Opened 6 months ago

Last modified 2 months ago

#8213 new defect

Division by zero at libavcodec/lpc.h

Reported by: Suhwan Owned by:
Priority: normal Component: avcodec
Version: git-master Keywords: lpc ubsan
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

Summary of the bug:

libavcodec/lpc.h:189:15: runtime error: division by zero
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/lpc.h:189:15 in 

Thread 1 "ffmpeg_g" hit Breakpoint 1, compute_lpc_coefs (autoc=0x7fffffff74c8, 
    lpc=<optimized out>, lpc_stride=32, fail=0, normalize=1, 
    max_order=<optimized out>) at libavcodec/lpc.h:189
189	            r /= err;
(gdb) bt
#0  compute_lpc_coefs (autoc=0x7fffffff74c8, lpc=<optimized out>, lpc_stride=32, 
    fail=0, normalize=1, max_order=<optimized out>) at libavcodec/lpc.h:189
#1  ff_lpc_calc_coefs (s=0x633000080980, samples=0x633000070830, blocksize=4096, 
    min_order=4, max_order=6, precision=9, coefs=<optimized out>, 
    shift=<optimized out>, lpc_type=<optimized out>, lpc_passes=2, omethod=0, 
    min_shift=<optimized out>, max_shift=<optimized out>, 
    zero_shift=<optimized out>) at libavcodec/lpc.c:232
#2  0x00000000068f926e in calc_predictor_params (s=0x633000070800, 
    ch=<optimized out>) at libavcodec/alacenc.c:169
#3  write_element (s=0x633000070800, element=TYPE_SCE, instance=0, 
    samples0=<optimized out>, samples1=0x0) at libavcodec/alacenc.c:423
#4  0x00000000068f26c3 in write_frame (s=0x633000070800, avpkt=<optimized out>, 
    samples=0x616000009c80) at libavcodec/alacenc.c:478
#5  0x00000000068f0b4e in alac_encode_frame (avctx=0x619000002380, 
    avpkt=<optimized out>, frame=<optimized out>, got_packet_ptr=0x7fffffffb3c0)
    at libavcodec/alacenc.c:640
#6  0x000000000314964d in avcodec_encode_audio2 (avctx=0x619000002380, 
    avpkt=0x60e000005180, frame=0x616000009c80, got_packet_ptr=0x7fffffffb3c0)
    at libavcodec/encode.c:203
#7  0x0000000003151c20 in do_encode (avctx=<optimized out>, frame=0x616000009c80, 
    got_packet=0x7fffffffb3c0) at libavcodec/encode.c:374
#8  0x00000000031513ef in avcodec_send_frame (avctx=<optimized out>, 
    frame=0x616000009c80) at libavcodec/encode.c:420
#9  0x0000000000653b5d in do_audio_out (of=0x60a000000180, ost=0x616000007880, 
    frame=<optimized out>) at fftools/ffmpeg.c:939
#10 reap_filters (flush=0) at fftools/ffmpeg.c:1513
#11 0x00000000005e73a3 in transcode_step () at fftools/ffmpeg.c:4648
#12 transcode () at fftools/ffmpeg.c:4692
#13 0x00000000005db65c in main (argc=<optimized out>, argv=<optimized out>)
    at fftools/ffmpeg.c:4894

How to reproduce:

% ./ffmpeg_g -t 2 -stream_loop 14 -y -i guitar_acoustic_021-105-025.wav -loglevel 0 -map 0 -c copy -c:a:0 alac -disposition:s:8 vp8_v4l2m2m -disposition:s:8 pgmyuv -aframes 66 -ab 389k -ar 48000 -ac 1 -b:v 608k tmp.dts

ffmpeg version N-95160-g9fdc2c7bc4 Copyright (c) 2000-2019 the FFmpeg developers
built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
configuration: --cc=clang --cxx=clang++ --ld=clang --enable-debug --toolchain=clang-asan

Attachments (2)

guitar_acoustic_021-105-025.wav (125.0 KB) - added by Suhwan 6 months ago.
gdb-lpc (13.4 KB) - added by Suhwan 6 months ago.

Download all attachments as: .zip

Change History (3)

Changed 6 months ago by Suhwan

Changed 6 months ago by Suhwan

comment:1 Changed 2 months ago by cehoyos

  • Component changed from undetermined to avcodec
  • Keywords lpc added
  • Reproduced by developer set

Not reproducible without ubsan.

Note: See TracTickets for help on using tickets.