NetBSD Problem Report #53369
From www@NetBSD.org Fri Jun 15 19:12:39 2018
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id C60A17A1B0
for <gnats-bugs@gnats.NetBSD.org>; Fri, 15 Jun 2018 19:12:39 +0000 (UTC)
Message-Id: <20180615191238.277F97A26C@mollari.NetBSD.org>
Date: Fri, 15 Jun 2018 19:12:38 +0000 (UTC)
From: venture37@geeklan.co.uk
Reply-To: venture37@geeklan.co.uk
To: gnats-bugs@NetBSD.org
Subject: audio/mpg321 coredumps with SIGSEGV
X-Send-Pr-Version: www-1.0
>Number: 53369
>Category: pkg
>Synopsis: audio/mpg321 coredumps with SIGSEGV
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: leot
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Jun 15 19:15:00 +0000 2018
>Closed-Date: Tue Jun 19 12:14:00 +0000 2018
>Last-Modified: Sun Jul 08 13:45:00 +0000 2018
>Originator: Sevan Janiyan
>Release: pkgsrc-current
>Organization:
>Environment:
NetBSD 8.0_RC1 macppc powerpc
>Description:
Attempting to play a .wav or .mp3 file with mpg321 results in a coredump, sometimes just executing mpg321 without any options also coredumps.
Core was generated by `mpg321'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xfdeb50a8 in sem_post () from /usr/lib/libpthread.so.1
(gdb) bt
#0 0xfdeb50a8 in sem_post () from /usr/lib/libpthread.so.1
#1 0x0180aadc in main (argc=<optimized out>, argv=0xffffe8f4) at mpg321.c:755
(gdb) x/i $pc
=> 0xfdeb50a8 <sem_post+36>: lwz r3,12(r9)
(gdb) disassemble
Dump of assembler code for function sem_post:
0xfdeb5084 <+0>: mflr r0
0xfdeb5088 <+4>: stwu r1,-16(r1)
0xfdeb508c <+8>: bcl 20,4*cr7+so,0xfdeb5090 <sem_post+12>
0xfdeb5090 <+12>: stw r30,8(r1)
0xfdeb5094 <+16>: mflr r30
0xfdeb5098 <+20>: stw r0,20(r1)
0xfdeb509c <+24>: lwz r9,0(r3)
0xfdeb50a0 <+28>: addis r30,r30,2
0xfdeb50a4 <+32>: addi r30,r30,21752
=> 0xfdeb50a8 <+36>: lwz r3,12(r9)
0xfdeb50ac <+40>: bl 0xfdebe3a0 <00008000.got2.plt_pic32._ksem_post>
0xfdeb50b0 <+44>: lwz r0,20(r1)
0xfdeb50b4 <+48>: lwz r30,8(r1)
0xfdeb50b8 <+52>: mtlr r0
0xfdeb50bc <+56>: addi r1,r1,16
0xfdeb50c0 <+60>: blr
End of assembler dump.
(gdb) info registers
r0 0x180aadc 25209564
r1 0xffffded0 4294958800
r2 0xfdedf008 4260229128
r3 0x18206e4 25298660
r4 0x182476c 25315180
r5 0x0 0
r6 0x2580 9600
r7 0x2580 9600
r8 0x1824740 25315136
r9 0x0 0
r10 0x0 0
r11 0x83 131
r12 0xfdef8000 4260331520
r13 0x182867c 25331324
r14 0x0 0
r15 0xfda01800 4255127552
r16 0x0 0
r17 0x1820000 25296896
r18 0x0 0
r19 0x0 0
r20 0x0 0
r21 0x1820000 25296896
r22 0x1820000 25296896
r23 0x0 0
r24 0x0 0
r25 0x1824744 25315140
r26 0xffffe8f4 4294961396
r27 0x0 0
r28 0xfdee0000 4260233216
r29 0x1820690 25298576
r30 0xfdeda588 4260210056
r31 0x18206e4 25298660
pc 0xfdeb50a8 0xfdeb50a8 <sem_post+36>
msr <unavailable>
cr 0x24000882 603981954
lr 0xfdeb5090 0xfdeb5090 <sem_post+12>
ctr 0xfdeb5084 4260057220
xer 0x20000000 536870912
>How-To-Repeat:
just run mpg321 or try to play a mp3 or wav file
>Fix:
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->martin
Responsible-Changed-By: hauke@NetBSD.org
Responsible-Changed-When: Sat, 16 Jun 2018 09:09:41 +0000
Responsible-Changed-Why:
Over to maintainer.
From: coypu@sdf.org
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53369: audio/mpg321 coredumps with SIGSEGV
Date: Sat, 16 Jun 2018 10:20:57 +0000
It looks like it is calling sem_post before sem_init.
It crashes on amd64 too (my initial assumption was wrong)
leot mentions that mpg321 -K is the magical flag to get to the sem_init call
From: Leonardo Taccari <leot@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53369: audio/mpg321 coredumps with SIGSEGV
Date: Sat, 16 Jun 2018 12:43:20 +0200
Hello Sevan!
venture37@geeklan.co.uk writes:
> >Number: 53369
> >Category: pkg
> >Synopsis: audio/mpg321 coredumps with SIGSEGV
> >Confidential: no
> >Severity: serious
> >Priority: medium
> >Responsible: pkg-manager
> >State: open
> >Class: sw-bug
> >Submitter-Id: net
> >Arrival-Date: Fri Jun 15 19:15:00 +0000 2018
> >Originator: Sevan Janiyan
> >Release: pkgsrc-current
> >Organization:
> >Environment:
> NetBSD 8.0_RC1 macppc powerpc
>
> >Description:
> Attempting to play a .wav or .mp3 file with mpg321 results in a coredump=
, sometimes just executing mpg321 without any options also coredumps.
> [...]
As pointed out by <maya> it seems that there is a sem_post() on a
not initialized semaphore.
The following patch seems to fix the problem (if I am not missing
something there is no need to call sem_post() at all in that case and can
be removed):
<https://www.NetBSD.org/~leot/pkgsrc-patches/mpg321-pkg-53369.patch>
Please let us known if that fixes the problem!
For completeness here the patch also inline.
---------------------- 8< ------------------- 8< ----------------------
mpg321: Do not unlock unititialized main_lock
Do not call sem_post() on an unitialized semaphore.
Problem spotted by <maya>.
Should fix PR pkg/53369 by <sevan>.
Index: Makefile
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /cvsroot/pkgsrc/audio/mpg321/Makefile,v
retrieving revision 1.19
diff -u -p -r1.19 Makefile
--- Makefile 2 Jun 2016 09:18:19 -0000 1.19
+++ Makefile 16 Jun 2018 10:34:29 -0000
@@ -2,6 +2,7 @@
=
DISTNAME=3D mpg321_0.3.2.orig
PKGNAME=3D ${DISTNAME:S/_/-/:S/.orig//}
+PKGREVISION=3D 1
CATEGORIES=3D audio
MASTER_SITES=3D ${MASTER_SITE_SOURCEFORGE:=3Dmpg321/}
=
Index: distinfo
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /cvsroot/pkgsrc/audio/mpg321/distinfo,v
retrieving revision 1.8
diff -u -p -r1.8 distinfo
--- distinfo 2 Jun 2016 09:18:19 -0000 1.8
+++ distinfo 16 Jun 2018 10:34:29 -0000
@@ -5,4 +5,4 @@ RMD160 (mpg321_0.3.2.orig.tar.gz) =3D 04ea
SHA512 (mpg321_0.3.2.orig.tar.gz) =3D f1bead2c11e4cde0f1a87e1b2e3d216ef80=
c9a5dd8b219841961688d44a5fc63a54b7af07359766fde0b2712ddc5d0a90b20149c3228c=
b2d70e830e15c8ab234
Size (mpg321_0.3.2.orig.tar.gz) =3D 151139 bytes
SHA1 (patch-ao.c) =3D cb404acdfb032c5a823c717965d14319db0d4466
-SHA1 (patch-mpg321.c) =3D 0f82c72976ce1f1e7d16cd972eb1e38a0e305f86
+SHA1 (patch-mpg321.c) =3D c874219aa316899af42d5984ca06860642260d4b
Index: patches/patch-mpg321.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /cvsroot/pkgsrc/audio/mpg321/patches/patch-mpg321.c,v
retrieving revision 1.1
diff -u -p -r1.1 patch-mpg321.c
--- patches/patch-mpg321.c 2 Jun 2016 09:18:19 -0000 1.1
+++ patches/patch-mpg321.c 16 Jun 2018 10:34:29 -0000
@@ -1,6 +1,7 @@
$NetBSD: patch-mpg321.c,v 1.1 2016/06/02 09:18:19 jperkin Exp $
=
-Ensure structs are zero'd before use.
+- Ensure structs are zero'd before use.
+- Do not unlock uninitialized main_lock
=
--- mpg321.c.orig 2012-03-25 12:27:49.000000000 +0000
+++ mpg321.c
@@ -12,3 +13,12 @@ Ensure structs are zero'd before use.
playbuf.pl =3D pl =3D new_playlist();
=
if (!pl)
+@@ -750,8 +751,6 @@ int main(int argc, char *argv[])
+ if (tcgetattr(0, &terminal_settings) < 0)
+ perror("tcgetattr()");
+ memcpy(&old_terminal_settings, &terminal_settings, sizeof(stru=
ct termios));
+- /* Early thread start */
+- sem_post(&main_lock);
+ }
+ }
+ /* Play the mpeg files or zip it! */
Responsible-Changed-From-To: martin->rxg
Responsible-Changed-By: leot@NetBSD.org
Responsible-Changed-When: Sat, 16 Jun 2018 10:50:02 +0000
Responsible-Changed-Why:
Rui-Xiang can you please give it a look?
(over to MAINTAINER, <rxg> maintains mpg321 while <martin> mpg123)
From: Sevan Janiyan <venture37@geeklan.co.uk>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53369: audio/mpg321 coredumps with SIGSEGV
Date: Sat, 16 Jun 2018 15:22:33 +0100
On 16/06/2018 11:45, Leonardo Taccari wrote:
> As pointed out by <maya> it seems that there is a sem_post() on a
> not initialized semaphore.
>
> The following patch seems to fix the problem (if I am not missing
> something there is no need to call sem_post() at all in that case and can
> be removed):
>
> <https://www.NetBSD.org/~leot/pkgsrc-patches/mpg321-pkg-53369.patch>
>
> Please let us known if that fixes the problem!
Thank you, that fixes the crash.
There is an aggressive mode which tries to execute mpg321 at a higher
priority, does sem_post() fit in that situation?
It seems I've gotten into a bit of a rabbit hole, while mpg321 now does
crash initially, it plays MP3 files at the wrong pitch (everything is
way too high) and it eventually crashes if I point it to a wav file.
There's a patch in Free/OpenBSD ports which cleans up some bugs in
mpg321.c that will be usefull to pull in (don't leak file descriptors or
free random pointers). I will raise separate bug reports for these.
Sevan
From: "Leonardo Taccari" <leot@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/53369 CVS commit: pkgsrc/audio/mpg321
Date: Sat, 16 Jun 2018 14:43:21 +0000
Module Name: pkgsrc
Committed By: leot
Date: Sat Jun 16 14:43:21 UTC 2018
Modified Files:
pkgsrc/audio/mpg321: Makefile distinfo
pkgsrc/audio/mpg321/patches: patch-mpg321.c
Log Message:
mpg321: Do not unlock unititialized main_lock
Bump PKGREVISION
Problem spotted by <maya>, fixes PR pkg/53369 by <sevan>.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/audio/mpg321/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/audio/mpg321/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/audio/mpg321/patches/patch-mpg321.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Leonardo Taccari <leot@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53369: audio/mpg321 coredumps with SIGSEGV
Date: Sat, 16 Jun 2018 16:54:19 +0200
Hello Sevan,
Sevan Janiyan writes:
> Thank you, that fixes the crash.
Neat, thank you for the quick feedback!
> There is an aggressive mode which tries to execute mpg321 at a higher
> priority, does sem_post() fit in that situation?
>
At least the sem_post() removed I think wasn't related to that.
> It seems I've gotten into a bit of a rabbit hole, while mpg321 now does
> crash initially, it plays MP3 files at the wrong pitch (everything is
> way too high) and it eventually crashes if I point it to a wav file.
> There's a patch in Free/OpenBSD ports which cleans up some bugs in
> mpg321.c that will be usefull to pull in (don't leak file descriptors or
> free random pointers). I will raise separate bug reports for these.
Whooops! At least on amd64 -current seems to works pretty well with some
$RANDOM mp3 files. Probably yes, please fill separate PRs (and if
possible please also share problematic mp3/wav files or URLs to them if
they are under free licenses).
Responsible-Changed-From-To: rxg->leot
Responsible-Changed-By: leot@NetBSD.org
Responsible-Changed-When: Sat, 16 Jun 2018 15:00:36 +0000
Responsible-Changed-Why:
Take
State-Changed-From-To: open->feedback
State-Changed-By: leot@NetBSD.org
State-Changed-When: Sat, 16 Jun 2018 15:00:36 +0000
State-Changed-Why:
Patch committed as part of:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/audio/mpg321/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/audio/mpg321/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/audio/mpg321/patches/patch-mpg321.c
Should we ask for pullup to 2018Q1?
From: Benny Siegert <bsiegert@gmail.com>
To: gnats-bugs@netbsd.org
Cc: Leonardo Taccari <leot@netbsd.org>, rxg@netbsd.org, pkgsrc-bugs@netbsd.org,
gnats-admin@netbsd.org, Sevan Janiyan <venture37@geeklan.co.uk>
Subject: Re: pkg/53369 (audio/mpg321 coredumps with SIGSEGV)
Date: Sat, 16 Jun 2018 17:04:29 +0200
> Should we ask for pullup to 2018Q1?
Probably not, the update to this version happened after 2018Q1 was branched.
--
Benny
From: Leonardo Taccari <leot@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53369 (audio/mpg321 coredumps with SIGSEGV)
Date: Sat, 16 Jun 2018 19:30:59 +0200
Hello Benny,
Benny Siegert writes:
> > Leonardo Taccari writes:
> > Should we ask for pullup to 2018Q1?
>
> Probably not, the update to this version happened after 2018Q1 was branched.
>
If I'm not missing something I think that the last update was on
2016-06-02.
(Maybe it is a `mpg321 vs mpg123' confusion? (the latter was updated
recently) :))
State-Changed-From-To: feedback->pending-pullups
State-Changed-By: leot@NetBSD.org
State-Changed-When: Sun, 17 Jun 2018 11:06:33 +0000
State-Changed-Why:
pullup-pkgsrc #5772
From: "Benny Siegert" <bsiegert@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/53369 CVS commit: [pkgsrc-2018Q1] pkgsrc/audio/mpg321
Date: Tue, 19 Jun 2018 12:05:22 +0000
Module Name: pkgsrc
Committed By: bsiegert
Date: Tue Jun 19 12:05:22 UTC 2018
Modified Files:
pkgsrc/audio/mpg321 [pkgsrc-2018Q1]: Makefile distinfo
pkgsrc/audio/mpg321/patches [pkgsrc-2018Q1]: patch-mpg321.c
Log Message:
Pullup ticket #5772 - requested by leot
audio/mpg321: bugfix
Revisions pulled up:
- audio/mpg321/Makefile 1.20
- audio/mpg321/distinfo 1.9
- audio/mpg321/patches/patch-mpg321.c 1.2
---
Module Name: pkgsrc
Committed By: leot
Date: Sat Jun 16 14:43:21 UTC 2018
Modified Files:
pkgsrc/audio/mpg321: Makefile distinfo
pkgsrc/audio/mpg321/patches: patch-mpg321.c
Log Message:
mpg321: Do not unlock unititialized main_lock
Bump PKGREVISION
Problem spotted by <maya>, fixes PR pkg/53369 by <sevan>.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.19.18.1 pkgsrc/audio/mpg321/Makefile
cvs rdiff -u -r1.8 -r1.8.18.1 pkgsrc/audio/mpg321/distinfo
cvs rdiff -u -r1.1 -r1.1.18.1 pkgsrc/audio/mpg321/patches/patch-mpg321.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: pending-pullups->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Tue, 19 Jun 2018 12:14:00 +0000
State-Changed-Why:
Pullups completed. thanks for the bug report, and thanks to leot for making a patch to fix it.
From: "Leonardo Taccari" <leot@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/53369 CVS commit: pkgsrc/audio/mpg321
Date: Sun, 8 Jul 2018 13:42:13 +0000
Module Name: pkgsrc
Committed By: leot
Date: Sun Jul 8 13:42:13 UTC 2018
Modified Files:
pkgsrc/audio/mpg321: Makefile distinfo
pkgsrc/audio/mpg321/patches: patch-mpg321.c
Log Message:
mpg321: Always init the main_lock semaphore
The changes in mpg321-0.3.2nb1 actually fixed PR pkg/53369 but accidentally
broke support for `-K' option.
Bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 pkgsrc/audio/mpg321/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/audio/mpg321/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/audio/mpg321/patches/patch-mpg321.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.