Double free error on Linux + Python 3.5

Issue #323 closed
Thomas Kluyver
created an issue

Originally reported here, but likely to be a pygame issue.

The first step is for someone who can reproduce it to try compiling pygame from source; it may be an issue with the manylinux wheels we built.

*** Error in `python3': double free or corruption (!prev): 0x00007f586c001b40 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f58955077e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x7fe0a)[0x7f589550fe0a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f589551398c]
/usr/local/lib/python3.5/dist-packages/pygame/.libs/libSDL_mixer-1-43ef50d2.2.so.0.12.0(+0x1923a)[0x7f588eb7923a]
/usr/local/lib/python3.5/dist-packages/pygame/.libs/libSDL_mixer-1-43ef50d2.2.so.0.12.0(Mix_FreeMusic+0xe9)[0x7f588eb6bbd9]
/usr/local/lib/python3.5/dist-packages/pygame/mixer.cpython-35m-x86_64-linux-gnu.so(+0x51aa)[0x7f588c02d1aa]
/usr/local/lib/python3.5/dist-packages/pygame/base.cpython-35m-x86_64-linux-gnu.so(+0x2fb1)[0x7f5893c8afb1]
/usr/local/lib/python3.5/dist-packages/pygame/base.cpython-35m-x86_64-linux-gnu.so(+0x300a)[0x7f5893c8b00a]
/lib/x86_64-linux-gnu/libc.so.6(+0x354b0)[0x7f58954c54b0]

Comments (7)

  1. René Dudfield

    This looks like an issue in sdl_mixer. Is there a python program which can be used to reproduce this? Could also be related to the different malloc systems being used in python, and there was a change for pymalloc in 3.5 I think.

    I found the system the bug is happening on here:

    • Distro: Ubuntu 16.04
    • glibc version: 2.23
    • Linux version: 4.4.0 (generic)

    To debug it with C, we have to use debug builds of all the libs. Otherwise we don't get stack traces.

    The python program to use to reproduce is here: https://gitlab.com/hexoshi/hexoshi However it would be good to have a minimal test case...

    Does this produce the same error? python -m pygame.examples.aliens

  2. Julie Marchant

    Hi,

    I've found some time to do some testing, and I've found that the source of this crash is any time pygame.mixer.music finishes playing an Ogg file (it doesn't seem to happen with other types of files). pygame.examples.playmus with any Ogg Vorbis file reproduces the problem. You can see the result faster by pressing "f"; it's the same result whether you cause it to fade out or wait until the end of the song.

    EDIT: I also note that stopping the music before it ends does not immediately cause this crash. It results in this crash if, later, music is played again. However, if the program ends before music is played again, it just causes a segmentation fault. Just an interesting thing I thought I should point out. The playmus example isn't capable of demonstrating this particular quirk, but in Hexoshi, it happens if you start a game and then leave it, or go into the credits screen and then leave it, before the "looping" music file starts up.

  3. Thomas Kluyver reporter

    Aha, thanks Julie. I can reproduce it with pygame.examples.playmus and pygame installed from a wheel. But I can't reproduce it if I install pygame from source. So it does seem to be something to do with the wheel build.

  4. Thomas Kluyver reporter

    I think I've found a solution by building newer versions of libogg and libvorbis (it was previously using the old versions packaged for Centos 5). I'm just checking that things build on x86 as well before I commit the change.

  5. Log in to comment