GNOME Bugzilla – Bug 545370
playing some mp3s segfaults
Last modified: 2009-05-07 13:50:20 UTC
Steps to reproduce: 1. start qt4s musicplayer example 2. load a certain mp3 (only some cause the crash) Stack trace:
+ Trace 204108
Other information: This bug might be related too (or the same as) http://bugzilla.gnome.org/show_bug.cgi?id=522357 but I'm not sure. It seems that there is an infinite loop in gstmpegaudioparse.c I also ran the prog with GST_DEBUG=*:5 the output was a whopping 241MB but compressed nicely to 7.3MB.
Please install debug packages for glib, gstreamer, gst-plugins-base and get a new backtrace. Also, could you make such MP3 available?
Created attachment 115512 [details] this mp3 causes the crash The mp3 plays fine with mplayer and audacious but crashes with the qt4.4 musicplayer example that uses the gstreamer backend. I deliberately cut the mp3 to make upload easier and avoid copyright issues. You should only here a single chord.
I'm very sorry but I find it currently impossible to convince my f****ng gentoo to install those @§#* debug versions... *grrrr* (have... to... stay... calm... smashing the keyboard into the monitor won't get me anywhere either) ...but I did upload the compressed log from the GST_DEBUG=*:5 run: http://senduit.com/dd694e It will be available there for 1 week. I'll try tomorrow again. hopefully I'll have more luck.
2008-07-31 Sebastian Dröge <sebastian.droege@collabora.co.uk> * gst/mpegaudioparse/gstmpegaudioparse.c: (gst_mp3parse_sink_event), (gst_mp3parse_emit_frame), (mp3parse_total_time), (mp3parse_bytepos_to_time): Don't recurse from mp3parse_bytepos_to_time() to mp3parse_total_time() if we're called from there already. Otherwise we end up in a endless recursion and crash with a stack overflow. This can happen when a Xing or VBRI header with TOC exists but it doesn't contain the total time. Fixes bug #545370.
Thank you very much! quick, reply and quick fix even though I failed to provide all requested information. your work is much appreciated!
*** Bug 581279 has been marked as a duplicate of this bug. ***