I've dug into this with a debugger and Valgrind, and found the problem. It's a buffer overrun.
In audio_alsa.c, the play() function calls audio_pcm() with a "len" argument of 1152. At 8 bytes per sample, this would fill up a buffer of 9216 bytes. But the buffer "buf" (a static variable in this same file) was allocated to be 8192 bytes in size, enough to handle 1024 samples. The value of 8192/1024samples comes from the ALSA library. The 1152 appears to be coming from libmad; it was a little hard to follow. The attached patch makes the segfault go away (and as a bonus, addresses a Valgrind-reported uninitialized-variable error and memory leak). It is not, however, a general fix. For that, the aforementioned discrepancy needs to be resolved. ** Visibility changed to: Public ** Patch added: "madplay.patch" https://bugs.launchpad.net/ubuntu/+source/madplay/+bug/903526/+attachment/2631906/+files/madplay.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/903526 Title: madplay crashed with SIGSEGV in _int_free() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/madplay/+bug/903526/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
