Package: minidlna
Version: 1.3.0+dfsg-2.2
Followup-For: Bug #989828
X-Debbugs-Cc: alex.andreo...@gmail.com
Dear Maintainer,
Attached a backtrace and a patch that fixes the segv, but I don't know if it's
the right way, there might be some leak or other side effects.
The problem persists and I found some time to investigate.
I use a dlna application with Android that launches another player application,
it may be that one of these two does not fully comply with the standard (even
if I use the same apps with a Synology nas and they have no problems).
Looks like the select_fini is called, events (in select.c) is set to NULL, and
then a select_del arrives. I'll try to investigate if this is the case.
At the moment I don't know if it's only a package problem or also an upstream
problem, it seems to me that there is some patch applied to select.c but I
haven't looked at what they change.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages minidlna depends on:
ii adduser 3.129
ii init-system-helpers 1.65.2
ii libavformat59 7:5.1.2-1
ii libavutil57 7:5.1.2-1
ii libc6 2.36-6
ii libexif12 0.6.24-1+b1
ii libflac12 1.4.2+ds-2
ii libid3tag0 0.15.1b-14
ii libjpeg62-turbo 1:2.1.2-1+b1
ii libogg0 1.3.5-3
ii libsqlite3-0 3.40.0-1
ii libvorbis0a 1.3.7-1
ii lsb-base 11.5
ii sysvinit-utils [lsb-base] 3.05-7
minidlna recommends no packages.
minidlna suggests no packages.
-- no debconf information
Core was generated by `/sbin/minidlnad -f ./minidlna.conf -R'.
Program terminated with signal SIGABRT, Aborted.
#0 __pthread_kill_implementation (threadid=<optimized out>,
signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
44 ./nptl/pthread_kill.c: No such file or directory.
(gdb) bt
#0 __pthread_kill_implementation (threadid=<optimized out>,
signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#1 0x00007f94740b8d2f in __pthread_kill_internal (signo=6, threadid=<optimized
out>) at ./nptl/pthread_kill.c:78
#2 0x00007f9474069ef2 in __GI_raise (sig=sig@entry=6) at
../sysdeps/posix/raise.c:26
#3 0x00007f9474054472 in __GI_abort () at ./stdlib/abort.c:79
#4 0x00007f9474054395 in __assert_fail_base (fmt=0x7f94741c8a70 "%s%s%s:%u:
%s%sAssertion `%s' failed.\n%n", assertion=0x5643b46bc302 "events != NULL",
file=0x5643b46bc2d0 "select.c", line=135, function=<optimized out>)
at ./assert/assert.c:92
#5 0x00007f9474062df2 in __GI___assert_fail (assertion=0x5643b46bc302 "events
!= NULL", file=0x5643b46bc2d0 "select.c", line=135, function=0x5643b46bc358
<__PRETTY_FUNCTION__.0> "select_del") at ./assert/assert.c:101
#6 0x00005643b46abba8 in select_del (ev=0x5643b6381240, flags=1) at
./select.c:135
#7 0x00005643b46773af in CloseSocket_upnphttp (h=0x5643b6381240) at
./upnphttp.c:126
#8 0x00005643b467d8e6 in SendResp_dlnafile (h=0x5643b6381240,
object=0x7ffcfd003f9c "40.mp4") at ./upnphttp.c:2099
#9 0x00005643b4679f94 in ProcessHttpQuery_upnphttp (h=0x5643b6381240) at
./upnphttp.c:1001
#10 0x00005643b467a594 in Process_upnphttp (ev=0x5643b6381240) at
./upnphttp.c:1131
#11 0x00005643b46ac02f in select_process (msec=1755462) at ./select.c:185
#12 0x00005643b4676d5f in main (argc=4, argv=0x7ffcfd004c78) at
./minidlna.c:1287
--- minidlna-1.3.0+dfsg.orig/select.c
+++ minidlna-1.3.0+dfsg/select.c
@@ -132,9 +132,14 @@ select_del(struct event *ev, int flags)
if (ev->index < --nevents) {
struct event *ev0;
- ev0 = events[nevents];
- events[ev->index] = ev0;
- ev0->index = ev->index;
+ // assert(events != NULL);
+ if (events != NULL) {
+ assert(nevents >= 0);
+ ev0 = events[nevents];
+ assert(ev->index >= 0);
+ events[ev->index] = ev0;
+ ev0->index = ev->index;
+ }
}
ev->index = -1;
