[MPlayer-users] a serious exit(3) related bug in mplayer

Mikhail Teterin mi at corbulon.video-collage.com
Sat Dec 7 00:40:03 CET 2002


It appears, there is a serious bug in how mplayer treats loadable
libraries. If such a library calls atexit(3) to register _its own
function_ to be called at exit time, mplayer will crash in exit() called
from exit_player(), if the library was dlclose()d already.

Calling _exit(2) directly is one workaround, but it may leave things in
bad shape...

The only solution seems to NOT unload any libraries (remove the calls to
dlclose()). Unfortunately, there is no standard C API to access the list
of functions registered with atexit() to know, if it is safe to unload a
particular library...

Below is the output from my debugging session, with commentsBreakpoint 5, 0x28972be6 in atexit () from /usr/lib/libc.so.5
(gdb) where
#0  0x28972be6 in atexit () from /usr/lib/libc.so.5
#1  0x2909c89f in Arts::MCOPUtils::mcopDirectory() ()
   from /opt/lib/libmcop.so.1
#2  0x29083b49 in Arts::Dispatcher::Dispatcher(Arts::IOManager*, Arts::Dispatcher::StartServer) () from /opt/lib/libmcop.so.1
#3  0x28df490c in arts_backend_init () from /opt/lib/libartscbackend.so.0
#4  0x28874431 in arts_init () from /opt/lib/libartsc.so.0
#5  0x080b91f7 in init (rate_hz=44100, channels=-2, format=679972720, flags=0)
    at ao_arts.c:47
#6  0x080b3b69 in init_best_audio_out (ao_list=0x83a1160, use_plugin=0, 
    rate=44100, channels=2, format=16, flags=0) at audio_out.c:124
#7  0x080849de in main (argc=6, argv=0xbfbff69c) at mplayer.c:1316
#8  0x080821d5 in _start ()
(gdb) p ((int *)__atexit)[1]
$36 = 2	/* This is the number of already registered callbacks */
(gdb) step
Single stepping until exit from function atexit, 
which has no line number information.
0x2909c89f in Arts::MCOPUtils::mcopDirectory() () from /opt/lib/libmcop.so.1
(gdb) p ((int *)__atexit)[1]
$37 = 3	/* The arts library has added another callback: */
(gdb) p ((void (*)(void)*)__atexit)[4]
$43 = (void (*)()) 0x2909cdf0 <__tcf_0>
(gdb) cont
ontinuing.
AO: [arts] can't connect to aRts soundserver
couldn't open/init audio device -> no sound
Audio: no sound!!!	/* Arts library is dlclose()-ed */
[... mplayer's messages...]

Exiting... (End of file)

Breakpoint 1, exit_player (how=0x823702c "End of file") at mplayer.c:405
405       exit(1);
(gdb) p ((void (*)(void)*)__atexit)[4]
$44 = (void (*)()) 0x2909cdf0

Note, that the function address is still the same in $44 as it was in
$43, but the function is no longer there -- gdb can not its name any
more...

As exit(3) goes through the list, it will crash on an attempt to call
this function. I'm guessing, this does not show up on Linux due to
differences in the atexit/dlclose/etc. implementations.

	-mi




More information about the MPlayer-users mailing list