Opened 6 years ago

Closed 6 years ago

#39 closed defect (fixed)

0.6.90-rc0 segfault

Reported by: geep Owned by: michael
Priority: normal Component: ffmpeg
Version: 0.6.90-rc0 Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

0.6.90-rc0 segfaults.
Source snapshot from 2011.04.04 runs OK with same compile and runtime options.
Command causing segfault is:
ffmpeg -acodec copy -vcodec copy -i test.flv test.mp4
All dialogue from gdb backtrace attached below.
Running on Slackware 13.0 x86_64 Intel Core2Duo.
Cheers,
Peter

ffmpeg -acodec copy -vcodec copy -i test.flv test.mp4
FFmpeg version 0.6.90-rc0, Copyright (c) 2000-2011 the FFmpeg developers

built on Apr 4 2011 23:22:00 with gcc 4.3.3
configuration: --prefix=/usr --shlibdir=/usr/lib64 --libdir=/usr/lib64 --build-suffix=64 --mandir=/usr/man --disable-static --enable-shared --enable-gpl --enable-version3 --enable-nonfree --enable-postproc --enable-swscale --enable-pthreads --enable-x11grab --enable-bzlib --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-version3 --enable-libdc1394 --enable-libdirac --enable-libfaac --disable-libgsm --enable-libmp3lame --disable-libnut --disable-libopenjpeg --enable-librtmp --enable-libschroedinger --enable-libvpx --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libx264 --enable-memalign-hack --enable-libxvid --enable-zlib --disable-debug --enable-vdpau --arch=x86_64 --enable-hwaccel=h263_vaapi --enable-hwaccel=mpeg2_vaapi --enable-hwaccel=vc1_vaapi --enable-hwaccel=h264_dxva2 --enable-hwaccel=mpeg4_vaapi --enable-hwaccel=wmv3_dxva2 --enable-hwaccel=h264_vaapi --enable-hwaccel=vc1_dxva2 --enable-hwaccel=wmv3_vaapi --enable-debug --enable-debug=3 --disable-optimizations --enable-extra-warnings --disable-stripping
libavutil 50. 40. 0 / 50. 40. 0
libavcodec 52.117. 0 / 52.117. 0
libavformat 52.104. 0 / 52.104. 0
libavdevice 52. 4. 0 / 52. 4. 0
libavfilter 1. 76. 0 / 1. 76. 0
libswscale 0. 13. 0 / 0. 13. 0
libpostproc 51. 2. 0 / 51. 2. 0

Segmentation fault

###########################################
gdb ffmpeg
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-slackware-linux"...
(gdb) run -acodec copy -vcodec copy -i test.flv test.mp4
Starting program: /usr/bin/ffmpeg -acodec copy -vcodec copy -i test.flv test.mp4
[Thread debugging using libthread_db enabled]
FFmpeg version 0.6.90-rc0, Copyright (c) 2000-2011 the FFmpeg developers

built on Apr 4 2011 23:22:00 with gcc 4.3.3
configuration: --prefix=/usr --shlibdir=/usr/lib64 --libdir=/usr/lib64 --build-suffix=64 --mandir=/usr/man --disable-static --enable-shared --enable-gpl --enable-version3 --enable-nonfree --enable-postproc --enable-swscale --enable-pthreads --enable-x11grab --enable-bzlib --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-version3 --enable-libdc1394 --enable-libdirac --enable-libfaac --disable-libgsm --enable-libmp3lame --disable-libnut --disable-libopenjpeg --enable-librtmp --enable-libschroedinger --enable-libvpx --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libx264 --enable-memalign-hack --enable-libxvid --enable-zlib --disable-debug --enable-vdpau --arch=x86_64 --enable-hwaccel=h263_vaapi --enable-hwaccel=mpeg2_vaapi --enable-hwaccel=vc1_vaapi --enable-hwaccel=h264_dxva2 --enable-hwaccel=mpeg4_vaapi --enable-hwaccel=wmv3_dxva2 --enable-hwaccel=h264_vaapi --enable-hwaccel=vc1_dxva2 --enable-hwaccel=wmv3_vaapi --enable-debug --enable-debug=3 --disable-optimizations --enable-extra-warnings --disable-stripping
libavutil 50. 40. 0 / 50. 40. 0
libavcodec 52.117. 0 / 52.117. 0
libavformat 52.104. 0 / 52.104. 0
libavdevice 52. 4. 0 / 52. 4. 0
libavfilter 1. 76. 0 / 1. 76. 0
libswscale 0. 13. 0 / 0. 13. 0
libpostproc 51. 2. 0 / 51. 2. 0

[New Thread 0x7f642e1f4700 (LWP 29263)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f642e1f4700 (LWP 29263)]
0x00007f642d910a09 in amf_parse_object (s=0x63d8f0, astream=0x0, vstream=0x0, key=0x0, max_pos=518, depth=2)

at libavformat/flvdec.c:205

205 libavformat/flvdec.c: No such file or directory.

in libavformat/flvdec.c

(gdb) bt
#0 0x00007f642d910a09 in amf_parse_object (s=0x63d8f0, astream=0x0, vstream=0x0, key=0x0, max_pos=518, depth=2)

at libavformat/flvdec.c:205

#1 0x00007f642d910986 in amf_parse_object (s=0x63d8f0, astream=0x6407a0, vstream=0x63e9c0, key=0x7fffb7491d60 "trackinfo",

max_pos=518, depth=1) at libavformat/flvdec.c:237

#2 0x00007f642d910901 in amf_parse_object (s=0x63d8f0, astream=0x6407a0, vstream=0x63e9c0, key=0x7fffb7491f20 "onMetaData",

max_pos=518, depth=0) at libavformat/flvdec.c:226

#3 0x00007f642d91118a in flv_read_packet (s=0x63d8f0, pkt=0x7fffb7492010) at libavformat/flvdec.c:295
#4 0x00007f642d974bda in av_read_packet (s=0x63d8f0, pkt=0x7fffb7492010) at libavformat/utils.c:714
#5 0x00007f642d97504e in av_read_frame_internal (s=0x63d8f0, pkt=0x7fffb74923d0) at libavformat/utils.c:1168
#6 0x00007f642d975fb5 in av_find_stream_info (ic=0x63d8f0) at libavformat/utils.c:2339
#7 0x0000000000409139 in opt_input_file (filename=0x7fffb74948c9 "test.flv") at ffmpeg.c:3281
#8 0x0000000000411743 in parse_options (argc=8, argv=0x7fffb7492738, options=0x616a60,

parse_arg_function=0x40f110 <opt_output_file>) at cmdutils.c:220

#9 0x000000000040ef05 in main (argc=8, argv=0x7fffb7492738) at ffmpeg.c:4426
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x7f642d9109e9 to 0x7f642d910a29:
0x00007f642d9109e9 <amf_parse_object+665>: cvtpi2ps %mm0,%xmm1
0x00007f642d9109ec <amf_parse_object+668>: nopl 0x0(%rax)
0x00007f642d9109f0 <amf_parse_object+672>: jmpq 0x7f642d91081d <amf_parse_object+205>
0x00007f642d9109f5 <amf_parse_object+677>: nopl (%rax)
0x00007f642d9109f8 <amf_parse_object+680>: mov 0x40(%rsp),%rdi
0x00007f642d9109fd <amf_parse_object+685>: lea 0x7289e(%rip),%rsi # 0x7f642d9832a2
0x00007f642d910a04 <amf_parse_object+692>: mov $0xa,%ecx
0x00007f642d910a09 <amf_parse_object+697>: repz cmpsb %es:(%rdi),%ds:(%rsi)
0x00007f642d910a0b <amf_parse_object+699>: jne 0x7f642d910a18 <amf_parse_object+712>
0x00007f642d910a0d <amf_parse_object+701>: cmpl $0x1,0x3c(%rsp)
0x00007f642d910a12 <amf_parse_object+706>: je 0x7f642d910c02 <amf_parse_object+1202>
0x00007f642d910a18 <amf_parse_object+712>: lea -0x2(%r15),%r12
0x00007f642d910a1c <amf_parse_object+716>: mov 0x3c(%rsp),%ebx
0x00007f642d910a20 <amf_parse_object+720>: add $0x1,%ebx
0x00007f642d910a23 <amf_parse_object+723>: jmp 0x7f642d910a60 <amf_parse_object+784>
0x00007f642d910a25 <amf_parse_object+725>: nopl (%rax)
0x00007f642d910a28 <amf_parse_object+728>: mov %rbp,%rdi
End of assembler dump.
(gdb) info all-registers
rax 0x7f642d9109f8 140068237937144
rbx 0x0 0
rcx 0xa 10
rdx 0x7f642d98342c 140068238406700
rsi 0x7f642d9832a2 140068238406306
rdi 0x0 0
rbp 0x6469c0 0x6469c0
rsp 0x7fffb7491640 0x7fffb7491640
r8 0x206 518
r9 0x2 2
r10 0x7f642c1f8a70 140068213721712
r11 0x1 1
r12 0x2 2
r13 0x205 517
r14 0x2 2
r15 0x206 518
rip 0x7f642d910a09 0x7f642d910a09 <amf_parse_object+697>
eflags 0x10213 [ CF AF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
---Type <return> to continue, or q <return> to quit---
st5 0 (raw 0x00000000000000000000)
st6 0 (raw 0x00000000000000000000)
st7 0 (raw 0x00000000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x2, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40,

0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x40000000, 0x0, 0x0}, v2_int64 = {0x4000000000000000, 0x0}, uint128 = 0x00000000000000004000000000000000}

xmm1 {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x2, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40,

0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x40000000, 0x0, 0x0}, v2_int64 = {0x4000000000000000, 0x0}, uint128 = 0x00000000000000004000000000000000}

xmm2 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x8000000000000000}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0xf0, 0x3f, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0xfffe, 0xffff, 0xffff,
0xffff}, v4_int32 = {0x0, 0x3ff00000, 0xfffffffe, 0xffffffff}, v2_int64 = {0x3ff0000000000000, 0xfffffffffffffffe},

uint128 = 0xfffffffffffffffe3ff0000000000000}

xmm3 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0xe0, 0x95, 0x9c, 0xe7,

0x3f, 0xf0, 0x91, 0x1f, 0x2c, 0x64, 0x7f, 0x0, 0x0}, v8_int16 = {0x0, 0xe000, 0x9c95, 0x3fe7, 0x91f0, 0x2c1f, 0x7f64, 0x0},

v4_int32 = {0xe0000000, 0x3fe79c95, 0x2c1f91f0, 0x7f64}, v2_int64 = {0x3fe79c95e0000000, 0x7f642c1f91f0},
uint128 = 0x00007f642c1f91f03fe79c95e0000000}

xmm4 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd2, 0x0}, v16_int8 = {0x5b, 0xaa, 0xa2,

0x2a, 0x9e, 0x6, 0x47, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xaa5b, 0x2aa2, 0x69e, 0xc047, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x2aa2aa5b, 0xc047069e, 0x0, 0x0}, v2_int64 = {0xc047069e2aa2aa5b, 0x0},

uint128 = 0x0000000000000000c047069e2aa2aa5b}

---Type <return> to continue, or q <return> to quit---
xmm5 {v4_float = {0x0, 0xffffffff, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x17, 0x11, 0xbe, 0x76, 0x67, 0x6b,

0xd3, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x1117, 0x76be, 0x6b67, 0xbfd3, 0x0, 0x0, 0x0, 0x0},

v4_int32 = {0x76be1117, 0xbfd36b67, 0x0, 0x0}, v2_int64 = {0xbfd36b6776be1117, 0x0},
uint128 = 0x0000000000000000bfd36b6776be1117}

xmm6 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd3, 0x8000000000000000}, v16_int8 = {0xc0,

0x9, 0xf2, 0x16, 0xb5, 0xdf, 0x46, 0xc0, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0x9c0, 0x16f2, 0xdfb5,
0xc046, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x16f209c0, 0xc046dfb5, 0xfffffffe, 0xffffffff}, v2_int64 = {
0xc046dfb516f209c0, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffec046dfb516f209c0}

xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x54, 0xec, 0x35, 0x16, 0xb3, 0xe9, 0x8f,

0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xec54, 0x1635, 0xe9b3, 0xbd8f, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x1635ec54, 0xbd8fe9b3, 0x0, 0x0}, v2_int64 = {0xbd8fe9b31635ec54, 0x0}, uint128 = 0x0000000000000000bd8fe9b31635ec54}

xmm8 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x29, 0xf2, 0x88, 0x6c, 0xa6, 0x49, 0xde,

0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xf229, 0x6c88, 0x49a6, 0x3ede, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x6c88f229, 0x3ede49a6, 0x0, 0x0}, v2_int64 = {0x3ede49a66c88f229, 0x0}, uint128 = 0x00000000000000003ede49a66c88f229}

xmm9 {v4_float = {0x9689a800, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x8000000000000000}, v16_int8 = {0x6a, 0xa2, 0x65,

0x50, 0xf2, 0xea, 0x8f, 0xbd, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0xa26a, 0x5065, 0xeaf2, 0xbd8f,
0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x5065a26a, 0xbd8feaf2, 0xfffffffe, 0xffffffff}, v2_int64 = {
0xbd8feaf25065a26a, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffebd8feaf25065a26a}

xmm10 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0}, v16_int8 = {0x6d, 0x7d, 0xbf, 0xbb, 0x27, 0xaf, 0xf5,

0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x7d6d, 0xbbbf, 0xaf27, 0x3ff5, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0xbbbf7d6d, 0x3ff5af27, 0x0, 0x0}, v2_int64 = {0x3ff5af27bbbf7d6d, 0x0}, uint128 = 0x00000000000000003ff5af27bbbf7d6d}

xmm11 {v4_float = {0x0, 0xfffffffd, 0x0, 0x0}, v2_double = {0xffffffffffffffd2, 0x8000000000000000}, v16_int8 = {0xe0,

0xe6, 0x35, 0x67, 0x9e, 0x6, 0x47, 0xc0, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, v8_int16 = {0xe6e0, 0x6735, 0x69e,
0xc047, 0xfffe, 0xffff, 0xffff, 0xffff}, v4_int32 = {0x6735e6e0, 0xc047069e, 0xfffffffe, 0xffffffff}, v2_int64 = {
0xc047069e6735e6e0, 0xfffffffffffffffe}, uint128 = 0xfffffffffffffffec047069e6735e6e0}

xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xb3, 0x12, 0x58, 0x17, 0x64, 0x46, 0xe6,

0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x12b3, 0x1758, 0x4664, 0x3be6, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x175812b3, 0x3be64664, 0x0, 0x0}, v2_int64 = {0x3be64664175812b3, 0x0}, uint128 = 0x00000000000000003be64664175812b3}

xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0,
---Type <return> to continue, or q <return> to quit---

0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x0, 0x46, 0x84, 0x24, 0x59, 0xd6,

0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x8446, 0x5924, 0x3ed6, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x84460000, 0x3ed65924, 0x0, 0x0}, v2_int64 = {0x3ed6592484460000, 0x0}, uint128 = 0x00000000000000003ed6592484460000}

xmm15 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f,

0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0}, uint128 = 0x00000000000000003ff0000000000000}

mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb)

Change History (3)

comment:1 Changed 6 years ago by cehoyos

  • Status changed from new to open

Thank you for the report!

I believe this crash was fixed yesterday night in deff8a6d3a7020fdda7fdb3f80d0003b5f44279b
Can you confirm that it does not crash with latest git HEAD?

comment:2 Changed 6 years ago by geep

Latest git HEAD OK. (The 2011-04-04 snapshot was OK too).
Cheers,
Peter

comment:3 Changed 6 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed

As you say its fixed in HEAD, iam closing this one

Note: See TracTickets for help on using tickets.