FS#10413 - VLC crash when open playlist file

Attached to Project: Arch Linux
Opened by Vladimir Korsun (amigo) - Wednesday, 14 May 2008, 07:07 GMT
Last edited by Tobias Kieslich (tobias) - Friday, 30 May 2008, 17:42 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tobias Kieslich (tobias)
Architecture i686
Severity Low
Priority Normal
Reported Version 2007.08-2
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:

VLC crashing when opening playlist file.


Additional info:
* package version(s)
vlc 0.8.6g-1

* config and/or log files etc.
archlinux% vlc test.m3u
VLC media player 0.8.6g Janus

** (.:14239): CRITICAL **: gtk_pizza_set_size: assertion `pizza != NULL' failed
*** glibc detected *** vlc: double free or corruption (fasttop): 0x08761330 ***
======= Backtrace: =========
/lib/libc.so.6[0xb789cc64]
/lib/libc.so.6(cfree+0x9c)[0xb789eb4c]
/usr/lib/vlc/demux/libplaylist_plugin.so[0xb23ddd28]
======= Memory map: ========
08048000-08623000 r-xp 00000000 08:01 589348 /usr/bin/vlc
08623000-08639000 rw-p 005da000 08:01 589348 /usr/bin/vlc
08639000-08ae0000 rw-p 08639000 00:00 0 [heap]
b2200000-b2221000 rw-p b2200000 00:00 0
b2221000-b2300000 ---p b2221000 00:00 0
b23db000-b23e7000 r-xp 00000000 08:01 252553 /usr/lib/vlc/demux/libplaylist_plugin.so
b23e7000-b23e8000 rw-p 0000b000 08:01 252553 /usr/lib/vlc/demux/libplaylist_plugin.so
b23e8000-b2fe9000 rw-p b23e8000 00:00 0
b2fe9000-b3011000 r-xp 00000000 08:01 552211 /usr/lib/libdvdnav.so.4.0.0
b3011000-b3012000 rw-p 00028000 08:01 552211 /usr/lib/libdvdnav.so.4.0.0
b301e000-b3021000 r-xp 00000000 08:01 180109 /usr/lib/vlc/access/libaccess_file_plugin.so
b3021000-b3022000 rw-p 00002000 08:01 180109 /usr/lib/vlc/access/libaccess_file_plugin.so
b3022000-b3025000 r-xp 00000000 08:01 180123 /usr/lib/vlc/access/libaccess_directory_plugin.so
b3025000-b3026000 rw-p 00002000 08:01 180123 /usr/lib/vlc/access/libaccess_directory_plugin.so
b3026000-b302a000 r-xp 00000000 08:01 180107 /usr/lib/vlc/access/libvcd_plugin.so
b302a000-b302b000 rw-p 00004000 08:01 180107 /usr/lib/vlc/access/libvcd_plugin.so
b302b000-b3035000 r-xp 00000000 08:01 180131 /usr/lib/vlc/access/libdvdnav_plugin.so
b3035000-b3036000 rw-p 0000a000 08:01 180131 /usr/lib/vlc/access/libdvdnav_plugin.so
b3036000-b303c000 r-xp 00000000 08:01 180106 /usr/lib/vlc/access/libv4l_plugin.so
b303c000-b303d000 rw-p 00005000 08:01 180106 /usr/lib/vlc/access/libv4l_plugin.so
b303d000-b303e000 ---p b303d000 00:00 0
b303e000-b383e000 rwxp b303e000 00:00 0
b383e000-b384b000 r--p 00000000 08:01 223246 /usr/share/icons/hicolor/icon-theme.cache
b384b000-b3858000 r--p 00000000 08:01 588183 /usr/share/locale/ru/LC_MESSAGES/glib20.mo
b3858000-b395c000 rw-p b3858000 00:00 0
b395c000-b39ee000 r--p 00000000 08:01 42537 /usr/share/fonts/TTF/DejaVuSans.ttf
b39ee000-b39f0000 r-xp 00000000 08:01 213100 /usr/lib/pango/1.6.0/modules/pango-basic-fc.so
b39f0000-b39f1000 rw-p 00001000 08:01 213100 /usr/lib/pango/1.6.0/modules/pango-basic-fc.so
b39f1000-b39f3000 r-xp 00000000 08:01 594398 /usr/lib/gconv/KOI8-R.so
b39f3000-b39f5000 rw-p 00001000 08:01 594398 /usr/lib/gconv/KOI8-R.so
b39f5000-b3a55000 rw-s 00000000 00:08 72581123 /SYSV00000000 (deleted)
b3a55000-b3ab5000 rw-s 00000000 00:08 72548354 /SYSV00000000 (deleted)
b3ab5000-b3abb000 r-xp 00000000 08:01 213213 /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-xpm.so
b3abb000-b3abc000 rw-p 00005000 08:01 213213 /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-xpm.so
b3abc000-b3ac2000 r--s 00000000 08:01 94133 /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2
b3ac2000-b3ad8000 r--s 00000000 08:01 93825 /var/cache/fontconfig/f6b893a7224233d96cb72fd88691c0b4-x86.cache-2
b3ad8000-b3af8000 r--p 00000000 08:01 587445 /usr/share/locale/ru/LC_MESSAGES/libc.mo
b3af8000-b3b1f000 r-xp 00000000 08:01 215312 /usr/lib/gtk-2.0/2.10.0/engines/libclearlooks.so
b3b1f000-b3b20000 rw-p 00026000 08:01 215312 /usr/lib/gtk-2.0/2.10.0/engines/libclearlooks.so
b3b20000-b3b4f000 r--p 00000000 08:01 589004 /usr/share/locale/ru/LC_MESSAGES/gtk20-properties.mo
b3b4f000-b3b50000 ---p b3b4f000 00:00 0
b3b50000-b4350000 rwxp b3b50000 00:00 0
b4350000-b4378000 r-xp 00000000 08:01 549908 /usr/lib/libpixman-1.so.0.10.0
b4378000-b4379000 rw-p 00028000 08:01 549908 /usr/lib/libpixman-1.so.0.10.0
b4379000-b43f0000 r-xp 00000000 08:01 549518 /usr/lib/libfreetype.so.6.3.16
b43f0000-b43f4000 rw-p 00077000 08:01 549518 /usr/lib/libfreetype.so.6.3.16
b43f4000-b441a000 r-xp 00000000 08:01 551654 /usr/lib/libpangoft2-1.0.so.0.2001.1
b441a000-b441b000 rw-p 00025000 08:01 551654 zsh: abort vlc test.m3u

archlinux% cat test.m3u
#EXTM3U
#EXTINF:0,Discovery - Science
udp://@239.255.255.1:1234


Steps to reproduce:

- Run VLC;
- Open playlist window;
- Open playlist file;
- VLC crash!
This task depends upon

Closed by  Tobias Kieslich (tobias)
Friday, 30 May 2008, 17:42 GMT
Reason for closing:  Fixed
Additional comments about closing:  rolled back to the f version
Comment by Tobias Kieslich (tobias) - Wednesday, 14 May 2008, 16:23 GMT
vlc is a goddamn frigging headache. My money is on an upstream bug.
Comment by Aaron Griffin (phrakture) - Wednesday, 14 May 2008, 17:01 GMT
WTF is this:
** (.:14239): CRITICAL **: gtk_pizza_set_size: assertion `pizza != NULL' failed

gtk_pizza ?
Comment by Ben (TheRealNeo) - Thursday, 15 May 2008, 17:31 GMT
Same here with a similar playlist :

#EXTM3U
#EXTINF:0,2 - France 2
rtsp://mafreebox.freebox.fr/freeboxtv/stream?id=201

Only happen with the latest version (0.8.6g) but was ok before
Comment by Tobias Kieslich (tobias) - Thursday, 15 May 2008, 18:20 GMT
now look at that, I recompiled the 0.8.6f on the same box I compiled 0.8.6g for release and it worked. No segfault no crash.
piecof crap. it's upstream. I'm tempted to close it with that note
Comment by Jan de Groot (JGC) - Friday, 16 May 2008, 08:37 GMT
There's more than this bug in the package. First of all, during my debug build of vlc I noticed the ffmpeg patch applied has one failed hunk, which is not detected because || return 1 was omitted.
The other problem is the invalid free (which I can only capture using valgrind on amd64, seems the free is not fatal on 64bit)

==16862== Invalid free() / delete / delete[]
==16862== at 0x4C20B2E: free (in /usr/lib/valgrind/amd64-linux/vgpreload_memcheck.so)
==16862== by 0x43316C: playlist_ViewUpdate (in /usr/bin/vlc)
==16862== by 0x436989: playlist_NodeAddItem (in /usr/bin/vlc)
==16862== by 0x2D00F304: Demux (in /usr/lib/vlc/demux/libplaylist_plugin.so)

The playlist_ViewUpdate function in src/playlist/view.c contains one call to free, which was added in 0.8.6g...

I get another one when deleting the playlist by pressing the delete button. Deleting the general folder and opening a new playlist kills vlc with a bunch of assertions and a nice segfault.

I suggest reporting this bug upstream and reverting the src/playlist folder to 0.8.6f, or just reverting the whole package to 0.8.6f.

Loading...