On sab, mag 23, 2015 at 02:15:05 +0300, Yuriy M. Kaminskiy wrote: > Package: mpv > Version: 0.6.2-2 > Severity: normal > > Dear Maintainer, > > $ mpv --vo=opengl-old:force-pbo=yes any-video.avi > [...] > AO: [alsa] 48000Hz stereo 2ch float > VO: [opengl-old] 1280x720 => 1280x720 yuv420p > mpv: ../ta/ta.c:333: ta_dbg_check_header: Assertion `h->canary == > 0xD3ADB3EF' failed. > $ gdb mpv core > [...] > Program terminated with signal SIGABRT, Aborted. > (gdb) bt > [...] > #5 0xb75c6cf8 in ta_dbg_check_header (h=0xaf4f70cc) at ../ta/ta.c:333 > #6 0xb769d59e in ta_dbg_check_header (h=0xaf4f70cc) at ../ta/ta.c:269 > #7 get_header (ptr=0xaf4f70ec) at ../ta/ta.c:77 > #8 ta_free (ptr=0xaf4f70ec) at ../ta/ta.c:255 > #9 0xb768af19 in draw_image (vo=0xb81e2300, mpi=0xb8571730) at > ../video/out/vo_opengl_old.c:2007 > #10 0xb7683582 in render_frame (vo=<optimized out>) at ../video/out/vo.c:581 > [...] > > When force-pbo enabled, mpi == &mpi2, so it attempts to free variable on > stack. > Patch attached (tested, works). > > Notes: > 1) This bug does not affect testing and upstream (--vo=opengl-old was > completely removed since mpv-0.8), only jessie is affected; > 2) It can be only triggered by user with --vo=opengl-old:force-pbo=yes > option; > 3) It is expected to always die in assert, before triggering heap > corruption, so there should be no security implications.
Given the above notes I don't think this issue warrants a stable update (I don't think the release managers would allow one anyway), so there's not much I can do about this. Cheers
signature.asc
Description: Digital signature
