[SDL] glibc terminates all applications using SDL_mixer when playing MIDI

Nikos Chantziaras realnc at arcor.de
Fri Jul 1 17:20:24 PDT 2011


A few days ago, some update got performed by my Linux distro (Gentoo) 
which made glibc abort programs with a message like:


*** glibc detected *** /var/tmp/portage/SDL_mixer/build/.libs/playmus: 
free(): invalid pointer: 0x00000000012b0b80 ***


Programs using SDL_mixer to play MIDI (using the Timidity backend) are 
affected, including the "playmus" sample program that comes with 
SDL_mixer.  This happens with both SDL_mixer 1.2.11 as well as latest 
sources from Hg.  Running valgrind on playmus doesn't work (it just 
quits for some reason).  Running it on my own app, produces this:

(I deleted references to my own sources to make this smaller.)


==23754== Conditional jump or move depends on uninitialised value(s)
==23754==    at 0x4C2A569: groom_list (readmidi.c:692)
==23754==    by 0x4C2B8E1: read_midi_file (readmidi.c:1079)
==23754==    by 0x4C286E3: Timidity_LoadSong_RW (playmidi.c:1732)
==23754==    by 0x4C1C262: Mix_LoadMUS_RW (music.c:1501)
==23754==

==23754== Invalid write of size 2
==23754==    at 0x4C1F4F9: load_instrument (instrum.c:805)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF21: load_missing_instruments (instrum.c:995)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)
==23754==  Address 0x4fb9754 is 37,764 bytes inside a block of size 
37,765 alloc'd
==23754==    at 0x4A076AD: malloc (in 
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==23754==    by 0x4C1C949: safe_malloc (common.c:218)
==23754==    by 0x4C1EF6B: load_instrument (instrum.c:689)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF21: load_missing_instruments (instrum.c:995)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)
==23754==
==23754== Invalid write of size 2
==23754==    at 0x4C1F4F9: load_instrument (instrum.c:805)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF50: load_missing_instruments (instrum.c:997)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)
==23754==  Address 0x708f350 is 9,904 bytes inside a block of size 9,905 
alloc'd
==23754==    at 0x4A076AD: malloc (in 
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==23754==    by 0x4C1C949: safe_malloc (common.c:218)
==23754==    by 0x4C1EF6B: load_instrument (instrum.c:689)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF50: load_missing_instruments (instrum.c:997)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)
==23754==
==23754== Invalid read of size 2
==23754==    at 0x4C2CB85: pre_resample (resample.c:726)
==23754==    by 0x4C1F670: load_instrument (instrum.c:834)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF50: load_missing_instruments (instrum.c:997)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)
==23754==  Address 0x65031be is 52,830 bytes inside a block of size 
52,831 alloc'd
==23754==    at 0x4A076AD: malloc (in 
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==23754==    by 0x4C1C949: safe_malloc (common.c:218)
==23754==    by 0x4C1EF6B: load_instrument (instrum.c:689)
==23754==    by 0x4C1FBBC: fill_bank (instrum.c:908)
==23754==    by 0x4C1FF50: load_missing_instruments (instrum.c:997)
==23754==    by 0x4C28723: Timidity_Start (playmidi.c:1744)
==23754==    by 0x4C1BA77: music_internal_play (music.c:787)
==23754==    by 0x4C1BBF3: Mix_FadeInMusicPos (music.c:874)
==23754==    by 0x4C1BC55: Mix_PlayMusic (music.c:885)

(Audio starts playing after this point.)

==23754== Thread 2:
==23754== Conditional jump or move depends on uninitialised value(s)
==23754==    at 0x4C228FA: s32tos16 (output.c:82)
==23754==    by 0x4C27A66: compute_data (playmidi.c:1484)
==23754==    by 0x4C284C3: Timidity_PlaySome (playmidi.c:1663)
==23754==    by 0x4C1B4D6: music_mixer (music.c:292)
==23754==    by 0x4C1818D: mix_channels (mixer.c:300)
==23754==    by 0x3034A07E97: SDL_RunAudio (SDL_audio.c:198)
==23754==    by 0x3034A10214: SDL_RunThread (SDL_thread.c:204)
==23754==    by 0x3034A45358: RunThread (SDL_systhread.c:47)
==23754==    by 0x3002206D4B: start_thread (pthread_create.c:301)
==23754==    by 0x30016D12AC: clone (clone.S:115)
==23754==
==23754== Conditional jump or move depends on uninitialised value(s)
==23754==    at 0x4C2290C: s32tos16 (output.c:83)
==23754==    by 0x4C27A66: compute_data (playmidi.c:1484)
==23754==    by 0x4C284C3: Timidity_PlaySome (playmidi.c:1663)
==23754==    by 0x4C1B4D6: music_mixer (music.c:292)
==23754==    by 0x4C1818D: mix_channels (mixer.c:300)
==23754==    by 0x3034A07E97: SDL_RunAudio (SDL_audio.c:198)
==23754==    by 0x3034A10214: SDL_RunThread (SDL_thread.c:204)
==23754==    by 0x3034A45358: RunThread (SDL_systhread.c:47)
==23754==    by 0x3002206D4B: start_thread (pthread_create.c:301)
==23754==    by 0x30016D12AC: clone (clone.S:115)




More information about the SDL mailing list