[Bug 264442] audio/sox: segmentation fault / bus error when reading mp3

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 03 Jun 2022 22:42:59 UTC 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264442

            Bug ID: 264442
           Summary: audio/sox: segmentation fault / bus error when reading
                    mp3
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: benrkts@yahoo.com
                CC: dnelson@allantgroup.com
                CC: dnelson@allantgroup.com
             Flags: maintainer-feedback?(dnelson@allantgroup.com)

FreeBSD 13.1-RELEASE releng/13.1-n250148-fc952ac2212 GENERIC amd64

sox-14.4.2_5 using libmad-0.16.0 (both via pkg, then rebuilt for debugging)

To reproduce:

sox filename.mp3 out.wav
(or) play filename.mp3

Workaround:

ffmpeg -i filename.mp3 filename.wav
sox filename.wav out.wav
(or) play out.wav

Invoking as 'sox' on certain files:

* thread #1, name = 'sox', stop reason = signal SIGBUS
  * frame #0: 0x000000080043f194
libmad.so.0.16.0`mad_frame_init(frame=0x00007fffffffbed0) at frame.c:93:18
    frame #1: 0x0000000800305ead
libsox.so.3`mp3_duration_ms(ft=0x0000000801433900) at mp3-util.h:271:3
    frame #2: 0x000000080030319b libsox.so.3`startread(ft=0x0000000801433900)
at mp3.c:392:29
    frame #3: 0x00000008002957b0
libsox.so.3`open_read(path="goldberg-variations-gould.mp3",
buffer=0x0000000000000000, buffer_size=0, signal=0x000000080147f010,
encoding=0x000000080147f030, filetype="mp3") at formats.c:545:32
    frame #4: 0x0000000800294fe4
libsox.so.3`sox_open_read(path="goldberg-variations-gould.mp3",
signal=0x000000080147f010, encoding=0x000000080147f030,
filetype=0x0000000000000000) at formats.c:585:10
    frame #5: 0x00000000002086d1 sox`main(argc=3, argv=0x00007fffffffe7e0) at
sox.c:2945:20
    frame #6: 0x0000000000207df0 sox`_start(ap=<unavailable>,
cleanup=<unavailable>) at crt1_c.c:75:7

Invoking as 'play' on the same files gives a similar backtrace.

Invoking as 'sox' on other files:

* thread #1, name = 'sox', stop reason = signal SIGSEGV
  * frame #0: 0x0000000000000000
    frame #1: 0x00000008003037b4 libsox.so.3`sox_mp3read(ft=0x0000000801433900,
buf=0x00000008014c94c0, len=8192) at mp3.c:520:13
    frame #2: 0x0000000800298aba libsox.so.3`sox_read(ft=0x0000000801433900,
buf=0x00000008014c94c0, len=8192) at formats.c:978:30
    frame #3: 0x0000000000212864 sox`sox_read_wide(ft=0x0000000801433900,
buf=0x00000008014c94c0, max=8192) at sox.c:490:9
    frame #4: 0x0000000000211daa sox`combiner_drain(effp=0x00000008014c8100,
obuf=0x00000008014c94c0, osamp=0x00007fffffffe530) at sox.c:552:16
    frame #5: 0x00000008002afbe7
libsox.so.3`drain_effect(chain=0x0000000801419040, n=0) at effects.c:352:17
    frame #6: 0x00000008002af689
libsox.so.3`sox_flow_effects(chain=0x0000000801419040,
callback=(sox`update_status at sox.c:1342), client_data=0x0000000000000000) at
effects.c:445:11
    frame #7: 0x000000000020ae67 sox`process at sox.c:1802:17
    frame #8: 0x0000000000208afa sox`main(argc=3, argv=0x00007fffffffe7b8) at
sox.c:3008:10
    frame #9: 0x0000000000207df0 sox`_start(ap=<unavailable>,
cleanup=<unavailable>) at crt1_c.c:75:7

Invoking as 'play' on the same files:

Assertion failed: (factor > 0), function rate_init, file rate.c, line 303.

* thread #1, name = 'sox', stop reason = signal SIGABRT
  * frame #0: 0x000000080091033a libc.so.7`__sys_thr_kill at thr_kill.S:4
    frame #1: 0x0000000800888c74 libc.so.7`__raise(s=6) at raise.c:52:10
    frame #2: 0x000000080093a109 libc.so.7`abort at abort.c:67:8
    frame #3: 0x000000080086ba11 libc.so.7`__assert(func=<unavailable>,
file=<unavailable>, line=<unavailable>, failedexpr=<unavailable>) at
assert.c:51:2
    frame #4: 0x00000008002c93a3 libsox.so.3`rate_init(p=0x00000008014a5048,
shared=0x00000008014a5070, factor=-1.9999999962747097, bits=16, phase=50,
bw_pc=67.625, anti_aliasing_pc=100, rolloff=rolloff_medium,
maintain_3dB_pt=sox_false, use_hi_prec_clock=sox_false, interpolator=-1,
max_coefs_size=400, noSmallIntOpt=sox_false) at rate.c:303:3
    frame #5: 0x00000008002c8f98 libsox.so.3`start(effp=0x00000008014c8000) at
rate.c:632:3
    frame #6: 0x00000008002aed3a
libsox.so.3`sox_add_effect(chain=0x0000000801419040, effp=0x00000008014c8000,
in=0x00007fffffffe5f0, out=0x0000000801433c08) at effects.c:157:9
    frame #7: 0x0000000000211adf play`add_effect(chain=0x0000000801419040,
effp=0x00000008014c8000, in=0x00007fffffffe5f0, out=0x0000000801433c08,
guard=0x00007fffffffe5ec) at sox.c:708:10
    frame #8: 0x0000000000211b9f play`auto_effect(chain=0x0000000801419040,
name="", argc=1, argv=0x00007fffffffe5e0, signal=0x00007fffffffe5f0,
guard=0x00007fffffffe5ec) at sox.c:721:7
    frame #9: 0x0000000000210d82 play`add_effects(chain=0x0000000801419040) at
sox.c:1086:5
    frame #10: 0x000000000020ac12 play`process at sox.c:1759:3
    frame #11: 0x0000000000208afa play`main(argc=2, argv=0x00007fffffffe7c8) at
sox.c:3008:10
    frame #12: 0x0000000000207df0 play`_start(ap=<unavailable>,
cleanup=<unavailable>) at crt1_c.c:75:7

-- 
You are receiving this mail because:
You are the assignee for the bug.