[MPlayer-users] BUG: mencoder of pre5 crashes everytime
Stefan Sassenberg
stefan.sassenberg at gmx.de
Wed Jul 28 13:02:21 CEST 2004
Martin Simmons wrote:
>>>>>>On Mon, 26 Jul 2004 13:31:47 +0200, Stefan Sassenberg <stefan.sassenberg at gmx.de> said:
>
>
> Stefan> (gdb) disass $pc-32 $pc+32
> Stefan> Dump of assembler code from 0x82e8fdf to 0x82e901f:
> Stefan> 0x082e8fdf <sad16_y2_mmx2+79>: add %cl,(%edi)
> Stefan> 0x082e8fe1 <sad16_y2_mmx2+81>: outsl %ds:(%esi),(%dx)
> Stefan> 0x082e8fe2 <sad16_y2_mmx2+82>: add $0x7,%al
> Stefan> 0x082e8fe4 <sad16_y2_mmx2+84>: movq (%edx,%eax,1),%mm2
> Stefan> 0x082e8fe8 <sad16_y2_mmx2+88>: pavgb %mm2,%mm0
> Stefan> 0x082e8feb <sad16_y2_mmx2+91>: movq (%ecx,%eax,1),%mm2
> Stefan> 0x082e8fef <sad16_y2_mmx2+95>: psadbw %mm2,%mm0
> Stefan> 0x082e8ff2 <sad16_y2_mmx2+98>: add %esi,%eax
> Stefan> 0x082e8ff4 <sad16_y2_mmx2+100>: movq (%edi,%eax,1),%mm1
> Stefan> 0x082e8ff8 <sad16_y2_mmx2+104>: movq (%edx,%eax,1),%mm3
> Stefan> 0x082e8ffc <sad16_y2_mmx2+108>: pavgb %mm1,%mm3
> Stefan> 0x082e8fff <sad16_y2_mmx2+111>: movq (%ecx,%eax,1),%mm1
> Stefan> 0x082e9003 <sad16_y2_mmx2+115>: psadbw %mm1,%mm3
> Stefan> 0x082e9006 <sad16_y2_mmx2+118>: paddw %mm3,%mm0
> Stefan> 0x082e9009 <sad16_y2_mmx2+121>: paddw %mm0,%mm6
> Stefan> 0x082e900c <sad16_y2_mmx2+124>: add %esi,%eax
> Stefan> 0x082e900e <sad16_y2_mmx2+126>: js 0x82e8fe0 <sad16_y2_mmx2+80>
> Stefan> 0x082e9010 <sad16_y2_mmx2+128>: mov 0x10(%ebp),%edi
> Stefan> 0x082e9013 <sad16_y2_mmx2+131>: mov 0xffffffe8(%ebp),%edx
> Stefan> 0x082e9016 <sad16_y2_mmx2+134>: mov %ebx,%eax
> Stefan> 0x082e9018 <sad16_y2_mmx2+136>: neg %eax
> Stefan> 0x082e901a <sad16_y2_mmx2+138>: lea 0x8(%edi,%ebx,1),%ecx
> Stefan> 0x082e901e <sad16_y2_mmx2+142>: mov 0xc(%ebp),%edi
> Stefan> End of assembler dump.
> Stefan> (gdb) info all-registers
> Stefan> eax 0xbfffdcc1 -1073750847
> Stefan> ecx 0x415a5150 1096438096
> Stefan> edx 0x41535140 1095979328
> Stefan> ebx 0x2f00 12032
> Stefan> esp 0xbfffdcc1 0xbfffdcc1
> Stefan> ebp 0xbfffdcd8 0xbfffdcd8
> Stefan> esi 0x2f0 752
> Stefan> edi 0x41534e50 1095978576
> Stefan> eip 0x82e8fff 0x82e8fff
>
> This register dump suggests to me that something nasty is happening (esp is
> slightly wrong and eax is set to the same wrong value, which is nothing like
> it should be). It could be worthwhile doing some more runs and posting the
> debugging info to see if there is a pattern.
>
> Also, if sad16_y2_mmx2 (or some similarly named function) appears in
> subsequent crashes too, then the output of the gdb command
>
> disass sad16_y2_mmx2
>
> (or whatever the function is) might be useful.
>
> __Martin
>
I had one more run last night (same file, same options) which took quite
a long time to crash. I hope I did as you requested:
Pos:5120.6s 128017f (61%) 28fps Trem: 48min 2387mb A-V:0.040
[1934:448] A/Vms 0/33 D/B/S 0/1/0
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 2059)]
0x082e8fef in sad16_y2_mmx2 (v=0x0,
blk2=0x41405f80
"***))**))'(('''('&(((&&''%%&'&&'$$%%$$%$$%&'(()''&%&&&&&&('()*+*+***+++++++**-,++,--+,,,+)))('((((()((''*((*)++*+,-10,,0-.,,,,,,**+*****,.01100//./0//1/,,+**+,+.,+-..,+,,,,,,*+,,+,/223111112376787898:"...,
blk1=0x41582a39 "((((((())))))))''''''''", '%' <repeats 16 times>,
"''''''''))))))))********))))))))********++++++++,********+++++++)))))+++-----/,,,,,*--././0*****",
',' <repeats 11 times>,
"++++++,,,,,,,,.......////////1111111100/.-,++++++++++-"..., stride=752,
h=16) at i386/motion_est_mmx.c:93
93 asm volatile(
(gdb) bt
#0 0x082e8fef in sad16_y2_mmx2 (v=0x0,
blk2=0x41405f80
"***))**))'(('''('&(((&&''%%&'&&'$$%%$$%$$%&'(()''&%&&&&&&('()*+*+***+++++++**-,++,--+,,,+)))('((((()((''*((*)++*+,-10,,0-.,,,,,,**+*****,.01100//./0//1/,,+**+,+.,+-..,+,,,,,,*+,,+,/223111112376787898:"...,
blk1=0x41582a39 "((((((())))))))''''''''", '%' <repeats 16 times>,
"''''''''))))))))********))))))))********++++++++,********+++++++)))))+++-----/,,,,,*--././0*****",
',' <repeats 11 times>,
"++++++,,,,,,,,.......////////1111111100/.-,++++++++++-"..., stride=752,
h=16) at i386/motion_est_mmx.c:93
#1 0x08232278 in sad_hpel_motion_search (s=0x84f2900, mx_ptr=0xbfffdde8,
my_ptr=0xbfffddec, dmin=339, src_index=-1504, ref_index=1094749824,
size=0, h=16) at motion_est.c:613
#2 0x0823968f in ff_estimate_p_frame_motion (s=0x84f2900, mb_x=20, mb_y=17)
at motion_est.c:1308
#3 0x081b4a9b in estimate_motion_thread (c=0x84a2130, arg=0x84f2900)
at mpegvideo.c:4027
#4 0x081a8038 in avcodec_default_execute (c=0x84a2130,
func=0x81b4a10 <estimate_motion_thread>, arg=0x84f29c4, ret=0x0,
count=1)
at utils.c:342
#5 0x081b5358 in MPV_encode_picture (avctx=0x84a2130, buf=0x40bb4008 "",
buf_size=2097152, data=0x84a2050) at mpegvideo.c:4724
#6 0x081a83dc in avcodec_encode_video (avctx=0x84a2130,
buf=0xfffffa20 <Address 0xfffffa20 out of bounds>, buf_size=-1504,
pict=0x84a2050) at utils.c:478
#7 0x0808facf in put_image (vf=0x84a2000, mpi=0x41408e80) at ve_lavc.c:775
#8 0x08099163 in decode_video (sh_video=0x848b708,
start=0xfffffa20 <Address 0xfffffa20 out of bounds>, in_size=-1504,
drop_frame=0) at dec_video.c:332
#9 0x080688f4 in main (argc=-1504, argv=0xfffffa20) at mencoder.c:1303
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x82e8fcf to 0x82e900f:
0x082e8fcf <sad16_y2_mmx2+63>: ret $0xc129
0x082e8fd2 <sad16_y2_mmx2+66>: lea 0x0(%esi,1),%esi
0x082e8fd9 <sad16_y2_mmx2+73>: lea 0x0(%edi,1),%edi
0x082e8fe0 <sad16_y2_mmx2+80>: movq (%edi,%eax,1),%mm0
0x082e8fe4 <sad16_y2_mmx2+84>: movq (%edx,%eax,1),%mm2
0x082e8fe8 <sad16_y2_mmx2+88>: pavgb %mm2,%mm0
0x082e8feb <sad16_y2_mmx2+91>: movq (%ecx,%eax,1),%mm2
0x082e8fef <sad16_y2_mmx2+95>: psadbw %mm2,%mm0
0x082e8ff2 <sad16_y2_mmx2+98>: add %esi,%eax
0x082e8ff4 <sad16_y2_mmx2+100>: movq (%edi,%eax,1),%mm1
0x082e8ff8 <sad16_y2_mmx2+104>: movq (%edx,%eax,1),%mm3
0x082e8ffc <sad16_y2_mmx2+108>: pavgb %mm1,%mm3
0x082e8fff <sad16_y2_mmx2+111>: movq (%ecx,%eax,1),%mm1
0x082e9003 <sad16_y2_mmx2+115>: psadbw %mm1,%mm3
0x082e9006 <sad16_y2_mmx2+118>: paddw %mm3,%mm0
0x082e9009 <sad16_y2_mmx2+121>: paddw %mm0,%mm6
0x082e900c <sad16_y2_mmx2+124>: add %esi,%eax
0x082e900e <sad16_y2_mmx2+126>: js 0x82e8fe0 <sad16_y2_mmx2+80>
End of assembler dump.
(gdb) info all-registers
eax 0xfffffa20 -1504
ecx 0x41408e80 1094749824
edx 0x41585c29 1096309801
ebx 0x2f00 12032
esp 0xbfffdcc0 0xbfffdcc0
ebp 0xbfffdcd8 0xbfffdcd8
esi 0x2f0 752
edi 0x41585939 1096309049
eip 0x82e8fef 0x82e8fef
eflags 0x10282 66178
cs 0x23 35
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x0 0
gs 0x7 7
st0 -nan(0x2929292929292929) (raw 0xffff2929292929292929)
st1 -nan(0x2727282727272829) (raw 0xffff2727282727272829)
st2 -nan(0x282729292828282a) (raw 0xffff282729292828282a)
st3 -nan(0x00000000c) (raw 0xffff000000000000000c)
st4 -nan(0x1200000008) (raw 0xffff0000001200000008)
st5 -nan(0x1000100010001) (raw 0xffff0001000100010001)
st6 -nan(0x00000006c) (raw 0xffff000000000000006c)
st7 -0e+4922 (raw 0xffff0000000000000000)
fctrl 0x37f 895
fstat 0x420 1056
ftag 0xaaaa 43690
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
mxcsr 0x1f80 8064
mm0 {uint64 = 0x2929292929292929, v2_int32 = {0x29292929,
0x29292929}, v4_int16 = {0x2929, 0x2929, 0x2929, 0x2929}, v8_int8 =
{0x29,
0x29, 0x29, 0x29, 0x29, 0x29, 0x29, 0x29}}
mm1 {uint64 = 0x2727282727272829, v2_int32 = {0x27272829,
0x27272827}, v4_int16 = {0x2829, 0x2727, 0x2827, 0x2727}, v8_int8 =
{0x29,
0x28, 0x27, 0x27, 0x27, 0x28, 0x27, 0x27}}
mm2 {uint64 = 0x282729292828282a, v2_int32 = {0x2828282a,
0x28272929}, v4_int16 = {0x282a, 0x2828, 0x2929, 0x2827}, v8_int8 =
{0x2a,
0x28, 0x28, 0x28, 0x29, 0x29, 0x27, 0x28}}
mm3 {uint64 = 0xc, v2_int32 = {0xc, 0x0}, v4_int16 = {0xc, 0x0,
0x0, 0x0}, v8_int8 = {0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm4 {uint64 = 0x1200000008, v2_int32 = {0x8, 0x12}, v4_int16 = {
0x8, 0x0, 0x12, 0x0}, v8_int8 = {0x8, 0x0, 0x0, 0x0, 0x12, 0x0,
0x0, 0x0}}
mm5 {uint64 = 0x1000100010001, v2_int32 = {0x10001, 0x10001},
v4_int16 = {0x1, 0x1, 0x1, 0x1}, v8_int8 = {0x1, 0x0, 0x1, 0x0, 0x1,
0x0,
0x1, 0x0}}
mm6 {uint64 = 0x6c, v2_int32 = {0x6c, 0x0}, v4_int16 = {0x6c,
0x0,
0x0, 0x0}, v8_int8 = {0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
(gdb) disass sad16_y2_mmx2
Dump of assembler code for function sad16_y2_mmx2:
0x082e8f90 <sad16_y2_mmx2+0>: push %ebp
0x082e8f91 <sad16_y2_mmx2+1>: mov %esp,%ebp
0x082e8f93 <sad16_y2_mmx2+3>: sub $0x18,%esp
0x082e8f96 <sad16_y2_mmx2+6>: mov %ebx,0xfffffff4(%ebp)
0x082e8f99 <sad16_y2_mmx2+9>: mov %esi,0xfffffff8(%ebp)
0x082e8f9c <sad16_y2_mmx2+12>: mov %edi,0xfffffffc(%ebp)
0x082e8f9f <sad16_y2_mmx2+15>: pxor %mm7,%mm7
0x082e8fa2 <sad16_y2_mmx2+18>: pxor %mm6,%mm6
0x082e8fa5 <sad16_y2_mmx2+21>: movq 0x83967c0,%mm5
0x082e8fac <sad16_y2_mmx2+28>: mov 0x14(%ebp),%ebx
0x082e8faf <sad16_y2_mmx2+31>: mov 0x10(%ebp),%eax
0x082e8fb2 <sad16_y2_mmx2+34>: imul 0x18(%ebp),%ebx
0x082e8fb6 <sad16_y2_mmx2+38>: add 0x14(%ebp),%eax
0x082e8fb9 <sad16_y2_mmx2+41>: mov 0x10(%ebp),%edi
0x082e8fbc <sad16_y2_mmx2+44>: mov 0xc(%ebp),%ecx
0x082e8fbf <sad16_y2_mmx2+47>: mov 0x14(%ebp),%esi
0x082e8fc2 <sad16_y2_mmx2+50>: mov %eax,0xffffffe8(%ebp)
0x082e8fc5 <sad16_y2_mmx2+53>: mov 0xffffffe8(%ebp),%edx
0x082e8fc8 <sad16_y2_mmx2+56>: mov %ebx,%eax
0x082e8fca <sad16_y2_mmx2+58>: neg %eax
0x082e8fcc <sad16_y2_mmx2+60>: sub %eax,%edi
0x082e8fce <sad16_y2_mmx2+62>: sub %eax,%edx
0x082e8fd0 <sad16_y2_mmx2+64>: sub %eax,%ecx
0x082e8fd2 <sad16_y2_mmx2+66>: lea 0x0(%esi,1),%esi
0x082e8fd9 <sad16_y2_mmx2+73>: lea 0x0(%edi,1),%edi
0x082e8fe0 <sad16_y2_mmx2+80>: movq (%edi,%eax,1),%mm0
0x082e8fe4 <sad16_y2_mmx2+84>: movq (%edx,%eax,1),%mm2
0x082e8fe8 <sad16_y2_mmx2+88>: pavgb %mm2,%mm0
0x082e8feb <sad16_y2_mmx2+91>: movq (%ecx,%eax,1),%mm2
0x082e8fef <sad16_y2_mmx2+95>: psadbw %mm2,%mm0
0x082e8ff2 <sad16_y2_mmx2+98>: add %esi,%eax
0x082e8ff4 <sad16_y2_mmx2+100>: movq (%edi,%eax,1),%mm1
0x082e8ff8 <sad16_y2_mmx2+104>: movq (%edx,%eax,1),%mm3
0x082e8ffc <sad16_y2_mmx2+108>: pavgb %mm1,%mm3
0x082e8fff <sad16_y2_mmx2+111>: movq (%ecx,%eax,1),%mm1
0x082e9003 <sad16_y2_mmx2+115>: psadbw %mm1,%mm3
0x082e9006 <sad16_y2_mmx2+118>: paddw %mm3,%mm0
0x082e9009 <sad16_y2_mmx2+121>: paddw %mm0,%mm6
0x082e900c <sad16_y2_mmx2+124>: add %esi,%eax
0x082e900e <sad16_y2_mmx2+126>: js 0x82e8fe0 <sad16_y2_mmx2+80>
0x082e9010 <sad16_y2_mmx2+128>: mov 0x10(%ebp),%edi
0x082e9013 <sad16_y2_mmx2+131>: mov 0xffffffe8(%ebp),%edx
0x082e9016 <sad16_y2_mmx2+134>: mov %ebx,%eax
0x082e9018 <sad16_y2_mmx2+136>: neg %eax
0x082e901a <sad16_y2_mmx2+138>: lea 0x8(%edi,%ebx,1),%ecx
0x082e901e <sad16_y2_mmx2+142>: mov 0xc(%ebp),%edi
0x082e9021 <sad16_y2_mmx2+145>: lea 0x8(%edx,%ebx,1),%esi
0x082e9025 <sad16_y2_mmx2+149>: lea 0x8(%edi,%ebx,1),%edx
0x082e9029 <sad16_y2_mmx2+153>: mov 0x14(%ebp),%ebx
0x082e902c <sad16_y2_mmx2+156>: lea 0x0(%esi,1),%esi
0x082e9030 <sad16_y2_mmx2+160>: movq (%ecx,%eax,1),%mm0
0x082e9034 <sad16_y2_mmx2+164>: movq (%esi,%eax,1),%mm2
0x082e9038 <sad16_y2_mmx2+168>: pavgb %mm2,%mm0
0x082e903b <sad16_y2_mmx2+171>: movq (%edx,%eax,1),%mm2
0x082e903f <sad16_y2_mmx2+175>: psadbw %mm2,%mm0
0x082e9042 <sad16_y2_mmx2+178>: add %ebx,%eax
0x082e9044 <sad16_y2_mmx2+180>: movq (%ecx,%eax,1),%mm1
0x082e9048 <sad16_y2_mmx2+184>: movq (%esi,%eax,1),%mm3
0x082e904c <sad16_y2_mmx2+188>: pavgb %mm1,%mm3
0x082e904f <sad16_y2_mmx2+191>: movq (%edx,%eax,1),%mm1
0x082e9053 <sad16_y2_mmx2+195>: psadbw %mm1,%mm3
0x082e9056 <sad16_y2_mmx2+198>: paddw %mm3,%mm0
0x082e9059 <sad16_y2_mmx2+201>: paddw %mm0,%mm6
0x082e905c <sad16_y2_mmx2+204>: add %ebx,%eax
0x082e905e <sad16_y2_mmx2+206>: js 0x82e9030 <sad16_y2_mmx2+160>
0x082e9060 <sad16_y2_mmx2+208>: movd %mm6,%eax
0x082e9063 <sad16_y2_mmx2+211>: mov 0xfffffff4(%ebp),%ebx
0x082e9066 <sad16_y2_mmx2+214>: mov 0xfffffff8(%ebp),%esi
0x082e9069 <sad16_y2_mmx2+217>: mov 0xfffffffc(%ebp),%edi
0x082e906c <sad16_y2_mmx2+220>: leave
0x082e906d <sad16_y2_mmx2+221>: ret
End of assembler dump.
Regards
Stefan
More information about the MPlayer-users
mailing list