[MPlayer-users] BUGREPORT: mencoder -vc mpeg12 -ovc lavc -- reproducible segfault at _end_ of DVD

Corey Hickey bugfood-ml at fatooh.org
Mon Aug 4 05:47:18 CEST 2003


First off, I'm not sure if this is a bug in mplayer or in libavcodec, so
if I should cross-post this to the ffmpeg-devel list, someone please
tell me and I'll be happy to do so.

Anyway, I am able to easily reproduce a segmentation fault in mencoder
when it reaches the end of a DVD. I'm using mplayer CVS and libavcodec
CVS from a few minutes ago, and have reduced the case to:

mencoder end-of-dvd-segfault.vob -nosound -vc mpeg12 \
-ovc lavc -lavcopts vbitrate=800:vcodec=mpeg4:vpass=1

Changing mpeg12 to ffmpeg12 works fine. Also, mencoder 0.90 has no
trouble.

I am uploading a bugreport with sample file to mplayerhq ftp:
end-of-dvd-segfault.txt    ---   The text of this mail
end-of-dvd-segfault.vob    ---   mplayer dvd://1 -dumpstream, and then
the very last part extracted with dd (yes, I know it's just a second of
black frames, but mencoder behaves just the same as when it has the
entire file.

For anyone who doesn't have mplayerhq ftp access, both of the files
listed above are also available at:
http://bugfood.casa-z.org/mpbug/

Thanks,
Corey


~~~~~~~~system information~~~~~~~~~~~

Debian sarge (testing)

Linux 2.4.21

bugfood at bugfood:~$ ls -l /lib/libc[.-]*
-rwxr-xr-x    1 root     root      1104040 Mar 21 08:19 /lib/libc-2.3.1.so
lrwxrwxrwx    1 root     root           14 Oct  4  2002 /lib/libc.so.5 
-> libc.so.5.4.46
-rw-r--r--    1 root     root       563068 Feb  4  2002 /lib/libc.so.5.4.46
lrwxrwxrwx    1 root     root           13 Apr  1 13:19 /lib/libc.so.6 
-> libc-2.3.1.so

gcc version 3.2.3 20030415 (Debian prerelease)
NOTE: also tested with:
gcc version 2.95.4 20011002 (Debian prerelease)


GNU ld version 2.14.90.0.4 20030523 Debian GNU/Linux

GNU assembler 2.14.90.0.4 20030523 Debian GNU/Linux

bugfood at bugfood:~$ cat /proc/cpuinfo
processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 6
model           : 8
model name      : AMD Athlon(tm)
stepping        : 0
cpu MHz         : 1890.053
cache size      : 256 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge 
mca cmov pat pse36 mmx fxsr sse syscall mmxext 3dnowext 3dnow
bogomips        : 3761.76


~~~~~~~~~~~~~~GDB information~~~~~~~~~~~~~~~~~

bugfood at bugfood:~/mpbug$ gdb mencoder
GNU gdb 5.3-debian
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain 
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-linux"...(no debugging symbols found)...
(gdb) run -v end-of-dvd-segfault.vob -ovc lavc -lavcopts 
vbitrate=800:vcodec=mpeg4:vpass=1 -nosound -vc mpeg12
Starting program: /usr/bin/mencoder -v end-of-dvd-segfault.vob -ovc lavc 
-lavcopts vbitrate=800:vcodec=mpeg4:vpass=1 -nosound -vc mpeg12
(no debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...[New Thread 16384 (LWP 23950)]
Using GNU internationalization
Original domain: messages
Original dirname: /usr/share/locale
Current domain: mplayer
Current dirname: /usr/share/locale

MEncoder dev-CVS-030803-19:37-3.2.3 (C) 2000-2003 MPlayer Team

CPU: Advanced Micro Devices  (Family: 6, Stepping: 0)
Detected cache-line size is 64 bytes
CPUflags: Type: 6 MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 0
Compiled for x86 CPU with extensions: MMX MMX2 3DNow 3DNowEx SSE

Reading /home/bugfood/.mplayer/codecs.conf: This codecs.conf is too old 
and incompatible with this MPlayer release! at line 6
Reading /etc/mplayer/codecs.conf: This codecs.conf is too old and 
incompatible with this MPlayer release! at line 6
Using built-in default codecs.conf
File not found: 'frameno.avi'
Failed to open frameno.avi
Reading config file /home/bugfood/.mplayer/mencoder: No such file or 
directory
init_freetype
Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay
Not an URL!
[file] File size is 151552 bytes
STREAM: [file] end-of-dvd-segfault.vob
STREAM: Description: File
STREAM: Author: Albeu
STREAM: Comment: based on the code from ??? (probably Arpi)
success: format: 0  data: 0x0 - 0x25000
Checking for YUV4MPEG2
DEMUXER: freeing demuxer at 0x84575a8
ASF_check: not ASF guid!
DEMUXER: freeing demuxer at 0x84575a8
Checking for NuppelVideo
DEMUXER: freeing demuxer at 0x84575a8
Checking for REAL
DEMUXER: freeing demuxer at 0x84575a8
Checking for SMJPEG
DEMUXER: freeing demuxer at 0x84575a8
DEMUXER: freeing demuxer at 0x8457f48
Searching demuxer type for filename end-of-dvd-segfault.vob ext: .vob
Trying demuxer 2 based on filename extension
system stream synced at 0xD (0)!
==> Found audio stream: 131
==> Found video stream: 0
MPEG-PS file format detected.
Searching for sequence header... OK!
VIDEO:  MPEG2  720x480  (aspect 3)  29.97 fps  9201.6 kbps (1150.2 kbyte/s)
[V] filefmt:2  fourcc:0x10000002  size:720x480  fps:29.97  ftime:=0.0334
Opening video filter: [expand osd=1]
Expand: -1 x -1, -1 ; -1  (-1=autodetect) osd: 1
==========================================================================
Forced video codec: mpeg12
Opening video decoder: [libmpeg2] MPEG 1/2 Video decoder libmpeg2-v0.3.1
Selected video codec: [mpeg12] vfm:libmpeg2 (MPEG 1 or 2 (libmpeg2))
==========================================================================
Writing AVI header...
VDec: vo config request - 720 x 480 (preferred csp: Planar YV12)
Trying filter chain: expand lavc
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is 1.78:1 - prescaling to correct movie aspect.
VO Config (720x480->854x480,flags=0,'MPlayer',0x32315659)
REQ: flags=0x401  req=0x0
videocodec: libavcodec (720x480 fourcc=58564944 [DIVX])
get_path('subfont.ttf') -> '/home/bugfood/.mplayer/subfont.ttf'
New_Face failed. Maybe the font path is wrong.
Please supply the text font file (~/.mplayer/subfont.ttf).
subtitle font: load_sub_face failed.
*** [lavc] Allocating mp_image_t, 720x480x12bpp YUV planar, 518400 bytes
*** [expand] Direct Rendering mp_image_t, 720x480x12bpp YUV planar, 
518400 bytes
*** [lavc] Allocating mp_image_t, 720x480x12bpp YUV planar, 518400 
bytesms 0/8 D/B/S 0/1/0
*** [expand] Direct Rendering mp_image_t, 720x480x12bpp YUV planar, 
518400 bytes
*** [lavc] Allocating mp_image_t, 720x480x12bpp YUV planar, 518400 
bytesms 0/11 D/B/S 2/1/0
*** [expand] Direct Rendering mp_image_t, 720x480x12bpp YUV planar, 
518400 bytes
Pos:   0.2s      4f (12%)   0fps Trem:   0min   0mb  A-V:0.000 [0:0] 
A/Vms 0/12 D/B/S 2/1/0
demux_mpg: 3:2 TELECINE detected, enabling inverse telecine fx. FPS 
changed to 23.976!
==> Found audio stream: 128 0fps Trem:   0min   0mb  A-V:0.000 [0:0] 
A/Vms 0/10 D/B/S 6/1/0
==> Found audio stream: 129
==> Found audio stream: 130
VDec: vo config request - 720 x 480 (preferred csp: Planar YV12)
Trying filter chain: expand lavc
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is 1.78:1 - prescaling to correct movie aspect.
VO Config (720x480->854x480,flags=0,'MPlayer',0x32315659)
REQ: flags=0x401  req=0x0
videocodec: libavcodec (720x480 fourcc=58564944 [DIVX])
get_buffer() failed (0 -8 0 0x40f51f30)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 23950)]
0x081a074a in ff_copy_bits ()
(gdb) bt
#0  0x081a074a in ff_copy_bits ()
#1  0x0819c28f in MPV_encode_picture ()
#2  0x08197d4a in avcodec_encode_video ()
#3  0x080aae60 in vf_open_encoder ()
#4  0x080c28f9 in vf_next_put_image ()
#5  0x080b56d1 in decode_video ()
#6  0x080850d1 in main ()
#7  0x405cda51 in __libc_start_main () from /lib/libc.so.6
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x81a072a to 0x81a076a:
0x81a072a <ff_copy_bits+9066>:	out    %al,(%dx)
0x81a072b <ff_copy_bits+9067>:	add    $0xfe,%cl
0x81a072e <ff_copy_bits+9070>:	or     %cl,0x8eac1f3(%ecx)
0x81a0734 <ff_copy_bits+9076>:	add    0xfffe6468(%ebp),%ecx
0x81a073a <ff_copy_bits+9082>:	sub    %edx,%eax
0x81a073c <ff_copy_bits+9084>:	mov    0x1258(%edi),%edx
0x81a0742 <ff_copy_bits+9090>:	add    $0x274,%eax
0x81a0747 <ff_copy_bits+9095>:	shr    $0x8,%eax
0x81a074a <ff_copy_bits+9098>:	mov    %ax,(%edx,%ecx,2)
0x81a074e <ff_copy_bits+9102>:	mov    0x1260(%edi),%edx
0x81a0754 <ff_copy_bits+9108>:	mov    %bl,(%ecx,%edx,1)
0x81a0757 <ff_copy_bits+9111>:	incl   0xfffe6468(%ebp)
0x81a075d <ff_copy_bits+9117>:	add    %eax,0x1250(%edi)
0x81a0763 <ff_copy_bits+9123>:	mov    0x9c(%edi),%eax
0x81a0769 <ff_copy_bits+9129>:	cmp    %eax,0xfffe6468(%ebp)
End of assembler dump.
(gdb) info all-registers
eax            0x101	257
ecx            0x0	0
edx            0x0	0
ebx            0x1	1
esp            0xbffe4840	0xbffe4840
ebp            0xbfffe468	0xbfffe468
esi            0x1	1
edi            0x85540e0	139804896
eip            0x81a074a	0x81a074a
eflags         0x210212	2163218
cs             0x23	35
ss             0x2b	43
ds             0x2b	43
es             0x2b	43
fs             0x0	0
gs             0x0	0
st0            -0e+4922	(raw 0xffff0000000000000000)
st1            -nan(0x800000010000)	(raw 0xffff0000800000010000)
st2            -nan(0x40000000400)	(raw 0xffff0000040000000400)
st3            -nan(0x20000000200)	(raw 0xffff0000020000000200)
st4            -nan(0x40000000400)	(raw 0xffff0000040000000400)
st5            -nan(0x40004000800080)	(raw 0xffff0040004000800080)
st6            -nan(0x40008000c00100)	(raw 0xffff0040008000c00100)
st7            -nan(0x000008000)	(raw 0xffff0000000000008000)
fctrl          0x37f	895
fstat          0x120	288
ftag           0xaaaa	43690
fiseg          0x0	0
fioff          0x0	0
foseg          0x0	0
fooff          0x0	0
fop            0x0	0
xmm0           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm1           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm2           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
---Type <return> to continue, or q <return> to quit---
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm3           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm4           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm5           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm6           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm7           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = 
{0x8000000000000000, 0x8000000000000000},
   v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 
0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
     0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 
0xffffffff}, v2_int64 = {0xffffffffffffffff,
     0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
mxcsr          0x1f80	8064
orig_eax       0xffffffff	-1
mm0            {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 
0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0,
     0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1            {uint64 = 0x800000010000, v2_int32 = {0x10000, 0x8000}, 
v4_int16 = {0x0, 0x1, 0x8000, 0x0},
   v8_int8 = {0x0, 0x0, 0x1, 0x0, 0x0, 0x80, 0x0, 0x0}}
mm2            {uint64 = 0x40000000400, v2_int32 = {0x400, 0x400}, 
v4_int16 = {0x400, 0x0, 0x400, 0x0},
   v8_int8 = {0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}}
mm3            {uint64 = 0x20000000200, v2_int32 = {0x200, 0x200}, 
v4_int16 = {0x200, 0x0, 0x200, 0x0},
   v8_int8 = {0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0}}
mm4            {uint64 = 0x40000000400, v2_int32 = {0x400, 0x400}, 
v4_int16 = {0x400, 0x0, 0x400, 0x0},
   v8_int8 = {0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0}}
mm5            {uint64 = 0x40004000800080, v2_int32 = {0x800080, 
0x400040}, v4_int16 = {0x80, 0x80, 0x40,
     0x40}, v8_int8 = {0x80, 0x0, 0x80, 0x0, 0x40, 0x0, 0x40, 0x0}}
mm6            {uint64 = 0x40008000c00100, v2_int32 = {0xc00100, 
0x400080}, v4_int16 = {0x100, 0xc0, 0x80,
     0x40}, v8_int8 = {0x0, 0x1, 0xc0, 0x0, 0x80, 0x0, 0x40, 0x0}}
mm7            {uint64 = 0x8000, v2_int32 = {0x8000, 0x0}, v4_int16 = 
{0x8000, 0x0, 0x0, 0x0}, v8_int8 = {
     0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
(gdb)

~~~~~~~~~~~~~~~~~end of bugreport~~~~~~~~~~~~~~~~~~~~~



More information about the MPlayer-users mailing list