#756184 libavifile-0.7c2: Crashes when decoding WMA files

Package:
libavifile-0.7c2
Source:
avifile
Description:
shared libraries for AVI read/writing
Submitter:
Yavor Doganov
Date:
2024-09-24 09:03:01 UTC
Severity:
important
#756184#5
Date:
2014-07-27 08:35:57 UTC
From:
To:
Cynthiune crashes when attempting to play a WMA file (or adding such
file to the playlist).  This worked perfectly well with previous avifile
releases (at least with the sample files available at
http://samples.mplayerhq.hu/A-codecs/WMA/).

Here's the backtrace:

<init> : Avifile RELEASE-0.7.48-140727-11:14-../src/configure
<init> : Available CPU flags: fpu vme de pse tsc msr pae mce cx8 apic
sep mtrr pge mca cmov pat pse36 mmx fxsr sse syscall mmxext 3dnowext
3dnow
<init> : 1300.00 MHz AMD Duron(tm) processor detected
<reader> : Checking: /home/yavor/Bangles 01 - Walk Like An
Egyptian.wma
<ASF reader> : Stream-MaxBitrate: 1-80648
<ASF reader> : MainHeader: 86C8FDED-AC3C-45DB-9617-F3D3F29BABE4
 Created: Tue Aug  7 22:59:02 2001   File size=2067906   Packets=552
 Total time=207.6 sec   Play time=205.1 sec   Preroll=2.6 sec
 Flags=0x2  Packet size=3745  (=3745)  MaxBandwidth=80648 bps
<ASF reader> : header contains "header extension" (22b)
<ASF reader> : StreamHeader: audio media   Error correction: audio
spread
 Time offset=0  Stream size=28  Error size=8  Stream=1
 Reserved=0xa2ec40
<ASF reader> : VersionInfo: WMFSDKVersion
<ASF reader> : VersionInfo: 7.01.00.3055
<ASF reader> : Codec Type: Audio
<ASF reader> : Codec Name: Windows Media Audio V8
<ASF reader> : Codec Description:  80 kbps, 44 kHz, stereo
<ASF reader> : Creating seek data, please wait...
<ASF file reader> : incorrect packet (552) at: 2067906 byte
<ASF reader> : Seek data created ( processed 552 packets )
<ASF reader> : Interleave info: blocksize=1  packetlen=3716
chunklen=3716
<reader> : Initialized audio stream (chunk tblsz: 552, fmtsz: 28)
<LDT keeper> : Installed fs segment: 0xb3f8c000
<codec keeper> : Found 8 plugins
(/usr/lib/i386-linux-gnu/avifile-0.7,A:44,V:93)
<Win32 plugin> : Win32 LoadLibrary failed to load: divxa32.acm,
/usr/lib/win32/divxa32.acm, /usr/local/lib/win32/divxa32.acm
<Win32 plugin> : Can't open library divxa32.acm
<codec keeper> : win32 inappropriate audio format
DELETE VIDEO 0
<Win32 plugin> : Win32 LoadLibrary failed to load: wmadmod.dll,
/usr/lib/win32/wmadmod.dll, /usr/local/lib/win32/wmadmod.dll
IMediaObject ERROR: 0xb0e79528  could not open DMO DLL (0x0 : 0)
<codec keeper> : win32 can't open DMO_Filter
DELETE VIDEO 0
<Win32 plugin> : Win32 LoadLibrary failed to load: wma9dmod.dll,
/usr/lib/win32/wma9dmod.dll, /usr/local/lib/win32/wma9dmod.dll
IMediaObject ERROR: 0xb0e79528  could not open DMO DLL (0x0 : 0)
<codec keeper> : win32 can't open DMO_Filter
DELETE VIDEO 0
<FFMPEG video decoder> : looking for wmav2  161
<codec keeper> : FF WMA v2 audio decoder created
[New Thread 0xb0e50b40 (LWP 16165)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb0e50b40 (LWP 16165)]
ff_audio_data_free (a=a@entry=0x2d656cfd) at /build/libav-Qga7n_/libav-10.2/libavresample/audio_data.c:210
210	/build/libav-Qga7n_/libav-10.2/libavresample/audio_data.c: Няма такъв файл или директория.
#0  ff_audio_data_free (a=a@entry=0x2d656cfd) at /build/libav-Qga7n_/libav-10.2/libavresample/audio_data.c:210
#1  0xb0e5f531 in avresample_close (avr=0x2d656c69) at /build/libav-Qga7n_/libav-10.2/libavresample/utils.c:259
#2  avresample_free (avr=0x88df454) at /build/libav-Qga7n_/libav-10.2/libavresample/utils.c:277
#3  0xb0e89405 in avm::FFAudioDecoder::Convert (this=0x88df438, in_data=0xe84, in_size=3716, out_data=0xb0500558, out_size=8192, size_read=0xb0e500b4, size_written=0xb0e500b0) at FFAudioDecoder.cpp:78
#4  0xb2fbd9d5 in avm::ReadStreamA::ReadFrames (this=0x931a768, buffer=0xb0500558, bufsize=8192, samples=8192, samples_read=@0xb0e50138: 0, bytes_read=@0xb0e5013c: 0) at aviread/ReadStreamA.cpp:535
#5  0xb318d0a5 in WMStreamReadFrames (stream=0x931a768, buffer=0xb0500558, bufferSize=8192, samples=8192, samplesRead=0xb0e50174, bytesRead=0xb0e50170) at CWMFile.cpp:165
#6  0xb318cacb in -[WindowsMedia readNextChunk:withSize:] (self=0x948b3a8, _cmd=0x807e7a8 <_OBJC_SELECTOR_TABLE+104>, buffer=0x93cb698 "", bufferSize=8192) at WindowsMedia.m:140
#7  0x08057343 in -[Player readNextChunk:withSize:] (self=0x89eee48, _cmd=0xb0fae178 <_OBJC_SELECTOR_TABLE+888>, buffer=0x93cb698 "", bufferSize=8192) at Player.m:253
#8  0xb0faaf06 in -[ALSA threadLoop] (self=0x93cb678, _cmd=0xb0fae198 <_OBJC_SELECTOR_TABLE+920>) at ALSA.m:187
#9  0xb764821a in -[NSObject performSelector:withObject:] (self=0x93cb678, _cmd=0xb79ab4e0 <_OBJC_SELECTOR_TABLE+224>, aSelector=0xb0fae198 <_OBJC_SELECTOR_TABLE+920>, anObject=0x0) at NSObject.m:2034
#10 0xb76ab645 in -[NSThread main] (self=0x95b8a88, _cmd=0xb79ab4e8 <_OBJC_SELECTOR_TABLE+232>) at NSThread.m:743
#11 0xb76abb81 in nsthreadLauncher (thread=0x95b8a88) at NSThread.m:809
#12 0xb7434efb in start_thread (arg=0xb0e50b40) at pthread_create.c:309
#13 0xb736d0ee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:129

At first glance it looks like libav10.patch is not entirely correct
and/or complete.

#756184#12
Date:
2024-09-24 09:00:30 UTC
From:
To:
That is still the case but the backtrace is different.

Here's an updated backtrace with the current (1:0.7.48~20090503.ds-29)
version, this time on amd64:

Program received signal SIGSEGV, Segmentation fault.
av_frame_unref (frame=0x6d66662c6e696265) at src/libavutil/frame.c:576
warning: 576	src/libavutil/frame.c: Няма такъв файл или директория
(gdb) bt
#0  av_frame_unref (frame=0x6d66662c6e696265) at src/libavutil/frame.c:576
#1  0x00007fffeb83777e in av_frame_free (frame=0x55555661b160) at src/libavutil/frame.c:135
#2  0x00007fffef36fbbb in avm::FFAudioDecoder::~FFAudioDecoder (this=0x55555661b130, __in_chrg=<optimized out>) at ./plugins/libffmpeg/FFAudioDecoder.cpp:21
#3  avm::FFAudioDecoder::~FFAudioDecoder (this=0x55555661b130, __in_chrg=<optimized out>) at ./plugins/libffmpeg/FFAudioDecoder.cpp:22
#4  0x00007fffeeb3777a in avm::FreeDecoderAudio (decoder=0x55555661b130) at ./lib/codeckeeper.cpp:770
#5  0x00007fffeeb62d16 in avm::ReadStreamA::StopStreaming (this=0x555556608230) at aviread/ReadStreamA.cpp:661
#6  0x00007fffeec0c7f1 in -[WindowsMedia streamClose] (self=0x5555566058c0, _cmd=<optimized out>) at ./Bundles/WindowsMedia/WindowsMedia.m:181
#7  0x00005555555900a7 in -[Song _readInfos] (self=0x55555632b820, _cmd=<optimized out>) at ./Song.m:248
#8  0x000055555558e6a0 in -[Song encodeWithCoder:] (self=0x55555632b820, _cmd=<optimized out>, encoder=0x5555561fe7d0) at ./Song.m:500
#9  0x00007ffff72bdcd2 in -[NSKeyedArchiver(Private) _encodeObject:conditional:] (self=0x5555561fe7d0, _cmd=<optimized out>, anObject=<optimized out>, conditional=<optimized out>) at ./Source/NSKeyedArchiver.m:344
#10 0x00007ffff72b9a2e in -[NSKeyedArchiver(Internal) _encodeArrayOfObjects:forKey:] (self=0x5555561fe7d0, _cmd=<optimized out>, anArray=0x555556650900, aKey=0x7ffff75a0ad0 <_OBJC_INSTANCE_3.36>) at ./Source/NSKeyedArchiver.m:155
#11 0x00007ffff71bd318 in -[GSArray encodeWithCoder:] (self=0x555556650900, _cmd=<optimized out>, aCoder=0x5555561fe7d0) at ./Source/GSArray.m:181
#12 0x00007ffff72bdcd2 in -[NSKeyedArchiver(Private) _encodeObject:conditional:] (self=0x5555561fe7d0, _cmd=<optimized out>, anObject=<optimized out>, conditional=<optimized out>) at ./Source/NSKeyedArchiver.m:344
#13 0x00007ffff72bb504 in -[NSKeyedArchiver encodeObject:forKey:] (self=0x5555561fe7d0, _cmd=0x7ffff75e2e70 <_OBJC_SELECTOR_TABLE+592>, anObject=<optimized out>, aKey=0x7ffff75e3d20 <_OBJC_INSTANCE_9.16>) at ./Source/NSKeyedArchiver.m:674
#14 0x00007ffff72bbb1e in +[NSKeyedArchiver archivedDataWithRootObject:requiringSecureCoding:error:] (self=<optimized out>, _cmd=<optimized out>, anObject=0x555556650900, requiresSecureCoding=<optimized out>, error=0x0) at ./Source/NSKeyedArchiver.m:441
#15 0x00007ffff72b9412 in +[NSKeyedArchiver archiveRootObject:toFile:] (self=0x7ffff75e3200 <_OBJC_Class_NSKeyedArchiver>, _cmd=<optimized out>, anObject=<optimized out>, aPath=0x555556642230) at ./Source/NSKeyedArchiver.m:476
#16 0x000055555558716c in -[PlaylistController playlistChanged:] (self=0x55555664cef0, _cmd=<optimized out>, aNotification=0x555556304f00) at ./PlaylistController.m:1083
#17 0x00007ffff72df5c9 in -[NSNotificationCenter _postAndRelease:] (self=0x5555557ba8b0, _cmd=<optimized out>, notification=0x555556304f00) at ./Source/NSNotificationCenter.m:1221
#18 0x0000555555585c89 in -[PlaylistController _oPanelDidEnd:returnCode:contextInfo:] (self=0x55555664cef0, _cmd=<optimized out>, oPanel=0x55555595b400, result=<optimized out>, contextInfo=<optimized out>) at ./PlaylistController.m:546
#19 0x00007ffff7a7a052 in -[NSApplication sendAction:to:from:] (self=<optimized out>, _cmd=<optimized out>, aSelector=0x5555555abeb0 <_OBJC_SELECTOR_TABLE+368>, aTarget=<optimized out>, sender=0x5555557397a0) at ./Source/NSApplication.m:2276
#20 0x00007ffff7ab8add in -[NSCell trackMouse:inRect:ofView:untilMouseUp:] (self=self@entry=0x5555573430d0, _cmd=_cmd@entry=0x7ffff7de74b0 <_OBJC_SELECTOR_TABLE+1712>, theEvent=<optimized out>, theEvent@entry=0x555557696c40, cellFrame=..., controlView=controlView@entry=0x5555573d3300, flag=0 '\000') at ./Source/NSCell.m:1807
#21 0x00007ffff7ae20db in -[NSControl mouseDown:] (self=0x5555573d3300, _cmd=<optimized out>, theEvent=<optimized out>) at ./Source/NSControl.m:931
#22 0x00007ffff7c017b0 in -[GSToolbarButton mouseDown:] (self=0x5555573d3300, _cmd=<optimized out>, event=0x555557696c40) at ./Source/NSToolbarItem.m:304
#23 0x00007ffff7c2c7f6 in -[NSWindow sendEvent:] (self=0x555555ce6a40, _cmd=<optimized out>, theEvent=0x555557696c40) at ./Source/NSWindow.m:4158
#24 0x00007ffff7a807be in -[NSApplication run] (self=0x5555558dec20, _cmd=<optimized out>) at ./Source/NSApplication.m:1588
#25 0x00007ffff7a6005d in NSApplicationMain (argc=<optimized out>, argv=<optimized out>) at ./Source/Functions.m:119
#26 0x00007ffff6e3edba in __libc_start_call_main (main=main@entry=0x5555555772f0 <main>, argc=argc@entry=1, argv=argv@entry=0x7fffffffe878) at ../sysdeps/nptl/libc_start_call_main.h:58
#27 0x00007ffff6e3ee75 in __libc_start_main_impl (main=0x5555555772f0 <main>, argc=1, argv=0x7fffffffe878, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe868) at ../csu/libc-start.c:360
#28 0x00005555555774d1 in _start ()