[FFmpeg-trac] #238(undetermined:new): ffplay crashes on mjpeg file

FFmpeg trac at avcodec.org
Wed May 25 17:48:50 CEST 2011


#238: ffplay crashes on mjpeg file
-------------------------+--------------------------
  Reporter:  cehoyos     |      Owner:
      Type:  defect      |     Status:  new
  Priority:  normal      |  Component:  undetermined
   Version:  git-master  |   Keywords:
Blocked By:              |   Blocking:
Reproduced:  1           |   Analyzed:  0
-------------------------+--------------------------
 Attached file can be converted with ffmpeg, but crashes ffplay.
 {{{
 (gdb) r -i test.mjpeg
 ffplay version git-N-30219-g07586b6, Copyright (c) 2003-2011 the FFmpeg
 developers
   built on May 25 2011 17:18:11 with gcc 4.5.3
   configuration: --cc='/usr/local/gcc-4.5.3/bin/gcc -m32' --enable-gpl
   libavutil    51.  2. 2 / 51.  2. 2
   libavcodec   53.  6. 0 / 53.  6. 0
   libavformat  53.  2. 0 / 53.  2. 0
   libavdevice  53.  0. 0 / 53.  0. 0
   libavfilter   2. 11. 0 /  2. 11. 0
   libswscale    0. 14. 0 /  0. 14. 0
   libpostproc  51.  2. 0 / 51.  2. 0
 [mjpeg @ 0x8d22080] Estimating duration from bitrate, this may be
 inaccurate
 Input #0, mjpeg, from 'test.mjpeg':
   Duration: N/A, bitrate: N/A
     Stream #0.0: Video: mjpeg, gray, 640x360 [PAR 1:1 DAR 16:9], 25 fps,
 25 tbr, 1200k tbn, 25 tbc
 [New Thread 0xf6812b70 (LWP 21670)]
 [New Thread 0xf5e11b70 (LWP 21671)]
 [ffsink @ 0xf5f00960] auto-inserting filter 'auto-inserted scaler 0'
 between the filter 'src' and the filter 'out'
 [scale @ 0xf5f00d60] w:640 h:360 fmt:gray -> w:640 h:360 fmt:yuv420p
 flags:0x4
 1306337048.96 A-V:  0.000 s:0.0 aq=    0KB vq=  200KB sq=    0B f=0/0
 Program received signal SIGSEGV, Segmentation fault.
 [Switching to Thread 0xf6812b70 (LWP 21670)]
 0x08496d5b in ff_put_pixels_clamped_mmx (block=0x8d347c0, pixels=0x0,
 line_size=0) at libavcodec/x86/dsputil_mmx.c:244
 244             __asm__ volatile(
 (gdb) bt
 #0  0x08496d5b in ff_put_pixels_clamped_mmx (block=0x8d347c0, pixels=0x0,
 line_size=0) at libavcodec/x86/dsputil_mmx.c:244
 #1  0x08302e22 in mjpeg_decode_scan (Al=0, Ah=0, nb_components=3,
 s=0x8d34280, mb_bitmask=<value optimized out>, reference=<value optimized
 out>) at libavcodec/mjpegdec.c:863
 #2  ff_mjpeg_decode_sos (Al=0, Ah=0, nb_components=3, s=0x8d34280,
 mb_bitmask=<value optimized out>, reference=<value optimized out>) at
 libavcodec/mjpegdec.c:1046
 #3  ff_mjpeg_decode_frame (Al=0, Ah=0, nb_components=3, s=0x8d34280,
 mb_bitmask=<value optimized out>, reference=<value optimized out>) at
 libavcodec/mjpegdec.c:1530
 #4  0x0841ff61 in avcodec_decode_video2 (avctx=0x8d23520,
 picture=0xf5f00800, got_picture_ptr=0xf68120bc, avpkt=0xf6812078) at
 libavcodec/utils.c:743
 #5  0x0804e3c0 in get_video_frame (pkt=0xf6812068, pts=<value optimized
 out>, frame=0xf5f00800, is=0xf7014020) at ffplay.c:1517
 #6  input_request_frame (pkt=0xf6812068, pts=<value optimized out>,
 frame=0xf5f00800, is=0xf7014020) at ffplay.c:1673
 #7  0x0805b56f in avfilter_request_frame (link=0xf5f010e0) at
 libavfilter/avfilter.c:405
 #8  0x0805550e in get_filtered_video_frame (ctx=0xf5f00960,
 frame=0xf5f00480, picref_ptr=0xf6812318, tb=0xf6812300) at cmdutils.c:931
 #9  0x0804f722 in video_thread (arg=0xf7014020) at ffplay.c:1815
 #10 0xf7e03391 in ?? () from /usr/lib/libSDL-1.2.so.0
 #11 0xf7e4f6eb in ?? () from /usr/lib/libSDL-1.2.so.0
 #12 0xf7ddf6e5 in start_thread () from /lib/libpthread.so.0
 #13 0xf7ddf600 in ?? () from /lib/libpthread.so.0
 (gdb) disass $pc-32 $pc+32
 Dump of assembler code from 0x8496d3b to 0x8496d7b:
 0x08496d3b <ff_put_pixels_clamped_mmx+27>:      movq   0x18(%ecx),%mm3
 0x08496d3f <ff_put_pixels_clamped_mmx+31>:      movq   0x20(%ecx),%mm4
 0x08496d43 <ff_put_pixels_clamped_mmx+35>:      movq   0x28(%ecx),%mm5
 0x08496d47 <ff_put_pixels_clamped_mmx+39>:      movq   0x30(%ecx),%mm6
 0x08496d4b <ff_put_pixels_clamped_mmx+43>:      movq   0x38(%ecx),%mm7
 0x08496d4f <ff_put_pixels_clamped_mmx+47>:      packuswb %mm1,%mm0
 0x08496d52 <ff_put_pixels_clamped_mmx+50>:      packuswb %mm3,%mm2
 0x08496d55 <ff_put_pixels_clamped_mmx+53>:      packuswb %mm5,%mm4
 0x08496d58 <ff_put_pixels_clamped_mmx+56>:      packuswb %mm7,%mm6
 0x08496d5b <ff_put_pixels_clamped_mmx+59>:      movq   %mm0,(%ebx)
 0x08496d5e <ff_put_pixels_clamped_mmx+62>:      movq   %mm2,(%ebx,%eax,1)
 0x08496d62 <ff_put_pixels_clamped_mmx+66>:      movq   %mm4,(%ebx,%eax,2)
 0x08496d66 <ff_put_pixels_clamped_mmx+70>:      movq   %mm6,(%ebx,%edx,1)
 0x08496d6a <ff_put_pixels_clamped_mmx+74>:      lea    (%ebx,%eax,4),%ebx
 0x08496d6d <ff_put_pixels_clamped_mmx+77>:      add    $0x40,%ecx
 0x08496d70 <ff_put_pixels_clamped_mmx+80>:      movq   (%ecx),%mm0
 0x08496d73 <ff_put_pixels_clamped_mmx+83>:      movq   0x8(%ecx),%mm1
 0x08496d77 <ff_put_pixels_clamped_mmx+87>:      movq   0x10(%ecx),%mm2
 End of assembler dump.
 (gdb) info all-registers
 eax            0x0      0
 ecx            0x8d347c0        148064192
 edx            0x0      0
 ebx            0x0      0
 esp            0xf6811ea8       0xf6811ea8
 ebp            0x2      0x2
 esi            0x2      2
 edi            0x0      0
 eip            0x8496d5b        0x8496d5b <ff_put_pixels_clamped_mmx+59>
 eflags         0x210286 [ PF SF IF RF ID ]
 cs             0x23     35
 ss             0x2b     43
 ds             0x2b     43
 es             0x2b     43
 fs             0x0      0
 gs             0x63     99
 st0            -nan(0x8080808080808080) (raw 0xffff8080808080808080)
 st1            -nan(0x80008000800080)   (raw 0xffff0080008000800080)
 st2            -nan(0x8080808080808080) (raw 0xffff8080808080808080)
 st3            -nan(0x80008000800080)   (raw 0xffff0080008000800080)
 st4            -nan(0x8080808080808080) (raw 0xffff8080808080808080)
 st5            -nan(0x80008000800080)   (raw 0xffff0080008000800080)
 st6            -nan(0x8080808080808080) (raw 0xffff8080808080808080)
 st7            -nan(0x80008000800080)   (raw 0xffff0080008000800080)
 fctrl          0x37f    895
 fstat          0x20     32
 ftag           0xaaaa   43690
 fiseg          0x0      0
 fioff          0x804fbed        134544365
 foseg          0x0      0
 fooff          0xf70e0cac       -150074196
 fop            0x59c    1436
 xmm0           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm1           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm2           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm3           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm4           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm5           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm6           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 xmm7           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
   uint128 = 0x00000000000000000000000000000000}
 mxcsr          0x1f80   [ IM DM ZM OM UM PM ]
 mm0            {uint64 = 0x8080808080808080, v2_int32 = {0x80808080,
 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80,
 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}}
 mm1            {uint64 = 0x80008000800080, v2_int32 = {0x800080,
 0x800080}, v4_int16 = {0x80, 0x80, 0x80, 0x80}, v8_int8 = {0x80, 0x0,
 0x80, 0x0, 0x80, 0x0, 0x80, 0x0}}
 mm2            {uint64 = 0x8080808080808080, v2_int32 = {0x80808080,
 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80,
 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}}
 mm3            {uint64 = 0x80008000800080, v2_int32 = {0x800080,
 0x800080}, v4_int16 = {0x80, 0x80, 0x80, 0x80}, v8_int8 = {0x80, 0x0,
 0x80, 0x0, 0x80, 0x0, 0x80, 0x0}}
 mm4            {uint64 = 0x8080808080808080, v2_int32 = {0x80808080,
 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80,
 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}}
 mm5            {uint64 = 0x80008000800080, v2_int32 = {0x800080,
 0x800080}, v4_int16 = {0x80, 0x80, 0x80, 0x80}, v8_int8 = {0x80, 0x0,
 0x80, 0x0, 0x80, 0x0, 0x80, 0x0}}
 mm6            {uint64 = 0x8080808080808080, v2_int32 = {0x80808080,
 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80,
 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}}
 mm7            {uint64 = 0x80008000800080, v2_int32 = {0x800080,
 0x800080}, v4_int16 = {0x80, 0x80, 0x80, 0x80}, v8_int8 = {0x80, 0x0,
 0x80, 0x0, 0x80, 0x0, 0x80, 0x0}}
 }}}

-- 
Ticket URL: <https://avcodec.org/trac/ffmpeg/ticket/238>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list