[MPlayer-users] ogm with ac3 segfault

Kresimir Kukulj madmax at iskon.hr
Sat Jan 4 02:35:58 CET 2003 

I have a reproducible crash playing divx+ac3 in ogm container (produced with
ogmtools). I'm not very familiar with mplayer source but I will try to make
an educated guess at what is wrong.

In libmpcodecs/ad_liba52.c, a52_fillbuff() at line 47 there is this code
snippet:
    while(sh_audio->a_in_buffer_len<7){
        int c=demux_getc(sh_audio->ds);
        if(c<0) return -1; /* EOF*/
        sh_audio->a_in_buffer[sh_audio->a_in_buffer_len++]=c;
    }

It takes 7 bytes from sh_audio->ds->buffer with demux_getc macro in a loop.
For some reason, at the end of playback (only at the very end),
sh_audio->ds->buffer is NULL, so when macro tries to dereference
ds->buffer[ds->buffer_pos++], it crashes.
But, I could be wrong.

I'm not sure how ogmtools creates files. Specifically, maybe last ac3 frame
is broken if a movie is encoded at chapter boundary?

If someone wants to dig into this but is missing a sample, I have uploaded a
short (~1Mb) clip that will trigger this bug.
It is in incoming - 'divx-ac3-sig11.ogm'.

[ftp://mplayerhq.hu/MPlayer/incoming/ is readable, is that intentional?]

Info:
Debian: potato-woody mix
Kernel: 2.4.19
Libc: 2.3.1-3
X Window System: 4.1.0-14
gcc: 2.95.4-14
ld: 2.11.90.0.7
as: 2.11.90.0.7

Video card: NVidia GeForce4 MX440
Video driver: NVidia 1.0-3123
Sound card: SB Live Player 5.1, ALSA 0.9.0rc6-3

-- 
Kresimir Kukulj                      madmax at iskon.hr
+--------------------------------------------------+
Old PC's never die. They just become Unix terminals.
-------------- next part --------------
(gdb) r -v ~/dvd/mplayer/divx-ac3-sig11.ogm   
Starting program: /home/madmax/dvd/mplayer/main/./mplayer -v ~/dvd/mplayer/divx-ac3-sig11.ogm
[New Thread 16384 (LWP 14156)]
Using GNU internationalization
Original domain: messages
Original dirname: /usr/share/locale
Current domain: mplayer
Current dirname: /usr/share/locale


MPlayer CVS-030103-20:51-2.95.4 (C) 2000-2002 Arpad Gereoffy (see DOCS)

CPU: Advanced Micro Devices Duron MG Morgan (Family: 6, Stepping: 0)
CPUflags:  MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 0
Compiled with Runtime CPU Detection - WARNING - this is not optimal!
To get best performance, recompile MPlayer with --disable-runtime-cpudetection
Reading config file /etc/mplayer/mplayer.conf
Reading config file /home/madmax/.mplayer/config
Reading /home/madmax/.mplayer/codecs.conf: can't open '/home/madmax/.mplayer/codecs.conf': No such file or directoryReading /etc/mplayer/codecs.conf: 49 audio & 126 video codecs
CommandLine: '-v' '/home/madmax/dvd/mplayer/divx-ac3-sig11.ogm'
get_path('font/font.desc') -> '/home/madmax/.mplayer/font/font.desc'
Font /home/madmax/.mplayer/font/font.desc loaded successfully! (206 chars)
Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay
Failed to open /dev/rtc: Device or resource busy (mplayer should be setuid root or /dev/rtc should be readable by the user.)
Using usleep() timing
get_path('input.conf') -> '/home/madmax/.mplayer/input.conf'
Parsing input config file /home/madmax/.mplayer/input.conf
Input config file /home/madmax/.mplayer/input.conf parsed : 51 binds
Setting up LIRC support...
get_path('menu.conf') -> '/home/madmax/.mplayer/menu.conf'
Menu inited: /home/madmax/.mplayer/menu.conf
get_path('divx-ac3-sig11.ogm.conf') -> '/home/madmax/.mplayer/divx-ac3-sig11.ogm.conf'

Playing /home/madmax/dvd/mplayer/divx-ac3-sig11.ogm
Not an URL!
File size is 1165983 bytes
CACHE_PRE_INIT: 0 [0] 0  pre:0  eof:0  
Cache fill: 13.90% (1165983 bytes)    Checking for YUV4MPEG2
DEMUXER: freeing demuxer at 0x846b590  
ASF_check: not ASF guid!
DEMUXER: freeing demuxer at 0x846b590  
Checking for NuppelVideo
DEMUXER: freeing demuxer at 0x846b590  
Checking for MOV
DEMUXER: freeing demuxer at 0x846b590  
Checking for VIVO
header block 1 size: 103
DEMUXER: freeing demuxer at 0x846b590  
Checking for REAL
DEMUXER: freeing demuxer at 0x846b590  
DEMUXER: freeing demuxer at 0x846b590  
DEMUXER: freeing demuxer at 0x846b590  
DEMUXER: freeing demuxer at 0x846b590  
DEMUXER: freeing demuxer at 0x846b590  
Checking for SMJPEG
DEMUXER: freeing demuxer at 0x846b590  
SUB: opened iconv descriptor.
==> Found video stream: 0
OGG stream 0 is video (new hdr)
======= VIDEO Format ======
  biSize 40
  biWidth 720
  biHeight 304
  biPlanes 1
  biBitCount 24
  biCompression 1482049860='DIVX'
  biSizeImage 656640
===========================
==> Found audio stream: 1
OGG stream 1 is audio (new hdr)
======= WAVE Format =======
Format Tag: 8192 (0x2000)
Channels: 6
Samplerate: 48000
avg byte/sec: 48000
Block align: 1536
bits/sample: 2
cbSize: 4
Unknown extra header dump: [0] [0] [0] [0] 
OGG demuxer : found 1 audio stream, 1 video stream and 0 text stream
OGG file format detected.
[V] filefmt:18  fourcc:0x58564944  size:720x304  fps:25.00  ftime:=0.0400
get_path('sub/') -> '/home/madmax/.mplayer/sub/'
==========================================================================
Opening audio decoder: [liba52] AC3 decoding with liba52
dec_audio: Allocating 3840 bytes for input buffer
dec_audio: Allocating 6144 + 65536 = 71680 bytes for output buffer
Using SSE optimized IMDCT transform
AC3: 5.1 (3f+2r+lfe)  48000 Hz  384.0 kbit/s
A52 flags before a52_frame: 0x2A
A52 flags after a52_frame: 0xA
Using MMX optimized resampler
AUDIO: 48000 Hz, 2 ch, 16 bit (0x10), ratio: 48000->192000 (384.0 kbit)
Selected audio codec: [a52] afm:liba52 (AC3-liba52)
==========================================================================
X11 opening display: :0
vo: X11 color mask:  FFFFFF  (R:FF0000 G:FF00 B:FF)
vo: X11 running at 1152x864 with depth 24 and 32 bpp (":0" => local display)
[x11] Detected wm supports layers.
==========================================================================
Opening video decoder: [ffmpeg] FFmpeg's libavcodec codec family
INFO: libavcodec init OK!
Selected video codec: [ffodivx] vfm:ffmpeg (FFmpeg MPEG-4)
==========================================================================
ao2: 48000 Hz  2 chans  Signed 16-bit (Little-Endian)
audio_setup: using '/dev/dsp' dsp device
audio_setup: sample format: Signed 16-bit (Little-Endian) (requested: Signed 16-bit (Little-Endian))
audio_setup: using 2 channels (requested: 2)
audio_setup: using 48000 Hz samplerate (requested: 48000)
audio_setup: frags:   8/8  (16384 bytes/frag)  free: 131072
AO: [oss] 48000Hz 2ch Signed 16-bit (Little-Endian)
AO: Description: OSS/ioctl audio output
AO: Author: A'rpi
Building audio filter chain for 48000Hz/2ch/16bit -> 48000Hz/2ch/16bit...
[libaf] Adding filter dummy 
[dummy] Was reinitialized, rate=48000Hz, nch = 2, format = 0x00000001 and bps = 2
[dummy] Was reinitialized, rate=48000Hz, nch = 2, format = 0x00000001 and bps = 2
Start playing...
This file was encoded with libavcodec build 4646
[ffmpeg] aspect_ratio: 2.368421
VDec: vo config request - 720 x 304 (preferred csp: Planar YV12)
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is 2.37:1 - prescaling to correct movie aspect.
VO Config (720x304->720x304,flags=1,'MPlayer',0x32315659)
REQ: flags=0x437  req=0x0  
VO: [xv] 720x304 => 720x304 Planar YV12  [fs]
VO: Description: X11/Xv
VO: Author: Gerd Knorr <kraxel at goldbach.in-berlin.de> and others
Xvideo image format: 0x32595559 (YUY2) packed
Xvideo image format: 0x32315659 (YV12) planar
Xvideo image format: 0x59565955 (UYVY) packed
Xvideo image format: 0x30323449 (I420) planar
[x11] Detected wm supports layers.
[x11] Layered style stay on top ( layer 10 ).
using Xvideo port 77 for hw scaling
[xv-fs] dx: 0 dy: 189 dw: 1152 dh: 486
[xv] dx: 0 dy: 189 dw: 1152 dh: 486
*** [menu] Allocating mp_image_t, 720x304x12bpp YUV planar, 328320 bytes
*** [vo] Exporting mp_image_t, 720x304x12bpp YUV planar, 328320 bytes
[xv] dx: 0 dy: 0 dw: 1152 dh: 864
[xv-fs] dx: 0 dy: 189 dw: 1152 dh: 486
*** [menu] Allocating mp_image_t, 720x304x12bpp YUV planar, 328320 bytes
[x11] Detected wm supports layers. 0.055   84/ 84  10%  6%  2.1% 1 0 7%%
[x11] Layered style stay on top ( layer 4 ).
[xv] dx: 0 dy: 0 dw: 720 dh: 304
A:   4.9 V:   4.9 A-V: -0.006 ct: -0.037  122/122  11%  6%  2.2% 1 0 0%
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 14156)]
0x080d274b in a52_fillbuff (sh_audio=0x848a5e8) at ad_liba52.c:47
47		int c=demux_getc(sh_audio->ds);
(gdb) 
(gdb) bt
#0  0x080d274b in a52_fillbuff (sh_audio=0x848a5e8) at ad_liba52.c:47
#1  0x080d2bd0 in decode_audio (sh_audio=0x848a5e8, buf=0x849a240 "\"", minlen=14336, maxlen=69632)
    at ad_liba52.c:178
#2  0x080d2554 in decode_audio (sh_audio=0x848a5e8, buf=0x41d32008 "??\a", minlen=16384, maxlen=131072)
    at dec_audio.c:361
#3  0x0807510e in main (argc=3, argv=0xbffff7b4) at mplayer.c:1672
#4  0x40e919d3 in __libc_start_main () from /lib/libc.so.6
(gdb) p *sh_audio->ds
$1 = {buffer_pos = 0, buffer_size = 0, buffer = 0x0, pts = 5.47200012, pts_bytes = 0, eof = 0, pos = 0, 
  dpos = 262656, pack_no = 172, flags = 0, packs = 0, bytes = 0, first = 0x0, last = 0x0, current = 0x848a478, 
  id = 1, demuxer = 0x846bdf8, asf_packet = 0x0, asf_seq = -1, ss_mul = 0, ss_div = 0, sh = 0x848a5e8}

More information about the MPlayer-users mailing list