[FFmpeg-trac] #7733(undetermined:new): Segmentation faults and double-free using spdif muxer
FFmpeg
trac at avcodec.org
Tue Feb 12 19:15:19 EET 2019
#7733: Segmentation faults and double-free using spdif muxer
-------------------------------------+-------------------------------------
Reporter: barsnick | Type: defect
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Summary of the bug:
Segmentation faults or double-free or similar encountered while muxing to
spdif (not reproducible with other muxers).
'''This happens only on this x86 machine.''' I can't reproduce on x86_64,
and don't have the compile environment in place for building x86 (32 bit)
there.
Originally, I was trying to reproduce trac #7731, using
{{{
$ ./ffmpeg_g -i truehd_11mbit_bug.mkv -c copy -f spdif /dev/null -y
}}}
which consistently crashed, but no longer does with this given build:
How to reproduce:
{{{
barsnick at sunshine:/usr/new/tools/video/ffmpeg/ffmpeg-build-2019-02-06-2 >
gdb -ex r --args ./ffmpeg_g -f lavfi -i anoisesrc -strict experimental
-c:a truehd -t 1 -f spdif /dev/null -y
GNU gdb (GDB) Fedora (7.3.1-48.fc10.1sunshine)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "pentium4-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g...done.
Starting program: /usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g -f lavfi -i anoisesrc -strict experimental
-c:a truehd -t 1 -f spdif /dev/null -y
[Thread debugging using libthread_db enabled]
ffmpeg version N-93084-g835ab35 Copyright (c) 2000-2019 the FFmpeg
developers
built with gcc 4.3.2 (GCC) 20081105 (Red Hat 4.3.2-7)
configuration: --disable-doc --disable-everything --disable-network
--disable-vdpau --enable-protocol='file,pipe' --enable-indev=lavfi
--enable-muxer='null,spdif' --enable-demuxer=matroska --enable-
encoder='wrapped_avframe,truehd' --enable-decoder='rawvideo,pcm_f64le'
--enable-filter='anoisesrc,anullsrc,nullsrc,testsrc,null,aresample'
libavutil 56. 26.100 / 56. 26.100
libavcodec 58. 46.100 / 58. 46.100
libavformat 58. 26.100 / 58. 26.100
libavdevice 58. 6.101 / 58. 6.101
libavfilter 7. 48.100 / 7. 48.100
libswscale 5. 4.100 / 5. 4.100
libswresample 3. 4.100 / 3. 4.100
[New Thread 0xb7fd3b90 (LWP 2616)]
[New Thread 0xb75d2b90 (LWP 2617)]
Input #0, lavfi, from 'anoisesrc':
Duration: N/A, start: 0.000000, bitrate: 3072 kb/s
Stream #0:0: Audio: pcm_f64le, 48000 Hz, mono, dbl, 3072 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (pcm_f64le (native) -> truehd (native))
Press [q] to stop, [?] for help
[New Thread 0xb6b90b90 (LWP 2618)]
[New Thread 0xb618fb90 (LWP 2619)]
Output #0, spdif, to '/dev/null':
Metadata:
encoder : Lavf58.26.100
Stream #0:0: Audio: truehd, 48000 Hz, stereo, s16, 128 kb/s
Metadata:
encoder : Lavc58.46.100 truehd
Program received signal SIGSEGV, Segmentation fault.
0x0070dc31 in malloc_consolidate () from /lib/libc.so.6
Missing separate debuginfos, use: debuginfo-install
bzip2-libs-1.0.6-1.fc10.1sunshine.pentium4 glibc-2.9-3.2sunshine.i686
zlib-1.2.3-22.fc10.1sunshine.pentium4
(gdb) bt
#0 0x0070dc31 in malloc_consolidate () from /lib/libc.so.6
#1 0x0070f92d in _int_malloc () from /lib/libc.so.6
#2 0x00710a41 in _int_memalign () from /lib/libc.so.6
#3 0x00711985 in memalign () from /lib/libc.so.6
#4 0x00711b6f in posix_memalign () from /lib/libc.so.6
#5 0x0818e660 in av_malloc (size=136689232) at src/libavutil/mem.c:87
#6 0x0817ddc9 in av_buffer_alloc (size=4224) at src/libavutil/buffer.c:72
#7 0x0817e211 in pool_alloc_buffer (pool=<optimized out>) at
src/libavutil/buffer.c:312
#8 av_buffer_pool_get (pool=0x823e440) at src/libavutil/buffer.c:349
#9 0x0807f4d3 in ff_frame_pool_get (pool=0x823e3c0) at
src/libavfilter/framepool.c:261
#10 0x0807385b in ff_default_get_audio_buffer (link=0x8229180,
nb_samples=1056) at src/libavfilter/audio.c:73
#11 0x08088a89 in filter_frame (inlink=0x8228900, insamplesref=0x826b6c0)
at src/libavfilter/af_aresample.c:196
#12 0x08077635 in ff_filter_frame_framed (frame=0x826b6c0, link=<optimized
out>) at src/libavfilter/avfilter.c:1071
#13 ff_filter_frame_to_filter (link=<optimized out>) at
src/libavfilter/avfilter.c:1219
#14 ff_filter_activate_default (filter=<optimized out>) at
src/libavfilter/avfilter.c:1268
#15 ff_filter_activate (filter=0x8229040) at
src/libavfilter/avfilter.c:1429
#16 0x0807c2c2 in push_frame (graph=<optimized out>) at
src/libavfilter/buffersrc.c:187
#17 av_buffersrc_add_frame_internal (ctx=0x8227b80, frame=<optimized out>,
flags=4) at src/libavfilter/buffersrc.c:261
#18 0x0807c6ca in av_buffersrc_add_frame_flags (ctx=0x8227b80,
frame=0x8225140, flags=4) at src/libavfilter/buffersrc.c:170
#19 0x08069b63 in ifilter_send_frame (frame=<optimized out>,
ifilter=<optimized out>) at src/fftools/ffmpeg.c:2195
#20 send_frame_to_filters (ist=0x8201700, decoded_frame=0x8225140) at
src/fftools/ffmpeg.c:2269
#21 0x0806a253 in decode_audio (decode_failed=<optimized out>,
got_output=<optimized out>, pkt=<optimized out>, ist=<optimized out>) at
src/fftools/ffmpeg.c:2336
#22 process_input_packet (ist=0x8201700, pkt=0xbfffe9cc, no_eof=0) at
src/fftools/ffmpeg.c:2618
#23 0x0806db15 in process_input (file_index=<optimized out>) at
src/fftools/ffmpeg.c:4515
#24 transcode_step () at src/fftools/ffmpeg.c:4635
#25 0x0807038e in transcode () at src/fftools/ffmpeg.c:4689
#26 0x08071072 in main (argc=15, argv=0x39) at src/fftools/ffmpeg.c:4891
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x70dc11 to 0x70dc51:
0x0070dc11 <malloc_consolidate+401>: push %ebp
0x0070dc12 <malloc_consolidate+402>: int3
0x0070dc13 <malloc_consolidate+403>: mov %eax,0x14(%edx)
0x0070dc16 <malloc_consolidate+406>: mov 0x14(%esi),%eax
0x0070dc19 <malloc_consolidate+409>: mov %edx,0x10(%eax)
0x0070dc1c <malloc_consolidate+412>: jmp 0x70db00
<malloc_consolidate+128>
0x0070dc21 <malloc_consolidate+417>: lea 0x0(%esi,%eiz,1),%esi
0x0070dc28 <malloc_consolidate+424>: mov 0x8(%edi),%edx
0x0070dc2b <malloc_consolidate+427>: add %eax,-0x20(%ebp)
0x0070dc2e <malloc_consolidate+430>: mov 0xc(%edi),%eax
=> 0x0070dc31 <malloc_consolidate+433>: cmp %edi,0xc(%edx)
0x0070dc34 <malloc_consolidate+436>: jne 0x70dd00
<malloc_consolidate+640>
0x0070dc3a <malloc_consolidate+442>: cmp 0x8(%eax),%edi
0x0070dc3d <malloc_consolidate+445>: jne 0x70dd00
<malloc_consolidate+640>
0x0070dc43 <malloc_consolidate+451>: cmpl $0x1ff,0x4(%edi)
0x0070dc4a <malloc_consolidate+458>: mov %eax,0xc(%edx)
0x0070dc4d <malloc_consolidate+461>: mov %edx,0x8(%eax)
0x0070dc50 <malloc_consolidate+464>: jbe 0x70db21
<malloc_consolidate+161>
End of assembler dump.
(gdb) info all-registers
eax 0x1010184 16843140
ecx 0x825b650 136689232
edx 0x3009e07 50372103
ebx 0x80dff4 8445940
esp 0xbfffdba4 0xbfffdba4
ebp 0xbfffdc0c 0xbfffdc0c
esi 0x825b650 136689232
edi 0x825b6b8 136689336
eip 0x70dc31 0x70dc31 <malloc_consolidate+433>
eflags 0x10216 [ PF AF IF RF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 -nan(0xc000000000000000) (raw 0xffffc000000000000000)
st4 512 (raw 0x40088000000000000000)
st5 1000000 (raw 0x4012f424000000000000)
st6 0 (raw 0x00000000000000000000)
st7 1056 (raw 0x40098400000000000000)
fctrl 0x37f 895
fstat 0x121 289
ftag 0xffff 65535
fiseg 0x73 115
fioff 0x8088a24 134777380
foseg 0x7b 123
fooff 0xbfffde7c -1073750404
fop 0x1db 475
xmm0 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm1 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm2 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm6 {v4_float = {0x0, 0x1, 0x0, 0x1}, v2_double = {0x1, 0x1},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xf0,
0x3f}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x3ff0},
v4_int32 = {0x0, 0x3ff00000, 0x0, 0x3ff00000}, v2_int64 =
{0x3ff0000000000000,
0x3ff0000000000000}, uint128 = 0x3ff00000000000003ff0000000000000}
xmm7 {v4_float = {0x0, 0xfffffffd, 0x0, 0xfffffffd}, v2_double =
{0xfffffffffffffec0, 0xfffffffffffffebf}, v16_int8 = {0xc6, 0x6d, 0x12,
0x2e, 0xf3, 0xf,
0x74, 0xc0, 0xc6, 0x6d, 0x12, 0x2e, 0xf3, 0x1f, 0x74, 0xc0}, v8_int16
= {0x6dc6, 0x2e12, 0xff3, 0xc074, 0x6dc6, 0x2e12, 0x1ff3, 0xc074},
v4_int32 = {0x2e126dc6,
0xc0740ff3, 0x2e126dc6, 0xc0741ff3}, v2_int64 = {0xc0740ff32e126dc6,
0xc0741ff32e126dc6}, uint128 = 0xc0741ff32e126dc6c0740ff32e126dc6}
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm3 {uint64 = 0xc000000000000000, v2_int32 = {0x0, 0xc0000000},
v4_int16 = {0x0, 0x0, 0x0, 0xc000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xc0}}
mm4 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm5 {uint64 = 0xf424000000000000, v2_int32 = {0x0, 0xf4240000},
v4_int16 = {0x0, 0x0, 0x0, 0xf424}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x24, 0xf4}}
mm6 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm7 {uint64 = 0x8400000000000000, v2_int32 = {0x0, 0x84000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8400}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x84}}
(gdb)
}}}
If I remove "-t 1" and press 'q' while running, I get this instead:
{{{
barsnick at sunshine:/usr/new/tools/video/ffmpeg/ffmpeg-build-2019-02-06-2 >
gdb -ex r --args ./ffmpeg_g -f lavfi -i anoisesrc -strict experimental
-c:a truehd -f spdif /dev
/null -y
GNU gdb (GDB) Fedora (7.3.1-48.fc10.1sunshine)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "pentium4-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g...done.
Starting program: /usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g -f lavfi -i anoisesrc -strict experimental
-c:a truehd -f spdif /dev/null -y
[Thread debugging using libthread_db enabled]
ffmpeg version N-93084-g835ab35 Copyright (c) 2000-2019 the FFmpeg
developers
built with gcc 4.3.2 (GCC) 20081105 (Red Hat 4.3.2-7)
configuration: --disable-doc --disable-everything --disable-network
--disable-vdpau --enable-protocol='file,pipe' --enable-indev=lavfi
--enable-muxer='null,spdif' --en$
ble-demuxer=matroska --enable-encoder='wrapped_avframe,truehd' --enable-
decoder='rawvideo,pcm_f64le' --enable-
filter='anoisesrc,anullsrc,nullsrc,testsrc,null,aresample'
libavutil 56. 26.100 / 56. 26.100
libavcodec 58. 46.100 / 58. 46.100
libavformat 58. 26.100 / 58. 26.100
libavdevice 58. 6.101 / 58. 6.101
libavfilter 7. 48.100 / 7. 48.100
libswscale 5. 4.100 / 5. 4.100
libswresample 3. 4.100 / 3. 4.100
[New Thread 0xb7fd3b90 (LWP 2664)]
[New Thread 0xb75d2b90 (LWP 2665)]
Input #0, lavfi, from 'anoisesrc':
Duration: N/A, start: 0.000000, bitrate: 3072 kb/s
Stream #0:0: Audio: pcm_f64le, 48000 Hz, mono, dbl, 3072 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (pcm_f64le (native) -> truehd (native))
Press [q] to stop, [?] for help
[New Thread 0xb6b90b90 (LWP 2666)]
[New Thread 0xb618fb90 (LWP 2667)]
Output #0, spdif, to '/dev/null':
Metadata:
encoder : Lavf58.26.100
Stream #0:0: Audio: truehd, 48000 Hz, stereo, s16, 128 kb/s
Metadata:
encoder : Lavc58.46.100 truehd
*** glibc detected *** /usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g: double free or corruption (!prev): 0x0825c380
***
======= Backtrace: =========
/lib/libc.so.6[0x70d3a4]
/lib/libc.so.6(cfree+0x96)[0x70f356]
/usr/local/new/tools/video/ffmpeg/ffmpeg-
build-2019-02-06-2/ffmpeg_g[0x818def1]
======= Memory map: ========
00679000-00699000 r-xp 00000000 08:01 32944 /lib/ld-2.9.so
0069a000-0069b000 r--p 00020000 08:01 32944 /lib/ld-2.9.so
0069b000-0069c000 rw-p 00021000 08:01 32944 /lib/ld-2.9.so
0069e000-0080c000 r-xp 00000000 08:01 33044 /lib/libc-2.9.so
0080c000-0080e000 r--p 0016e000 08:01 33044 /lib/libc-2.9.so
0080e000-0080f000 rw-p 00170000 08:01 33044 /lib/libc-2.9.so
0080f000-00812000 rw-p 0080f000 00:00 0
00814000-0083b000 r-xp 00000000 08:01 33067 /lib/libm-2.9.so
0083b000-0083c000 r--p 00026000 08:01 33067 /lib/libm-2.9.so
0083c000-0083d000 rw-p 00027000 08:01 33067 /lib/libm-2.9.so
00846000-0085c000 r-xp 00000000 08:01 33811 /lib/libpthread-2.9.so
0085c000-0085d000 r--p 00015000 08:01 33811 /lib/libpthread-2.9.so
0085d000-0085e000 rw-p 00016000 08:01 33811 /lib/libpthread-2.9.so
0085e000-00860000 rw-p 0085e000 00:00 0
00862000-00874000 r-xp 00000000 08:01 33816 /lib/libz.so.1.2.3
00874000-00875000 rw-p 00012000 08:01 33816 /lib/libz.so.1.2.3
00877000-0087f000 r-xp 00000000 08:01 33812 /lib/librt-2.9.so
0087f000-00880000 r--p 00007000 08:01 33812 /lib/librt-2.9.so
00880000-00881000 rw-p 00008000 08:01 33812 /lib/librt-2.9.so
00bbe000-00bbf000 r-xp 00bbe000 00:00 0 [vdso]
00cd4000-00ce1000 r-xp 00000000 08:01 33817
/lib/libgcc_s-4.3.2-20081105.so.1
00ce1000-00ce2000 rw-p 0000c000 08:01 33817
/lib/libgcc_s-4.3.2-20081105.so.1
0642d000-0643d000 r-xp 00000000 08:01 33848 /lib/libbz2.so.1.0.6
0643d000-0643e000 rw-p 00010000 08:01 33848 /lib/libbz2.so.1.0.6
08048000-081e8000 r-xp 00000000 08:07 917514
/usr/local/new/tools/video/ffmpeg/ffmpeg-build-2019-02-06-2/ffmpeg_g
081e8000-081ea000 rw-p 001a0000 08:07 917514
/usr/local/new/tools/video/ffmpeg/ffmpeg-build-2019-02-06-2/ffmpeg_g
081ea000-0887e000 rw-p 081ea000 00:00 0 [heap]
b5600000-b5621000 rw-p b5600000 00:00 0
b5621000-b5700000 ---p b5621000 00:00 0
b5761000-b578f000 rw-p b5761000 00:00 0
b578f000-b5790000 ---p b578f000 00:00 0
b5790000-b6190000 rw-p b5790000 00:00 0
b6190000-b6191000 ---p b6190000 00:00 0
b6191000-b6bd2000 rw-p b6191000 00:00 0
b6bd2000-b6bd3000 ---p b6bd2000 00:00 0
b6bd3000-b75d3000 rw-p b6bd3000 00:00 0
b75d3000-b75d4000 ---p b75d3000 00:00 0
b75d4000-b7fd7000 rw-p b75d4000 00:00 0
bffeb000-c0000000 rw-p bffeb000 00:00 0 [stack]
Program received signal SIGABRT, Aborted.
0x00bbe416 in __kernel_vsyscall ()
Missing separate debuginfos, use: debuginfo-install
bzip2-libs-1.0.6-1.fc10.1sunshine.pentium4 glibc-2.9-3.2sunshine.i686
libgcc-4.3.2-7.i386 zlib-1.2.3-22.fc10.1sunshin$
.pentium4
(gdb) bt
#0 0x00bbe416 in __kernel_vsyscall ()
#1 0x006c9460 in raise () from /lib/libc.so.6
#2 0x006cae28 in abort () from /lib/libc.so.6
#3 0x00706fed in __libc_message () from /lib/libc.so.6
#4 0x0070d3a4 in malloc_printerr () from /lib/libc.so.6
#5 0x0070f356 in free () from /lib/libc.so.6
#6 0x0818def1 in av_free (ptr=0x82021a8) at src/libavutil/mem.c:223
#7 av_freep (arg=0x82021a8) at src/libavutil/mem.c:233
#8 0x080ac6e1 in spdif_write_trailer (s=0x8206300) at
src/libavformat/spdifenc.c:484
#9 0x080a7be2 in av_write_trailer (s=0x8206300) at
src/libavformat/mux.c:1276
#10 0x08070c9a in transcode () at src/fftools/ffmpeg.c:4723
#11 0x08071072 in main (argc=13, argv=Cannot access memory at address
0xa63
) at src/fftools/ffmpeg.c:4891
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0xbbe3f6 to 0xbbe436:
0x00bbe3f6: add %al,(%eax)
0x00bbe3f8: add %al,(%eax)
0x00bbe3fa: add %al,(%eax)
0x00bbe3fc: add %al,(%eax)
0x00bbe3fe: add %al,(%eax)
0x00bbe400 <__kernel_sigreturn+0>: pop %eax
0x00bbe401 <__kernel_sigreturn+1>: mov $0x77,%eax
0x00bbe406 <__kernel_sigreturn+6>: int $0x80
0x00bbe408 <__kernel_sigreturn+8>: nop
0x00bbe409: lea 0x0(%esi),%esi
0x00bbe40c <__kernel_rt_sigreturn+0>: mov $0xad,%eax
0x00bbe411 <__kernel_rt_sigreturn+5>: int $0x80
0x00bbe413 <__kernel_rt_sigreturn+7>: nop
0x00bbe414 <__kernel_vsyscall+0>: int $0x80
=> 0x00bbe416 <__kernel_vsyscall+2>: ret
0x00bbe417: add %ch,(%esi)
0x00bbe419: jae 0xbbe483
0x00bbe41b: jae 0xbbe491
0x00bbe41d: jb 0xbbe493
0x00bbe41f: popa
0x00bbe420: bound %eax,(%eax)
0x00bbe422: cs
0x00bbe423: push $0x687361
0x00bbe428: cs
0x00bbe429: fs
0x00bbe42a: jns 0xbbe49a
0x00bbe42c: jae 0xbbe4a7
0x00bbe42e: insl (%dx),%es:(%edi)
0x00bbe42f: add %ch,(%esi)
0x00bbe431: fs
0x00bbe432: jns 0xbbe4a2
0x00bbe434: jae 0xbbe4aa
End of assembler dump.
(gdb) info all-registers
eax 0x0 0
ecx 0xa5f 2655
edx 0x6 6
ebx 0xa5f 2655
esp 0xbfffe428 0xbfffe428
ebp 0xbfffe434 0xbfffe434
esi 0x0 0
edi 0x80dff4 8445940
eip 0xbbe416 0xbbe416 <__kernel_vsyscall+2>
eflags 0x206 [ PF IF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 -nan(0xc000000000000000) (raw 0xffffc000000000000000)
st4 512 (raw 0x40088000000000000000)
st5 512 (raw 0x40088000000000000000)
st6 512 (raw 0x40088000000000000000)
st7 512 (raw 0x40088000000000000000)
fctrl 0x37f 895
fstat 0x121 289
ftag 0xffff 65535
fiseg 0x73 115
fioff 0x80e5b11 135158545
foseg 0x7b 123
fooff 0xbfffa444 -1073765308
fop 0x1c9 457
xmm0 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm1 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm2 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0},
uint128 = 0x00000000000000003ff0000000000000}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 15 times>, 0x80}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0,
0x8000}, v4_int32 = {0x0, 0x0, 0x0, 0x80000000}, v2_int64 = {0x0,
0x8000000000000000}, uint128 = 0x80000000000000000000000000000000}
xmm6 {v4_float = {0x0, 0x1, 0x0, 0x1}, v2_double = {0x1, 0x1},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xf0,
0x3f}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x3ff0},
v4_int32 = {0x0, 0x3ff00000, 0x0, 0x3ff00000}, v2_int64 =
{0x3ff0000000000000,
0x3ff0000000000000}, uint128 = 0x3ff00000000000003ff0000000000000}
xmm7 {v4_float = {0x0, 0xfffffffd, 0x0, 0xfffffffd}, v2_double =
{0xfffffffffffffec0, 0xfffffffffffffebf}, v16_int8 = {0xc6, 0x6d, 0x12,
0x2e, 0xf3, 0xf,
0x74, 0xc0, 0xc6, 0x6d, 0x12, 0x2e, 0xf3, 0x1f, 0x74, 0xc0}, v8_int16
= {0x6dc6, 0x2e12, 0xff3, 0xc074, 0x6dc6, 0x2e12, 0x1ff3, 0xc074},
v4_int32 = {0x2e126dc6,
0xc0740ff3, 0x2e126dc6, 0xc0741ff3}, v2_int64 = {0xc0740ff32e126dc6,
0xc0741ff32e126dc6}, uint128 = 0xc0741ff32e126dc6c0740ff32e126dc6}
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm3 {uint64 = 0xc000000000000000, v2_int32 = {0x0, 0xc0000000},
v4_int16 = {0x0, 0x0, 0x0, 0xc000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0xc0}}
mm4 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm5 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm6 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm7 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
(gdb)
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7733>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list