[FFmpeg-trac] #1827(avcodec:open): Segfault with multi-channel DCA/DTS file when downsampling.
FFmpeg
trac at avcodec.org
Wed Oct 17 21:56:42 CEST 2012
#1827: Segfault with multi-channel DCA/DTS file when downsampling.
-------------------------------------+-------------------------------------
Reporter: Cigaes | Owner:
Type: defect | Status: open
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: dca | Blocked By:
regression crash SIGSEGV | Reproduced by developer: 1
Blocking: |
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* status: new => open
* reproduced: 0 => 1
Comment:
Regression since e88ca80 / 64c312a
{{{
(gdb) r -request_channels 2 -i lotr_5.1_768.dts
Starting program: ffmpeg_g -request_channels 2 -i lotr_5.1_768.dts
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-45640-ga4fe661 Copyright (c) 2000-2012 the FFmpeg
developers
built on Oct 17 2012 21:52:17 with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl
libavutil 51. 76.100 / 51. 76.100
libavcodec 54. 66.100 / 54. 66.100
libavformat 54. 33.100 / 54. 33.100
libavdevice 54. 3.100 / 54. 3.100
libavfilter 3. 19.103 / 3. 19.103
libswscale 2. 1.101 / 2. 1.101
libswresample 0. 16.100 / 0. 16.100
libpostproc 52. 1.100 / 52. 1.100
Program received signal SIGSEGV, Segmentation fault.
synth_filter_float (imdct=<optimized out>, synth_buf_ptr=<optimized out>,
synth_buf_offset=0x7ffff7f88cd4, synth_buf2=0x7ffff7f88bc0,
window=0xc33060 <fir_32bands_nonperfect>, out=0x0, in=0x7ffff7f88ce0,
scale=<optimized out>) at libavcodec/synth_filter.c:51
51 out[i ] = a*scale;
(gdb) bt
#0 synth_filter_float (imdct=<optimized out>, synth_buf_ptr=<optimized
out>,
synth_buf_offset=0x7ffff7f88cd4, synth_buf2=0x7ffff7f88bc0,
window=0xc33060 <fir_32bands_nonperfect>, out=0x0, in=0x7ffff7f88ce0,
scale=<optimized out>) at libavcodec/synth_filter.c:51
#1 0x00000000005e61b3 in qmf_32_subbands (samples_out=0x0,
samples_in=<optimized out>,
chans=5, s=0x7ffff7f7f040, scale=<optimized out>) at
libavcodec/dcadec.c:1132
#2 dca_filter_channels (block_index=0, s=0x7ffff7f7f040) at
libavcodec/dcadec.c:1445
#3 dca_decode_frame (avctx=<optimized out>, data=0x15ad360,
got_frame_ptr=0x7fffffffbfbc,
avpkt=<optimized out>) at libavcodec/dcadec.c:2377
#4 0x0000000000991de1 in avcodec_decode_audio4 (avctx=0x15ac740,
frame=0x15ad360,
got_frame_ptr=got_frame_ptr at entry=0x7fffffffbfbc,
avpkt=avpkt at entry=0x7fffffffbff0)
at libavcodec/utils.c:1695
#5 0x000000000058b394 in try_decode_frame (st=st at entry=0x15a69a0,
avpkt=<optimized out>,
options=0x15acbe0) at libavformat/utils.c:2368
#6 0x0000000000591de6 in avformat_find_stream_info (ic=0x15a6380,
options=0x15acbe0)
at libavformat/utils.c:2744
#7 0x00000000004565f9 in opt_input_file (optctx=<optimized out>,
opt=<optimized out>,
filename=<optimized out>) at ffmpeg_opt.c:790
#8 0x0000000000463b90 in parse_option
(optctx=optctx at entry=0x7fffffffca80,
opt=0x7fffffffe2ba "i", arg=0x7fffffffe2bc "lotr_5.1_768.dts",
options=options at entry=0xbbcde0 <options>) at cmdutils.c:320
#9 0x0000000000463f68 in parse_options
(optctx=optctx at entry=0x7fffffffca80,
argc=argc at entry=5, argv=argv at entry=0x7fffffffde18, options=0xbbcde0
<options>,
parse_arg_function=0x457300 <opt_output_file>) at cmdutils.c:353
#10 0x0000000000450230 in main (argc=5, argv=0x7fffffffde18) at
ffmpeg.c:3138
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x972824 to 0x972864:
0x0000000000972824 <synth_filter_float+468>: mulss %xmm0,%xmm2
0x0000000000972828 <synth_filter_float+472>: sub $0x4,%r9
0x000000000097282c <synth_filter_float+476>: add $0x4,%r11
0x0000000000972830 <synth_filter_float+480>: mulss %xmm0,%xmm1
0x0000000000972834 <synth_filter_float+484>: add $0x2,%rsi
0x0000000000972838 <synth_filter_float+488>: add $0x2,%rdi
0x000000000097283c <synth_filter_float+492>: sub $0x1,%rcx
0x0000000000972840 <synth_filter_float+496>: sub $0x1,%r10
=> 0x0000000000972844 <synth_filter_float+500>: movss
%xmm2,0x0(%rbp,%r8,4)
0x000000000097284b <synth_filter_float+507>: movss
%xmm1,0x40(%rbp,%r8,4)
0x0000000000972852 <synth_filter_float+514>: movss %xmm4,(%rbx,%r8,4)
0x0000000000972858 <synth_filter_float+520>: movss
%xmm3,0x40(%rbx,%r8,4)
0x000000000097285f <synth_filter_float+527>: add $0x1,%r8
0x0000000000972863 <synth_filter_float+531>: cmp $0x10,%r8
End of assembler dump.
(gdb) info all-registers
rax 0xc338a0 12794016
rbx 0x7ffff7f88bc0 140737353649088
rcx 0x1e 30
rdx 0x7ffff7f8817c 140737353646460
rsi 0xfffffffffffffff3 -13
rdi 0x3 3
rbp 0x0 0x0
rsp 0x7fffffffbd60 0x7fffffffbd60
r8 0x0 0
r9 0x7ffff7f87978 140737353644408
r10 0xe 14
r11 0xc330a4 12791972
r12 0x200 512
r13 0x200 512
r14 0x200 512
r15 0xc338a0 12794016
rip 0x972844 0x972844 <synth_filter_float+500>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0.085797312344439878996175952163838474 (raw
0x3ffbafb68054d520bf70)
st7 0.99631261218277801359642295575547166 (raw
0x3ffeff0e57e5ead848e3)
fctrl 0x37f 895
fstat 0x20 32
ftag 0xffff 65535
fiseg 0x7fff 32767
fioff 0xf6f1c4e7 -151927577
foseg 0x7fff 32767
fooff 0xffffbf28 -16600
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
ymm0 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x0, 0x37, 0x0 <repeats 28 times>},
v16_int16 = {0x0,
0x3700, 0x0 <repeats 14 times>}, v8_int32 = {0x37000000, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0,
0x0}, v4_int64 = {0x37000000, 0x0, 0x0, 0x0}, v2_int128 = {
0x00000000000000000000000037000000,
0x00000000000000000000000000000000}}
ymm1 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x9a, 0x22, 0x9b, 0x2f, 0x0 <repeats 28
times>}, v16_int16 = {
0x229a, 0x2f9b, 0x0 <repeats 14 times>}, v8_int32 = {0x2f9b229a, 0x0,
0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int64 = {0x2f9b229a, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000000000002f9b229a,
0x00000000000000000000000000000000}}
ymm2 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x5b, 0xe8, 0xc0, 0x2f, 0x0 <repeats 28
times>}, v16_int16 = {
0xe85b, 0x2fc0, 0x0 <repeats 14 times>}, v8_int32 = {0x2fc0e85b, 0x0,
0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int64 = {0x2fc0e85b, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000000000002fc0e85b,
0x00000000000000000000000000000000}}
ymm3 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x15, 0xb6, 0xd4, 0xbd, 0x0 <repeats 28
times>}, v16_int16 = {
0xb615, 0xbdd4, 0x0 <repeats 14 times>}, v8_int32 = {0xbdd4b615, 0x0,
0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int64 = {0xbdd4b615, 0x0, 0x0, 0x0}, v2_int128 = {
0x000000000000000000000000bdd4b615,
0x00000000000000000000000000000000}}
ymm4 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0xe9, 0xfd, 0xd5, 0xba, 0x0 <repeats 28
times>}, v16_int16 = {
0xfde9, 0xbad5, 0x0 <repeats 14 times>}, v8_int32 = {0xbad5fde9, 0x0,
0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int64 = {0xbad5fde9, 0x0, 0x0, 0x0}, v2_int128 = {
0x000000000000000000000000bad5fde9,
0x00000000000000000000000000000000}}
ymm5 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0,
0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm6 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0,
0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm7 {v8_float = {0x113, 0x18c, 0x1f3, 0x1a1, 0x0, 0x0, 0x0,
0x0}, v4_double = {
0x2c805e8713252200, 0x4260390fe777ec00, 0x0, 0x0}, v32_int8 = {0x91,
0x92, 0x89, 0x43,
0x2f, 0x40, 0xc6, 0x43, 0xfb, 0xdd, 0xf9, 0x43, 0xe, 0x98, 0xd0, 0x43,
0x0 <repeats 16 times>}, v16_int16 = {0x9291, 0x4389, 0x402f, 0x43c6,
0xddfb, 0x43f9,
0x980e, 0x43d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 =
{0x43899291,
0x43c6402f, 0x43f9ddfb, 0x43d0980e, 0x0, 0x0, 0x0, 0x0}, v4_int64 =
{0x43c6402f43899291,
0x43d0980e43f9ddfb, 0x0, 0x0}, v2_int128 =
{0x43d0980e43f9ddfb43c6402f43899291,
0x00000000000000000000000000000000}}
ymm8 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x22, 0x23, 0x72, 0x84, 0x22, 0x22, 0x22, 0x22,
0x22, 0x22, 0x22,
0x22, 0x0 <repeats 20 times>}, v16_int16 = {0x2322, 0x8472, 0x2222,
0x2222, 0x2222,
0x2222, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 =
{0x84722322,
0x22222222, 0x22222222, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 =
{0x2222222284722322,
0x22222222, 0x0, 0x0}, v2_int128 =
{0x00000000222222222222222284722322,
0x00000000000000000000000000000000}}
ymm9 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x22, 0x22, 0x22, 0x22, 0x22, 0x23, 0x72, 0x84,
0x22, 0x22, 0x22,
0x22, 0x22, 0x22, 0x22, 0x22, 0x0 <repeats 16 times>}, v16_int16 =
{0x2222, 0x2222,
0x2322, 0x8472, 0x2222, 0x2222, 0x2222, 0x2222, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int32 = {0x22222222, 0x84722322, 0x22222222, 0x22222222, 0x0, 0x0,
0x0, 0x0},
v4_int64 = {0x8472232222222222, 0x2222222222222222, 0x0, 0x0}, v2_int128
= {
0x22222222222222228472232222222222,
0x00000000000000000000000000000000}}
ymm10 {v8_float = {0xffffcfa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0}, v4_double = {
0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x16, 0x70, 0x41, 0xc6, 0x58, 0xac,
0x98, 0xb5,
0x0 <repeats 24 times>}, v16_int16 = {0x7016, 0xc641, 0xac58, 0xb598,
0x0 <repeats 12 times>}, v8_int32 = {0xc6417016, 0xb598ac58, 0x0, 0x0,
0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb598ac58c6417016, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000b598ac58c6417016,
0x00000000000000000000000000000000}}
ymm11 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x0, 0xb8, 0x76, 0x19, 0x1f, 0xb9,
0x0 <repeats 24 times>}, v16_int16 = {0x0, 0xb800, 0x1976, 0xb91f,
0x0 <repeats 12 times>}, v8_int32 = {0xb8000000, 0xb91f1976, 0x0, 0x0,
0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb91f1976b8000000, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000b91f1976b8000000,
0x00000000000000000000000000000000}}
ymm12 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0,
0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm13 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0,
0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm14 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0xa0, 0x83, 0x47, 0x3, 0x1d, 0x3c, 0x8a, 0xb5,
0x0 <repeats 24 times>}, v16_int16 = {0x83a0, 0x347, 0x3c1d, 0xb58a,
0x0 <repeats 12 times>}, v8_int32 = {0x34783a0, 0xb58a3c1d, 0x0, 0x0,
0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb58a3c1d034783a0, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000b58a3c1d034783a0,
0x00000000000000000000000000000000}}
ymm15 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0,
0x0, 0x0}, v32_int8 = {0xa0, 0x83, 0x47, 0x3, 0x1d, 0x3c, 0xaa, 0xb5,
0x0 <repeats 24 times>}, v16_int16 = {0x83a0, 0x347, 0x3c1d, 0xb5aa,
0x0 <repeats 12 times>}, v8_int32 = {0x34783a0, 0xb5aa3c1d, 0x0, 0x0,
0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb5aa3c1d034783a0, 0x0, 0x0, 0x0}, v2_int128 = {
0x0000000000000000b5aa3c1d034783a0,
0x00000000000000000000000000000000}}
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/1827#comment:2>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list