After a while of listening to a Vorbis stream, ogg123 became "sick" and the
input buffer was hovering around 0.5-1%. A little later, during a song change,
it segfaulted. Here's the backtrace:
#0 0xdbae358 in decode_packed_entry_number (book=0x3c0ce3c8, b=0x3c076a48)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/codebook.c:345
345 if(book->dec_codelengths[lo]<=read){
#1 0xdbae128 in vorbis_book_decodevv_add (book=0x3c0ce3c8, a=0xcfbfcc0c,
offset=416, ch=2, b=0x3c076a48, n=32)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/codebook.c:460
460 entry = decode_packed_entry_number(book,b);
#2 0xdbaaa31 in res2_inverse (vb=0x3c076a44, vl=0x3c013a40, in=0xcfbfcc0c,
nonzero=0xcfbfcbfc, ch=2)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/res0.c:859
859 if(vorbis_book_decodevv_add(stagebook,in,
#3 0xdbac7d8 in mapping0_inverse (vb=0x3c076a44, l=0x3c09b000)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/mapping0.c:702
#4 0xdb9d706 in vorbis_synthesis (vb=0x3c076a44, op=0xcfbfcd24)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/synthesis.c:76
#5 0xa53eb8f in _fetch_and_process_packet (vf=0x3c076800, op_in=0x0, readp=1,
spanp=1)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/vorbisfile.c:484
#6 0xa541a1f in ov_read (vf=0x3c076800, buffer=0x3c005fa0 "¡", length=3072,
bigendianp=0, word=2, sgned=1, bitstream=0x3c076ac8)
at /usr/ports/mystuff/audio/libvorbis/w-libvorbis-1.0.1-debug/libvorbis-1.0.
1/lib/vorbisfile.c:1545
#7 0x1c007417 in ovf_read (decoder=0x3c013540, ptr=0x3c005fa0, nbytes=3072,
eos=0xcfbfce8c, audio_fmt=0xcfbfcea0) at oggvorbis_format.c:139
#8 0x1c006ec2 in play (
source_string=0x3c013480 "http://pandora.hrz.tu-chemnitz.de:8000/kolaradio.
ogg") at ogg123.c:525
#9 0x1c006b81 in main (argc=2, argv=0xcfbfcfb4) at ogg123.c:389
#10 0x1c0035a1 in ___start ()
#11 0x1c003517 in __start ()
#12 0xcfbfd100 in ?? ()
The icecast server in charge was -kh10 from Karl Heyes, which also had problems
(something about NULL pointers, I think we/he could find the problem and fix it)
... so it is possible that the server sent some junk to ogg123, however, I
believe that this is no valid reason for ogg123 or the vorbis libs to segfault.
The issue might be quite subtle since I compiled everything with certain
malloc() settings in malloc.conf for testing. The options I use are 'AGZ'. From
malloc.conf(3):
<snip>
A ``Abort''. malloc() will coredump the process, rather than tol-
erate failure. This is a very handy debugging aid, since the
core file will represent the time of failure, rather than when
the null pointer was accessed.
[...]
G Enable guard pages and chunk randomization. Each page size or
larger allocation is followed by a guard page that will cause a
segmentation fault upon any access. Smaller than page size
chunks are returned in a random order.
(this is unique to OpenBSD, as far as I know)
[...]
Z ``Zero''. Fill some junk into the area allocated (see J), except
for the exact length the user asked for, which is zeroed.
[...]
The J and Z flags are mostly for testing and debugging. If a program
changes behavior if either of these options are used, it is buggy.
The default cache size is 16 pages.
</snip>
Please let me know if I can help with further gdb output. The OS I am using is a
very recent version of OpenBSD 3.4-current on i386.
Moritz
