Menu

#128 Crashes with SIGSEGV in mirage_track_get_sector_type

open
nobody
None
unassigned
default
2023-04-02
2023-04-02
sid
No

Was trying to write to a CDemu virtual CD. It works most of the times. But sometimes the daemon crashes randomly.

(gdb) bt
#0  mirage_track_get_sector_type (self=0x0) at ./mirage/track.c:329
#1  0x0000556f004e1a0e in cdemu_device_sao_recording_write_sectors (self=0x556f006af3c0 [CdemuDevice], start_address=<optimized out>, num_sectors=<optimized out>) at ./src/device-recording.c:947
#2  0x0000556f004dc3f8 in cdemu_device_execute_command (self=self@entry=0x556f006af3c0 [CdemuDevice], cdb=0x7f62f22cac30 "*") at ./src/device-commands.c:2881
#3  0x0000556f004ddaa8 in cdemu_device_io_handler (source=<optimized out>, condition=<optimized out>, self=0x556f006af3c0 [CdemuDevice]) at ./src/device-kernel-io.c:199
#4  0x00007f62f4c5f67f in g_main_dispatch (context=0x556f006dccb0) at ../../../glib/gmain.c:3454
#5  g_main_context_dispatch (context=context@entry=0x556f006dccb0) at ../../../glib/gmain.c:4172
#6  0x00007f62f4c5fa38 in g_main_context_iterate (context=0x556f006dccb0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4248
#7  0x00007f62f4c5fcef in g_main_loop_run (loop=0x556f006cbd10) at ../../../glib/gmain.c:4448
#8  0x0000556f004dd916 in cdemu_device_io_thread (self=0x556f006af3c0 [CdemuDevice]) at ./src/device-kernel-io.c:223
#9  0x00007f62f4c89cfd in g_thread_proxy (data=0x556f006b6b00) at ../../../glib/gthread.c:831
#10 0x00007f62f4868fd4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#11 0x00007f62f48e966c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Discussion

  • sid

    sid - 2023-04-02

    Full gdb backtrace.

    (gdb) thread apply 1 bt full

Thread 1 (Thread 0x7f62f22cb6c0 (LWP 112166)):
#0  mirage_track_get_sector_type (self=0x0) at ./mirage/track.c:329
#1  0x0000556f004e1a0e in cdemu_device_sao_recording_write_sectors (self=0x556f006af3c0 [CdemuDevice], start_address=<optimized out>, num_sectors=<optimized out>) at ./src/device-recording.c:947
        track_start = <optimized out>
        sector_type = <optimized out>
        address = -150
        main_format_ptr = 0x556f004e8f20 <sao_main_formats+32>
        subchannel_format_ptr = 0x556f004e8ec0 <sao_subchannel_formats>
        cue_fragment = 0x556f006d8a60 [MirageFragment]
        succeeded = 1
        sector = 0x7f62dc0147b0 [MirageSector]
        local_error = 0x0
#2  0x0000556f004dc3f8 in cdemu_device_execute_command (self=self@entry=0x556f006af3c0 [CdemuDevice], cdb=0x7f62f22cac30 "*") at ./src/device-commands.c:2881
        succeeded = 0
        i = 35
        status = CHECK_CONDITION
        packet_commands = {{
            cmd = CLOSE_TRACK_SESSION,
            debug_name = 0x556f004e5db1 "CLOSE TRACK/SESSION",
            implementation = 0x556f004d6f10 <command_close_track_session>,
            interrupt_audio_play = 1
          }, {
            cmd = GET_EVENT_STATUS_NOTIFICATION,
            debug_name = 0x556f004e5dc5 "GET EVENT/STATUS NOTIFICATION",
            implementation = 0x556f004d7ae0 <command_get_event_status_notification>,
            interrupt_audio_play = 0
          }, {
            cmd = GET_CONFIGURATION,
            debug_name = 0x556f004e5de3 "GET CONFIGURATION",
            implementation = 0x556f004d7f80 <command_get_configuration>,
            interrupt_audio_play = 0
          }, {
            cmd = GET_PERFORMANCE,
            debug_name = 0x556f004e5df5 "GET PERFORMANCE",
            implementation = 0x556f004dbda0 <command_get_performance>,
            interrupt_audio_play = 0
          }, {
            cmd = INQUIRY,
            debug_name = 0x556f004e5e05 "INQUIRY",
            implementation = 0x556f004db9a0 <command_inquiry>,
            interrupt_audio_play = 0
          }, {
            cmd = MODE_SELECT_6,
            debug_name = 0x556f004e5e0d "MODE SELECT (6)",
            implementation = 0x556f004db7a0 <command_mode_select>,
            interrupt_audio_play = 0
          }, {
            cmd = MODE_SELECT_10,
            debug_name = 0x556f004e5e1d "MODE SELECT (10)",
            implementation = 0x556f004db7a0 <command_mode_select>,
            interrupt_audio_play = 0
          }, {
            cmd = MODE_SENSE_6,
            debug_name = 0x556f004e5e2e "MODE SENSE (6)",
            implementation = 0x556f004d7ca0 <command_mode_sense>,
            interrupt_audio_play = 0
          }, {
            cmd = MODE_SENSE_10,
            debug_name = 0x556f004e5e3d "MODE SENSE (10)",
            implementation = 0x556f004d7ca0 <command_mode_sense>,
            interrupt_audio_play = 0
          }, {
            cmd = PAUSE_RESUME,
            debug_name = 0x556f004e5e4d "PAUSE/RESUME",
            implementation = 0x556f004db680 <command_pause_resume>,
            interrupt_audio_play = 0
          }, {
            cmd = PLAY_AUDIO_10,
            debug_name = 0x556f004e5e5a "PLAY AUDIO (10)",
            implementation = 0x556f004db4e0 <command_play_audio>,
            interrupt_audio_play = 1
          }, {
            cmd = PLAY_AUDIO_12,
            debug_name = 0x556f004e5e6a "PLAY AUDIO (12)",
            implementation = 0x556f004db4e0 <command_play_audio>,
            interrupt_audio_play = 1
          }, {
            cmd = PLAY_AUDIO_MSF,
            debug_name = 0x556f004e5e7a "PLAY AUDIO MSF",
            implementation = 0x556f004db4e0 <command_play_audio>,
            interrupt_audio_play = 1
          }, {
            cmd = PREVENT_ALLOW_MEDIUM_REMOVAL,
            debug_name = 0x556f004e5e89 "PREVENT/ALLOW MEDIUM REMOVAL",
            implementation = 0x556f004d7740 <command_prevent_allow_medium_removal>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_10,
            debug_name = 0x556f004e5ea6 "READ (10)",
            implementation = 0x556f004db050 <command_read>,
            interrupt_audio_play = 1
          }, {
            cmd = READ_12,
            debug_name = 0x556f004e5eb0 "READ (12)",
            implementation = 0x556f004db050 <command_read>,
            interrupt_audio_play = 1
          }, {
            cmd = READ_BUFFER_CAPACITY,
            debug_name = 0x556f004e5eba "READ BUFFER CAPACITY",
            implementation = 0x556f004db3f0 <command_read_buffer_capacity>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_CAPACITY,
            debug_name = 0x556f004e5ecf "READ CAPACITY",
            implementation = 0x556f004d9290 <command_read_capacity>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_CD,
            debug_name = 0x556f004e5edd "READ CD",
            implementation = 0x556f004daa80 <command_read_cd>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_CD_MSF,
            debug_name = 0x556f004e5ee5 "READ CD MSF",
            implementation = 0x556f004daa80 <command_read_cd>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_DISC_INFORMATION,
            debug_name = 0x556f004e5ef1 "READ DISC INFORMATION",
            implementation = 0x556f004d9380 <command_read_disc_information>,
            interrupt_audio_play = 1
          }, {
            cmd = READ_DISC_STRUCTURE,
            debug_name = 0x556f004e5f07 "READ DISC STRUCTURE",
            implementation = 0x556f004da760 <command_read_disc_structure>,
            interrupt_audio_play = 1
          }, {
            cmd = READ_TOC_PMA_ATIP,
            debug_name = 0x556f004e5f1b "READ TOC/PMA/ATIP",
            implementation = 0x556f004d98f0 <command_read_toc_pma_atip>,
            interrupt_audio_play = 0
          }, {
            cmd = READ_TRACK_INFORMATION,
            debug_name = 0x556f004e5f2d "READ TRACK INFORMATION",
            implementation = 0x556f004d8c80 <command_read_track_information>,
            interrupt_audio_play = 1
          }, {
            cmd = READ_SUBCHANNEL,
            debug_name = 0x556f004e5f44 "READ SUBCHANNEL",
            implementation = 0x556f004d8580 <command_read_subchannel>,
            interrupt_audio_play = 0
          }, {
            cmd = REPORT_KEY,
            debug_name = 0x556f004e5f54 "REPORT KEY",
            implementation = 0x556f004d79f0 <command_report_key>,
            interrupt_audio_play = 1
          }, {
            cmd = REQUEST_SENSE,
            debug_name = 0x556f004e5f5f "REQUEST SENSE",
            implementation = 0x556f004d7960 <command_request_sense>,
            interrupt_audio_play = 0
          }, {
            cmd = RESERVE_TRACK,
            debug_name = 0x556f004e5f6d "RESERVE TRACK",
            implementation = 0x556f004d72a0 <command_reserve_track>,
            interrupt_audio_play = 1
          }, {
            cmd = SEEK_10,
            debug_name = 0x556f004e5f7b "SEEK (10)",
            implementation = 0x556f004d6e00 <command_seek>,
            interrupt_audio_play = 1
          }, {
            cmd = SEND_CUE_SHEET,
            debug_name = 0x556f004e5f85 "SEND CUE SHEET",
            implementation = 0x556f004d77a0 <command_send_cue_sheet>,
            interrupt_audio_play = 1
          }, {
            cmd = SET_CD_SPEED,
            debug_name = 0x556f004e5f94 "SET CD SPEED",
            implementation = 0x556f004d75f0 <command_set_cd_speed>,
            interrupt_audio_play = 1
          }, {
            cmd = SET_STREAMING,
            debug_name = 0x556f004e5fa1 "SET STREAMING",
            implementation = 0x556f004d7550 <command_set_streaming>,
            interrupt_audio_play = 1
          }, {
            cmd = START_STOP_UNIT,
            debug_name = 0x556f004e5faf "START/STOP UNIT",
            implementation = 0x556f004d7430 <command_start_stop_unit>,
            interrupt_audio_play = 1
          }, {
            cmd = SYNCHRONIZE_CACHE,
            debug_name = 0x556f004e5fbf "SYNCHRONIZE CACHE",
            implementation = 0x556f004d71e0 <command_synchronize_cache>,
            interrupt_audio_play = 0
          }, {
            cmd = TEST_UNIT_READY,
            debug_name = 0x556f004e5fd1 "TEST UNIT READY",
            implementation = 0x556f004d6e40 <command_test_unit_ready>,
            interrupt_audio_play = 0
          }, {
            cmd = WRITE_10,
            debug_name = 0x556f004e5fe1 "WRITE (10)",
            implementation = 0x556f004d7100 <command_write>,
            interrupt_audio_play = 1
          }, {
            cmd = WRITE_12,
            debug_name = 0x556f004e5fec "WRITE (12)",
            implementation = 0x556f004d7100 <command_write>,
            interrupt_audio_play = 1
          }}
#3  0x0000556f004ddaa8 in cdemu_device_io_handler (source=<optimized out>, condition=<optimized out>, self=0x556f006af3c0 [CdemuDevice]) at ./src/device-kernel-io.c:199
        fd = 7
        ret = <optimized out>
        cmd = {
          cdb = "*\000\377\377\377j\000\000\033\000\000",
          in = 0x7f62f3258030 "",
          in_len = 63504,
          out = 0x7f62f325801c "\377j",
          out_len = 63504
        }
        vreq = 0x7f62f3258010
        vres = 0x7f62f3258010
#4  0x00007f62f4c5f67f in g_main_dispatch (context=0x556f006dccb0) at ../../../glib/gmain.c:3454
        dispatch = 0x7f62f4cb2f00 <g_io_unix_dispatch>
        prev_source = 0x0
        begin_time_nsec = 0
        was_in_call = 0
        user_data = 0x556f006af3c0
        callback = 0x556f004dd950 <cdemu_device_io_handler>
        cb_funcs = <optimized out>
        cb_data = 0x556f006822a0
        need_destroy = <optimized out>
        source = 0x556f006deb80
        current = 0x7f62dc000b90
        i = 0
        __func__ = "g_main_dispatch"
#5  g_main_context_dispatch (context=context@entry=0x556f006dccb0) at ../../../glib/gmain.c:4172
#6  0x00007f62f4c5fa38 in g_main_context_iterate (context=0x556f006dccb0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4248
        max_priority = 2147483647
        timeout = -1
        some_ready = 1
        nfds = <optimized out>
        allocated_nfds = 2
        fds = 0x556f006d6f40
#7  0x00007f62f4c5fcef in g_main_loop_run (loop=0x556f006cbd10) at ../../../glib/gmain.c:4448
        __func__ = "g_main_loop_run"
#8  0x0000556f004dd916 in cdemu_device_io_thread (self=0x556f006af3c0 [CdemuDevice]) at ./src/device-kernel-io.c:223
#9  0x00007f62f4c89cfd in g_thread_proxy (data=0x556f006b6b00) at ../../../glib/gthread.c:831
        thread = 0x556f006b6b00
        __func__ = "g_thread_proxy"
#10 0x00007f62f4868fd4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
        ret = <optimized out>
        pd = <optimized out>
        unwind_buf = {
          cancel_jmp_buf = {{
              jmp_buf = {140062946539200, 2189854394099647539, -128, 11, 140725992905840, 140062938148864, -2259108674190228429, -2259111613028023245},
              mask_was_saved = 0
            }},
          priv = {
            pad = {0x0, 0x0, 0x0, 0x0},
            data = {
              prev = 0x0,
              cleanup = 0x0,
              canceltype = 0
            }
          }
        }
        not_first_call = <optimized out>
#11 0x00007f62f48e966c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
(gdb)
     

  • sid

    sid - 2023-04-02

    cdemu-client - 3.2.5-1
    cdemu-daemon - 3.2.6-1
    gcdemu - 3.2.6-1
    gir1.2-mirage-3.2 - 3.2.6-1
    image-analyzer - 3.2.5-1
    libmirage11 - 3.2.6-1

     

Log in to post a comment.