<div dir="ltr">I believe it would be essentially impossible to cause an access violation on that line, without some other thread coming in and scribbling all over your stack. Note that just a few lines before, _every_ value of tmp[i] was read and written, and here only a few sparse values that never exceed the first half are read. If something is pointing to this line, then it's probably incorrect. Do you have a reproduceable test case, or a crash dump?<br></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Aug 30, 2018 at 11:38 AM Alexandr Petak <<a href="mailto:alexandr.petak@gmail.com">alexandr.petak@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hello,</div><div>in this commit in celt_encoder.c</div><a href="https://git.xiph.org/?p=opus.git;a=commitdiff;h=652c4559f593d3aad78bd5c85a216eeae7859429" target="_blank">https://git.xiph.org/?p=opus.git;a=commitdiff;h=652c4559f593d3aad78bd5c85a216eeae7859429</a><br><div><br></div><div>I see the note:</div><div>
<div class="m_-9084164959728150787gmail-diff m_-9084164959728150787gmail-add" style="font-family:monospace;font-size:small;white-space:pre-wrap;color:rgb(0,136,0);background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">+ /* We should never see NaNs here. If we find any, then something really bad happened and we better abort</div><div class="m_-9084164959728150787gmail-diff m_-9084164959728150787gmail-add" style="font-family:monospace;font-size:small;white-space:pre-wrap;color:rgb(0,136,0);background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">+ before it does any damage later on. If these asserts are disabled (no hardening), then the table</div><div class="m_-9084164959728150787gmail-diff m_-9084164959728150787gmail-add" style="font-family:monospace;font-size:small;white-space:pre-wrap;color:rgb(0,136,0);background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">+ lookup a few lines below (id = ...) is likely to crash dur to an out-of-bounds read. DO NOT FIX</div><div class="m_-9084164959728150787gmail-diff m_-9084164959728150787gmail-add" style="font-family:monospace;font-size:small;white-space:pre-wrap;color:rgb(0,136,0);background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">+ that crash on NaN since it could result in a worse issue later on. */</div>
<br></div><div>I think I'm exactly in that situation. Opus codec crashes occasionally for me with Access violation in the transient_analysis function on the line where it's computing the id from the floating point.</div><div><br></div><div> id = (int)MAX32(0,MIN32(127,floor(64*norm*(tmp[i]+EPSILON))));<br></div><div><br></div><div>Could you please provide more info about what could be the crash reason there?</div><div><br></div><div>Regards,</div><div>Alex</div></div>
_______________________________________________<br>
opus mailing list<br>
<a href="mailto:opus@xiph.org" target="_blank">opus@xiph.org</a><br>
<a href="http://lists.xiph.org/mailman/listinfo/opus" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/opus</a><br>
</blockquote></div>