After listening ~20 minutes to Colombia Salsa Rosa, VLC crashes on the "Colombia Salsa Rosa" network stream. This is always reproducible on Windows. Not sure about other platforms.
I am also able to reproduce the described behavior, and it is not bound to an exact amount of time played (as originally stated in the ticket description).
Thread 13 "vlc-static" received signal SIGSEGV, Segmentation fault.[Switching to Thread 0x7fffd411c700 (LWP 4151)]0x00007fffb7d51aef in ifilter_bank (fb=0x7fffcc0346e0, window_sequence=<optimized out>, window_shape=<optimized out>, window_shape_prev=<optimized out>, freq_in=freq_in@entry=0x7fffd4114830, time_out=0x7fffbc021f30, overlap=0x0, object_type=2 '\002', frame_len=1024) at filtbank.c:223223 time_out[i] = overlap[i] + MUL_F(transf_buf[i],window_long_prev[i]);
[#0](https://code.videolan.org/videolan/vlc/-/issues/0) 0x00007fffb7d51aef in ifilter_bank (fb=0x7fffcc0346e0, window_sequence=<optimized out>, window_shape=<optimized out>, window_shape_prev=<optimized out>, freq_in=freq_in@entry=0x7fffd4114830, time_out=0x7fffbc021f30, overlap=0x0, object_type=2 '\002', frame_len=1024) at filtbank.c:223[#1](https://code.videolan.org/videolan/vlc/-/issues/1) 0x00007fffb7d650ca in reconstruct_channel_pair (hDecoder=hDecoder@entry=0x7fffcc035630, ics1=ics1@entry=0x7fffd4116886, ics2=ics2@entry=0x7fffd411915c, cpe=cpe@entry=0x7fffd4116880, spec_data1=spec_data1@entry=0x7fffd4115880, spec_data2=spec_data2@entry=0x7fffd4116080) at specrec.c:1263[#2](https://code.videolan.org/videolan/vlc/-/issues/2) 0x00007fffb7d564b1 in channel_pair_element (hDecoder=hDecoder@entry=0x7fffcc035630, ld=ld@entry=0x7fffd411bb60, channels=channels@entry=0 '\000', tag=tag@entry=0x7fffd411ba8f "") at syntax.c:759[#3](https://code.videolan.org/videolan/vlc/-/issues/3) 0x00007fffb7d56762 in decode_cpe (hDecoder=hDecoder@entry=0x7fffcc035630, hInfo=hInfo@entry=0x7fffd411bc50, ld=ld@entry=0x7fffd411bb60, id_syn_ele=id_syn_ele@entry=1 '\001') at syntax.c:402[#4](https://code.videolan.org/videolan/vlc/-/issues/4) 0x00007fffb7d56bb9 in raw_data_block (hDecoder=hDecoder@entry=0x7fffcc035630, hInfo=hInfo@entry=0x7fffd411bc50, ld=ld@entry=0x7fffd411bb60, pce=pce@entry=0x7fffcc036181, drc=0x7fffcc036480) at syntax.c:448[#5](https://code.videolan.org/videolan/vlc/-/issues/5) 0x00007fffb7d4fe0d in aac_frame_decode (hDecoder=0x7fffcc035630, hInfo=hInfo@entry=0x7fffd411bc50, buffer=0x7fffcc00f240 "!\033O\377\377\377\231\001\346\003\356\\\351)t\b", buffer_size=364, sample_buffer2=sample_buffer2@entry=0x0, sample_buffer_size=sample_buffer_size@entry=0) at decoder.c:971[#6](https://code.videolan.org/videolan/vlc/-/issues/6) 0x00007fffb7d50e4b in NeAACDecDecode (hpDecoder=<optimized out>, hInfo=hInfo@entry=0x7fffd411bc50, buffer=<optimized out>, buffer_size=<optimized out>) at decoder.c:802[#7](https://code.videolan.org/videolan/vlc/-/issues/7) 0x00007fffb7d4ee0f in DecodeBlock (p_dec=0x7fffcc011798, p_block=<optimized out>) at modules/codec/faad.c:339[#8](https://code.videolan.org/videolan/vlc/-/issues/8) 0x00007ffff790b510 in DecoderDecode (p_dec=p_dec@entry=0x7fffcc011798, p_block=0x7fffcc00f1d0) at src/input/decoder.c:1268[#9](https://code.videolan.org/videolan/vlc/-/issues/9) 0x00007ffff790b4f4 in DecoderProcess (p_dec=p_dec@entry=0x7fffcc011798, p_block=p_block@entry=0x7fffcc00f1d0) at src/input/decoder.c:1391[#10](https://code.videolan.org/videolan/vlc/-/issues/10) 0x00007ffff790b8a3 in DecoderThread (p_data=<optimized out>) at src/input/decoder.c:1535[#11](https://code.videolan.org/videolan/vlc/-/issues/11) 0x00007ffff6d082e7 in start_thread () at /usr/lib/libpthread.so.0[#12](https://code.videolan.org/videolan/vlc/-/issues/12) 0x00007ffff684554f in clone () at /usr/lib/libc.so.6
What seems to be the common ground between crashes is that the debug log always contains something like the below (where the last diagnostic includes New Icy-Title= without a payload).
http debug: New Icy-Title=@colomcrossover - Comerciales Salsa Rosahttp debug: New Icy-Title=
See attachment:refp_18128.log for the log corresponding to the previous backtrace.
Issue can be reproduced by playing attachment:crash.aac with --codec=faad (should be automatically choosen), and is due to libfaad2 not allocating enough memory for a CPE if preceeded by SCE (causing a segfault due to dereferencing a null-pointer).
Patch that fixes the problem in libfaad2 has been submitted to vlc-devel: