Package: libsdl-mixer1.2
Version: 1.2.6-2
Severity: Important
Tags: patch
SDL-mixer has a bug that causes segfaults. I believe this directly
results in dozens of bug reports in debian, from packages that use
SDL-mixer. It is, however, difficult to know which repoted bugs are
dupes of this bug, and which ones are unrelated.
When you load a song in SDL-mixer, it updates a variable, md_sngchn,
which it uses to allocate memory for MP_VOICE structures. md_sngchn is a
global variable. An MP_VOICE structure is 104 bytes. A 4 channel song
is allocated half as much memory for voice structures as an 8 channel
song. md_sngchn is never updated after songs are loaded, so it always
equals the number of channels of the last song loaded.
The problem is that SDL-mixer then assumes that md_sngchn equals the
number of voice channels of the current song. In certain loops, it uses
md_sngchn to determine how much memory to write. It ends up writing
past the memory allocated for the 4 voice structures, if md_sngchn is
8. This causes segfaults. A different problem may occur when playing an
8 channel song, if the last song loaded has 4 channels.
The base problem is using global variables to excess. This problem is
compounded by using poorly named variables. SDL-mixer uses way too many
globals, and they usually have obscure names, like pf, or mf, or
md_sngchn. SDL-mixer could use a complete rewrite. Of course, as
maintainers, this is not your responsibility.
md_sngchn probably doesn't need to exist at all, since there
are ways of finding out how many channels are in the song, such as by
using pf->numchn. Here is a patch that at least partially fixes the
problem. I've still left the declaration and several uses for
md_sngchn. This is just the minimum patch required to get
penguin-command to work without segfaulting.
---- Patch begin ----
--- mplayer.c.old 2007-05-01 21:01:08.000000000 -0700
+++ mplayer.c 2007-05-01 20:02:21.000000000 -0700
@@ -1896,7 +1896,7 @@
SAMPLE *s;
pf->totalchn=pf->realchn=0;
- for (mp_channel=0;mp_channel<md_sngchn;mp_channel++) {
+ for (mp_channel=0;mp_channel<pf->numchn;mp_channel++) {
aout=&pf->voice[mp_channel];
i=aout->i;
s=aout->s;
@@ -2630,7 +2630,7 @@
pf->patbrk=0;
pf->vbtick=pf->sngspd;
- for (t=0;t<md_sngchn;t++) {
+ for (t=0;t<pf->numchn;t++) {
Voice_Stop_internal(t);
pf->voice[t].i=NULL;
pf->voice[t].s=NULL;
@@ -2655,7 +2655,7 @@
pf->patbrk=0;
pf->vbtick=pf->sngspd;
- for (t=0;t<md_sngchn;t++) {
+ for (t=0;t<pf->numchn;t++) {
Voice_Stop_internal(t);
pf->voice[t].i=NULL;
pf->voice[t].s=NULL;
@@ -2682,7 +2682,7 @@
pf->sngpos=pos;
pf->vbtick=pf->sngspd;
- for (t=0;t<md_sngchn;t++) {
+ for (t=0;t<pf->numchn;t++) {
Voice_Stop_internal(t);
pf->voice[t].i=NULL;
pf->voice[t].s=NULL;
---- End patch ----
For apps that use unpatched versions of SDL-mixer, I have a workaround
to suggest. Make sure that all songs you load have the same number of
channels.
I have already contacted upstream, and delivered to them a patch for
the latest version of SDL-mixer. I have not received a response.
-Brandon
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
