[FFmpeg-trac] #696(undetermined:new): crash with pictor file
FFmpeg
trac at avcodec.org
Thu Dec 1 01:12:43 CET 2011
#696: crash with pictor file
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Type: defect
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
the attached file was created with pmview and decodes fine with one amiga
graphics program
{{{
GNU gdb (GDB) 7.2
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "mingw32".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from F:\MinGW\msys\1.0\ffmpeg-HEAD-
d3bc75c/ffmpeg_g.exe...done.
(gdb) r -i pmview.pic jjj.bmp
Starting program: F:\MinGW\msys\1.0\ffmpeg-HEAD-d3bc75c/ffmpeg_g.exe -i
pmview.p
ic jjj.bmp
[New Thread 700.0x8cc]
ffmpeg version 0.8.5.git-d3bc75c, Copyright (c) 2000-2011 the FFmpeg
developers
built on Nov 6 2011 18:11:47 with gcc 4.5.2
configuration: --disable-ffplay --disable-ffserver --disable-asm
--disable-yas
m --disable-shared --enable-static
libavutil 51. 23. 0 / 51. 23. 0
libavcodec 53. 28. 0 / 53. 28. 0
libavformat 53. 19. 0 / 53. 19. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 47. 0 / 2. 47. 0
libswscale 2. 1. 0 / 2. 1. 0
Input #0, image2, from 'pmview.pic':
Duration: 00:00:00.04, start: 0.000000, bitrate: N/A
Stream #0:0: Video: pictor, pal8, 627x511, 25 tbr, 25 tbn, 25 tbc
[buffer @ 03ba1720] w:627 h:511 pixfmt:pal8 tb:1/1000000 sar:0/1
sws_param:
Output #0, image2, to 'jjj.bmp':
Metadata:
encoder : Lavf53.19.0
Stream #0:0: Video: bmp, pal8, 627x511, q=2-31, 200 kb/s, 90k tbn, 25
tbc
Stream mapping:
Stream #0.0 -> #0.0 (pictor -> bmp)
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
0x005cbf2f in picmemset_8bpp (avctx=0x3b9ef18, data=0x3ba1c70,
data_size=0x22deac, avpkt=0x22de08) at libavcodec/pictordec.c:51
51 memset(d + *x, value, run);
(gdb) bt
#0 0x005cbf2f in picmemset_8bpp (avctx=0x3b9ef18, data=0x3ba1c70,
data_size=0x22deac, avpkt=0x22de08) at libavcodec/pictordec.c:51
#1 decode_frame (avctx=0x3b9ef18, data=0x3ba1c70, data_size=0x22deac,
avpkt=0x22de08) at libavcodec/pictordec.c:222
#2 0x004f9bde in avcodec_decode_video2 (avctx=0x3b9ef18,
picture=0x3ba1c70,
got_picture_ptr=0x22deac, avpkt=0x22de08) at libavcodec/utils.c:819
#3 0x004078fa in output_packet (ist=0x3ba1350, ist_index=0,
ost_table=0x3b97420, nb_ostreams=1, pkt=0x22fbc8) at ffmpeg.c:1711
#4 0x0040aa53 in transcode (output_files=<value optimized out>,
nb_output_files=0, input_files=0x0, nb_input_files=4257983)
at ffmpeg.c:2692
#5 0x0022ff48 in ?? ()
#6 0x00000000 in ?? ()
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x5cbf0f to 0x5cbf4f:
0x005cbf0f <decode_frame+979>: and $0x28,%al
0x005cbf11 <decode_frame+981>: inc %edx
0x005cbf12 <decode_frame+982>: mov %edx,0x3c(%esp)
0x005cbf16 <decode_frame+986>: mov %edx,%esi
0x005cbf18 <decode_frame+988>: jmp 0x5cbd93 <decode_frame+599>
0x005cbf1d <decode_frame+993>: mov 0x34(%esp),%esi
0x005cbf21 <decode_frame+997>: xor %eax,%eax
0x005cbf23 <decode_frame+999>: add %eax,%edx
0x005cbf25 <decode_frame+1001>: mov %edx,%edi
0x005cbf27 <decode_frame+1003>: mov 0x34(%esp),%ecx
0x005cbf2b <decode_frame+1007>: mov 0x28(%esp),%al
=> 0x005cbf2f <decode_frame+1011>: rep stos %al,%es:(%edi)
0x005cbf31 <decode_frame+1013>: mov %esi,%eax
0x005cbf33 <decode_frame+1015>: test %ebp,%ebp
0x005cbf35 <decode_frame+1017>: jns 0x5cbd54 <decode_frame+536>
0x005cbf3b <decode_frame+1023>: jmp 0x5cbd1d <decode_frame+481>
0x005cbf40 <decode_frame+1028>: xor %eax,%eax
0x005cbf42 <decode_frame+1030>: jmp 0x5cbd54 <decode_frame+536>
0x005cbf47 <decode_frame+1035>: mov 0x88(%esp),%eax
0x005cbf4e <decode_frame+1042>: movl $0x118,(%eax)
End of assembler dump.
(gdb) info all-registers
eax 0xa0 160
ecx 0xa0 160
edx 0x40efd70 68091248
ebx 0x3ba1af0 62528240
esp 0x22da70 0x22da70
ebp 0xfffffe43 0xfffffe43
esi 0xa0 160
edi 0x40efd70 68091248
eip 0x5cbf2f 0x5cbf2f <decode_frame+1011>
eflags 0x10202 [ IF RF ]
cs 0x1b 27
ss 0x23 35
ds 0x23 35
es 0x23 35
fs 0x3b 59
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 -2147483648 (raw 0xc01e8000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 10 (raw 0x4002a000000000000000)
st6 1e+100 (raw 0x414b924d692ca61be800)
st7 0 (raw 0x00000000000000000000)
fctrl 0xffff037f -64641
fstat 0xffff0020 -65504
ftag 0xffffffff -1
fiseg 0x0 0
fioff 0x0 0
foseg 0xffff0000 -65536
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0,
0x0},
uint128 = 0x00000000000000000000000000000000}
mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm3 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm4 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm5 {uint64 = 0xa000000000000000, v2_int32 = {0x0, 0xa0000000},
v4_int16 = {0x0, 0x0, 0x0, 0xa000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xa0}}
mm6 {uint64 = 0x924d692ca61be800, v2_int32 = {0xa61be800,
0x924d692c}, v4_int16 = {0xe800, 0xa61b, 0x692c, 0x924d}, v8_int8 =
{0x0,
0xe8, 0x1b, 0xa6, 0x2c, 0x69, 0x4d, 0x92}}
mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/696>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list