[MPlayer-users] [Bug_Report - Crash] Segfault in module: decode_audio
Vincent Gerard
v.ge at wanadoo.fr
Sun Feb 4 21:32:01 CET 2007
Hello,
Thanks for your reply, here it is a new bug report done with latest SVN
version.
So, i've done the test again , and the Segfault still occurs.
Mplayer crash when opening an ogm file with vorbis audio, it is reproductible
on several differents files from the same series.
I have split with ogmsplit an extract of a buggy file and uploaded it to :
ftp://upload.mplayerhq.hu/MPlayer/incoming/
with file name : Bug.ogm.
this file crash at the second 5 for me.
The bug seems to be from ffmpeg vorbis.c decoder, i don't know if it may be
specific to AMD64 arch. (it crash even with -ao null)
Vincent Gerard.
Debug information with SVN version:
System information :
-----------------------------
distrib : Gentoo 2006.1 64bits, up to date on AMD64.
kernel : 2.6.18-gentoo-r6
libc version 2.4 NPTL
gcc version 4.1.1 (Gentoo 4.1.1-r1)
GNU ld version 2.16.1
GNU assembler 2.16.1
CPUinfo :
--------------------------
processor : 0
vendor_id : AuthenticAMD
cpu family : 15
model : 4
model name : AMD Athlon(tm) 64 Processor 3400+
stepping : 8
cpu MHz : 2202.906
cache size : 1024 KB
fpu : yes
fpu_exception : yes
cpuid level : 1
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca
cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext lm 3dnowext 3dnow
bogomips : 4410.74
TLB size : 1024 4K pages
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: ts fid vid ttp
--------------------------------------------
Launch command and Output:
gdb ./mplayer (in the fresh compliled svn directory)
(gdb) r Bug.ogm
Starting program: /home/vincent/mplayer/mplayer Bug.ogm
[Thread debugging using libthread_db enabled]
[New Thread 47058638590400 (LWP 13558)]
MPlayer dev-SVN-r22133-4.1.1 (C) 2000-2007 MPlayer Team
CPU: AMD Athlon(tm) 64 Processor 3400+ (Family: 15, Model: 4, Stepping: 8)
CPUflags: MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 1 SSE2: 1
Compiled for x86 CPU with extensions: MMX MMX2 3DNow 3DNowEx SSE SSE2
mplayer: could not connect to socket
mplayer: No such file or directory
Failed to open LIRC support. You will not be able to use your remote control.
Playing Bug.ogm.
[Ogg] stream 0: video (FOURCC DX50), -vid 0
[Ogg] stream 1: audio (Vorbis), -aid 0
Ogg file format detected.
VIDEO: [DX50] 576x432 24bpp 25.000 fps 0.0 kbps ( 0.0 kbyte/s)
Clip info:
Software: Made with BeSweet v1.5b23
Encoder URL: http://DSPguru.doom9.org
Language: (not specified)
==========================================================================
Opening video decoder: [ffmpeg] FFmpeg's libavcodec codec family
Selected video codec: [ffodivx] vfm: ffmpeg (FFmpeg MPEG-4)
==========================================================================
==========================================================================
Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders
AUDIO: 48000 Hz, 2 ch, s16le, 80.0 kbit/5.21% (ratio: 10000->192000)
Selected audio codec: [ffvorbis] afm: ffmpeg (FFmpeg Vorbis decoder)
==========================================================================
AO: [oss] 48000Hz 2ch s16le (2 bytes per sample)
Starting playback...
VDec: vo config request - 576 x 432 (preferred colorspace: Planar YV12)
VDec: using Planar YV12 as output csp (no 0)
Movie-Aspect is 1.33:1 - prescaling to correct movie aspect.
VO: [xv] 576x432 => 576x432 Planar YV12
New_Face failed. Maybe the font path is wrong. 1 ??% ??% ??,?% 0 0
Please supply the text font file (~/.mplayer/subfont.ttf).
subtitle font: load_sub_face failed.
A: 5.2 V: 5.2 A-V: 0.003 ct: 0.116 132/132 4% 0% 0.4% 0 0
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 47058638590400 (LWP 13558)]
0x00000000007f7e99 in vorbis_residue_decode (vc=0xd54110, vr=0xd68e10,
ch=2 '\002', do_not_decode=0x7ffffeefdd10 "",
vec=0xd56ce0, vlen=1024) at vorbis.c:1512
1512
vec[voffs ]+=codebook.codevectors[coffs+l ]; // FPMATH
-----------------------
Gdb backtrace :
(gdb)bt
0x00000000007f7e99 in vorbis_residue_decode (vc=0xd54110, vr=0xd68e10,
ch=2 '\002', do_not_decode=0x7ffffeefdd10 "",
vec=0xd56ce0, vlen=1024) at vorbis.c:1512
#1 0x00000000007f92d4 in vorbis_parse_audio_packet (vc=0xd54110) at
vorbis.c:1658
#2 0x00000000007f9988 in vorbis_decode_frame (avccontext=<value optimized
out>, data=0x2aaaaab29710,
data_size=0x7ffffeefde84, buf=<value optimized out>, buf_size=185) at
vorbis.c:1773
#3 0x00000000005f2c72 in avcodec_decode_audio2 (avctx=0xd52e60, samples=0x2,
frame_size_ptr=0xffffffff, buf=0xd56f20 "",
buf_size=4676) at utils.c:945
#4 0x00000000004f5d50 in decode_audio (sh_audio=0xc95b20,
buf=0x2aaaaab29710 "©á^á\026ãÍâwä$ä@åÓä\201åßä\216å¨ä
å\225ä\næêä\212æ\220å²æüå\020æ¥åÕä¨ä±ã
ã-ãDãRãrãÒãÕã7äìã$äpãÇã»âåã¨âïä\233ã)æÌä\205æ*å$æÇä/æ³ä3çyå\235è®æ\tê\027èïë(êcîÓì\022ð¹î¨ï\217î¢íØìÁëNëÅê¥êÇéðéïçFè±å\bæïã\027ä²â\216âsáþà<à\177ßÞßéÞ\020áðߣãZâ¾æ@åÔé\033è=íXë\214ñ\237ï]ö\213ô"...,
minlen=6400, maxlen=<value optimized out>) at ad_ffmpeg.c:161
#5 0x00000000004bd768 in decode_audio (sh_audio=0xc95b20,
buf=0xd6d830 "Ë\025z\026\026\026Ï\026ð\026¹\027\024\030ó\0307\031#\032\005\032ï\032'\032\021\033\203\031y\0325\0303\031Q\026H\027ø\023Ý\024\212\021Y\022^\017\005\020I\r \rÓ\n¹\nô\al\aU\005\206\004©\003Æ\002ý\002/\002É\002\"\002\223\002\021\002\\\002ì\001I\002Ò\001'\002\222\001\225\001Þ",
minlen=<value optimized out>, maxlen=<value optimized out>) at
dec_audio.c:387
#6 0x00000000004732cb in main (argc=<value optimized out>, argv=0x0) at
mplayer.c:3193
----------------
(gdb)disass $pc-32 $pc+32
Dump of assembler code from 0x7f7e79 to 0x7f7eb9:
0x00000000007f7e79 <vorbis_residue_decode+1865>: lea (%r14,%r8,1),
%rdx
0x00000000007f7e7d <vorbis_residue_decode+1869>: xor %esi,%esi
0x00000000007f7e7f <vorbis_residue_decode+1871>: movzbl %sil,%eax
0x00000000007f7e83 <vorbis_residue_decode+1875>: movss (%rcx),%xmm0
0x00000000007f7e87 <vorbis_residue_decode+1879>: lea (%r10,%rax,1),
%rax
0x00000000007f7e8b <vorbis_residue_decode+1883>: add $0x2,%esi
0x00000000007f7e8e <vorbis_residue_decode+1886>: inc %r12
0x00000000007f7e91 <vorbis_residue_decode+1889>: add $0x4,%r8
0x00000000007f7e95 <vorbis_residue_decode+1893>: shl $0x2,%rax
0x00000000007f7e99 <vorbis_residue_decode+1897>: addss (%rdi,%rax,1),
%xmm0
0x00000000007f7e9e <vorbis_residue_decode+1902>: movss %xmm0,(%rcx)
0x00000000007f7ea2 <vorbis_residue_decode+1906>: add $0x4,%rcx
0x00000000007f7ea6 <vorbis_residue_decode+1910>: movss (%rdx),%xmm0
0x00000000007f7eaa <vorbis_residue_decode+1914>: addss 0x4(%rdi,
%rax,1),%xmm0
0x00000000007f7eb0 <vorbis_residue_decode+1920>: movzbl %sil,%eax
0x00000000007f7eb4 <vorbis_residue_decode+1924>: movss %xmm0,(%rdx)
0x00000000007f7eb8 <vorbis_residue_decode+1928>: add $0x4,%rdx
End of assembler dump.
--------------------
(gdb) info all-registers
rax 0x3fffffff0 17179869168
rbx 0x8 8
rcx 0xd56f20 13987616
rdx 0xd57f20 13991712
rsi 0x2 2
rdi 0xcc73f0 13399024
rbp 0x7ffffeefdcd0 0x7ffffeefdcd0
rsp 0x7ffffeefdb80 0x7ffffeefdb80
r8 0x1244 4676
r9 0xffffffff 4294967295
r10 0xfffffffc 4294967292
r11 0x4 4
r12 0x91 145
r13 0xd857f0 14178288
r14 0xd56ce0 13987040
r15 0x2b 43
rip 0x7f7e99 0x7f7e99 <vorbis_residue_decode+1897>
eflags 0x210216 [ PF AF IF RF ID ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 -nan(0x7272727272727272) (raw 0xffff7272727272727272)
st1 -nan(0x72007200720072) (raw 0xffff0072007200720072)
st2 -nan(0x7474747474747474) (raw 0xffff7474747474747474)
st3 -nan(0x74007400740074) (raw 0xffff0074007400740074)
st4 -nan(0x72007200720072) (raw 0xffff0072007200720072)
st5 -nan(0x75007500750075) (raw 0xffff0075007500750075)
st6 -nan(0x75007500750075) (raw 0xffff0075007500750075)
st7 <invalid float value> (raw 0xffff0000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
---Type <return> to continue, or q <return> to quit---
uint128 = 0x00000000000000000000000000000000}
xmm2 {v4_float = {0x0, 0xfffffe40, 0x0, 0x0}, v2_double =
{0x8000000000000000, 0x0}, v16_int8 = {0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0xe0, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0x0, 0xc3e0, 0x0, 0x0, 0x0,
0x0}, v4_int32 = {0x0, 0xc3e00000, 0x0, 0x0}, v2_int64 =
{0xc3e0000000000000, 0x0},
uint128 = 0x0000000000000000c3e0000000000000}
xmm3 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0xba, 0x49, 0x37, 0x31, 0xd8, 0x39,
0xb4, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x49ba,
0x3137, 0x39d8, 0x3fb4, 0x0, 0x0, 0x0, 0x0},
v4_int32 = {0x313749ba, 0x3fb439d8, 0x0, 0x0}, v2_int64 =
{0x3fb439d8313749ba, 0x0},
uint128 = 0x00000000000000003fb439d8313749ba}
xmm4 {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x5, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x80, 0xc2, 0xf5,
0x14, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0,
0x8000, 0xf5c2, 0x4014, 0x0, 0x0, 0x0, 0x0},
v4_int32 = {0x80000000, 0x4014f5c2, 0x0, 0x0}, v2_int64 =
{0x4014f5c280000000, 0x0},
uint128 = 0x00000000000000004014f5c280000000}
xmm5 {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x5, 0x0},
v16_int8 = {0x40, 0x35, 0x1e, 0xde, 0x31, 0xf9,
0x14, 0x40, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x80}, v8_int16 = {0x3540,
0xde1e, 0xf931, 0x4014, 0x0, 0x8000, 0x0,
0x8000}, v4_int32 = {0xde1e3540, 0x4014f931, 0x80000000, 0x80000000},
v2_int64 = {0x4014f931de1e3540,
0x8000000080000000}, uint128 = 0x80000000800000004014f931de1e3540}
xmm6 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0,
0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0,
0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x0, 0x3ff00000, 0x0, 0x0}, v2_int64 = {0x3ff0000000000000, 0x0}, uint128
= 0x00000000000000003ff0000000000000}
xmm7 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0,
0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0,
0x3fe0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0x0, 0x3fe00000, 0x0, 0x0}, v2_int64 = {0x3fe0000000000000, 0x0}, uint128
= 0x00000000000000003fe0000000000000}
xmm8 {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x3, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x60, 0xd9, 0x8, 0x9,
0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x6000,
0x8d9, 0x4009, 0x0, 0x0, 0x0, 0x0},
v4_int32 = {0x60000000, 0x400908d9, 0x0, 0x0}, v2_int64 =
{0x400908d960000000, 0x0},
uint128 = 0x0000000000000000400908d960000000}
xmm9 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm10 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm11 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
---Type <return> to continue, or q <return> to quit---
xmm15 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0},
v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
More information about the MPlayer-users
mailing list