Context Navigation

Ticket #1791 (closed defect: fixed)

Last modified 5 months ago

changing number of channels/sample rate midstream

Reported by:	richardpl	Owned by:
Priority:	normal	Component:	avfilter
Version:	git-master	Keywords:
Cc:		Blocked By:
Blocking:		Reproduced by developer:	no
Analyzed by developer:	no

Description

Midstream changing number of channels or sample rate causes SEGV.

Should be reproducible with any container/codec that support midstream change of such parameters.

> ./ffmpeg_g -err_detect 0 -i /tmp/crash2.tak -f null -
ffmpeg version git-2012-10-07-9fc53f2 Copyright (c) 2000-2012 the FFmpeg developers
  built on Oct  7 2012 18:00:27 with FreeBSD clang version 3.1 (branches/release_31 156863) 20120523
  configuration: --disable-everything --cc=clang --enable-decoder='dca,tak,ape,flac,pcm_s16le,pcm_s16be,pcm_s8,pcm_u8,pcm_s24le,pcm_s24be,pcm_s32le,pcm_s32be,pcm_f32le,pcm_f32be,pcm_f64le,pcm_f64be' --enable-enco
der='flac,pcm_s16le,pcm_s16be,pcm_s8,pcm_u8,pcm_s24le,pcm_s24be,pcm_s32le,pcm_s32be,pcm_f64le,pcm_f64be' --enable-protocol='file,pipe' --enable-demuxer='dts,dtshd,tak,wav,flac,ape' --enable-muxer='wav,flac,null,framemd5,md5,crc,framecrc' --enable-filter='aresample,anull,abuffer,aconvert,afifo,aformat,ashowinfo,anullsink,abuffersink,asetnsamples' --enable-bzlib --enable-zlib
  libavutil      51. 73.102 / 51. 73.102
  libavcodec     54. 65.100 / 54. 65.100
  libavformat    54. 30.100 / 54. 30.100
  libavdevice    54.  3.100 / 54.  3.100
  libavfilter     3. 19.102 /  3. 19.102
  libswscale      2.  1.101 /  2.  1.101
  libswresample   0. 16.100 /  0. 16.100
[tak @ 0x28819100] max_analyze_duration 5000000 reached at 5000000
Guessed Channel Layout for  Input Stream #0.0 : 4.0
Input #0, tak, from '/tmp/crash2.tak':
  Duration: 00:01:00.48, start: 0.000000, bitrate: 861 kb/s
    Stream #0:0: Audio: tak, 44100 Hz, 4.0, s16p
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf54.30.100
    Stream #0:0: Audio: pcm_s16le, 44100 Hz, 4.0, s16, 2822 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (tak -> pcm_s16le)
Press [q] to stop, [?] for help
Error while decoding stream #0:0: Invalid data found when processing input
    Last message repeated 36 times
Input stream #0:0 frame changed from rate:44100 fmt:s16p ch:4 chl:4.0 to rate:44100 fmt:s16p ch:2 chl:2 channels (FL+FR+FC+BC)
Segmentation fault (core dumped)
> gdb ffmpeg_g ffmpeg_g.core 
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `ffmpeg_g'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libm.so.5...done.
Loaded symbols for /lib/libm.so.5
Reading symbols from /lib/libz.so.6...done.
Loaded symbols for /lib/libz.so.6
Reading symbols from /lib/libthr.so.3...done.
Loaded symbols for /lib/libthr.so.3
Reading symbols from /lib/libc.so.7...done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x28370dae in memcpy () from /lib/libc.so.7
[New Thread 28803080 (LWP 100173/ffmpeg_g)]
(gdb) bt
#0  0x28370dae in memcpy () from /lib/libc.so.7
#1  0x081a1064 in av_samples_copy (dst=dwarf expression stack underflow
) at libavutil/samplefmt.c:217
#2  0x0806520a in ff_copy_buffer_ref (outlink=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at libavfilter/buffer.c:226
#3  0x08065802 in av_buffersrc_add_ref (s=dwarf2_read_address: Corrupted DWARF expression.
) at libavfilter/buffersrc.c:133
#4  0x080656ac in av_buffersrc_add_frame (buffer_src=dwarf2_read_address: Corrupted DWARF expression.
) at libavfilter/buffersrc.c:91
#5  0x0805b26f in output_packet (ist=Unhandled dwarf expression opcode 0xed
) at ffmpeg.c:1544
#6  0x08057252 in transcode () at ffmpeg.c:2839
#7  0x0805337c in main (argc=dwarf2_read_address: Corrupted DWARF expression.
) at ffmpeg.c:3171
(gdb)

Attachments

crash.tak (986.7 KB) - added by richardpl 7 months ago.

Change History

comment:1 Changed 8 months ago by cehoyos

Channel number changes work fine with the samples from ticket #200 and a random ac-3 sample here.

I am not sure if I ever tested a stream with sample rate change.

Changed 7 months ago by richardpl

attachment crash.tak added

comment:2 Changed 7 months ago by richardpl

This sample is different because it changes number of channels from 4 to 2 but channel layout remains same.

comment:3 Changed 5 months ago by richardpl

Status changed from new to closed
Resolution set to fixed

Have been fixed in 02b238186a23d61859d9be8ca9356052f0216220.

Note: See TracTickets for help on using tickets.

Download in other formats: