[FFmpeg-trac] #2217(avfilter:new): amerge crashes with adpcm_ima_qt input
FFmpeg
trac at avcodec.org
Thu Jan 31 11:53:39 CET 2013
#2217: amerge crashes with adpcm_ima_qt input
-------------------------------------+-------------------------------------
Reporter: cehoyos | Owner:
Type: defect | Status: new
Priority: important | Component: avfilter
Version: git- | Keywords: crash
master | SIGSEGV amerge
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
{{{
(gdb) r -i fate-suite/svq3/Vertical400kbit.sorenson3.mov -i fate-
suite/svq3/Vertical400kbit.sorenson3.mov -filter_complex amerge -f null -
Starting program: ffmpeg_g -i fate-
suite/svq3/Vertical400kbit.sorenson3.mov -i fate-
suite/svq3/Vertical400kbit.sorenson3.mov -filter_complex amerge -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-49470-g9df9420 Copyright (c) 2000-2013 the FFmpeg
developers
built on Jan 31 2013 01:35:42 with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl --disable-indev=jack
libavutil 52. 17.100 / 52. 17.100
libavcodec 54. 91.100 / 54. 91.100
libavformat 54. 61.104 / 54. 61.104
libavdevice 54. 3.102 / 54. 3.102
libavfilter 3. 34.101 / 3. 34.101
libswscale 2. 2.100 / 2. 2.100
libswresample 0. 17.102 / 0. 17.102
libpostproc 52. 2.100 / 52. 2.100
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x1605a60] max_analyze_duration 5000000 reached
at 5000998 microseconds
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'fate-
suite/svq3/Vertical400kbit.sorenson3.mov':
Metadata:
creation_time : 2001-03-20 16:17:18
title : Vertical Online SV3 Demo
title-eng : Vertical Online SV3 Demo
artist : Logan Kelsey
artist-eng : Logan Kelsey
copyright : © Vertical Online 2001
copyright-eng : © Vertical Online 2001
encoder : Sorenson Video 3
encoder-eng : Sorenson Video 3
Duration: 00:00:43.58, start: 0.000000, bitrate: 580 kb/s
Stream #0:0(eng): Video: svq3 (SVQ3 / 0x33515653), yuvj420p, 320x240,
391 kb/s, 30.02 fps, 30 tbr, 600 tbn, 600 tbc
Metadata:
creation_time : 2001-03-20 16:17:18
handler_name : Apple Alias Data Handler
Stream #0:1(eng): Audio: adpcm_ima_qt (ima4 / 0x34616D69), 44100 Hz,
mono, s16p, 176 kb/s
Metadata:
creation_time : 2001-03-20 16:17:18
handler_name : Apple Alias Data Handler
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x160d360] max_analyze_duration 5000000 reached
at 5000998 microseconds
Guessed Channel Layout for Input Stream #1.1 : mono
Input #1, mov,mp4,m4a,3gp,3g2,mj2, from 'fate-
suite/svq3/Vertical400kbit.sorenson3.mov':
Metadata:
creation_time : 2001-03-20 16:17:18
title : Vertical Online SV3 Demo
title-eng : Vertical Online SV3 Demo
artist : Logan Kelsey
artist-eng : Logan Kelsey
copyright : © Vertical Online 2001
copyright-eng : © Vertical Online 2001
encoder : Sorenson Video 3
encoder-eng : Sorenson Video 3
Duration: 00:00:43.58, start: 0.000000, bitrate: 580 kb/s
Stream #1:0(eng): Video: svq3 (SVQ3 / 0x33515653), yuvj420p, 320x240,
391 kb/s, 30.02 fps, 30 tbr, 600 tbn, 600 tbc
Metadata:
creation_time : 2001-03-20 16:17:18
handler_name : Apple Alias Data Handler
Stream #1:1(eng): Audio: adpcm_ima_qt (ima4 / 0x34616D69), 44100 Hz,
mono, s16p, 176 kb/s
Metadata:
creation_time : 2001-03-20 16:17:18
handler_name : Apple Alias Data Handler
[Parsed_amerge_0 @ 0x1642be0] Input channel layouts overlap: output layout
will be determined by the number of distinct input channels
Output #0, null, to 'pipe:':
Metadata:
encoder-eng : Sorenson Video 3
title : Vertical Online SV3 Demo
title-eng : Vertical Online SV3 Demo
artist : Logan Kelsey
artist-eng : Logan Kelsey
copyright : © Vertical Online 2001
copyright-eng : © Vertical Online 2001
encoder : Lavf54.61.104
Stream #0:0: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
Stream #0:1(eng): Video: rawvideo (I420 / 0x30323449), yuvj420p,
320x240, q=2-31, 200 kb/s, 90k tbn, 30 tbc
Metadata:
creation_time : 2001-03-20 16:17:18
handler_name : Apple Alias Data Handler
Stream mapping:
Stream #0:1 (adpcm_ima_qt) -> amerge:in0 (graph 0)
Stream #1:1 (adpcm_ima_qt) -> amerge:in1 (graph 0)
amerge (graph 0) -> Stream #0:0 (pcm_s16le)
Stream #0:0 -> #0:1 (svq3 -> rawvideo)
Press [q] to stop, [?] for help
[New Thread 0x7ffff6563700 (LWP 5169)]
[New Thread 0x7ffff5d62700 (LWP 5170)]
Multiple frames in a packet from stream 1
Last message repeated 1 times
[Parsed_amerge_0 @ 0x1642be0] Buffer queue overflow, dropping.
Last message repeated 641 times
[null @ 0x1607ec0] Encoder did not produce proper pts, making some up.
[Parsed_amerge_0 @ 0x1642be0] Buffer queue overflow, dropping.
Last message repeated 6569 times
Program received signal SIGSEGV, Segmentation fault.
0x000000000049c52c in filter_frame (inlink=<optimized out>,
insamples=0x1698940)
at libavfilter/af_amerge.c:249
249 ins[i] = inbuf[i]->data[0] +
(gdb) bt
#0 0x000000000049c52c in filter_frame (inlink=<optimized out>,
insamples=0x1698940)
at libavfilter/af_amerge.c:249
#1 0x000000000046dc16 in ff_filter_frame_framed
(link=link at entry=0x1609900,
frame=frame at entry=0x1698940) at libavfilter/avfilter.c:719
#2 0x000000000046f86b in ff_filter_frame (link=link at entry=0x1609900,
frame=frame at entry=0x1698940) at libavfilter/avfilter.c:791
#3 0x000000000049e192 in filter_frame (inlink=0x1606a20,
insamplesref=0x165a020)
at libavfilter/af_aresample.c:213
#4 0x000000000046dc16 in ff_filter_frame_framed
(link=link at entry=0x1606a20,
frame=frame at entry=0x165a020) at libavfilter/avfilter.c:719
#5 0x000000000046f86b in ff_filter_frame (link=link at entry=0x1606a20,
frame=0x165a020)
at libavfilter/avfilter.c:791
#6 0x0000000000472852 in request_frame (link=0x1606a20) at
libavfilter/buffersrc.c:397
#7 0x0000000000472ca4 in av_buffersrc_add_ref (s=0x16544c0,
buf=0x1606558,
flags=<optimized out>) at libavfilter/buffersrc.c:151
#8 0x0000000000472e98 in av_buffersrc_add_frame (buffer_src=0x16544c0,
frame=frame at entry=0x15fec60, flags=flags at entry=4) at
libavfilter/buffersrc.c:90
#9 0x000000000045d03b in decode_audio (ist=ist at entry=0x1642980,
pkt=pkt at entry=0x7fffffffda80,
got_output=got_output at entry=0x7fffffffd81c)
at ffmpeg.c:1612
#10 0x000000000045f6c6 in output_packet (pkt=0x7fffffffda20,
ist=0x1642980)
at ffmpeg.c:1832
#11 process_input (file_index=<optimized out>) at ffmpeg.c:2988
#12 0x000000000044eb30 in transcode_step () at ffmpeg.c:3084
#13 transcode () at ffmpeg.c:3136
#14 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3311
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x49c50c to 0x49c54c:
0x000000000049c50c <filter_frame+412>: (bad)
0x000000000049c50d <filter_frame+413>: mov (%rcx,%rax,8),%rdx
0x000000000049c511 <filter_frame+417>: mov 0x110(%rcx),%eax
0x000000000049c517 <filter_frame+423>: mov
%rdx,0x70(%rsp,%rdi,1)
0x000000000049c51c <filter_frame+428>: imul 0x108(%rcx),%eax
0x000000000049c523 <filter_frame+435>: mov %rsi,%rcx
0x000000000049c526 <filter_frame+438>: imul %r9d,%eax
0x000000000049c52a <filter_frame+442>: cltq
=> 0x000000000049c52c <filter_frame+444>: add 0x8(%rdx),%rax
0x000000000049c530 <filter_frame+448>: mov
%rax,0x170(%rsp,%rdi,1)
0x000000000049c538 <filter_frame+456>: add $0x8,%rdi
0x000000000049c53c <filter_frame+460>: cmp %r8,%rsi
0x000000000049c53f <filter_frame+463>: jne 0x49c4f0
<filter_frame+384>
0x000000000049c541 <filter_frame+465>: mov 0x70(%rsp),%r12
0x000000000049c546 <filter_frame+470>: mov 0x60(%rsp),%rdi
0x000000000049c54b <filter_frame+475>: mov %r12,%rsi
End of assembler dump.
(gdb) info register
rax 0x0 0
rbx 0x16085c0 23102912
rcx 0x1606558 23094616
rdx 0x0 0
rsi 0x1606558 23094616
rdi 0x0 0
rbp 0x40 0x40
rsp 0x7fffffffcff0 0x7fffffffcff0
r8 0x1606670 23094896
r9 0x2 2
r10 0x0 0
r11 0x7ffff68d1d60 140737329831264
r12 0x1698940 23693632
r13 0x118 280
r14 0x1606a20 23095840
r15 0x49c370 4834160
rip 0x49c52c 0x49c52c <filter_frame+444>
eflags 0x10206 [ PF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2217>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list