- Package:
- sdl-mixer1.2
- Source:
- sdl-mixer1.2
- Submitter:
- Bas Wijnen
- Date:
- 2013-12-26 17:39:18 UTC
- Severity:
- normal
The dmod "Eternal suicide" is full of bugs which are nicely handled by the engine (and which don't really affect gameplay). However, there is one problem which causes the engine to abort with the attached message. I'm having trouble debugging this, as there is no mention of what really is the problem, except that some fortify check fails. I attached a save file with which you can reproduce it. It brings you in front of a cave. Enter it and it crashes. Thanks, Bas
After a lot of debugging, the problem seems to be in libSDL instead. If I manage to get a simple test program triggering the bug, I'll report it there and close this bug. Until I do, I'll leave it open on freedink, because I'm still not entirely sure. Thanks, Bas
Hi, According to the backtrace, it looks like it's in the SDL_mixer thread indeed. Cheers! Sylvain
Additional info : - No crash when run with '-s' (no sound), so looks like this comes from SDL_Mixer indeed. - I think I tested this D-Mod already during the FreeDink development, as I remembered it was a good test case for "bug-compatibility" (ahem), abeilt maybe only the Lava part. - Sylvain
Hi, What I have found out so far: - It crashes when it makes the call to play the midi file. - It doesn't crash when 20.mid is not present, nor when it is replaced by a different midi file. (even though 20.mid plays without a problem with timidity). However, a really slim test case with only calls to make that file play is not enough to make it crash. Thanks, Bas
You should probably send that MIDI file to the SDL_Mixer developers as well so that they can look over it for something that would cause this type of fault.
This message was meant for the bug itself as well (instead of the wrongly written package address). reassign 694260 sdl-mixer1.2 1.2.12-3 thanks Hello SDL maintainers, I'm usually hesitant to assign a bug to a library, because it often happens that the actual bug is in the calling code. This is even more likely with freedink, which originates from code with lots of bugs. However, in this case I think I really did hit a bug in the library. If you disagree, feel free to assign it back of course. Unfortunately, I am unable to create a slim test-case to trigger the bug. The problem is "stack smashing", which means that there is a buffer overflow on the stack. This is caught with gcc's stack protector (a fortify feature), which checks a guard variable when a function with arrays on the stack returns. Therefore the function from the backtrace is the one which owns the overflowed array, but it may or may not be the one which overflows it. I attached a file which can be used to trigger this bug. If you want to see it, you need to follow these steps: 1. install the freedink package. 2. unpack the attached midibug.tar.gz. 3. run "freedink -w -g midibug". The midi file that causes the problem is midibug/sound/10.mid If you have any questions, don't hesitate to ask. Thanks, Bas
Hi, 2012/12/3 Bas Wijnen <wijnen@debian.org>: I was trying to investigate the problem but didn't get very far. I tried to use the "save4.dat" but the hero doesn't appear in front of any cave, but inside castle walls, with "screen locked", and I have to kill monsters through walls (!?!?) so the screen unlocks and I can get out of the castle. Still, no caves. I get errors like: ALSA lib pcm.c:7339:(snd_pcm_recover) underrun occurred ALSA lib pcm.c:7339:(snd_pcm_recover) underrun occurred and sometimes the effects don't play, other times they do. I can confirm that "minibug" crashes for me also, I am not 100% sure if it's fault of the library or not -- probably it is. Perhaps we should have a -dbg package for the library, but unless this is urgent or a very important problem for the game (you said that it had multiple bugs/crashes), I would prefer to wait until after the release (I am a bit busy right now). Cheers.
Hi, Thanks for the effort. The instruction for that one was only meant for Sylvain, who knows how to install and run "d-mods". I created the "minibug" dmod to make it easier for you. ;-) Yes, these are normal and harmless. Yes, waiting until after the release is fine. The code isn't as buggy as I appearantly suggested. However, I've only seen this problem with one add-on (not with the original game). So it's not really a problem at all. But it is a bug, so it should be fixed. Whether a -dbg package is useful depends on if it would be useful for many users. One bug doesn't require a package to solve it. Thanks, Bas
2013/1/6 Bas Wijnen <wijnen@debian.org>: Yep, I know, and I appreciate it. I was trying to use "save4.dat" since I wasn't getting any enlightening info with your dmod. The problem seems to be inside Mix_LoadMUSType_RW, but without debugging information or modifying the source, that's as far as I can get. I was looking at the upstream repository and bug tracker but I didn't find any related fix or bug report. I think that it will be useful in general for people for all [important] SDL modules, esp. when they stumble upon this kind of problems. Maybe with that enabled we can pinpoint the problem easily, or at least see the full information in the backtraces. So I will try to add -dbg packages and revisit this problem when freeze is over -- unless somebody beats me to it, of course ;-) Cheers.
Get http://files.dinknetwork.com/dmod/etrnscd0.dmod It's a bzip2'd tar archive. Unpack it. copy save4.dat into the new directory etrnscd0 run freedink -w -g etrnscd0 Select continue and the (only) save file there is. Now you should be in front of a cave. :-) I don't think it helps much, though. Thanks, Bas
Hi, I added a -dbg package now (unstable), can you please try to reproduce the problem and get a back trace? Cheers. -- Manuel A. Fernandez Montecelo <manuel.montezelo@gmail.com>
at the end. Thanks, Bas $ gdb freedink GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/games/freedink...(no debugging symbols found)...done. (gdb) run -w -g . Starting program: /usr/games/freedink -w -g . warning: Could not load shared library symbols for linux-gate.so.1. Do you need "set solib-search-path" or "set sysroot"? [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". [New Thread 0xb6ed3b40 (LWP 4181)] [New Thread 0xb23f2b40 (LWP 4182)] [Thread 0xb23f2b40 (LWP 4182) exited] [New Thread 0xb23f2b40 (LWP 4183)] *** stack smashing detected ***: /usr/games/freedink terminated ======= Backtrace: ========= /lib/i386-linux-gnu/i686/cmov/libc.so.6(__fortify_fail+0x45)[0xb7d6de05] /lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x103dba)[0xb7d6ddba] /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0(_fini+0x0)[0xb7f904c4] /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0(+0x173e3)[0xb7f8b3e3] /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0(+0x14e8e)[0xb7f88e8e] /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0(Mix_LoadMUSType_RW+0x288)[0xb7f7fe28] /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0(Mix_LoadMUS+0xfc)[0xb7f7ffcc] /usr/games/freedink[0x804bdbb] /usr/games/freedink[0x804c098] /usr/games/freedink[0x805eb45] /usr/games/freedink[0x80507ae] /usr/games/freedink[0x805d604] /usr/games/freedink[0x804e09a] /usr/games/freedink[0x804e323] /usr/games/freedink[0x8078e4c] /usr/games/freedink[0x804ba4d] /lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xf5)[0xb7c838f5] /usr/games/freedink[0x804baed] ======= Memory map: ======== 08048000-0808b000 r-xp 00000000 fe:00 6972019 /usr/games/freedink 0808b000-0808c000 rw-p 00042000 fe:00 6972019 /usr/games/freedink 0808c000-08d70000 rw-p 00000000 00:00 0 [heap] b18ff000-b1a00000 rw-p 00000000 00:00 0 b1a00000-b1a21000 rw-p 00000000 00:00 0 b1a21000-b1b00000 ---p 00000000 00:00 0 b1b7d000-b1b98000 r-xp 00000000 fe:00 7867004 /lib/i386-linux-gnu/libgcc_s.so.1 b1b98000-b1b99000 rw-p 0001a000 fe:00 7867004 /lib/i386-linux-gnu/libgcc_s.so.1 b1b99000-b1bd5000 rw-p 00000000 00:00 0 b1bf2000-b1bf3000 ---p 00000000 00:00 0 b1bf3000-b23f3000 rw-p 00000000 00:00 0 [stack:4183] b23f3000-b63f4000 rw-s 00000000 00:10 26281 /run/shm/pulse-shm-1829616835 b63f4000-b648c000 rw-p 00000000 00:00 0 b648c000-b65b8000 rw-s 00000000 00:04 7274511 /SYSV00000000 (deleted) b65b8000-b660f000 rw-p 00000000 00:00 0 b6622000-b66ba000 rw-p 00000000 00:00 0 b66ba000-b66bf000 r-xp 00000000 fe:00 7210398 /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0 b66bf000-b66c0000 rw-p 00004000 fe:00 7210398 /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0 b66c0000-b66c8000 r-xp 00000000 fe:00 7209174 /usr/lib/i386-linux-gnu/libXrender.so.1.3.0 b66c8000-b66c9000 rw-p 00008000 fe:00 7209174 /usr/lib/i386-linux-gnu/libXrender.so.1.3.0 b66c9000-b66d2000 r-xp 00000000 fe:00 7209450 /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2 b66d2000-b66d3000 rw-p 00009000 fe:00 7209450 /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2 b66d3000-b66d4000 ---p 00000000 00:00 0 b66d4000-b6ed4000 rw-p 00000000 00:00 0 [stack:4181] b6ed4000-b705d000 r--p 00000000 fe:00 6951917 /usr/lib/locale/locale-archive b705d000-b7061000 rw-p 00000000 00:00 0 b7061000-b7074000 r-xp 00000000 fe:00 7867901 /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so b7074000-b7075000 r--p 00012000 fe:00 7867901 /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so b7075000-b7076000 rw-p 00013000 fe:00 7867901 /lib/i386-linux-gnu/i686/cmov/libresolv-2.17.so b7076000-b7078000 rw-p 00000000 00:00 0 b7078000-b71de000 r-xp 00000000 fe:00 7209294 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8 b71de000-b71ef000 r--p 00165000 fe:00 7209294 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8 b71ef000-b71f0000 rw-p 00176000 fe:00 7209294 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8 b71f0000-b71f1000 rw-p 00000000 00:00 0 b71f1000-b7206000 r-xp 00000000 fe:00 7867881 /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so b7206000-b7207000 r--p 00014000 fe:00 7867881 /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so b7207000-b7208000 rw-p 00015000 fe:00 7867881 /lib/i386-linux-gnu/i686/cmov/libnsl-2.17.so b7208000-b720a000 rw-p 00000000 00:00 0 b720a000-b7218000 r-xp 00000000 fe:00 7209468 /usr/lib/i386-linux-gnu/libXi.so.6.1.0 b7218000-b7219000 rw-p 0000d000 fe:00 7209468 /usr/lib/i386-linux-gnu/libXi.so.6.1.0 b7219000-b721d000 r-xp 00000000 fe:00 7864887 /lib/i386-linux-gnu/libuuid.so.1.3.0 b721d000-b721e000 r--p 00003000 fe:00 7864887 /lib/i386-linux-gnu/libuuid.so.1.3.0 b721e000-b721f000 rw-p 00004000 fe:00 7864887 /lib/i386-linux-gnu/libuuid.so.1.3.0 b721f000-b7224000 r-xp 00000000 fe:00 7209219 /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0 b7224000-b7225000 rw-p 00004000 fe:00 7209219 /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0 b7225000-b7227000 r-xp 00000000 fe:00 7210034 /usr/lib/i386-linux-gnu/libXau.so.6.0.0 b7227000-b7228000 rw-p 00001000 fe:00 7210034 /usr/lib/i386-linux-gnu/libXau.so.6.0.0 b7228000-b7229000 rw-p 00000000 00:00 0 b7229000-b722d000 r-xp 00000000 fe:00 7870126 /lib/i386-linux-gnu/libattr.so.1.1.0 b722d000-b722e000 r--p 00003000 fe:00 7870126 /lib/i386-linux-gnu/libattr.so.1.1.0 b722e000-b722f000 rw-p 00004000 fe:00 7870126 /lib/i386-linux-gnu/libattr.so.1.1.0 b722f000-b7234000 r-xp 00000000 fe:00 7210957 /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1 b7234000-b7235000 rw-p 00004000 fe:00 7210957 /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1 b7235000-b72a2000 r-xp 00000000 fe:00 7210903 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25 b72a2000-b72a4000 r--p 0006c000 fe:00 7210903 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25 b72a4000-b72a5000 rw-p 0006e000 fe:00 7210903 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25 b72a5000-b72a9000 rw-p 00000000 00:00 0 b72a9000-b72b1000 r-xp 00000000 fe:00 7864833 /lib/i386-linux-gnu/libwrap.so.0.7.6 b72b1000-b72b2000 r--p 00007000 fe:00 7864833 /lib/i386-linux-gnu/libwrap.so.0.7.6 b72b2000-b72b3000 rw-p 00008000 fe:00 7864833 /lib/i386-linux-gnu/libwrap.so.0.7.6 b72b3000-b72b8000 r-xp 00000000 fe:00 7210384 /usr/lib/i386-linux-gnu/libXtst.so.6.1.0 b72b8000-b72b9000 rw-p 00004000 fe:00 7210384 /usr/lib/i386-linux-gnu/libXtst.so.6.1.0 b72b9000-b72ba000 rw-p 00000000 00:00 0 b72ba000-b72c1000 r-xp 00000000 fe:00 7209407 /usr/lib/i386-linux-gnu/libSM.so.6.0.1 b72c1000-b72c2000 rw-p 00006000 fe:00 7209407 /usr/lib/i386-linux-gnu/libSM.so.6.0.1 b72c2000-b72d8000 r-xp 00000000 fe:00 7209400 /usr/lib/i386-linux-gnu/libICE.so.6.3.0 b72d8000-b72da000 rw-p 00015000 fe:00 7209400 /usr/lib/i386-linux-gnu/libICE.so.6.3.0 b72da000-b72db000 rw-p 00000000 00:00 0 b72db000-b72dc000 r-xp 00000000 fe:00 7210619 /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0 b72dc000-b72dd000 rw-p 00000000 fe:00 7210619 /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0 b72dd000-b72fa000 r-xp 00000000 fe:00 7871215 /lib/i386-linux-gnu/libtinfo.so.5.9 b72fa000-b72fc000 r--p 0001c000 fe:00 7871215 /lib/i386-linux-gnu/libtinfo.so.5.9 b72fc000-b72fd000 rw-p 0001e000 fe:00 7871215 /lib/i386-linux-gnu/libtinfo.so.5.9 b72fd000-b732e000 r-xp 00000000 fe:00 7871217 /lib/i386-linux-gnu/libncursesw.so.5.9 b732e000-b732f000 r--p 00030000 fe:00 7871217 /lib/i386-linux-gnu/libncursesw.so.5.9 b732f000-b7330000 rw-p 00031000 fe:00 7871217 /lib/i386-linux-gnu/libncursesw.so.5.9 b7330000-b7331000 rw-p 00000000 00:00 0 b7331000-b7419000 r-xp 00000000 fe:00 7870121 /lib/i386-linux-gnu/libslang.so.2.2.4 b7419000-b741b000 r--p 000e8000 fe:00 7870121 /lib/i386-linux-gnu/libslang.so.2.2.4 b741b000-b742a000 rw-p 000ea000 fe:00 7870121 /lib/i386-linux-gnu/libslang.so.2.2.4 b742a000-b7464000 rw-p 00000000 00:00 0 b7464000-b7485000 r-xp 00000000 fe:00 7209223 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0 b7485000-b7486000 r--p 00020000 fe:00 7209223 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0 b7486000-b7487000 rw-p 00021000 fe:00 7209223 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0 b7487000-b74d0000 r-xp 00000000 fe:00 7866639 /lib/i386-linux-gnu/libdbus-1.so.3.7.3 b74d0000-b74d1000 r--p 00049000 fe:00 7866639 /lib/i386-linux-gnu/libdbus-1.so.3.7.3 b74d1000-b74d2000 rw-p 0004a000 fe:00 7866639 /lib/i386-linux-gnu/libdbus-1.so.3.7.3 b74d2000-b74da000 r-xp 00000000 fe:00 7864521 /lib/i386-linux-gnu/libjson.so.0.1.0 b74da000-b74db000 r--p 00007000 fe:00 7864521 /lib/i386-linux-gnu/libjson.so.0.1.0 b74db000-b74dc000 rw-p 00008000 fe:00 7864521 /lib/i386-linux-gnu/libjson.so.0.1.0 b74dc000-b74e0000 r-xp 00000000 fe:00 7864873 /lib/i386-linux-gnu/libcap.so.2.22 b74e0000-b74e1000 rw-p 00003000 fe:00 7864873 /lib/i386-linux-gnu/libcap.so.2.22 b74e1000-b74e2000 rw-p 00000000 00:00 0 b74e2000-b7548000 r-xp 00000000 fe:00 7212277 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so b7548000-b7549000 r--p 00065000 fe:00 7212277 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so b7549000-b754a000 rw-p 00066000 fe:00 7212277 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so b754a000-b7551000 r-xp 00000000 fe:00 7867885 /lib/i386-linux-gnu/i686/cmov/librt-2.17.so b7551000-b7552000 r--p 00006000 fe:00 7867885 /lib/i386-linux-gnu/i686/cmov/librt-2.17.so b7552000-b7553000 rw-p 00007000 fe:00 7867885 /lib/i386-linux-gnu/i686/cmov/librt-2.17.so b7553000-b755e000 r-xp 00000000 fe:00 7209495 /usr/lib/i386-linux-gnu/libjbig.so.0.0.0 b755e000-b7561000 rw-p 0000b000 fe:00 7209495 /usr/lib/i386-linux-gnu/libjbig.so.0.0.0 b7561000-b7567000 r-xp 00000000 fe:00 7209287 /usr/lib/i386-linux-gnu/libogg.so.0.8.0 b7567000-b7568000 rw-p 00005000 fe:00 7209287 /usr/lib/i386-linux-gnu/libogg.so.0.8.0 b7568000-b7569000 rw-p 00000000 00:00 0 b7569000-b758e000 r-xp 00000000 fe:00 7867384 /lib/i386-linux-gnu/libexpat.so.1.6.0 b758e000-b758f000 ---p 00025000 fe:00 7867384 /lib/i386-linux-gnu/libexpat.so.1.6.0 b758f000-b7591000 r--p 00025000 fe:00 7867384 /lib/i386-linux-gnu/libexpat.so.1.6.0 b7591000-b7592000 rw-p 00027000 fe:00 7867384 /lib/i386-linux-gnu/libexpat.so.1.6.0 b7592000-b75a9000 r-xp 00000000 fe:00 7867905 /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so b75a9000-b75aa000 r--p 00016000 fe:00 7867905 /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so b75aa000-b75ab000 rw-p 00017000 fe:00 7867905 /lib/i386-linux-gnu/i686/cmov/libpthread-2.17.so b75ab000-b75ad000 rw-p 00000000 00:00 0 b75ad000-b75af000 r-xp 00000000 fe:00 7210680 /usr/lib/i386-linux-gnu/libts-0.0.so.0.1.1 b75af000-b75b0000 rw-p 00001000 fe:00 7210680 /usr/lib/i386-linux-gnu/libts-0.0.so.0.1.1 b75b0000-b7677000 r-xp 00000000 fe:00 7210928 /usr/lib/i386-linux-gnu/libcaca.so.0.99.18 b7677000-b7678000 rw-p 000c6000 fe:00 7210928 /usr/lib/i386-linux-gnu/libcaca.so.0.99.18 b7678000-b767d000 rw-p 00000000 00:00 0 b767d000-b7693000 r-xp 00000000 fe:00 7210724 /usr/lib/i386-linux-gnu/libdirect-1.2.so.9.0.1 b7693000-b7694000 rw-p 00016000 fe:00 7210724 /usr/lib/i386-linux-gnu/libdirect-1.2.so.9.0.1 b7694000-b7695000 rw-p 00000000 00:00 0 b7695000-b769e000 r-xp 00000000 fe:00 7210722 /usr/lib/i386-linux-gnu/libfusion-1.2.so.9.0.1 b769e000-b769f000 rw-p 00008000 fe:00 7210722 /usr/lib/i386-linux-gnu/libfusion-1.2.so.9.0.1 b769f000-b7722000 r-xp 00000000 fe:00 7210725 /usr/lib/i386-linux-gnu/libdirectfb-1.2.so.9.0.1 b7722000-b7725000 rw-p 00082000 fe:00 7210725 /usr/lib/i386-linux-gnu/libdirectfb-1.2.so.9.0.1 b7725000-b7736000 r-xp 00000000 fe:00 7209462 /usr/lib/i386-linux-gnu/libXext.so.6.4.0 b7736000-b7737000 rw-p 00010000 fe:00 7209462 /usr/lib/i386-linux-gnu/libXext.so.6.4.0 b7737000-b786b000 r-xp 00000000 fe:00 7209532 /usr/lib/i386-linux-gnu/libX11.so.6.3.0 b786b000-b786f000 rw-p 00133000 fe:00 7209532 /usr/lib/i386-linux-gnu/libX11.so.6.3.0 b786f000-b78bd000 r-xp 00000000 fe:00 7212273 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2 b78bd000-b78be000 r--p 0004d000 fe:00 7212273 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2 b78be000-b78bf000 rw-p 0004e000 fe:00 7212273 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2 b78bf000-b78c0000 rw-p 00000000 00:00 0 b78c0000-b78c3000 r-xp 00000000 fe:00 7212271 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3 b78c3000-b78c4000 r--p 00002000 fe:00 7212271 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3 b78c4000-b78c5000 rw-p 00003000 fe:00 7212271 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3 b78c5000-b79bc000 r-xp 00000000 fe:00 7210223 /usr/lib/i386-linux-gnu/libasound.so.2.0.0 b79bc000-b79c0000 r--p 000f6000 fe:00 7210223 /usr/lib/i386-linux-gnu/libasound.so.2.0.0 b79c0000-b79c1000 rw-p 000fa000 fe:00 7210223 /usr/lib/i386-linux-gnu/libasound.so.2.0.0 b79c1000-b7a58000 r-xp 00000000 fe:00 7209160 /usr/lib/i386-linux-gnu/libfreetype.so.6.8.1 b7a58000-b7a5c000 r--p 00096000 fe:00 7209160 /usr/lib/i386-linux-gnu/libfreetype.so.6.8.1 b7a5c000-b7a5d000 rw-p 0009a000 fe:00 7209160 /usr/lib/i386-linux-gnu/libfreetype.so.6.8.1 b7a5d000-b7a8b000 r-xp 00000000 fe:00 7221508 /usr/lib/i386-linux-gnu/libwebp.so.2.0.0 b7a8b000-b7a8c000 r--p 0002d000 fe:00 7221508 /usr/lib/i386-linux-gnu/libwebp.so.2.0.0 b7a8c000-b7a8d000 rw-p 0002e000 fe:00 7221508 /usr/lib/i386-linux-gnu/libwebp.so.2.0.0 b7a8d000-b7a90000 rw-p 00000000 00:00 0 b7a90000-b7aa7000 r-xp 00000000 fe:00 7867916 /lib/i386-linux-gnu/libz.so.1.2.8 b7aa7000-b7aa8000 r--p 00016000 fe:00 7867916 /lib/i386-linux-gnu/libz.so.1.2.8 b7aa8000-b7aa9000 rw-p 00017000 fe:00 7867916 /lib/i386-linux-gnu/libz.so.1.2.8 b7aa9000-b7aaa000 rw-p 00000000 00:00 0 b7aaa000-b7b0c000 r-xp 00000000 fe:00 7215965 /usr/lib/i386-linux-gnu/libtiff.so.4.3.6 b7b0c000-b7b0d000 ---p 00062000 fe:00 7215965 /usr/lib/i386-linux-gnu/libtiff.so.4.3.6 b7b0d000-b7b0f000 r--p 00062000 fe:00 7215965 /usr/lib/i386-linux-gnu/libtiff.so.4.3.6 b7b0f000-b7b10000 rw-p 00064000 fe:00 7215965 /usr/lib/i386-linux-gnu/libtiff.so.4.3.6 b7b10000-b7b48000 r-xp 00000000 fe:00 7209493 /usr/lib/i386-linux-gnu/libjpeg.so.8.4.0 b7b48000-b7b49000 rw-p 00037000 fe:00 7209493 /usr/lib/i386-linux-gnu/libjpeg.so.8.4.0 b7b49000-b7b71000 r-xp 00000000 fe:00 7867920 /lib/i386-linux-gnu/libpng12.so.0.49.0 b7b71000-b7b72000 r--p 00027000 fe:00 7867920 /lib/i386-linux-gnu/libpng12.so.0.49.0 b7b72000-b7b73000 rw-p 00028000 fe:00 7867920 /lib/i386-linux-gnu/libpng12.so.0.49.0 b7b73000-b7b89000 r-xp 00000000 fe:00 6965144 /usr/lib/libmad.so.0.2.1 b7b89000-b7b8a000 rw-p 00015000 fe:00 6965144 /usr/lib/libmad.so.0.2.1 b7b8a000-b7bd8000 r-xp 00000000 fe:00 7210901 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0 b7bd8000-b7bd9000 r--p 0004d000 fe:00 7210901 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0 b7bd9000-b7bda000 rw-p 0004e000 fe:00 7210901 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0 b7bda000-b7bdb000 rw-p 00000000 00:00 0 b7bdb000-b7c05000 r-xp 00000000 fe:00 7209303 /usr/lib/i386-linux-gnu/libvorbis.so.0.4.5 b7c05000-b7c06000 r--p 00029000 fe:00 7209303 /usr/lib/i386-linux-gnu/libvorbis.so.0.4.5 Program received signal SIGABRT, Aborted. 0xb7fde424 in __kernel_vsyscall () (gdb) bt #0 0xb7fde424 in __kernel_vsyscall () #1 0xb7c9882f in raise () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #2 0xb7c9bcf3 in abort () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #3 0xb7cd5285 in ?? () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #4 0xb7d6de05 in __fortify_fail () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #5 0xb7d6ddba in __stack_chk_fail () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #6 0xb7f904c4 in __stack_chk_fail_local () from /usr/lib/i386-linux-gnu/libSDL_mixer-1.2.so.0 #7 0xb7f8b3e3 in read_midi_file (mrw=mrw@entry=0x8c7b230, count=count@entry=0xbfffe7bc, sp=sp@entry=0x8c82228) at timidity/readmidi.c:1070 #8 0xb7f88e8e in Timidity_LoadSong_RW (rw=rw@entry=0x8c7b230, freerw=freerw@entry=1) at timidity/playmidi.c:1690 #9 0xb7f7fe28 in Mix_LoadMUSType_RW 0x0805eb45 in ?? () #14 0x080507ae in ?? () #15 0x0805d604 in ?? () #16 0x0804e09a in ?? () #17 0x0804e323 in ?? () #18 0x08078e4c in ?? () #19 0x0804ba4d in ?? () #20 0xb7c838f5 in __libc_start_main () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 #21 0x0804baed in ?? () (gdb)
2013/5/11 Bas Wijnen <wijnen@debian.org>: I am no expert in these matters, but as you said in the beggining of the bug report, what this backtrace suggests is that when trying to load a midi song and reading the file, the program manages to corrupt the stack, which triggers the exceptions/signals/etc provided by the fortifying functionality in order to prevent security problems. I am not sure if this is due to the fortifying options when compiling sdl-mixer or freedink, but in any case I think that it would be very unwise to disable them, especially in the libraries, used in many places including important emulators. The timidity code was built on ~1995 and has been unmaintained for many years, so it's not looking good. I don't really know what else to say, I will forward this upstream and let's see. It might be worth trying with libsdl2-mixer (already in NEW queue to be approved by FTP team), but I guess that it will pull all SDL2 dependencies and not sure if freedink will work with those. Thanks and cheers. -- Manuel A. Fernandez Montecelo <manuel.montezelo@gmail.com>
We believe that the bug you reported is fixed in the latest version of
sdl-mixer1.2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 694260@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Manuel A. Fernandez Montecelo <mafm@debian.org> (supplier of updated sdl-mixer1.2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sun, 09 Jun 2013 16:41:16 +0100
Source: sdl-mixer1.2
Binary: libsdl-mixer1.2 libsdl-mixer1.2-dbg libsdl-mixer1.2-dev
Architecture: source amd64
Version: 1.2.12-5
Distribution: unstable
Urgency: low
Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org>
Changed-By: Manuel A. Fernandez Montecelo <mafm@debian.org>
Description:
libsdl-mixer1.2 - Mixer library for Simple DirectMedia Layer 1.2, libraries
libsdl-mixer1.2-dbg - Mixer library for Simple DirectMedia Layer 1.2, debugging
libsdl-mixer1.2-dev - Mixer library for Simple DirectMedia Layer 1.2, development files
Closes: 694260 700375
Changes:
sdl-mixer1.2 (1.2.12-5) unstable; urgency=low
.
* Adding patch (bug-694260-freedink_stack_corruption.patch) backported from
upstream, to protect against stack corruption when midi file has more than
16 channels (Closes: #694260). Thanks Bas Wijnen for the report and
analysis.
* Recommend midi patch set (Closes: #700375). Thanks Fabian Greffrath.
Checksums-Sha1:
0c2b9ca9cbf3f0bc1b9cc31464fa0bf3845dad7a 2402 sdl-mixer1.2_1.2.12-5.dsc
12b41e8078ecffa6d18dee6ddf2b8b4aa55f9440 13751 sdl-mixer1.2_1.2.12-5.debian.tar.gz
7bd57114612f40697cc0e06a56236c0ea5373755 93554 libsdl-mixer1.2_1.2.12-5_amd64.deb
be5a0350e0370f4ebac68235b917026ed3ca149f 187328 libsdl-mixer1.2-dbg_1.2.12-5_amd64.deb
b844bee68d8d0c58c6c5516d4f6b7f5a33799cce 128422 libsdl-mixer1.2-dev_1.2.12-5_amd64.deb
Checksums-Sha256:
d66cc6a9d38dbfdcb036341130d2d9c5a0e6184fad9825d4b672a3f71baa8ff6 2402 sdl-mixer1.2_1.2.12-5.dsc
7dd67d124a1563cc7318177d347413f1d19806bd84803d92ef96e542d5690505 13751 sdl-mixer1.2_1.2.12-5.debian.tar.gz
77912168b71254c1e76df5dc96725ba7593b8e2ede3fafc3545a5295f8ff432e 93554 libsdl-mixer1.2_1.2.12-5_amd64.deb
f2c6dc5f1bbe139ee17e8d48c46072e883814091b10802f907352c3986554bed 187328 libsdl-mixer1.2-dbg_1.2.12-5_amd64.deb
9265ceff0e1a86d1966a79dc66c5c4f588bba1da28d757a68553c7443949741d 128422 libsdl-mixer1.2-dev_1.2.12-5_amd64.deb
Files:
5624f0e69382974186e6ba5f58030b8b 2402 libs optional sdl-mixer1.2_1.2.12-5.dsc
e47fc07a18c58fdf61c9afed870869f5 13751 libs optional sdl-mixer1.2_1.2.12-5.debian.tar.gz
4aeac3dc125064fd6daaad160554fdbc 93554 libs optional libsdl-mixer1.2_1.2.12-5_amd64.deb
5c0efab4364a56e2ff15cc36d7741c3e 187328 debug extra libsdl-mixer1.2-dbg_1.2.12-5_amd64.deb
2da1581eab5bdefda79853f629951d3b 128422 libdevel optional libsdl-mixer1.2-dev_1.2.12-5_amd64.deb
iQIcBAEBAgAGBQJRtKgLAAoJEH92BqRF3KgOO2MP/1PLnTHGcYuvTAgzFuzUJBhk
tIVli1dDKzhQm3twaPpnxcBBKyykcReSqu7n+LwX7NfCmtxl9vffZ0knhXrC/jEa
tDOP6iUiOPpkCM8UmiygaSDU8E/+OSudbD9mTJb7WqNpO01Qbrs7/453CiUIPpqY
2RJQ23qfLzf46JPp4e480kOaQnyUYGD5LqGBcRidgVNTyA9ntspoOBpN0XDWEeD2
EAfUuQOhbRNFPWK46yW/M/BDRus1rlFnkOKT42FOmvm0jSD/z68bE2PNOPqGagYn
heXHSPwSyMDgatzUOVfIdFvQt7tVcsg63qJtjhKbdLghIXbOfMULMlyNvVNRt0z4
bYee2gX1an7jugu6lO3TnwFaLgkMhfZsxIkoz6+EfGTvcFaLc3VvqsGTLD8/mSyx
211SuETyI90YKethiL4ZdBCjB35LAdH3Ge9z8EO8e14rO+pjXGVVdW/v8SxMw+L7
kF6nSu3RoBtyb9QbNZ25qaJVdC7zfsUp7u2R2PCQXaHZfhJH6HB5dNxWJfH7La2/
CBuFdahev1nrcdzbqf1m2disLKE9UBSGQ4U1+qlg3fqbpP2bvVdLE9CeInyS3BI7
jgped8e3d1kln4JLMP3eNCW5pDnphpooZ8jETA8OfHlhcButXWdIa6455WWIuQ5E
u7kGXL799pDaApQtgRXc
=/Mss
-----END PGP SIGNATURE-----