On May 19 11:26:13, [email protected] wrote:
>
> On 5/18/24 18:11, Martin Guy wrote:
> > On 5/18/24 17:19, Jan Stary wrote:
> >
> > > > There seems to be a bug in the spectrogram effect,
> > > > also present in earlier releases.
> > > >
> > > > $ sox -c 1 -b 16 -r 1000 -n file.wav synth 1 sin 440 gain -3
> > > > $ sox file.wav -n spectrogram -x 1001
> > > > Segmentation fault (core dumped)
> > > The bug is sill there somewhere: instead of segfaulting,
> > > the following now makes SoX eat up the CPU, without
> > > producing a spectrogram:
> > >
> > > sox -c 1 -b 16 -r 1000 -n file.wav synth 1 sin 440 gain -3
> > > sox file.wav -n spectrogram -x 1001
Correction: it segfaults on OpenBSD,
and eats up the CPU on macOSX.
> OK, I've had a look at it on git master.
Which git master?
> I can't reproduce the "eat the CPU"
> effect but it segfaults when -x is greater than the number of samples...
> when the number of samples is less than 5000. -r4999 and -x5000 dumps core;
> -r5000 -x5001 works. Bizarre.
I can confirm that is also what happens here on OpenBSD/amd64
with the current code from the Sourceforge git.
> The actual defect is in spectrogram.c's "stop" routine,
For me, it already segfaults in the flow() function
of spectrogram.c, namely the memcpy() call:
memcpy(obuf, ibuf, len * sizeof(*obuf)); /* Pass on audio unaffected */
#0 memcpy (dst0=0x7e600541000, src0=Unhandled dwarf expression opcode 0xa3
) at /usr/src/lib/libc/string/memcpy.c:103
103 TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize);
(gdb) bt
#0 memcpy (dst0=0x7e600541000, src0=Unhandled dwarf expression opcode 0xa3
) at /usr/src/lib/libc/string/memcpy.c:103
#1 0x000007e5d9bb3446 in flow (effp=0x7e600536800, ibuf=0x7e60054d000,
obuf=Unhandled dwarf expression opcode 0xa3
)
at spectrogram.c:485
#2 0x000007e5d9bb3b1c in drain (effp=0x7e600536800, osamp=0x799ffa6eec58)
at spectrogram.c:553
#3 0x000007e5d9b84391 in sox_flow_effects (chain=0x7e6005371c0,
callback=0x7e3ade73b90 <update_status>, client_data=0x0) at effects.c:352
#4 0x000007e3ade6f23b in main (argc=Variable "argc" is not available.
) at sox.c:1780
> when it tries to
> place the "Time (s)" label at minus infinity
>
> #0 0xb7e77c29 in print_at_ (pixels=0xa5e630 "", cols=144, x=-2147483614,
> y=24, c=1, text=0xbfe4b824 "Time (s)", orientation=0) at
> spectrogram.c:728
> 728 case 0: pixel(x + j, y - i) = c; break;
> (gdb) frame 1
> #1 0xb7e78749 in stop (effp=0xa46410) at spectrogram.c:870
> 870 print_at(left + (p->cols - font_X * strlen(text)) / 2, 24, Text,
> text);
>
> This happens because strlen(txt) is unsigned, making the whole bracket
> expression unsigned and calculating 4294967248/2 instead of -48/2
>
> The fix on git master is in src/spectrogram.c line 870, to prefix
> strlen(text) with (int)
Still segfaults in the memcpy() in flow().
> I would post an issue and patch on sourceforge, but that seems useless as
> the existing patches haven't been applied since 2006.
Right; also, https://sourceforge.net/p/sox/feature-requests/222/
> But sox spectrogram is poor fare. Very slow, no log frequency axis and you
> can't change the FFT size. Even sndfile-spectrogram is better but if you
> want much much better spectrograms, use http://martinwguy.net/spettro
Thanks for the link.
Jan
_______________________________________________
SoX-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/sox-devel
