Bug#910451: Bug #910451: bs1770gain segfaults on MP3 files
Dear Maintainer,
I tried to have a look at this crash.
But just found out that valgrind shows reproducible
the following invalid read to already freed memory:
==14641== Invalid read of size 4
==14641== at 0x4EC1424: av_packet_copy_props (avpacket.c:578)
==14641== by 0x4EC1BB2: av_packet_ref (avpacket.c:605)
==14641== by 0x4F499F9: avcodec_send_packet (decode.c:662)
==14641== by 0x4F49EE2: compat_decode (decode.c:769)
==14641== by 0x1118B2: frame_reader_run (ffsox_frame_reader.c:277)
==14641== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14641== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14641== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14641== by 0x4871932: drain_effect (effects.c:352)
==14641== by 0x4871932: sox_flow_effects (effects.c:445)
==14641== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641== Address 0x11fc6eb8 is 8 bytes inside a block of size 16 free'd
==14641== at 0x48369EB: free (vg_replace_malloc.c:530)
==14641== by 0x4EC0A78: av_packet_free_side_data (avpacket.c:275)
==14641== by 0x4EC149C: av_packet_unref (avpacket.c:594)
==14641== by 0x1126B3: source_run (ffsox_source.c:173)
==14641== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14641== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14641== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14641== by 0x4871932: drain_effect (effects.c:352)
==14641== by 0x4871932: sox_flow_effects (effects.c:445)
==14641== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641== Block was alloc'd at
==14641== at 0x48356EF: malloc (vg_replace_malloc.c:298)
==14641== by 0x4837A34: realloc (vg_replace_malloc.c:785)
==14641== by 0x4EC0BA2: av_packet_add_side_data (avpacket.c:315)
==14641== by 0x4EC0C6C: av_packet_new_side_data (avpacket.c:341)
==14641== by 0x4C76E25: read_frame_internal (utils.c:1714)
==14641== by 0x4C7853A: avformat_find_stream_info (utils.c:3767)
==14641== by 0x112901: ffsox_source_create (ffsox_source.c:43)
==14641== by 0x110559: ffsox_analyze (ffsox_analyze.c:58)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641==
==14641== (action on error) vgdb me ...
Stepped over av_packet_unref(pkt) in "source_run (ffsox_source.c:173)"
and the side_data pointer in that pkt got set to 0.
Therefore it looks like there is once made a copy of pkt/avpkt/src,
in which the pointer to the side_data is still alive after it got freed.
Kind regards,
Bernhard
# from Initial bug report
(gdb) bt
#0 0x00005555555d08b0 in ()
#1 0x00007ffff7da900e in av_buffer_unref () at /usr/lib/x86_64-linux-gnu/libavutil.so.56
#2 0x00007ffff6a0d4c5 in av_packet_unref (pkt=pkt@entry=0x5555555b6300) at src/libavcodec/avpacket.c:595
#3 0x00007ffff6a930f8 in decode_simple_internal (frame=0x5555555b6480, avctx=0x5555555b4640) at src/libavcodec/decode.c:377
#4 0x00007ffff6a930f8 in decode_simple_receive_frame (frame=<optimized out>, avctx=<optimized out>) at src/libavcodec/decode.c:594
#5 0x00007ffff6a930f8 in decode_receive_frame_internal (avctx=avctx@entry=0x5555555b4640, frame=frame@entry=0x5555555b6480) at src/libavcodec/decode.c:612
#6 0x00007ffff6a95bbb in avcodec_receive_frame (avctx=0x5555555b4640, frame=0x5555555b6480) at src/libavcodec/decode.c:726
#7 0x00007ffff6a95e7b in compat_decode (avctx=avctx@entry=0x5555555b4640, frame=frame@entry=0x5555555b6480, got_frame=got_frame@entry=0x7fffffffd964, pkt=pkt@entry=0x5555555b39a0) at src/libavcodec/decode.c:782
#8 0x00007ffff6a9624d in avcodec_decode_audio4 (avctx=avctx@entry=0x5555555b4640, frame=frame@entry=0x5555555b6480, got_frame_ptr=got_frame_ptr@entry=0x7fffffffd964, avpkt=avpkt@entry=0x5555555b39a0) at src/libavcodec/decode.c:838
#9 0x000055555555d5e2 in frame_reader_run (n=0x5555555b3960) at ffsox_frame_reader.c:172
#10 0x000055555555db0c in ffsox_machine_run (m=m@entry=0x7fffffffd9d0, node=<optimized out>, node@entry=0x555555592410) at ffsox_machine.c:30
#11 0x000055555555f4be in ffsox_sox_reader_read (sa=sa@entry=0x555555592410, buf=<optimized out>, len=<optimized out>) at ffsox_sox_reader.c:117
#12 0x000055555555f5a2 in drain (e=<optimized out>, obuf=<optimized out>, osamp=0x7fffffffdac8) at ffsox_sox_read_handler.c:56
#13 0x00007ffff63bd933 in drain_effect (n=0, chain=0x55555558f3e0) at effects.c:352
#14 0x00007ffff63bd933 in sox_flow_effects (chain=chain@entry=0x55555558f3e0, callback=callback@entry=0x0, client_data=client_data@entry=0x0) at effects.c:445
#15 0x000055555555c704 in ffsox_analyze (ac=ac@entry=0x7fffffffdde0, ai=<optimized out>, vi=<optimized out>) at ffsox_analyze.c:159
#16 0x000055555555a6ae in bs1770gain_tree_analyze (tree=<optimized out>, odirname=0x0, options=0x7fffffffdef0) at bs1770gain_tree.c:141
#17 0x000055555555808a in main (argc=<optimized out>, argv=0x7fffffffe118) at bs1770gain.c:970
apt install dpkg-dev devscripts systemd-coredump gdb valgrind sox ffmpeg bs1770gain bs1770gain-dbgsym libsox3-dbgsym libavcodec58-dbgsym libavformat58-dbgsym
mkdir bs1770gain/orig -p
cd bs1770gain/orig
apt source bs1770gain
cd ../..
mkdir ffmpeg/orig -p
cd ffmpeg/orig
apt source ffmpeg
cd ../..
-------------------
valgrind --vgdb=yes --vgdb-error=0 /usr/bin/bs1770gain sine.mp3
gdb -q /usr/bin/bs1770gain
==14641== Invalid read of size 4
==14641== at 0x4EC1424: av_packet_copy_props (avpacket.c:578)
==14641== by 0x4EC1BB2: av_packet_ref (avpacket.c:605)
==14641== by 0x4F499F9: avcodec_send_packet (decode.c:662)
==14641== by 0x4F49EE2: compat_decode (decode.c:769)
==14641== by 0x1118B2: frame_reader_run (ffsox_frame_reader.c:277)
==14641== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14641== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14641== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14641== by 0x4871932: drain_effect (effects.c:352)
==14641== by 0x4871932: sox_flow_effects (effects.c:445)
==14641== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641== Address 0x11fc6eb8 is 8 bytes inside a block of size 16 free'd
==14641== at 0x48369EB: free (vg_replace_malloc.c:530)
==14641== by 0x4EC0A78: av_packet_free_side_data (avpacket.c:275)
==14641== by 0x4EC149C: av_packet_unref (avpacket.c:594)
==14641== by 0x1126B3: source_run (ffsox_source.c:173)
==14641== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14641== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14641== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14641== by 0x4871932: drain_effect (effects.c:352)
==14641== by 0x4871932: sox_flow_effects (effects.c:445)
==14641== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641== Block was alloc'd at
==14641== at 0x48356EF: malloc (vg_replace_malloc.c:298)
==14641== by 0x4837A34: realloc (vg_replace_malloc.c:785)
==14641== by 0x4EC0BA2: av_packet_add_side_data (avpacket.c:315)
==14641== by 0x4EC0C6C: av_packet_new_side_data (avpacket.c:341)
==14641== by 0x4C76E25: read_frame_internal (utils.c:1714)
==14641== by 0x4C7853A: avformat_find_stream_info (utils.c:3767)
==14641== by 0x112901: ffsox_source_create (ffsox_source.c:43)
==14641== by 0x110559: ffsox_analyze (ffsox_analyze.c:58)
==14641== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14641== by 0x10C3F2: main (bs1770gain.c:1000)
==14641==
==14641== (action on error) vgdb me ...
root@debian:~# gdb -q /usr/bin/bs1770gain
Reading symbols from /usr/bin/bs1770gain...Reading symbols from /usr/lib/debug/.build-id/27/f66bc797034082028906650b73c94e3d14b07f.debug...done.
done.
(gdb) set height 0
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2
Source directories searched: /home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2:$cdir:$cwd
(gdb) directory /home/benutzer/ffmpeg/orig/ffmpeg-4.0.2/libavcodec
Source directories searched: /home/benutzer/ffmpeg/orig/ffmpeg-4.0.2/libavcodec:/home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2:$cdir:$cwd
(gdb) target remote | vgdb
Remote debugging using | vgdb
relaying data between gdb and process 14641
warning: remote target does not support file transfer, attempting to access files from local filesystem.
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug/.build-id/dc/5cb16f5e644116cac64a4c3f5da4d081b81a4f.debug...done.
done.
0x0000000004001210 in _start () from /lib64/ld-linux-x86-64.so.2
(gdb) cont
Continuing.
Program received signal SIGTRAP, Trace/breakpoint trap.
av_packet_copy_props (dst=dst@entry=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:578
578 int size = src->side_data[i].size;
(gdb) bt
#0 av_packet_copy_props (dst=dst@entry=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:578
#1 0x0000000004ec1bb3 in av_packet_ref (dst=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:605
#2 0x0000000004f499fa in avcodec_send_packet (avctx=avctx@entry=0x120209c0, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:662
#3 0x0000000004f49ee3 in compat_decode (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame=got_frame@entry=0x1fff000494, pkt=pkt@entry=0x12047310) at src/libavcodec/decode.c:769
#4 0x0000000004f4a22d in avcodec_decode_audio4 (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame_ptr=got_frame_ptr@entry=0x1fff000494, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:838
#5 0x00000000001118b3 in frame_reader_run (n=0x120472d0) at ffsox_frame_reader.c:277
#6 0x0000000000111ee0 in ffsox_engine_run (e=e@entry=0x1fff000500, node=<optimized out>, node@entry=0x12050b60) at ffsox_engine.c:33
#7 0x0000000000113a0e in ffsox_sox_reader_read (sa=0x12050b60, buf=<optimized out>, len=<optimized out>) at ffsox_sox_reader.c:117
#8 0x0000000000113afe in drain (e=<optimized out>, obuf=<optimized out>, osamp=0x1fff0005e8) at ffsox_sox_read_handler.c:56
#9 0x0000000004871933 in drain_effect (n=0, chain=0x12050f20) at effects.c:352
#10 sox_flow_effects (chain=chain@entry=0x12050f20, callback=callback@entry=0x0, client_data=client_data@entry=0x0) at effects.c:445
#11 0x0000000000110798 in ffsox_analyze (ac=ac@entry=0x1fff000900, ai=<optimized out>, vi=<optimized out>) at ffsox_analyze.c:164
#12 0x000000000010e7e9 in bs1770gain_tree_analyze (tree=<optimized out>, odirname=0x0, options=0x1fff000a10) at bs1770gain_tree.c:155
#13 0x000000000010c3f3 in main (argc=<optimized out>, argv=0x1fff000c48) at bs1770gain.c:1000
(gdb) print &(src->side_data[0].size)
$7 = (int *) 0x11fc6eb8
(gdb) up
#1 0x0000000004ec1bb3 in av_packet_ref (dst=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:605
605 ret = av_packet_copy_props(dst, src);
(gdb) print &(src->side_data[0].size)
$8 = (int *) 0x11fc6eb8
(gdb) up
#2 0x0000000004f499fa in avcodec_send_packet (avctx=avctx@entry=0x120209c0, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:662
662 ret = av_packet_ref(avci->buffer_pkt, avpkt);
(gdb) print &(avpkt->side_data[0].size)
$9 = (int *) 0x11fc6eb8
(gdb) up
#3 0x0000000004f49ee3 in compat_decode (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame=got_frame@entry=0x1fff000494, pkt=pkt@entry=0x12047310) at src/libavcodec/decode.c:769
769 ret = avcodec_send_packet(avctx, pkt);
(gdb) print &(pkt->side_data[0].size)
$10 = (int *) 0x11fc6eb8
(gdb) up
#4 0x0000000004f4a22d in avcodec_decode_audio4 (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame_ptr=got_frame_ptr@entry=0x1fff000494, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:838
838 return compat_decode(avctx, frame, got_frame_ptr, avpkt);
(gdb) print &(avpkt->side_data[0].size)
$11 = (int *) 0x11fc6eb8
(gdb) up
#5 0x00000000001118b3 in frame_reader_run (n=0x120472d0) at ffsox_frame_reader.c:277
277 else if (avcodec_decode_audio4(cc,frame,&got_frame,pkt)<0) {
(gdb) print &(pkt->side_data[0].size)
$12 = (int *) 0x11fc6eb8
(gdb) list ffsox_frame_reader.c:182,280
182 static int frame_reader_run(frame_reader_t *n)
183 {
184 #if defined (FRAME_READER_RUN_CODE) // [
185 int code=-1;
186 #endif // ]
187 AVCodecContext *cc=n->si.cc;
188 frame_t *fo=&n->fo;
189 AVFrame *frame=fo->frame;
190 AVPacket *pkt=&n->pkt;
191 int got_frame,size;
192
193 //DMARKLN();
194 switch (n->state) {
195 case STATE_RUN:
196 //DMARKLN();
197 while (0<pkt->size) {
198 //DMARKLN();
199 if (0ll<fo->nb_samples.frame) {
200 DMESSAGE("frame not consumed");
201 #if defined (FRAME_READER_RUN_CODE) // [
202 goto exit;
203 #else // ] [
204 return -1;
205 #endif // ]
206 }
207
208 #if 0 // [
209 if ((size=avcodec_decode_audio4(cc,frame,&got_frame,pkt))<0) {
210 #else // ] [
211 //DMARKLN();
212 size=avcodec_decode_audio4(cc,frame,&got_frame,pkt);
213 //DVWRITELN("size: %d",size);
214
215 if (size<0) {
216 //DMARKLN();
217 #endif // ]
218 #if defined (FRAME_READER_SKIP_ERROR) // [
219 // skip the package.
220 #if defined (PBU_DEBUG) // [
221 DMESSAGE("decoding audio, skipping audio package");
222 #endif // ]
223 pkt->size=0;
224 #if defined (FRAME_READER_RUN_CODE) // [
225 code=0;
226 goto exit;
227 #else // ] [
228 return 0;
229 #endif // ]
230 #else // ] [
231 DMESSAGE("decoding audio");
232 #if defined (FRAME_READER_RUN_CODE) // [
233 goto exit;
234 #else // ] [
235 return -1;
236 #endif // ]
237 #endif // ]
238 #if 1 // [
239 }
240 //DMARKLN();
241 #else // ] [
242 }
243 #endif // ]
244
245 #if 0 // [
246 pkt->size-=size;
247 pkt->data+=size;
248 #else // ][
249 //DVWRITELN("size: %d, pkt->size: %d",size,pkt->size);
250 pkt->size-=size;
251 pkt->data+=size;
252 //DVWRITELN("size: %d, pkt->size: %d",size,pkt->size);
253 //DVWRITELN("got_frame: %d",got_frame);
254 #endif // ]
255
256 if (0!=got_frame) {
257 #if defined (FRAME_READER_RUN_CODE) // [
258 code=frame_reader_next_set_frame(n,fo);
259 goto exit;
260 #else // ] [
261 return frame_reader_next_set_frame(n,fo);
262 #endif // ]
263 }
264 }
265
266 return MACHINE_POP;
267 case STATE_FLUSH:
268 pkt->size=0;
269 pkt->data=NULL;
270
271 //DVWRITELN("cc: %p, codec_id: %0x, OPUS: %0x, frame: %p, got_frame: %d, pkt: %p",cc,cc->codec_id,AV_CODEC_ID_OPUS,frame,got_frame,pkt);
272 if (AV_CODEC_ID_OPUS==cc->codec_id) {
273 n->state=STATE_END;
274
275 return frame_reader_next_set_frame(n,NULL);
276 }
277 else if (avcodec_decode_audio4(cc,frame,&got_frame,pkt)<0) {
278 DMESSAGE("decoding audio");
279 #if defined (FRAME_READER_RUN_CODE) // [
280 goto exit;
(gdb) print &(n->pkt.side_data[0].size)
$14 = (int *) 0x11fc6eb8
(gdb) print n
$15 = (frame_reader_t *) 0x120472d0
(gdb) up
#6 0x0000000000111ee0 in ffsox_engine_run (e=e@entry=0x1fff000500, node=<optimized out>, node@entry=0x12050b60) at ffsox_engine.c:33
33 op=node->vmt->run(node);
(gdb) print node
$16 = <optimized out>
(gdb) list ffsox_engine.c:22,35
22 int ffsox_engine_run(engine_t *e, node_t *node)
23 {
24 int op;
25
26 e->node=node;
27
28 while (NULL!=(node=e->node)) {
29 //fprintf(stderr,"%s: RUN\n",node->vmt->name);
30 //DVWRITELN("vmt %p",node->vmt);
31 //DVWRITELN("vmt->run %p",node->vmt->run);
32 //DVWRITELN("vmt->name \"%s\"",node->vmt->name);
33 op=node->vmt->run(node);
34 //DVWRITELN("op: %d",op);
35
(gdb) print e->node
$17 = (ffsox_node_t *) 0x120472d0
(gdb) print e
$18 = (engine_t *) 0x1fff000500
(gdb) up
#7 0x0000000000113a0e in ffsox_sox_reader_read (sa=0x12050b60, buf=<optimized out>, len=<optimized out>) at ffsox_sox_reader.c:117
117 if (ffsox_engine_run(&m,&sa->node)<0) {
(gdb) print m
$19 = {source = 0x0, node = 0x120472d0}
(gdb) print &m
$20 = (engine_t *) 0x1fff000500
--------------
root@debian:~# valgrind --vgdb=yes --vgdb-error=0 /usr/bin/bs1770gain sine.mp3
...
==14983== Invalid read of size 4
==14983== at 0x4EC1424: av_packet_copy_props (avpacket.c:578)
==14983== by 0x4EC1BB2: av_packet_ref (avpacket.c:605)
==14983== by 0x4F499F9: avcodec_send_packet (decode.c:662)
==14983== by 0x4F49EE2: compat_decode (decode.c:769)
==14983== by 0x1118B2: frame_reader_run (ffsox_frame_reader.c:277)
==14983== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14983== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14983== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14983== by 0x4871932: drain_effect (effects.c:352)
==14983== by 0x4871932: sox_flow_effects (effects.c:445)
==14983== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14983== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14983== by 0x10C3F2: main (bs1770gain.c:1000)
==14983== Address 0x11fc6eb8 is 8 bytes inside a block of size 16 free'd
==14983== at 0x48369EB: free (vg_replace_malloc.c:530)
==14983== by 0x4EC0A78: av_packet_free_side_data (avpacket.c:275)
==14983== by 0x4EC149C: av_packet_unref (avpacket.c:594)
==14983== by 0x1126B3: source_run (ffsox_source.c:173)
==14983== by 0x111EDF: ffsox_engine_run (ffsox_engine.c:33)
==14983== by 0x113A0D: ffsox_sox_reader_read (ffsox_sox_reader.c:117)
==14983== by 0x113AFD: drain (ffsox_sox_read_handler.c:56)
==14983== by 0x4871932: drain_effect (effects.c:352)
==14983== by 0x4871932: sox_flow_effects (effects.c:445)
==14983== by 0x110797: ffsox_analyze (ffsox_analyze.c:164)
==14983== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14983== by 0x10C3F2: main (bs1770gain.c:1000)
==14983== Block was alloc'd at
==14983== at 0x48356EF: malloc (vg_replace_malloc.c:298)
==14983== by 0x4837A34: realloc (vg_replace_malloc.c:785)
==14983== by 0x4EC0BA2: av_packet_add_side_data (avpacket.c:315)
==14983== by 0x4EC0C6C: av_packet_new_side_data (avpacket.c:341)
==14983== by 0x4C76E25: read_frame_internal (utils.c:1714)
==14983== by 0x4C7853A: avformat_find_stream_info (utils.c:3767)
==14983== by 0x112901: ffsox_source_create (ffsox_source.c:43)
==14983== by 0x110559: ffsox_analyze (ffsox_analyze.c:58)
==14983== by 0x10E7E8: bs1770gain_tree_analyze (bs1770gain_tree.c:155)
==14983== by 0x10C3F2: main (bs1770gain.c:1000)
==14983==
==14983== (action on error) vgdb me ...
root@debian:~# gdb -q /usr/bin/bs1770gain
Reading symbols from /usr/bin/bs1770gain...Reading symbols from /usr/lib/debug/.build-id/27/f66bc797034082028906650b73c94e3d14b07f.debug...done.
done.
(gdb) set height 0
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2
Source directories searched: /home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2:$cdir:$cwd
(gdb) directory /home/benutzer/ffmpeg/orig/ffmpeg-4.0.2/libavcodec
Source directories searched: /home/benutzer/ffmpeg/orig/ffmpeg-4.0.2/libavcodec:/home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2:$cdir:$cwd
(gdb) target remote | vgdb
Remote debugging using | vgdb
relaying data between gdb and process 14983
warning: remote target does not support file transfer, attempting to access files from local filesystem.
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug/.build-id/dc/5cb16f5e644116cac64a4c3f5da4d081b81a4f.debug...done.
done.
0x0000000004001210 in _start () from /lib64/ld-linux-x86-64.so.2
(gdb) b ffsox_source.c:173
Breakpoint 1 at 0x1126ac: file ffsox_source.c, line 173.
(gdb) ignore 1 43
Will ignore next 43 crossings of breakpoint 1.
(gdb) cont
Continuing.
Breakpoint 1, source_run (n=0x1fff000740) at ffsox_source.c:173
173 av_packet_unref(pkt);
(gdb) print pkt.side_data
$1 = (AVPacketSideData *) 0x11fc6eb0
(gdb) print &(pkt.side_data[0].size)
$2 = (int *) 0x11fc6eb8
(gdb) print pkt
$3 = (AVPacket *) 0x1fff000798
(gdb) next
176 if (av_read_frame(n->f.fc,pkt)<0) {
(gdb) print pkt.side_data
$4 = (AVPacketSideData *) 0x0
(gdb) print pkt
$5 = (AVPacket *) 0x1fff000798
(gdb) cont
Continuing.
Program received signal SIGTRAP, Trace/breakpoint trap.
av_packet_copy_props (dst=dst@entry=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:578
578 int size = src->side_data[i].size;
(gdb) print src
$6 = (const AVPacket *) 0x12047310
(gdb) print src->side_data
$7 = (AVPacketSideData *) 0x11fc6eb0
(gdb) print i
$8 = 0
(gdb) print src->side_data[0].size
$9 = 10
(gdb) print &(src->side_data[0].size)
$10 = (int *) 0x11fc6eb8
(gdb) bt
#0 av_packet_copy_props (dst=dst@entry=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:578
#1 0x0000000004ec1bb3 in av_packet_ref (dst=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:605
#2 0x0000000004f499fa in avcodec_send_packet (avctx=avctx@entry=0x120209c0, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:662
#3 0x0000000004f49ee3 in compat_decode (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame=got_frame@entry=0x1fff000494, pkt=pkt@entry=0x12047310) at src/libavcodec/decode.c:769
#4 0x0000000004f4a22d in avcodec_decode_audio4 (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame_ptr=got_frame_ptr@entry=0x1fff000494, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:838
#5 0x00000000001118b3 in frame_reader_run (n=0x120472d0) at ffsox_frame_reader.c:277
#6 0x0000000000111ee0 in ffsox_engine_run (e=e@entry=0x1fff000500, node=<optimized out>, node@entry=0x12050b60) at ffsox_engine.c:33
#7 0x0000000000113a0e in ffsox_sox_reader_read (sa=0x12050b60, buf=<optimized out>, len=<optimized out>) at ffsox_sox_reader.c:117
#8 0x0000000000113afe in drain (e=<optimized out>, obuf=<optimized out>, osamp=0x1fff0005e8) at ffsox_sox_read_handler.c:56
#9 0x0000000004871933 in drain_effect (n=0, chain=0x12050f20) at effects.c:352
#10 sox_flow_effects (chain=chain@entry=0x12050f20, callback=callback@entry=0x0, client_data=client_data@entry=0x0) at effects.c:445
#11 0x0000000000110798 in ffsox_analyze (ac=ac@entry=0x1fff000900, ai=<optimized out>, vi=<optimized out>) at ffsox_analyze.c:164
#12 0x000000000010e7e9 in bs1770gain_tree_analyze (tree=<optimized out>, odirname=0x0, options=0x1fff000a10) at bs1770gain_tree.c:155
#13 0x000000000010c3f3 in main (argc=<optimized out>, argv=0x1fff000c48) at bs1770gain.c:1000
(gdb) up
#1 0x0000000004ec1bb3 in av_packet_ref (dst=0x12047f80, src=src@entry=0x12047310) at src/libavcodec/avpacket.c:605
605 ret = av_packet_copy_props(dst, src);
(gdb)
#2 0x0000000004f499fa in avcodec_send_packet (avctx=avctx@entry=0x120209c0, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:662
662 ret = av_packet_ref(avci->buffer_pkt, avpkt);
(gdb)
#3 0x0000000004f49ee3 in compat_decode (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame=got_frame@entry=0x1fff000494, pkt=pkt@entry=0x12047310) at src/libavcodec/decode.c:769
769 ret = avcodec_send_packet(avctx, pkt);
(gdb)
#4 0x0000000004f4a22d in avcodec_decode_audio4 (avctx=avctx@entry=0x120209c0, frame=frame@entry=0x120505c0, got_frame_ptr=got_frame_ptr@entry=0x1fff000494, avpkt=avpkt@entry=0x12047310) at src/libavcodec/decode.c:838
838 return compat_decode(avctx, frame, got_frame_ptr, avpkt);
(gdb)
#5 0x00000000001118b3 in frame_reader_run (n=0x120472d0) at ffsox_frame_reader.c:277
277 else if (avcodec_decode_audio4(cc,frame,&got_frame,pkt)<0) {
(gdb) print pkt
$11 = (AVPacket *) 0x12047310
(gdb) print &n->pkt
$12 = (AVPacket *) 0x12047310
(gdb) up
#6 0x0000000000111ee0 in ffsox_engine_run (e=e@entry=0x1fff000500, node=<optimized out>, node@entry=0x12050b60) at ffsox_engine.c:33
33 op=node->vmt->run(node);
(gdb) print node
$13 = <optimized out>
(gdb) list ffsox_engine.c:22,35
22 int ffsox_engine_run(engine_t *e, node_t *node)
23 {
24 int op;
25
26 e->node=node;
27
28 while (NULL!=(node=e->node)) {
29 //fprintf(stderr,"%s: RUN\n",node->vmt->name);
30 //DVWRITELN("vmt %p",node->vmt);
31 //DVWRITELN("vmt->run %p",node->vmt->run);
32 //DVWRITELN("vmt->name \"%s\"",node->vmt->name);
33 op=node->vmt->run(node);
34 //DVWRITELN("op: %d",op);
35
gdb -q --args /usr/bin/bs1770gain sine.mp3
set height 0
set width 0
set pagination off
directory /home/benutzer/bs1770gain/orig/bs1770gain-0.5.1/libffsox-2
directory /home/benutzer/ffmpeg/orig/ffmpeg-4.0.2/libavcodec
target remote | vgdb
b ffsox_source.c:173
ignore 1 43
cont
Reply to: