[Ffmpeg-devel] FFMpeg crash on decoding H.264 incomplete frame.

Alexander Chemeris ipse.ffmpeg
Mon Dec 4 14:16:35 CET 2006 

Hello,

On 12/2/06, Michael Niedermayer <michaelni at gmx.at> wrote:
> On Wed, Nov 29, 2006 at 04:12:55PM +0300, Alexander Chemeris wrote:
> > (gdb) run
> > Starting program: C:\Program Files\FFmpeg/ffmpeg.exe -f h264 -i crash.h264
> debugging should always use ffmpeg_g!
Missed this point in Reporting Bug document.

Here is GDB output for debug version:

GNU gdb 5.2.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-mingw32"...(no debugging symbols found)...
(gdb) run
Starting program: C:\Program Files\FFmpeg/ffmpeg.exe -f h264 -i 1.h264

Program received signal SIGSEGV, Segmentation fault.
0x1016be32 in decode_residual (h=0x0, gb=0x22ee30, block=0x68aac0, n=0,
    scantable=0x100218c0 "UWVS\203?\b\213D$$\213|$\034\213t$
\203?\003\213?\207?\032", qmul=0x10021990, max_coeff=268573232) at
bitstream.h:882
882	{
(gdb) bt
#0  0x1016be32 in decode_residual (h=0x0, gb=0x22ee30, block=0x68aac0, n=0,
    scantable=0x100218c0 "UWVS\203?\b\213D$$\213|$\034\213t$
\203?\003\213?\207?\032", qmul=0x10021990, max_coeff=268573232) at
bitstream.h:882
#1  0x0022eec8 in ?? ()
#2  0x0062dbfc in ?? ()
#3  0x00403142 in _size_of_stack_reserve__ ()
Cannot access memory at address 0xf008188
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x1016be12 to 0x1016be52:
0x1016be12 <decode_residual+82>:	lea    (%ebx,%edi,1),%eax
0x1016be15 <decode_residual+85>:	cmp    $0x3f,%eax
0x1016be18 <decode_residual+88>:	jle    0x1016c0c8 <decode_residual+776>
0x1016be1e <decode_residual+94>:	and    $0x1f,%eax
0x1016be21 <decode_residual+97>:	mov    0x0(%ebp),%esi
0x1016be24 <decode_residual+100>:	mov    0x102ad7c0(,%eax,4),%ebx
0x1016be2b <decode_residual+107>:	mov    %esi,0x44(%esp,1)
0x1016be2f <decode_residual+111>:	shl    $0x4,%ebx
0x1016be32 <decode_residual+114>:	mov    0x10360fa4(%ebx),%edx
0x1016be38 <decode_residual+120>:	mov    0x8(%ebp),%ebx
0x1016be3b <decode_residual+123>:	mov    %ebx,%edi
0x1016be3d <decode_residual+125>:	mov    %ebx,%ecx
0x1016be3f <decode_residual+127>:	sar    $0x3,%edi
0x1016be42 <decode_residual+130>:	and    $0x7,%ecx
0x1016be45 <decode_residual+133>:	mov    (%esi,%edi,1),%eax
0x1016be48 <decode_residual+136>:	bswap  %eax
0x1016be4a <decode_residual+138>:	shl    %cl,%eax
0x1016be4c <decode_residual+140>:	shr    $0xf8,%eax
0x1016be4f <decode_residual+143>:	movswl 0x2(%edx,%eax,4),%esi
End of assembler dump.
(gdb) info all-registers
eax            0x1e	30
ecx            0x62dc90	6478992
edx            0x62fd88	6487432
ebx            0x6656f630	1716975152
esp            0x22ee30	0x22ee30
ebp            0x62fd88	0x62fd88
esi            0x62cb07	6474503
edi            0xff	255
eip            0x1016be32	0x1016be32
eflags         0x10206	66054
cs             0x1b	27
ss             0x23	35
ds             0x23	35
es             0x23	35
fs             0x3b	59
gs             0x0	0
st0            0	(raw 0x00000000000000000000)
st1            0	(raw 0x00000000000000000000)
st2            0	(raw 0x00000000000000000000)
st3            0	(raw 0x00000000000000000000)
st4            0	(raw 0x00000000000000000000)
st5            1	(raw 0x3fff8000000000000000)
st6            1	(raw 0x3fff8000000000000000)
st7            1	(raw 0x3fff8000000000000000)
fctrl          0xffff037f	-64641
fstat          0xffff4020	-49120
ftag           0xffffffff	-1
fiseg          0x1b	27
fioff          0x1011c647	269600327
foseg          0xffff0023	-65501
fooff          0x22f268	2290280
fop            0x1c9	457

Hope this will help. :)

-- 
Regards,
Alexander Chemeris.

More information about the ffmpeg-devel mailing list