#588: FFmpeg crashes when transcoding a wmv video on windows 7 (64 bit) machine
-------------------------------------+-----------------------------------
Reporter: eiljoe | Owner: michael
Type: defect | Status: open
Priority: important | Component: avcodec
Version: unspecified | Resolution:
Keywords: win64 | Blocked By:
Blocking: | Reproduced by developer: 1
Analyzed by developer: 0 |
-------------------------------------+-----------------------------------
Comment (by cehoyos):
--enable-memalign-hack does not help:
{{{
(gdb) break ff_imdct_half_sse
Breakpoint 1 at 0x9d7560
(gdb) break ff_imdct_half_sse.pre
Breakpoint 2 at 0x9d75a2
(gdb) r -i ffmpeg-crash-around-frame-60.wmv -vn -f null -
ffmpeg version N-34276-g02fa529, Copyright (c) 2000-2011 the FFmpeg
developers
built on Oct 30 2011 17:33:40 with gcc 4.7.0 20110827 (experimental)
configuration: --enable-memalign-hack
libavutil 51. 22. 0 / 51. 22. 0
libavcodec 53. 25. 0 / 53. 25. 0
libavformat 53. 18. 0 / 53. 18. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 45. 1 / 2. 45. 1
libswscale 2. 1. 0 / 2. 1. 0
[wmav2 @ 0000000005B15BC0] Warning: not compiled with thread support,
using thread emulation
[wmv2 @ 0000000005B16580] Warning: not compiled with thread support, using
thread emulation
[asf @ 000000000032BAE0] parser not found for codec wmav2, packets or
times may be invalid.
Seems stream 1 codec frame rate differs from container frame rate: 1000.00
(1000/1) -> 25.00 (25/1)
Input #0, asf, from 'ffmpeg-crash-around-frame-60.wmv':
Metadata:
WMFSDKVersion : 11.0.5721.5245
WMFSDKNeeded : 0.0.0.0000
IsVBR : 1
VBR Peak : 8464 ¡║¯½½½½½½½½½½½½½½½½■¯■¯■¯■
Buffer Average : 8514 ¡║¯½½½½½½½½½½½½½½½½■¯■¯■¯■
Encoded_By : Sorenson Squeeze
Encoded_With : Sorenson Squeeze
Duration: 00:01:20.02, start: 0.000000, bitrate: 153 kb/s
Stream #0:0: Audio: wmav2 (a[1][0][0] / 0x0161), 48000 Hz, 2 channels,
s16, 128 kb/s
Stream #0:1: Video: wmv2 (WMV2 / 0x32564D57), yuv420p, 1280x720, 18000
kb/s, 25 tbr, 1k tbn, 1k tbc
[pcm_s16le @ 0000000005B74400] Warning: not compiled with thread support,
using thread emulation
[wmav2 @ 0000000005B15BC0] Warning: not compiled with thread support,
using thread emulation
Output #0, null, to 'pipe:':
Metadata:
WMFSDKVersion : 11.0.5721.5245
WMFSDKNeeded : 0.0.0.0000
IsVBR : 1
VBR Peak : 8464 ¡║¯½½½½½½½½½½½½½½½½■¯■¯■¯■
Buffer Average : 8514 ¡║¯½½½½½½½½½½½½½½½½■¯■¯■¯■
Encoded_By : Sorenson Squeeze
Encoded_With : Sorenson Squeeze
encoder : Lavf53.18.0
Stream #0:0: Audio: pcm_s16le, 48000 Hz, 2 channels, s16, 1536 kb/s
Stream mapping:
Stream #0.0 -> #0.0 (wmav2 -> pcm_s16le)
Press [q] to stop, [?] for help
Breakpoint 1, 0x00000000009d7560 in ff_imdct_half_sse ()
(gdb) bt
#0 0x00000000009d7560 in ff_imdct_half_sse ()
#1 0x00000000009d4779 in ff_imdct_calc_sse (s=<optimized out>,
output=0x5b51a3c, input=<optimized out>) at
libavcodec/x86/fft_sse.c:89
#2 0x00000000007464d5 in wma_decode_block (s=0x5b45560)
at libavcodec/wmadec.c:756
#3 0x0000000000000000 in ?? ()
(gdb) disass $pc,$pc+128
Dump of assembler code from 0x9d7560 to 0x9d75e0:
=> 0x00000000009d7560 <ff_imdct_half_sse+0>: push %rdi
0x00000000009d7561 <ff_imdct_half_sse+1>: push %rsi
0x00000000009d7562 <ff_imdct_half_sse+2>: sub $0x30,%rsp
0x00000000009d7566 <ff_imdct_half_sse+6>: movaps %xmm7,0x18(%rsp)
0x00000000009d756b <ff_imdct_half_sse+11>: movaps %xmm6,0x8(%rsp)
0x00000000009d7570 <ff_imdct_half_sse+16>: push %r12
0x00000000009d7572 <ff_imdct_half_sse+18>: push %r13
0x00000000009d7574 <ff_imdct_half_sse+20>: push %r14
0x00000000009d7576 <ff_imdct_half_sse+22>: mov 0x18(%rcx),%r9d
0x00000000009d757a <ff_imdct_half_sse+26>: add %r9,%r8
0x00000000009d757d <ff_imdct_half_sse+29>: shr %r9
0x00000000009d7580 <ff_imdct_half_sse+32>: mov 0x20(%rcx),%r11
0x00000000009d7584 <ff_imdct_half_sse+36>: mov 0x28(%rcx),%r12
0x00000000009d7588 <ff_imdct_half_sse+40>: add %r9,%r11
0x00000000009d758b <ff_imdct_half_sse+43>: add %r9,%r12
0x00000000009d758e <ff_imdct_half_sse+46>: shr %r9
0x00000000009d7591 <ff_imdct_half_sse+49>: mov 0x8(%rcx),%r10
0x00000000009d7595 <ff_imdct_half_sse+53>: add %r9,%r10
0x00000000009d7598 <ff_imdct_half_sse+56>: sub $0x4,%r9
0x00000000009d759c <ff_imdct_half_sse+60>: xor %rdi,%rdi
0x00000000009d759f <ff_imdct_half_sse+63>: sub %r9,%rdi
0x00000000009d75a2 <ff_imdct_half_sse.pre+0>: movaps
(%r8,%r9,4),%xmm0
0x00000000009d75a7 <ff_imdct_half_sse.pre+5>: movaps
-0x10(%r8,%rdi,4),%xmm1
0x00000000009d75ad <ff_imdct_half_sse.pre+11>: movaps %xmm0,%xmm2
0x00000000009d75b0 <ff_imdct_half_sse.pre+14>: shufps
$0x88,%xmm1,%xmm0
0x00000000009d75b4 <ff_imdct_half_sse.pre+18>: shufps
$0x77,%xmm2,%xmm1
0x00000000009d75b8 <ff_imdct_half_sse.pre+22>: movlps
(%r11,%r9,2),%xmm4
0x00000000009d75bd <ff_imdct_half_sse.pre+27>: movlps
(%r12,%r9,2),%xmm5
0x00000000009d75c2 <ff_imdct_half_sse.pre+32>: movhps
-0x8(%r11,%rdi,2),%xmm4
0x00000000009d75c8 <ff_imdct_half_sse.pre+38>: movhps
-0x8(%r12,%rdi,2),%xmm5
0x00000000009d75ce <ff_imdct_half_sse.pre+44>: movaps %xmm0,%xmm2
0x00000000009d75d1 <ff_imdct_half_sse.pre+47>: movaps %xmm1,%xmm3
0x00000000009d75d4 <ff_imdct_half_sse.pre+50>: mulps %xmm5,%xmm0
0x00000000009d75d7 <ff_imdct_half_sse.pre+53>: mulps %xmm4,%xmm1
0x00000000009d75da <ff_imdct_half_sse.pre+56>: mulps %xmm4,%xmm2
0x00000000009d75dd <ff_imdct_half_sse.pre+59>: mulps %xmm5,%xmm3
End of assembler dump.
(gdb) info registers
rax 0x3e95a40 65624640
rbx 0x3e92a3c 65612348
rcx 0x3e95a40 65624640
rdx 0x3e92a3c 65612348
rsi 0x400 1024
rdi 0x1000 4096
rbp 0x3e91a3c 0x3e91a3c
rsp 0x22dd68 0x22dd68
r8 0x3e8da3c 65591868
r9 0x38d780 3725184
r10 0x800 2048
r11 0x4 4
r12 0x0 0
r13 0x0 0
r14 0x29 41
r15 0x3e85560 65557856
rip 0x9d7560 0x9d7560 <ff_imdct_half_sse>
eflags 0x206 [ PF IF ]
cs 0x33 51
ss 0x206002b 33947691
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x2b0000 2818048
(gdb) s
Single stepping until exit from function ff_imdct_half_sse,
which has no line number information.
Breakpoint 2, 0x00000000009d75a2 in ff_imdct_half_sse.pre ()
(gdb) bt
#0 0x00000000009d75a2 in ff_imdct_half_sse.pre ()
#1 0x0000000000000029 in ?? ()
#2 0x0000000000000000 in ?? ()
(gdb) info registers
rax 0x3e95a40 65624640
rbx 0x3e92a3c 65612348
rcx 0x3e95a40 65624640
rdx 0x3e92a3c 65612348
rsi 0x400 1024
rdi 0xfffffffffffffc04 -1020
rbp 0x3e91a3c 0x3e91a3c
rsp 0x22dd10 0x22dd10
r8 0x3e8ea3c 65595964
r9 0x3fc 1020
r10 0x38e660 3728992
r11 0x3efaca0 66038944
r12 0x3efbca0 66043040
r13 0x0 0
r14 0x29 41
r15 0x3e85560 65557856
rip 0x9d75a2 0x9d75a2 <ff_imdct_half_sse.pre>
eflags 0x293 [ CF AF SF IF ]
cs 0x33 51
ss 0x293002b 43188267
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x2b0000 2818048
xmm0 = 0
(gdb) s
Single stepping until exit from function ff_imdct_half_sse.pre,
which has no line number information.
Program received signal SIGSEGV, Segmentation fault.
0x00000000009d75a2 in ff_imdct_half_sse.pre ()
(gdb) bt
#0 0x00000000009d75a2 in ff_imdct_half_sse.pre ()
#1 0x0000000000000029 in ?? ()
#2 0x0000000000000000 in ?? ()
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/588#comment:3>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
http://avcodec.org/mailman/listinfo/ffmpeg-trac
