Opened 13 years ago
Closed 13 years ago
#833 closed defect (fixed)
crash with png (gray) to bmp (gray) conversion
| Reported by: | ami_stuff | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avcodec |
| Version: | git-master | Keywords: | bmp crash SIGSEGV regression |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | yes | |
| Analyzed by developer: | no |
Description
(gdb) r -i gray.png out.bmp
Starting program: F:\MinGW\msys\1.0\ffmpeg-HEAD-834f80d/ffmpeg_g.exe -i gray.png
out.bmp
[New Thread 3148.0xcb4]
ffmpeg version 0.9.0.git-834f80d, Copyright (c) 2000-2011 the FFmpeg developers
built on Dec 22 2011 14:07:40 with gcc 4.5.2
configuration: --disable-ffplay --disable-ffserver --disable-asm --disable-yas
m --disable-shared --enable-static
libavutil 51. 32.100 / 51. 32.100
libavcodec 53. 47.100 / 53. 47.100
libavformat 53. 28.100 / 53. 28.100
libavdevice 53. 4.100 / 53. 4.100
libavfilter 2. 53. 0 / 2. 53. 0
libswscale 2. 1.100 / 2. 1.100
libswresample 0. 5.100 / 0. 0.100
Input #0, image2, from 'gray.png':
Duration: 00:00:00.04, start: 0.000000, bitrate: N/A
Stream #0:0: Video: png, gray, 1024x768, 25 tbr, 25 tbn, 25 tbc
[buffer @ 03d61590] w:1024 h:768 pixfmt:gray tb:1/1000000 sar:0/1 sws_param:
Output #0, image2, to 'out.bmp':
Metadata:
encoder : Lavf53.28.100
Stream #0:0: Video: bmp, gray, 1024x768, q=2-31, 200 kb/s, 90k tbn, 25 tbc
Stream mapping:
Stream #0:0 -> #0:0 (png -> bmp)
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
0x009d00d4 in ff_set_systematic_pal2 (pal=0x0, pix_fmt=PIX_FMT_GRAY8)
at libavutil/imgutils.c:178
178 pal[i] = b + (g<<8) + (r<<16);
(gdb) bt
#0 0x009d00d4 in ff_set_systematic_pal2 (pal=0x0, pix_fmt=PIX_FMT_GRAY8)
at libavutil/imgutils.c:178
#1 0x007c8df2 in bmp_encode_frame (avctx=0x42b0048, buf=0x43b0020 "",
buf_size=5515024, data=0x22daf0) at libavcodec/bmpenc.c:90
#2 0x00509101 in avcodec_encode_video (avctx=0x42b0048, buf=0x43b0020 "",
buf_size=5515024, pict=0x22daf0) at libavcodec/utils.c:881
#3 0x00404f6e in do_video_out (s=0x3d5f3b0, ost=0x3d5fd00,
in_picture=0x3d61e00, frame_size=0x22de9c, quality=0,
ist=<value optimized out>) at ffmpeg.c:1349
#4 0x004068c5 in transcode_video (ist=0x3d611b0, ost_table=0x3d5fd00,
nb_ostreams=1, pkt=0x22fbb8) at ffmpeg.c:1955
#5 output_packet (ist=0x3d611b0, ost_table=0x3d5fd00, nb_ostreams=1,
pkt=0x22fbb8) at ffmpeg.c:2046
#6 0x0040a63e in transcode (output_files=<value optimized out>,
nb_output_files=0, input_files=0x0, nb_input_files=4256952)
at ffmpeg.c:2804
#7 0x0022ff48 in ?? ()
#8 0x00000000 in ?? ()
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x9d00b4 to 0x9d00f4:
0x009d00b4 <ff_set_systematic_pal2+64>: cmp $0x92,%al
0x009d00b6 <ff_set_systematic_pal2+66>: lea (%edx,%edi,4),%edi
0x009d00b9 <ff_set_systematic_pal2+69>: lea (%edx,%edi,4),%edi
0x009d00bc <ff_set_systematic_pal2+72>: mov %eax,%ebp
0x009d00be <ff_set_systematic_pal2+74>: and $0x1,%ebp
0x009d00c1 <ff_set_systematic_pal2+77>: mov %ebp,%edx
0x009d00c3 <ff_set_systematic_pal2+79>: shl $0x8,%edx
0x009d00c6 <ff_set_systematic_pal2+82>: sub %ebp,%edx
0x009d00c8 <ff_set_systematic_pal2+84>: shl $0x8,%edi
0x009d00cb <ff_set_systematic_pal2+87>: shl $0x10,%ecx
0x009d00ce <ff_set_systematic_pal2+90>: lea (%edi,%ecx,1),%ecx
0x009d00d1 <ff_set_systematic_pal2+93>: lea (%ecx,%edx,1),%edx
=> 0x009d00d4 <ff_set_systematic_pal2+96>: mov %edx,(%esi,%eax,4)
0x009d00d7 <ff_set_systematic_pal2+99>: inc %eax
0x009d00d8 <ff_set_systematic_pal2+100>: cmp $0x100,%eax
0x009d00dd <ff_set_systematic_pal2+105>: jne 0x9d0088 <ff_set_systemat
ic_pal2+20>
0x009d00df <ff_set_systematic_pal2+107>: xor %ax,%ax
0x009d00e2 <ff_set_systematic_pal2+110>: jmp 0x9d0092 <ff_set_systemat
ic_pal2+30>
0x009d00e4 <ff_set_systematic_pal2+112>: mov %eax,%edx
0x009d00e6 <ff_set_systematic_pal2+114>: sar $0x5,%edx
0x009d00e9 <ff_set_systematic_pal2+117>: lea (%edx,%edx,8),%ecx
0x009d00ec <ff_set_systematic_pal2+120>: shl $0x2,%ecx
0x009d00ef <ff_set_systematic_pal2+123>: mov %eax,%edx
0x009d00f1 <ff_set_systematic_pal2+125>: sar $0x2,%edx
End of assembler dump.
(gdb) info all-registers
eax 0x0 0
ecx 0x0 0
edx 0x0 0
ebx 0x0 0
esp 0x22d9ec 0x22d9ec
ebp 0x42b0048 0x42b0048
esi 0x0 0
edi 0x0 0
eip 0x9d00d4 0x9d00d4 <ff_set_systematic_pal2+96>
eflags 0x10256 [ PF AF ZF IF RF ]
cs 0x1b 27
ss 0x23 35
ds 0x23 35
es 0x23 35
fs 0x3b 59
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 -2147483648 (raw 0xc01e8000000000000000)
st4 -1.1000000000000001 (raw 0xbfff8ccccccccccccccd)
st5 0 (raw 0x00000000000000000000)
st6 1.1000000000000001 (raw 0x3fff8ccccccccccccccd)
st7 0 (raw 0x00000000000000000000)
fctrl 0xffff037f -64641
fstat 0xffff0120 -65248
ftag 0xffffffff -1
fiseg 0x0 0
fioff 0x0 0
foseg 0xffff0000 -65536
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm3 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},
v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x80}}
mm4 {uint64 = 0x8ccccccccccccccd, v2_int32 = {0xcccccccd,
0x8ccccccc}, v4_int16 = {0xcccd, 0xcccc, 0xcccc, 0x8ccc}, v8_int8 = {
0xcd, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x8c}}
mm5 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm6 {uint64 = 0x8ccccccccccccccd, v2_int32 = {0xcccccccd,
0x8ccccccc}, v4_int16 = {0xcccd, 0xcccc, 0xcccc, 0x8ccc}, v8_int8 = {
0xcd, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x8c}}
mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
Attachments (1)
Change History (5)
by , 13 years ago
comment:1 by , 13 years ago
| Component: | undetermined → avcodec |
|---|---|
| Keywords: | bmp crash SIGSEGV added |
| Priority: | normal → important |
| Reproduced by developer: | set |
| Status: | new → open |
| Version: | unspecified → git-master |
comment:2 by , 13 years ago
comment:3 by , 13 years ago
I have a working fix that I will submit within the next day or so. I'll go through the documentation first to see what hoops I need to jump for submitting a patch or so.
comment:4 by , 13 years ago
| Keywords: | regression added |
|---|---|
| Resolution: | → fixed |
| Status: | open → closed |
Fixed by Frank Vernaillen, thank you for the report!
Note:
See TracTickets
for help on using tickets.
(gdb) r -i gray.png out.pcx Starting program: F:\MinGW\msys\1.0\ffmpeg-HEAD-834f80d/ffmpeg_g.exe -i gray.png out.pcx [New Thread 3752.0x8e0] ffmpeg version 0.9.0.git-834f80d, Copyright (c) 2000-2011 the FFmpeg developers built on Dec 22 2011 14:07:40 with gcc 4.5.2 configuration: --disable-ffplay --disable-ffserver --disable-asm --disable-yas m --disable-shared --enable-static libavutil 51. 32.100 / 51. 32.100 libavcodec 53. 47.100 / 53. 47.100 libavformat 53. 28.100 / 53. 28.100 libavdevice 53. 4.100 / 53. 4.100 libavfilter 2. 53. 0 / 2. 53. 0 libswscale 2. 1.100 / 2. 1.100 libswresample 0. 5.100 / 0. 0.100 Input #0, image2, from 'gray.png': Duration: 00:00:00.04, start: 0.000000, bitrate: N/A Stream #0:0: Video: png, gray, 1024x768, 25 tbr, 25 tbn, 25 tbc [buffer @ 03d61590] w:1024 h:768 pixfmt:gray tb:1/1000000 sar:0/1 sws_param: Output #0, image2, to 'out.pcx': Metadata: encoder : Lavf53.28.100 Stream #0:0: Video: pcx, gray, 1024x768, q=2-31, 200 kb/s, 90k tbn, 25 tbc Stream mapping: Stream #0:0 -> #0:0 (png -> pcx) Press [q] to stop, [?] for help Program received signal SIGSEGV, Segmentation fault. pcx_encode_frame (avctx=0x42b0048, buf=0x4457453 "", buf_size=5515024, data=0x22daf0) at libavcodec/pcxenc.c:185 185 bytestream_put_be24(&buf, pal[i]); (gdb) bt #0 pcx_encode_frame (avctx=0x42b0048, buf=0x4457453 "", buf_size=5515024, data=0x22daf0) at libavcodec/pcxenc.c:185 #1 0x00509101 in avcodec_encode_video (avctx=0x42b0048, buf=0x43b0020 "\n\005\001\b", buf_size=5515024, pict=0x22daf0) at libavcodec/utils.c:881 #2 0x00404f6e in do_video_out (s=0x3d5f3b0, ost=0x3d5fd00, in_picture=0x3d61e00, frame_size=0x22de9c, quality=0, ist=<value optimized out>) at ffmpeg.c:1349 #3 0x004068c5 in transcode_video (ist=0x3d611b0, ost_table=0x3d5fd00, nb_ostreams=1, pkt=0x22fbb8) at ffmpeg.c:1955 #4 output_packet (ist=0x3d611b0, ost_table=0x3d5fd00, nb_ostreams=1, pkt=0x22fbb8) at ffmpeg.c:2046 #5 0x0040a63e in transcode (output_files=<value optimized out>, nb_output_files=0, input_files=0x0, nb_input_files=4256952) at ffmpeg.c:2804 #6 0x0022ff48 in ?? () #7 0x00000000 in ?? ()