, size=2, nmemb=1, file=0x2aaaabd059ac)
at vfs.c:159
159 vfs.c: No such file or directory.
in vfs.c
(gdb) bt full
#0 0x0000000000463789 in vfs_fread (ptr=0x7fff5ce3005e, size=2, nmemb=1,
file=0x2aaaabd059ac) at vfs.c:159
No locals.
#1 0x00000000004644bf in vfs_fget_le16 (value=0x12c06e0, stream=0x2aaaabd059ac)
at vfs_common.c:213
tmp = <value optimized out>
#2 0x00002aaaabd04472 in ?? () from /usr/lib/audacious/Input/madplug.so
No symbol table info available.
#3 0x000000000041d2c4 in playlist_entry_get_info (entry=0x2aaabb805010) at playlist.c:254
tuple = (Tuple *) 0x2aaabb805010
pr = (ProbeResult *) 0x0
modtime = 1167384954
formatter = <value optimized out>
__PRETTY_FUNCTION__ = "playlist_entry_get_info"
#4 0x00000000004214fc in playlist_entry_new (
filename=0x12cff10 "file:///mnt/media/import/audio/Metallica/Metallica%20-%20One.mp3",
title=0x0, length=-1, dec=0x2aaaabf077e0) at playlist.c:180
entry = (PlaylistEntry *) 0x2aaabb805010
#5 0x00000000004217a6 in __playlist_ins_file (playlist=0xa42e40,
filename=0x12aece0 "file:///mnt/media/import/audio/Metallica/Metallica%20-%20One.mp3",
pos=-1, tuple=0x0, title=0x0, len=-1, dec=0x2aaaabf077e0) at playlist.c:678
formatter = (const gchar *) 0x2aaaabf077e0 ""
filename_entry = (
gchar *) 0x12cff10 "file:///mnt/media/import/audio/Metallica/Metallica%20-%20One.mp3"
entry = (PlaylistEntry *) 0xa42e40
parent_tuple = (Tuple *) 0x0
nsubtunes = 0
subtune = 0
__PRETTY_FUNCTION__ = "__playlist_ins_file"
#6 0x0000000000421c9f in playlist_ins (playlist=0xa42e40,
filename=0x12aece0 "file:///mnt/media/import/audio/Metallica/Metallica%20-%20One.mp3",
pos=-1) at playlist.c:771
buf = "X6\000\000\000\000\000\000\220\233bF", '\0' <repeats 12 times>, "z�\224E", '\0' <repeats 12 times>, "��\214Q�*\000\000��3\001\000\000\000\000\004\000\000\000\000\000\000"
p = <value optimized out>
r = <value optimized out>
file = <value optimized out>
pr = (ProbeResult *) 0x10602d0
dec = (InputPlugin *) 0x2aaaabf077e0
tuple = (Tuple *) 0x0
http_flag = 0
__PRETTY_FUNCTION__ = "playlist_ins"
#7 0x0000000000432c69 in action_button_cb (widget=<value optimized out>,
---Type <return> to continue, or q <return> to quit---
data=<value optimized out>) at ui_fileopener.c:46
play_button = 0
files = (GSList *) 0x12eba30
#8 0x00002ac2504c3b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#9 0x00002ac2504d75ec in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#10 0x00002ac2504d9005 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#11 0x00002ac2504d92c8 in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#12 0x00002ac2504c3b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#13 0x00002ac2504d75ec in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#14 0x00002ac2504d9005 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#15 0x00002ac2504d92c8 in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#16 0x00002ac24efd9641 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#17 0x00002ac2504c3b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#18 0x00002ac2504d75ec in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#19 0x00002ac2504d9005 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#20 0x00002ac2504d93b3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#21 0x00002ac24f12de72 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#22 0x00002ac24f0394df in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#23 0x00002ac2504c3b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#24 0x00002ac2504d79d8 in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#25 0x00002ac2504d8d16 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#26 0x00002ac2504d93b3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#27 0x00002ac24f1408f5 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
---Type <return> to continue, or q <return> to quit---
#28 0x00002ac24f0327f2 in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#29 0x00002ac24f033795 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#30 0x00002ac24f4f114c in ?? () from /usr/lib/libgdk-x11-2.0.so.0
No symbol table info available.
#31 0x00002ac24e85a0f2 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#32 0x00002ac24e85d396 in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#33 0x00002ac24e85d657 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#34 0x00002ac24f033b63 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#35 0x00000000004199e2 in main (argc=1, argv=0x7fff5ce32378) at main.c:795
No locals.
#36 0x00002ac2515aa1c4 in __libc_start_main () from /lib/libc.so.6
No symbol table info available.
#37 0x0000000000413f69 in _start ()
No symbol table info available.
(gdb) info registers
rax 0x504d28206f696475 5786325216014197877
rbx 0x12c06e0 19662560
rcx 0x2aaaabd059ac 46912515365292
rdx 0x1 1
rsi 0x2 2
rdi 0x7fff5ce3005e 140734751768670
rbp 0x1336fd0 0x1336fd0
rsp 0x7fff5ce30048 0x7fff5ce30048
r8 0x52 82
r9 0x1 1
r10 0x1 1
r11 0x2ac2515fccb0 47014077254832
r12 0x2aaabf7dfdf0 46912845512176
r13 0x0 0
r14 0x12bac00 19639296
r15 0x12c06e0 19662560
rip 0x463789 0x463789 <vfs_fread+9>
eflags 0x10206 [ PF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb)
(gdb) run
Starting program: /usr/bin/audacious
[Thread debugging using libthread_db enabled]
[New Thread 0x2b8856920660 (LWP 10140)]
[New Thread 0x40800950 (LWP 10143)]
amidi-plug(amidi-plug.c:amidiplug_init:97): init, read configuration
amidi-plug(i_backend.c:i_backend_load:107): loading backend '/usr/lib/audacious/Input/amidi-plug/ap-alsa.so'
amidi-plug(i_backend.c:i_backend_load:145): backend /usr/lib/audacious/Input/amidi-plug/ap-alsa.so (name 'alsa') successfully loaded
[New Thread 0x41001950 (LWP 10144)]
[New Thread 0x41802950 (LWP 10145)]
[Thread 0x41802950 (LWP 10145) exited]
amidi-plug(i_backend.c:i_backend_unload:164): unloading backend 'alsa'
amidi-plug(i_backend.c:i_backend_unload:167): backend 'alsa' unloaded
[Thread 0x41001950 (LWP 10144) exited]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2b8856920660 (LWP 10140)]
0x00000000004311d9 in fileinfopopup_hide (filepopup_win=0x0, unused=<value optimized out>)
at ui_fileinfopopup.c:466
466 ui_fileinfopopup.c: No such file or directory.
in ui_fileinfopopup.c
(gdb) bt full
#0 0x00000000004311d9 in fileinfopopup_hide (filepopup_win=0x0,
unused=<value optimized out>) at ui_fileinfopopup.c:466
No locals.
#1 0x00000000004230a2 in plugin_system_cleanup () at pluginenum.c:1053
ip = <value optimized out>
op = <value optimized out>
ep = <value optimized out>
gp = (GeneralPlugin *) 0x2aaab3d85780
vp = <value optimized out>
lp = <value optimized out>
dp = <value optimized out>
node = (GList *) 0x984360
hlist_node = <value optimized out>
#2 0x0000000000419251 in aud_quit () at main.c:647
playlists = <value optimized out>
#3 0x00002b88522d0b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#4 0x00002b88522e45ec in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#5 0x00002b88522e6005 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#6 0x00002b88522e63b3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#7 0x000000000045213e in button_released (button=0xa4eab0) at ui_skinned_button.c:464
No locals.
#8 0x00002b88522d0b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#9 0x00002b88522e42b6 in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#10 0x00002b88522e6005 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#11 0x00002b88522e63b3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#12 0x00000000004521d2 in ui_skinned_button_button_release (widget=<value optimized out>,
event=<value optimized out>) at ui_skinned_button.c:458
button = <value optimized out>
#13 0x00002b8850e464df in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#14 0x00002b88522d0b5f in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#15 0x00002b88522e49d8 in ?? () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#16 0x00002b88522e5d16 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#17 0x00002b88522e63b3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
No symbol table info available.
#18 0x00002b8850f4d8f5 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#19 0x00002b8850e3f7f2 in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#20 0x00002b8850e40795 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#21 0x00002b88512fe14c in ?? () from /usr/lib/libgdk-x11-2.0.so.0
No symbol table info available.
#22 0x00002b88506670f2 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#23 0x00002b885066a396 in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#24 0x00002b885066a657 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#25 0x00002b8850e40b63 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#26 0x00000000004199e2 in main (argc=1, argv=0x7fff5b026568) at main.c:795
No locals.
#27 0x00002b88533b71c4 in __libc_start_main () from /lib/libc.so.6
No symbol table info available.
#28 0x0000000000413f69 in _start ()
No symbol table info available.
(gdb) info registers
rax 0x0 0
rbx 0x2aaab3d85780 46912650106752
rcx 0x6f0710 7276304
rdx 0x0 0
rsi 0x735d20 7560480
rdi 0x0 0
rbp 0x0 0x0
rsp 0x7fff5b024db0 0x7fff5b024db0
r8 0x711568 7411048
r9 0x1 1
r10 0x1 1
r11 0x4311c0 4395456
r12 0x1 1
r13 0x0 0
r14 0x412f40 4271936
r15 0x7fff5b025000 140734720266240
rip 0x4311d9 0x4311d9 <fileinfopopup_hide+25>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb)
