#10171 closed defect (fixed)
wavarc: crash with valid 8 bit mono file (comp. level 3)
| Reported by: | ami_stuff | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | undetermined |
| Version: | unspecified | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
(gdb) r -i 8_33_M_C3.WA -y out.wav
Starting program: fmpeg_g -i 8_33_M_C3.WA -y out.wav
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version N-109758-gbdc76f467f Copyright (c) 2000-2023 the FFmpeg developers
built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
configuration:
libavutil 57. 44.100 / 57. 44.100
libavcodec 59. 63.100 / 59. 63.100
libavformat 59. 38.100 / 59. 38.100
libavdevice 59. 8.101 / 59. 8.101
libavfilter 8. 56.100 / 8. 56.100
libswscale 6. 8.112 / 6. 8.112
libswresample 4. 9.100 / 4. 9.100
Input #0, wavarc, from '8_33_M_C3.WA':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Audio: wavarc (3NLP / 0x504C4E33), 33333 Hz, mono, s16p
Stream mapping:
Stream #0:0 -> #0:0 (wavarc (native) -> pcm_s16le (native))
Press [q] to stop, [?] for help
[New Thread 0x7ffff6b9c700 (LWP 21435)]
[New Thread 0x7ffff639b700 (LWP 21436)]
[New Thread 0x7ffff5b9a700 (LWP 21437)]
[New Thread 0x7ffff5399700 (LWP 21438)]
[New Thread 0x7ffff4b98700 (LWP 21439)]
[New Thread 0x7fffeffff700 (LWP 21440)]
[New Thread 0x7fffef7fe700 (LWP 21441)]
[New Thread 0x7fffeeffd700 (LWP 21442)]
[New Thread 0x7fffee7fc700 (LWP 21443)]
Output #0, wav, to 'out.wav':
Metadata:
ISFT : Lavf59.38.100
Stream #0:0: Audio: pcm_s16le ([1][0][0][0] / 0x0001), 33333 Hz, mono, s16, 533 kb/s
Metadata:
encoder : Lavc59.63.100 pcm_s16le
[New Thread 0x7fffedffb700 (LWP 21444)]
[wavarc @ 0x55555715b380] get_buffer() failedspeed= 0x
Thread 1 "ffmpeg_g" received signal SIGSEGV, Segmentation fault.
av_buffer_unref (buf=buf@entry=0x55555715d2e0) at libavutil/buffer.c:144
144 buffer_replace(buf, NULL);
(gdb) bt
#0 av_buffer_unref (buf=buf@entry=0x55555715d2e0) at libavutil/buffer.c:144
#1 0x00005555564c0d4c in av_frame_unref (frame=<optimized out>)
at libavutil/frame.c:501
#2 av_frame_unref (frame=frame@entry=0x55555715d200) at libavutil/frame.c:491
#3 0x0000555555bc9e16 in ff_get_buffer (avctx=avctx@entry=0x55555715b380,
frame=frame@entry=0x55555715d200, flags=flags@entry=0)
at libavcodec/decode.c:1548
#4 0x0000555556089f56 in wavarc_decode (avctx=0x55555715b380,
frame=0x55555715d200, got_frame_ptr=0x7fffffffdb5c, pkt=<optimized out>)
at libavcodec/wavarc.c:400
#5 0x0000555555bc7b0a in decode_simple_internal (
discarded_samples=<synthetic pointer>, frame=0x55555715d200,
avctx=0x55555715b380) at libavcodec/decode.c:285
#6 decode_simple_receive_frame (frame=<optimized out>, avctx=<optimized out>)
at libavcodec/decode.c:541
#7 decode_receive_frame_internal (avctx=avctx@entry=0x55555715b380,
frame=frame@entry=0x55555715d200) at libavcodec/decode.c:560
#8 0x0000555555bc89a3 in ff_decode_receive_frame (avctx=0x55555715b380,
frame=0x55555715d200) at libavcodec/decode.c:708
#9 0x0000555555710f63 in decode (avctx=0x55555715b380, frame=0x55555715d200,
got_frame=0x7fffffffdcb0, pkt=<optimized out>, ist=<optimized out>)
at fftools/ffmpeg.c:2093
#10 0x0000555555719260 in decode_audio (ist=0x55555715b1c0, pkt=0x0,
--Type <RET> for more, q to quit, c to continue without paging--
got_output=0x7fffffffdcb0, decode_failed=0x7fffffffdcb4)
at fftools/ffmpeg.c:2145
#11 0x000055555571b3bd in process_input_packet (no_eof=0, pkt=<optimized out>,
ist=0x55555715b1c0) at fftools/ffmpeg.c:2594
#12 process_input (file_index=<optimized out>) at fftools/ffmpeg.c:3853
#13 transcode_step () at fftools/ffmpeg.c:3988
#14 transcode () at fftools/ffmpeg.c:4035
#15 0x00005555556f098b in main (argc=5, argv=0x7fffffffdf88)
at fftools/ffmpeg.c:4173
==21379== Invalid write of size 4bitrate=N/A speed= 0x ==21379== at 0xC3DBE6: decode_2slp (wavarc.c:279) ==21379== by 0xC3DBE6: wavarc_decode (wavarc.c:380) ==21379== by 0x77BB09: decode_simple_internal (decode.c:285) ==21379== by 0x77BB09: decode_simple_receive_frame (decode.c:541) ==21379== by 0x77BB09: decode_receive_frame_internal (decode.c:560) ==21379== by 0x77C6CF: avcodec_send_packet (decode.c:635) ==21379== by 0x2C4F3B: decode.isra.0 (ffmpeg.c:2086) ==21379== by 0x2CD25F: decode_audio (ffmpeg.c:2145) ==21379== by 0x2CF3BC: process_input_packet (ffmpeg.c:2594) ==21379== by 0x2CF3BC: process_input (ffmpeg.c:3853) ==21379== by 0x2CF3BC: transcode_step (ffmpeg.c:3988) ==21379== by 0x2CF3BC: transcode (ffmpeg.c:4035) ==21379== by 0x2A498A: main (ffmpeg.c:4173) ==21379== Address 0x5c4a8b0 is 0 bytes after a block of size 6,320 alloc'd ==21379== at 0x483E0F0: memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x483E212: posix_memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x107D374: av_malloc (mem.c:105) ==21379== by 0x107D53D: av_mallocz (mem.c:266) ==21379== by 0x9C670C: init_context_defaults (options.c:133) ==21379== by 0x9C670C: avcodec_alloc_context3 (options.c:160) ==21379== by 0x2A55D3: add_input_streams (ffmpeg_demux.c:734) ==21379== by 0x2A9050: ifile_open (ffmpeg_demux.c:1077) ==21379== by 0x2BAB91: open_files.isra.0 (ffmpeg_opt.c:1244) ==21379== by 0x2BC02E: ffmpeg_parse_options (ffmpeg_opt.c:1283) ==21379== by 0x2A4949: main (ffmpeg.c:4156) ==21379== ==21379== Invalid write of size 4 ==21379== at 0xC3DBD0: decode_2slp (wavarc.c:280) ==21379== by 0xC3DBD0: wavarc_decode (wavarc.c:380) ==21379== by 0x77BB09: decode_simple_internal (decode.c:285) ==21379== by 0x77BB09: decode_simple_receive_frame (decode.c:541) ==21379== by 0x77BB09: decode_receive_frame_internal (decode.c:560) ==21379== by 0x77C6CF: avcodec_send_packet (decode.c:635) ==21379== by 0x2C4F3B: decode.isra.0 (ffmpeg.c:2086) ==21379== by 0x2CD25F: decode_audio (ffmpeg.c:2145) ==21379== by 0x2CF3BC: process_input_packet (ffmpeg.c:2594) ==21379== by 0x2CF3BC: process_input (ffmpeg.c:3853) ==21379== by 0x2CF3BC: transcode_step (ffmpeg.c:3988) ==21379== by 0x2CF3BC: transcode (ffmpeg.c:4035) ==21379== by 0x2A498A: main (ffmpeg.c:4173) ==21379== Address 0x5c4a8b4 is 4 bytes after a block of size 6,320 alloc'd ==21379== at 0x483E0F0: memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x483E212: posix_memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x107D374: av_malloc (mem.c:105) ==21379== by 0x107D53D: av_mallocz (mem.c:266) ==21379== by 0x9C670C: init_context_defaults (options.c:133) ==21379== by 0x9C670C: avcodec_alloc_context3 (options.c:160) ==21379== by 0x2A55D3: add_input_streams (ffmpeg_demux.c:734) ==21379== by 0x2A9050: ifile_open (ffmpeg_demux.c:1077) ==21379== by 0x2BAB91: open_files.isra.0 (ffmpeg_opt.c:1244) ==21379== by 0x2BC02E: ffmpeg_parse_options (ffmpeg_opt.c:1283) ==21379== by 0x2A4949: main (ffmpeg.c:4156) ==21379== ==21379== Invalid read of size 4 ==21379== at 0xC3DBAF: decode_2slp (wavarc.c:332) ==21379== by 0xC3DBAF: wavarc_decode (wavarc.c:380) ==21379== by 0x77BB09: decode_simple_internal (decode.c:285) ==21379== by 0x77BB09: decode_simple_receive_frame (decode.c:541) ==21379== by 0x77BB09: decode_receive_frame_internal (decode.c:560) ==21379== by 0x77C6CF: avcodec_send_packet (decode.c:635) ==21379== by 0x2C4F3B: decode.isra.0 (ffmpeg.c:2086) ==21379== by 0x2CD25F: decode_audio (ffmpeg.c:2145) ==21379== by 0x2CF3BC: process_input_packet (ffmpeg.c:2594) ==21379== by 0x2CF3BC: process_input (ffmpeg.c:3853) ==21379== by 0x2CF3BC: transcode_step (ffmpeg.c:3988) ==21379== by 0x2CF3BC: transcode (ffmpeg.c:4035) ==21379== by 0x2A498A: main (ffmpeg.c:4173) ==21379== Address 0x5c4a9f4 is 0 bytes after a block of size 116 alloc'd ==21379== at 0x483E0F0: memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x483E212: posix_memalign (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==21379== by 0x107D374: av_malloc (mem.c:105) ==21379== by 0x107D53D: av_mallocz (mem.c:266) ==21379== by 0x76D077: avcodec_parameters_to_context (codec_par.c:255) ==21379== by 0x2A55ED: add_input_streams (ffmpeg_demux.c:738) ==21379== by 0x2A9050: ifile_open (ffmpeg_demux.c:1077) ==21379== by 0x2BAB91: open_files.isra.0 (ffmpeg_opt.c:1244) ==21379== by 0x2BC02E: ffmpeg_parse_options (ffmpeg_opt.c:1283) ==21379== by 0x2A4949: main (ffmpeg.c:4156)
Attachments (1)
Change History (3)
by , 16 months ago
| Attachment: | 8_33_M_C3.WA added |
|---|
comment:1 by , 16 months ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:2 by , 16 months ago
I didn't use dosbox in this case.
I belive this file is valid. It decompresses correctly with wa32.exe to normal wav file.
the input wav data and the wa32.exe's decompressed wav data is identical:
ffmpeg -i file.wav -f u8 file.raw
Note:
See TracTickets
for help on using tickets.
Do not use dosbox to encode files, it produces invalid ones.