Bug#584605: audacity: Backtrace, as requested...

Adrian Knoth Sun, 13 Jun 2010 03:50:53 -0700

On Sat, Jun 12, 2010 at 10:34:22PM -0400, Dave Witbrodt wrote:

> Looking at the values of "j" (826) and "cnt" (4294967274) at the time
> of the crash, they look out of the ballpark to me.  This is the loop
> being iterated (in lib-src/portmixer/src/px_linux_alsa.c) which hits
> those values:


> 
>          else if (snd_mixer_selem_is_enum_capture(elem)) {
>             unsigned int cnt = snd_mixer_selem_get_enum_items(elem);
>             unsigned int j;
> 
>             for (j = 0; j < cnt; j++) {
>                char iname[256];
>                snd_mixer_selem_get_enum_item_name(elem, j, sizeof(iname), 
> iname);
(..)
>                   break;
>                }
>                i++;
>             }
> 
> The huge value for "cnt" suggests that
> snd_mixer_selem_get_enum_items() is returning a negative number here,
> but upstream has coded this function to store the return value in an
> unsigned int (and not bother to check it!).

Exactly.

> Looking for some documentation, I found:
> 
>     
> http://www.alsa-project.org/alsa-doc/alsa-lib/group___simple_mixer.html#g23600e756612dca7ea8329994590fa19
> 
>       int  snd_mixer_selem_get_enum_items  (snd_mixer_elem_t  *elem)  

>       Returns:
>           the number of enumerated items, otherwise a negative error code 
> 
> Oops!  This thing can return negative numbers, but upstream thought it
> wouldn't happen.

Thank you so much. Best bug report I've ever seen. Really. ;)

> If I can provide more information, test any patches, or be of help in some
> other way just let me know.

Find attached a quick fix. Untested, but it basically does what you've
suggested: don't run the loop when cnt is negative.

Does it fix the problem?


TIA

-- 
mail: a...@thur.de      http://adi.thur.de      PGP/GPG: key via keyserver

diff --git a/lib-src/portmixer/src/px_linux_alsa.c b/lib-src/portmixer/src/px_linux_alsa.c
index 2b4e70f..4e34e55 100644
--- a/lib-src/portmixer/src/px_linux_alsa.c
+++ b/lib-src/portmixer/src/px_linux_alsa.c
@@ -196,12 +196,12 @@ static int open_mixer(PxDev *dev, int card, int playback)
             i++;
          }
          else if (snd_mixer_selem_is_enum_capture(elem)) {
-            unsigned int cnt = snd_mixer_selem_get_enum_items(elem);
-            unsigned int j;
+            int cnt = snd_mixer_selem_get_enum_items(elem);
+            int j;
 
             for (j = 0; j < cnt; j++) {
                char iname[256];
-               snd_mixer_selem_get_enum_item_name(elem, j, sizeof(iname), iname);
+               snd_mixer_selem_get_enum_item_name(elem, (unsigned int) j, sizeof(iname), iname);
                snprintf(name,
                         sizeof(name),
                         "%s:%d",

_______________________________________________
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers

Bug#584605: audacity: Backtrace, as requested...

Reply via email to