[FFmpeg-devel] MP3 file that crashes ffmpeg

Reimar Döffinger Reimar.Doeffinger
Sun May 6 16:13:41 CEST 2007 

Hello,
On Sun, May 06, 2007 at 03:49:31PM +0200, Reimar D?ffinger wrote:
> On Sun, May 06, 2007 at 03:36:36PM +0200, Michael Niedermayer wrote:
> > On Sun, May 06, 2007 at 11:03:01AM +0200, Diego Biurrun wrote:
> > > On Sat, May 05, 2007 at 11:16:32PM +0200, Michael Niedermayer wrote:
> > > > 
> > > > also i wont look at crashes if the person reporting the crash is too lazy
> > > > to provide gdb output
> > > 
> > > Note that MPlayer plays the sample fine, even with lavc decoder and lavf
> > > demuxer ..
> > > 
> > > Here's your backtrace, let me know if you need anything else.
> > > 
> > > Diego
> > > 
> > > (gdb) run /var/tmp/bugs/11-i_need_your_love-daw.mp3
> > > Starting program: /usr/src/ffmpeg/ffplay_g
> > > /var/tmp/bugs/11-i_need_your_love-daw.mp3
> > > Failed to read a valid object file image from memory.
> > [...]
> > > Program received signal SIGSEGV, Segmentation fault.
> > > [Switching to Thread -1221788752 (LWP 4312)]
> > > 0xfffffff8 in ?? ()
> > > (gdb) bt
> > > #0  0xfffffff8 in ?? ()
> > > #1  0x0000000d in ?? ()
> > > #2  0xffffffe5 in ?? ()
> > > #3  0x00000002 in ?? ()
> > > #4  0x00000000 in ?? ()
> > 
> > very usefull backtrace ...
> 
> Unfortunately there seems to be not much more info. Even valgrind only
> spits out this useless thing:
> 
> ==18651== Thread 3:
> ==18651== Jump to the invalid address stated on the next line
> ==18651==    at 0xFFFFFFE900000000: ???
> ==18651==  Address 0xFFFFFFE900000000 is not stack'd, malloc'd or (recently) free'd
> 
> I have no idea why there is no call stack even with valgrind, it does
> not seem to be a newly created thread either, at least breakpoints on
> pthread_create and SDL_CreateThread did not hit anywhere near this
> crash...

Attached (obviously wrong) patch fixes the crash for me.

Greetings,
Reimar D?ffinger
-------------- next part --------------
diff --git a/libavcodec/h263.c b/libavcodec/h263.c
index 4db89e9..7ef510d 100644
--- a/libavcodec/h263.c
+++ b/libavcodec/h263.c
@@ -5361,8 +5361,8 @@ static void mpeg4_decode_sprite_trajectory(MpegEncContext * s, GetBitContext *gb
         }
         skip_bits1(gb); /* marker bit */
 //printf("%d %d %d %d\n", x, y, i, s->sprite_warping_accuracy);
-        d[i][0]= x;
-        d[i][1]= y;
+//        d[i][0]= x;
+//        d[i][1]= y;
     }
 
     while((1<<alpha)<w) alpha++;

More information about the ffmpeg-devel mailing list