Opened 11 years ago

Closed 11 years ago

#1791 closed defect (fixed)

changing number of channels/sample rate midstream

Reported by: Elon Musk Owned by:
Priority: normal Component: avfilter
Version: git-master Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Midstream changing number of channels or sample rate causes SEGV.

Should be reproducible with any container/codec that support midstream change of such parameters.

> ./ffmpeg_g -err_detect 0 -i /tmp/crash2.tak -f null -
ffmpeg version git-2012-10-07-9fc53f2 Copyright (c) 2000-2012 the FFmpeg developers
  built on Oct  7 2012 18:00:27 with FreeBSD clang version 3.1 (branches/release_31 156863) 20120523
  configuration: --disable-everything --cc=clang --enable-decoder='dca,tak,ape,flac,pcm_s16le,pcm_s16be,pcm_s8,pcm_u8,pcm_s24le,pcm_s24be,pcm_s32le,pcm_s32be,pcm_f32le,pcm_f32be,pcm_f64le,pcm_f64be' --enable-enco
der='flac,pcm_s16le,pcm_s16be,pcm_s8,pcm_u8,pcm_s24le,pcm_s24be,pcm_s32le,pcm_s32be,pcm_f64le,pcm_f64be' --enable-protocol='file,pipe' --enable-demuxer='dts,dtshd,tak,wav,flac,ape' --enable-muxer='wav,flac,null,framemd5,md5,crc,framecrc' --enable-filter='aresample,anull,abuffer,aconvert,afifo,aformat,ashowinfo,anullsink,abuffersink,asetnsamples' --enable-bzlib --enable-zlib
  libavutil      51. 73.102 / 51. 73.102
  libavcodec     54. 65.100 / 54. 65.100
  libavformat    54. 30.100 / 54. 30.100
  libavdevice    54.  3.100 / 54.  3.100
  libavfilter     3. 19.102 /  3. 19.102
  libswscale      2.  1.101 /  2.  1.101
  libswresample   0. 16.100 /  0. 16.100
[tak @ 0x28819100] max_analyze_duration 5000000 reached at 5000000
Guessed Channel Layout for  Input Stream #0.0 : 4.0
Input #0, tak, from '/tmp/crash2.tak':
  Duration: 00:01:00.48, start: 0.000000, bitrate: 861 kb/s
    Stream #0:0: Audio: tak, 44100 Hz, 4.0, s16p
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf54.30.100
    Stream #0:0: Audio: pcm_s16le, 44100 Hz, 4.0, s16, 2822 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (tak -> pcm_s16le)
Press [q] to stop, [?] for help
Error while decoding stream #0:0: Invalid data found when processing input
    Last message repeated 36 times
Input stream #0:0 frame changed from rate:44100 fmt:s16p ch:4 chl:4.0 to rate:44100 fmt:s16p ch:2 chl:2 channels (FL+FR+FC+BC)
Segmentation fault (core dumped)
> gdb ffmpeg_g ffmpeg_g.core 
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `ffmpeg_g'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libm.so.5...done.
Loaded symbols for /lib/libm.so.5
Reading symbols from /lib/libz.so.6...done.
Loaded symbols for /lib/libz.so.6
Reading symbols from /lib/libthr.so.3...done.
Loaded symbols for /lib/libthr.so.3
Reading symbols from /lib/libc.so.7...done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x28370dae in memcpy () from /lib/libc.so.7
[New Thread 28803080 (LWP 100173/ffmpeg_g)]
(gdb) bt
#0  0x28370dae in memcpy () from /lib/libc.so.7
#1  0x081a1064 in av_samples_copy (dst=dwarf expression stack underflow
) at libavutil/samplefmt.c:217
#2  0x0806520a in ff_copy_buffer_ref (outlink=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at libavfilter/buffer.c:226
#3  0x08065802 in av_buffersrc_add_ref (s=dwarf2_read_address: Corrupted DWARF expression.
) at libavfilter/buffersrc.c:133
#4  0x080656ac in av_buffersrc_add_frame (buffer_src=dwarf2_read_address: Corrupted DWARF expression.
) at libavfilter/buffersrc.c:91
#5  0x0805b26f in output_packet (ist=Unhandled dwarf expression opcode 0xed
) at ffmpeg.c:1544
#6  0x08057252 in transcode () at ffmpeg.c:2839
#7  0x0805337c in main (argc=dwarf2_read_address: Corrupted DWARF expression.
) at ffmpeg.c:3171
(gdb) 

Attachments (1)

crash.tak (986.7 KB ) - added by Elon Musk 11 years ago.

Download all attachments as: .zip

Change History (4)

comment:1 by Carl Eugen Hoyos, 11 years ago

Channel number changes work fine with the samples from ticket #200 and a random ac-3 sample here.

I am not sure if I ever tested a stream with sample rate change.

by Elon Musk, 11 years ago

Attachment: crash.tak added

comment:2 by Elon Musk, 11 years ago

This sample is different because it changes number of channels from 4 to 2 but channel layout remains same.

comment:3 by Elon Musk, 11 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.