[FFmpeg-trac] #2707(avformat:new): Crash in mxg demuxer on sparc
FFmpeg
trac at avcodec.org
Tue Jun 25 01:44:00 CEST 2013
#2707: Crash in mxg demuxer on sparc
-------------------------------------+-------------------------------------
Reporter: cehoyos | Owner:
Type: defect | Status: new
Priority: normal | Component: avformat
Version: git- | Keywords: crash mxg
master | sparc
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
Sparc Niagara, 32bit compilation
{{{
(gdb) r -i fate-suite/mxpeg/m1.mxg
Starting program: ffmpeg_g -i fate-suite/mxpeg/m1.mxg
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/sparc-linux-gnu/libthread_db.so.1".
ffmpeg version N-54176-gf48366c Copyright (c) 2000-2013 the FFmpeg
developers
built on Jun 24 2013 14:29:37 with gcc 4.6 (Debian 4.6.3-14)
configuration:
libavutil 52. 37.101 / 52. 37.101
libavcodec 55. 17.100 / 55. 17.100
libavformat 55. 9.100 / 55. 9.100
libavdevice 55. 2.100 / 55. 2.100
libavfilter 3. 77.101 / 3. 77.101
libswscale 2. 3.100 / 2. 3.100
libswresample 0. 17.102 / 0. 17.102
Program received signal SIGBUS, Bus error.
0x00160e0c in mxg_find_startmarker (p=0x1001f42 "\377", <incomplete
sequence \340>,
end=0x1002340 "1\r\n\372", <incomplete sequence \350>) at
libavformat/mxg.c:77
77 uint32_t x = *(uint32_t*)p;
(gdb) bt
#0 0x00160e0c in mxg_find_startmarker (p=0x1001f42 "\377", <incomplete
sequence \340>,
end=0x1002340 "1\r\n\372", <incomplete sequence \350>) at
libavformat/mxg.c:77
#1 0x001611c8 in mxg_read_packet (s=0xffde60, pkt=0xffffccb0) at
libavformat/mxg.c:150
#2 0x001b63e8 in ff_read_packet (s=0xffde60, pkt=0xffffccb0) at
libavformat/utils.c:642
#3 0x001b8e4c in read_frame_internal (s=0xffde60, pkt=0xffffd040)
at libavformat/utils.c:1294
#4 0x001bbf08 in avformat_find_stream_info (ic=0xffde60,
options=0xffe3d0)
at libavformat/utils.c:2757
#5 0x00072c64 in open_input_file (o=0xffffd340, filename=<optimized out>)
at ffmpeg_opt.c:814
#6 0x000700ec in open_files (l=0xff202c, inout=0x881d78 "input",
open_file=0x728a0 <open_input_file>) at ffmpeg_opt.c:2483
#7 0x00076c4c in ffmpeg_parse_options (argc=<optimized out>,
argv=0xffffd814)
at ffmpeg_opt.c:2520
#8 0x0006dc10 in main (argc=3, argv=0xffffd814) at ffmpeg.c:3368
(gdb) disass $pc-28,$pc+32
Dump of assembler code from 0x160df0 to 0x160e2c:
0x00160df0 <mxg_read_header+408>: nop
0x00160df4 <mxg_find_startmarker+0>: save %sp, -104, %sp
0x00160df8 <mxg_find_startmarker+4>: st %i0, [ %fp + 0x44 ]
0x00160dfc <mxg_find_startmarker+8>: st %i1, [ %fp + 0x48 ]
0x00160e00 <mxg_find_startmarker+12>: b %xcc, 0x160efc
<mxg_find_startmarker+264>
0x00160e04 <mxg_find_startmarker+16>: nop
0x00160e08 <mxg_find_startmarker+20>: ld [ %fp + 0x44 ], %g1
=> 0x00160e0c <mxg_find_startmarker+24>: ld [ %g1 ], %g1
0x00160e10 <mxg_find_startmarker+28>: st %g1, [ %fp + -4 ]
0x00160e14 <mxg_find_startmarker+32>: ld [ %fp + -4 ], %g2
0x00160e18 <mxg_find_startmarker+36>: sethi %hi(0x1010000), %g1
0x00160e1c <mxg_find_startmarker+40>: or %g1, 0x101, %g1 !
0x1010101
0x00160e20 <mxg_find_startmarker+44>: add %g2, %g1, %g1
0x00160e24 <mxg_find_startmarker+48>: xnor %g0, %g1, %g2
0x00160e28 <mxg_find_startmarker+52>: ld [ %fp + -4 ], %g1
(gdb) info register
g0 0x0 0
g1 0x1001f42 16785218
g2 0x100233d 16786237
g3 0x323d3130 842871088
g4 0x403 1027
g5 0x1001f40 16785216
g6 0xffffffff -1
g7 0xf7ff6eb0 -134254928
o0 0xffde60 16768608
o1 0xffffccb0 -13136
o2 0x8801d8 8913368
o3 0x4c4b40 5000000
o4 0x0 0
o5 0xffde60 16768608
sp 0xffffcac0 0xffffcac0
o7 0x1b63e0 1795040
l0 0x88ee18 8973848
l1 0x88edf0 8973808
l2 0xffde60 16768608
l3 0x8431f0 8663536
l4 0xf4240 1000000
l5 0x57415200 1463898624
l6 0x1000 4096
l7 0x1 1
i0 0x1001f42 16785218
i1 0x1002340 16786240
i2 0x40000 262144
i3 0xffe480 16770176
i4 0x80000000 -2147483648
i5 0x1006460 16802912
fp 0xffffcb28 0xffffcb28
i7 0x1611c0 1446336
y 0x0 0
psr 0xff000084 [ #2 S #24 #25 #26 #27 #28 #29 #30 #31 ]
wim *value not available*
tbr *value not available*
pc 0x160e0c 0x160e0c <mxg_find_startmarker+24>
npc 0x160e10 0x160e10 <mxg_find_startmarker+28>
fsr 0x0 [ ]
csr *value not available*
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2707>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list