[Ffmpeg-devel] [BUG] vorbis decoder
Benjamin Larsson
banan
Tue May 9 17:16:00 CEST 2006
M?ns Rullg?rd wrote:
>Benjamin Larsson said:
>
>
>>This file seams to segfault the vorbis decoder.
>>
>>http://www.vorbis.com/music/Lumme-Badloop.ogg
>>
>>
>
>Can't reproduce. Sure you have a clean tree?
>
>
>
Yes, it was reported by an amd64 user. And I verified it myself, so it
could be a 64bit issue.
gdb) run -i Lumme-Badloop.ogg test3.wav
Starting program: /home/banan/cvs_ffmpeg/ffmpeg/ffmpeg_g -i
Lumme-Badloop.ogg test3.wav
FFmpeg version CVS, Copyright (c) 2000-2004 Fabrice Bellard
configuration: --enable-gpl --enable-a52
libavutil version: 49.0.0
libavcodec version: 51.9.0
libavformat version: 50.4.0
built on Apr 21 2006 18:01:40, gcc: 3.4.4 (Gentoo 3.4.4-r1,
ssp-3.4.4-1.0, pie-8.7.8)
Input #0, ogg, from 'Lumme-Badloop.ogg':
Duration: 00:06:45.0, start: 0.000000, bitrate: 115 kb/s
Stream #0.0: Audio: vorbis, 44100 Hz, stereo, 128 kb/s
File 'test3.wav' already exists. Overwrite ? [y/N] y
Output #0, wav, to 'test3.wav':
Stream #0.0: Audio: pcm_s16le, 44100 Hz, stereo, 1411 kb/s
Stream mapping:
Stream #0.0 -> #0.0
Press [q] to stop encoding
Program received signal SIGSEGV, Segmentation fault.
vorbis_floor1_decode (vc=0x8c1c10, vfu=0x8e2be8, vec=0x8c3db0) at
bitstream.h:798
798 {
(gdb) bt
#0 vorbis_floor1_decode (vc=0x8c1c10, vfu=0x8e2be8, vec=0x8c3db0) at
bitstream.h:798
#1 0x00000000005e932b in vorbis_decode_frame (avccontext=0x8dfb10,
data=0x2b2ad1a7f010, data_size=0x7ffffffd68ac, buf=0x6 <Address 0x6 out
of bounds>,
buf_size=73) at vorbis.c:1498
#2 0x000000000046677d in avcodec_decode_audio (avctx=0x8c6220,
samples=0x46, frame_size_ptr=0x18, buf=0x6 <Address 0x6 out of bounds>,
buf_size=9182232)
at utils.c:973
#3 0x00000000004120f7 in output_packet (ist=0x8c18c0, ist_index=0,
ost_table=0x8c1910, nb_ostreams=1, pkt=0x7ffffffd7110) at ffmpeg.c:1134
#4 0x0000000000418c86 in main (argc=-13016, argv=0x8c18c0) at ffmpeg.c:1969
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x5e8b49 to 0x5e8b89:
0x00000000005e8b49 <vorbis_floor1_decode+953>: shl $0x4,%r9
0x00000000005e8b4d <vorbis_floor1_decode+957>: sar $0x3,%eax
0x00000000005e8b50 <vorbis_floor1_decode+960>: and $0x7,%ecx
0x00000000005e8b53 <vorbis_floor1_decode+963>: mov 0x100(%r11),%rdi
0x00000000005e8b5a <vorbis_floor1_decode+970>: add %r13,%rbx
0x00000000005e8b5d <vorbis_floor1_decode+973>: cltq
0x00000000005e8b5f <vorbis_floor1_decode+975>: mov
%rbx,0xffffffffffffff38(%rbp)
0x00000000005e8b66 <vorbis_floor1_decode+982>: mov %r10d,%esi
0x00000000005e8b69 <vorbis_floor1_decode+985>: mov 0x10(%r9,%rdi,1),%r11
0x00000000005e8b6e <vorbis_floor1_decode+990>: mov 0x28(%r9,%rdi,1),%ebx
0x00000000005e8b73 <vorbis_floor1_decode+995>: mov (%r8),%rdi
0x00000000005e8b76 <vorbis_floor1_decode+998>: mov $0xffffffff,%r8d
0x00000000005e8b7c <vorbis_floor1_decode+1004>: mov %ebx,%edx
0x00000000005e8b7e <vorbis_floor1_decode+1006>: mov (%rdi,%rax,1),%r9d
0x00000000005e8b82 <vorbis_floor1_decode+1010>: neg %edx
0x00000000005e8b84 <vorbis_floor1_decode+1012>: mov %r8d,%eax
0x00000000005e8b87 <vorbis_floor1_decode+1015>: sar %cl,%r9d
End of assembler dump.
(gdb) info all-registers
rax 0x8 8
rbx 0xf 15
rcx 0x6 6
rdx 0x18 24
rsi 0x46 70
rdi 0x8dfb10 9304848
rbp 0x7ffffffd6580 0x7ffffffd6580
rsp 0x7ffffffd6260 0x7ffffffd6260
r8 0x8c1c18 9182232
r9 0x2fffffffd0 206158430160
r10 0x46 70
r11 0x8c1c10 9182224
r12 0x7ffffffd6408 140737488184328
r13 0x0 0
r14 0x0 0
r15 0x4 4
rip 0x5e8b69 0x5e8b69 <vorbis_floor1_decode+985>
eflags 0x10206 66054
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 1 (raw 0x3fff8000000000000000)
st7 1.000000000000000015902891109759918e+100 (raw
0x414b924d692ca61be800)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
---Type <return> to continue, or q <return> to quit---
fop 0x0 0
xmm0 {f = {0x0, 0x3, 0x0, 0x0}} {f = {0, 3.1015625, -0, 0}}
xmm1 {f = {0x0, 0x7, 0x0, 0x0}} {f = {0, 7.1729126, 0, 0}}
xmm2 {f = {0x0, 0x1, 0x0, 0x0}} {f = {-5.42409581e+19,
1.08397949, 0, 0}}
xmm3 {f = {0x0, 0x4d680000, 0x0, 0x0}} {f =
{2.58063755e-16, 6.12592203e+12, 0, 0}}
xmm4 {f = {0x0, 0x4d680000, 0x0, 0x0}} {f =
{2.58063755e-16, 6.12592203e+12, -0, 0}}
xmm5 {f = {0x0, 0x0, 0x0, 0x0}} {f = {0, -0, 0, -0}}
xmm6 {f = {0x0, 0x0, 0x0, 0x0}} {f = {-0, 0, 0, 0}}
xmm7 {f = {0x0, 0x0, 0x0, 0x0}} {f = {-0, 0, 0, 0}}
xmm8 {f = {0x0, 0x1, 0x0, 0x0}} {f = {7.52863638e-28,
1.99806249, 0, 0}}
xmm9 {f = {0x0, 0x7, 0x0, 0x0}} {f = {0, 7.1729126, 0, 0}}
xmm10 {f = {0x0, 0x0, 0x0, 0x0}} {f = {-0, 0, 0, 0}}
xmm11 {f = {0x0, 0x0, 0x0, 0x0}} {f = {-0, 0, 0, 0}}
xmm12 {f = {0x0, 0x7, 0x0, 0x0}} {f = {7.47936065e-06,
7.8825407, 0, 0}}
xmm13 {f = {0x181, 0x0, 0x0, 0x0}} {f = {385, 0, 0, 0}}
xmm14 {f = {0x0, 0x0, 0x0, 0x0}} {f = {-0, 0, 0, 0}}
xmm15 {f = {0x0, 0x0, 0x0, 0x0}} {f = {0, 0, 0, 0}}
mxcsr 0x1fa2 8098
MvH
Benjamin Larsson
--
"incorrect information" is an oxymoron. Information is, by definition, factual, correct.
More information about the ffmpeg-devel
mailing list