Panagiotis Issaris <[EMAIL PROTECTED]> added the comment: I've just rechecked this corrupt sample, and it is causing a segfault again. I wasn't just if it was better to reopen this issue or to create a new one...
GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu"... (gdb) r -i /mnt/windows/bugs/ffmpeg/issue282/pi-20071203T152700-ffmpeg_crash_minimal.h264 /tmp/takis.yuv Starting program: /var/tmp/build/ffmpeg-rw/ffmpeg_g -i /mnt/windows/bugs/ffmpeg/issue282/pi-20071203T152700-ffmpeg_crash_minimal.h264 /tmp/takis.yuv [Thread debugging using libthread_db enabled] FFmpeg version SVN-r15970, Copyright (c) 2000-2008 Fabrice Bellard, et al. configuration: --enable-gpl --enable-nonfree --enable-swscale --enable-pthreads --enable-x11grab --enable-libx264 --enable-libfaad --enable-libfaac --enable-libamr-nb --enable-libamr-wb --enable-libmp3lame --enable-libgsm --enable-libvorbis --enable-avfilter --enable-avfilter-lavf --enable-libtheora --extra-libs=-lX11 libavutil 49.12. 0 / 49.12. 0 libavcodec 52. 5. 0 / 52. 5. 0 libavformat 52.23. 1 / 52.23. 1 libavdevice 52. 1. 0 / 52. 1. 0 libavfilter 0. 1. 0 / 0. 1. 0 libswscale 0. 6. 1 / 0. 6. 1 built on Dec 1 2008 09:50:39, gcc: 4.3.2 [h264 @ 0x1326ce0]too many reference frames [h264 @ 0x1326ce0]too many reference frames [h264 @ 0x1326ce0]picture size invalid (0x0) [h264 @ 0x1326ce0]get_buffer() failed (-1 0 0 (nil)) [New Thread 0x7f7c0800e6e0 (LWP 23054)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f7c0800e6e0 (LWP 23054)] decode_slice_header (h=0x7f7c07faa010, h0=0x7f7c07faa010) at /usr/local/src/ffmpeg-rw/libavcodec/h264.c:3709 3709 s->current_picture_ptr->frame_num= h->prev_frame_num; (gdb) (gdb) bt #0 decode_slice_header (h=0x7f7c07faa010, h0=0x7f7c07faa010) at /usr/local/src/ffmpeg-rw/libavcodec/h264.c:3709 #1 0x0000000000638eaa in decode_nal_units (h=0x7f7c07faa010, buf=0x1345350 "", buf_size=5641) at /usr/local/src/ffmpeg-rw/libavcodec/h264.c:7380 #2 0x000000000063bc08 in decode_frame (avctx=0x1326ce0, data=0x7fff1003ea90, data_size=0x7fff1003ee8c, buf=0x1345350 "", buf_size=5641) at /usr/local/src/ffmpeg-rw/libavcodec/h264.c:7564 #3 0x00000000004d3670 in avcodec_decode_video (avctx=0x1326ce0, picture=0x0, got_picture_ptr=0x7fff1003ee8c, buf=0x7f7c0800e6e0 "��", buf_size=<value optimized out>) at /usr/local/src/ffmpeg-rw/libavcodec/utils.c:927 #4 0x000000000045eaf1 in av_find_stream_info (ic=0x131da00) at /usr/local/src/ffmpeg-rw/libavformat/utils.c:1894 #5 0x000000000042a764 in opt_input_file (filename=0x7fff10041553 "/mnt/windows/bugs/ffmpeg/issue282/pi-20071203T152700-ffmpeg_crash_minimal.h264") at /usr/local/src/ffmpeg-rw/ffmpeg.c:2792 #6 0x000000000042db77 in parse_options (argc=4, argv=0x7fff1003f298, options=0x8f4560, parse_arg_function=0x42b720 <opt_output_file>) at /usr/local/src/ffmpeg-rw/cmdutils.c:166 #7 0x0000000000429c6f in main (argc=4, argv=0x7fff1003f298) at /usr/local/src/ffmpeg-rw/ffmpeg.c:3878 (gdb) disass $pc-32 $pc+32 Dump of assembler code from 0x62014e to 0x62018e: 0x000000000062014e <decode_slice_header+1998>: xor %esi,%esi 0x0000000000620150 <decode_slice_header+2000>: mov %rbp,%rdi 0x0000000000620153 <decode_slice_header+2003>: add $0x1,%edx 0x0000000000620156 <decode_slice_header+2006>: shl %cl,%eax 0x0000000000620158 <decode_slice_header+2008>: mov %eax,%ecx 0x000000000062015a <decode_slice_header+2010>: mov %edx,%eax 0x000000000062015c <decode_slice_header+2012>: sar $0x1f,%edx 0x000000000062015f <decode_slice_header+2015>: idiv %ecx 0x0000000000620161 <decode_slice_header+2017>: mov 0xbf8(%rbp),%rax 0x0000000000620168 <decode_slice_header+2024>: mov %edx,0x108b8(%rbp) 0x000000000062016e <decode_slice_header+2030>: mov %edx,0x15c(%rax) 0x0000000000620174 <decode_slice_header+2036>: xor %edx,%edx 0x0000000000620176 <decode_slice_header+2038>: callq 0x619c70 <execute_ref_pic_marking> 0x000000000062017b <decode_slice_header+2043>: mov 0x108a4(%rbp),%esi 0x0000000000620181 <decode_slice_header+2049>: mov 0x108b8(%rbp),%r8d 0x0000000000620188 <decode_slice_header+2056>: cmp %r8d,%esi 0x000000000062018b <decode_slice_header+2059>: jne 0x620108 <decode_slice_header+1928> End of assembler dump. (gdb) info all-registers rax 0x0 0 rbx 0x1 1 rcx 0x1000000 16777216 rdx 0x1 1 rsi 0x0 0 rdi 0x7f7c07faa010 140170686537744 rbp 0x7f7c07faa010 0x7f7c07faa010 rsp 0x7fff1003e650 0x7fff1003e650 r8 0xffffffff 4294967295 r9 0x7f7c05a999d0 140170647673296 r10 0x7f7c0800e6e0 140170686949088 r11 0x200246 2097734 r12 0x3 3 r13 0x7f7c07faa018 140170686537752 r14 0x7f7c07faa010 140170686537744 r15 0x0 0 rip 0x62016e 0x62016e <decode_slice_header+2030> eflags 0x210246 [ PF ZF IF RF ID ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 st0 0 (raw 0x00000000000000000000) st1 0 (raw 0x00000000000000000000) st2 0 (raw 0x00000000000000000000) st3 0 (raw 0x00000000000000000000) st4 0 (raw 0x00000000000000000000) st5 0 (raw 0x00000000000000000000) st6 0 (raw 0x00000000000000000000) st7 0 (raw 0x00000000000000000000) fctrl 0x37f 895 fstat 0x0 0 ftag 0xffff 65535 fiseg 0x0 0 fioff 0x0 0 foseg 0x0 0 fooff 0x0 0 fop 0x0 0 xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm1 {v4_float = {0x3, 0x3, 0x0, 0x0}, v2_double = {0x20, 0x0}, v16_int8 = {0x0, 0x0, 0x40, 0x40, 0x0, 0x0, 0x40, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x4040, 0x0, 0x4040, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x40400000, 0x40400000, 0x0, 0x0}, v2_int64 = {0x4040000040400000, 0x0}, uint128 = 0x00000000000000004040000040400000} xmm2 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x8000000000000000}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x0, 0x3ff00000, 0xfffffffe, 0xffffffff}, v2_int64 = {0x3ff0000000000000, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffe3ff0000000000000} xmm3 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0xe0, 0x95, 0x9c, 0xe7, 0x3f, 0xf0, 0xa1, 0xa9, 0x5, 0x7c, 0x7f, 0x0, 0x0}, v8_int16 = {0x0, 0xe000, 0x9c95, 0x3fe7, 0xa1f0, 0x5a9, 0x7f7c, 0x0}, v4_int32 = {0xe0000000, 0x3fe79c95, 0x5a9a1f0, 0x7f7c}, v2_int64 = {0x3fe79c95e0000000, 0x7f7c05a9a1f0}, uint128 = 0x00007f7c05a9a1f03fe79c95e0000000} xmm4 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd2, 0x0}, v16_int8 = {0x5b, 0xaa, 0xa2, 0x2a, 0x9e, 0x6, 0x47, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xaa5b, 0x2aa2, 0x69e, 0xc047, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x2aa2aa5b, 0xc047069e, 0x0, 0x0}, v2_int64 = {0xc047069e2aa2aa5b, 0x0}, uint128 = 0x0000000000000000c047069e2aa2aa5b} xmm5 {v4_float = {0x0, 0xffffffff, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x17, 0x11, 0xbe, 0x76, 0x67, 0x6b, 0xd3, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = { 0x1117, 0x76be, 0x6b67, 0xbfd3, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x76be1117, 0xbfd36b67, 0x0, 0x0}, v2_int64 = {0xbfd36b6776be1117, 0x0}, uint128 = 0x0000000000000000bfd36b6776be1117} xmm6 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd3, 0x8000000000000000}, v16_int8 = {0xc0, 0x9, 0xf2, 0x16, 0xb5, 0xdf, 0x46, 0xc0, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0x9c0, 0x16f2, 0xdfb5, 0xc046, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x16f209c0, 0xc046dfb5, 0xfffffffe, 0xffffffff}, v2_int64 = { 0xc046dfb516f209c0, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffec046dfb516f209c0} xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x54, 0xec, 0x35, 0x16, 0xb3, 0xe9, 0x8f, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xec54, 0x1635, 0xe9b3, 0xbd8f, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x1635ec54, 0xbd8fe9b3, 0x0, 0x0}, v2_int64 = {0xbd8fe9b31635ec54, 0x0}, uint128 = 0x0000000000000000bd8fe9b31635ec54} xmm8 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x29, 0xf2, 0x88, 0x6c, 0xa6, 0x49, 0xde, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xf229, 0x6c88, 0x49a6, 0x3ede, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x6c88f229, 0x3ede49a6, 0x0, 0x0}, v2_int64 = {0x3ede49a66c88f229, 0x0}, uint128 = 0x00000000000000003ede49a66c88f229} xmm9 {v4_float = {0x9689a800, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x8000000000000000}, v16_int8 = {0x6a, 0xa2, 0x65, 0x50, 0xf2, 0xea, 0x8f, 0xbd, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0xa26a, 0x5065, 0xeaf2, 0xbd8f, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x5065a26a, 0xbd8feaf2, 0xfffffffe, 0xffffffff}, v2_int64 = {0xbd8feaf25065a26a, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffebd8feaf25065a26a} xmm10 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0}, v16_int8 = {0x6d, 0x7d, 0xbf, 0xbb, 0x27, 0xaf, 0xf5, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x7d6d, 0xbbbf, 0xaf27, 0x3ff5, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0xbbbf7d6d, 0x3ff5af27, 0x0, 0x0}, v2_int64 = {0x3ff5af27bbbf7d6d, 0x0}, uint128 = 0x00000000000000003ff5af27bbbf7d6d} xmm11 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd2, 0x8000000000000000}, v16_int8 = {0xe0, 0xe6, 0x35, 0x67, 0x9e, 0x6, 0x47, 0xc0, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0xe6e0, 0x6735, 0x69e, 0xc047, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x6735e6e0, 0xc047069e, 0xfffffffe, 0xffffffff}, v2_int64 = { 0xc047069e6735e6e0, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffec047069e6735e6e0} xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xb3, 0x12, 0x58, 0x17, 0x64, 0x46, 0xe6, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x12b3, 0x1758, 0x4664, 0x3be6, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x175812b3, 0x3be64664, 0x0, 0x0}, v2_int64 = {0x3be64664175812b3, 0x0}, uint128 = 0x00000000000000003be64664175812b3} xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x0, 0x46, 0x84, 0x24, 0x59, 0xd6, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x8446, 0x5924, 0x3ed6, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x84460000, 0x3ed65924, 0x0, 0x0}, v2_int64 = {0x3ed6592484460000, 0x0}, uint128 = 0x00000000000000003ed6592484460000} xmm15 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0}, uint128 = 0x00000000000000003ff0000000000000} mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ] ______________________________________________________ FFmpeg issue tracker <[EMAIL PROTECTED]> <https://roundup.mplayerhq.hu/roundup/ffmpeg/issue282> ______________________________________________________
