Opened 16 years ago
Last modified 16 years ago
#1134 new defect
Mplayer Crashed: Invalid Read
| Reported by: | Owned by: | reimar | |
|---|---|---|---|
| Priority: | if idle | Component: | ao |
| Version: | HEAD | Severity: | normal |
| Keywords: | Cc: | catchconv-bugreports@…, douglas.pearless@… | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
I worked in the lab as part of the SUPERB-TRUST 2008 for the security project
and found these bugs in the file 8-3.wav. The errors are Crash and 2 Invalid Read. You can download the file with the following links and can run the command below:
You can find this bug in:
www.metafuzz.com
wget http://www.metafuzz.com/testcases/854652-8-3592192390-InvalidRead.tgz
tar xzfv 854652-8-3592192390-InvalidRead.tgz
http://www.cs.berkeley.edu/~nalvarez/8-3.wav
I have this version :
MPlayer dev-SVN-r27185-4.1.2 (C) 2000-2008 MPlayer Team
CPU: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz (Family: 6, Model: 15, Stepping: 13)
CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 1 SSE2: 1
Compiled for x86 CPU with extensions: MMX MMX2 SSE SSE2
AO: [oss] 96000Hz 1ch s16le (2 bytes per sample)
Video: no video
Starting playback...
FAAD: error: Maximum number of scalefactor bands exceeded, trying to resync!
FAAD: error: Gain control not yet implemented, trying to resync!
FAAD: error: Invalid number of channels, trying to resync!
FAAD: error: Maximum number of scalefactor bands exceeded, trying to resync!
FAAD: error: Gain control not yet implemented, trying to resync!
FAAD: error: Gain control not yet implemented, trying to resync!
MPlayer interrupted by signal 11 in module: decode_audio
- MPlayer crashed by bad usage of CPU/FPU/RAM. Recompile MPlayer with --enable-debug and make a 'gdb' backtrace and disassembly. Details in DOCS/HTML/en/bugreports_what.html#bugreports_crash.
- MPlayer crashed. This shouldn't happen. It can be a bug in the MPlayer code _or_ in your drivers _or_ in your gcc version. If you think it's MPlayer's fault, please read DOCS/HTML/en/bugreports.html and follow the instructions there. We can't and won't help unless you provide this information when reporting a possible bug
==3511== My PID = 3511, parent PID = 3417. Prog and args are:
==3511== mplayer
==3511== 8-3.wav
==3511==
==3511== Invalid read of size 2
==3511== Stack hash: 3454906702
==3511== at 0x81AFF85: ic_prediction (ic_predict.c:92)
==3511== by 0x81C45B8: reconstruct_single_channel (specrec.c:879)
==3511== by 0x81CA4B5: decode_sce_lfe (syntax.c:597)
==3511== by 0x81CACE8: raw_data_block (syntax.c:434)
==3511== by 0x81AB749: aac_frame_decode (decoder.c:872)
==3511== by 0x818B432: decode_audio (ad_faad.c:235)
==3511== by 0x80DA9D4: decode_audio (dec_audio.c:383)
==3511== by 0x8078409: main (mplayer.c:2044)
==3511== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==3511==
==3511== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 19 from 1)
==3511== malloc/free: in use at exit: 237,601 bytes in 2,206 blocks.
==3511== malloc/free: 2,474 allocs, 268 frees, 1,524,479 bytes allocated.
==3511== For counts of detected errors, rerun with: -v
==3511== searching for pointers to 2,206 not-freed blocks.
==3511== checked 2,973,992 bytes.
==3511==
==3511== LEAK SUMMARY:
==3511== definitely lost: 0 bytes in 0 blocks.
==3511== possibly lost: 0 bytes in 0 blocks.
==3511== still reachable: 237,601 bytes in 2,206 blocks.
==3511== suppressed: 0 bytes in 0 blocks.
==3511== Rerun with --leak-check=full to see details of leaked memory.
Change History (4)
comment:1 by , 16 years ago
comment:3 by , 16 years ago
| Cc: | added |
|---|
comment:4 by , 16 years ago
| Summary: | InvalidRead → Mplayer Crashed: Invalid Read |
|---|
*Summary has been added*
-----------------------------
|Mplayer Crashed: Invalid Read|
-----------------------------
I tried same input file with version MPlayer dev-SVN-r27249-4.1.2 still
crashes. Here is Gdb outputs:
AUDIO PAYLOAD: d3 2d c6 f0
AUDIO PAYLOAD: 2d c6 f0 20
AUDIO PAYLOAD: c6 f0 20 23
AUDIO PAYLOAD: f0 20 23 d1
AUDIO PAYLOAD: 20 23 d1 5b
AUDIO PAYLOAD: 23 d1 5b 0
AUDIO PAYLOAD: d1 5b 0 dc
AUDIO PAYLOAD: 5b 0 dc 40
AUDIO PAYLOAD: 0 dc 40 d0
AUDIO PAYLOAD: dc 40 d0 70
AUDIO PAYLOAD: 40 d0 70 0
AUDIO PAYLOAD: d0 70 0 ed
AUDIO PAYLOAD: 70 0 ed 4e
AUDIO PAYLOAD: 0 ed 4e cf
AUDIO PAYLOAD: ed 4e cf d0
AUDIO PAYLOAD: 4e cf d0 f
AUDIO PAYLOAD: cf d0 f f0
AUDIO PAYLOAD: d0 f f0 ae
AUDIO PAYLOAD: f f0 ae 0
AUDIO PAYLOAD: f0 ae 0 a1
AUDIO PAYLOAD: ae 0 a1 ee
AUDIO PAYLOAD: 0 a1 ee 3
AUDIO PAYLOAD: a1 ee 3 80
AUDIO PAYLOAD: ee 3 80 2f
AUDIO PAYLOAD: 3 80 2f 1
AUDIO PAYLOAD: 80 2f 1 0
AUDIO PAYLOAD: 2f 1 0 1e
AUDIO PAYLOAD: 1 0 1e 24
AUDIO PAYLOAD: 0 1e 24 fd
AUDIO PAYLOAD: 1e 24 fd 5f
AUDIO PAYLOAD: 24 fd 5f f2
AUDIO PAYLOAD: fd 5f f2 fe
AUDIO PAYLOAD: 5f f2 fe 37
AUDIO PAYLOAD: f2 fe 37 3e
AUDIO PAYLOAD: fe 37 3e c0
AUDIO PAYLOAD: 37 3e c0 3e
AUDIO PAYLOAD: 3e c0 3e 1
AUDIO PAYLOAD: c0 3e 1 42
AUDIO PAYLOAD: 3e 1 42 f0
AUDIO PAYLOAD: 1 42 f0 73
AUDIO PAYLOAD: 42 f0 73 f2
AUDIO PAYLOAD: f0 73 f2 3
AUDIO PAYLOAD: 73 f2 3 d
AUDIO PAYLOAD: f2 3 d 37
AUDIO PAYLOAD: 3 d 37 31
AUDIO PAYLOAD: d 37 31 30
AUDIO PAYLOAD: 37 31 30 51
AUDIO PAYLOAD: 31 30 51 22
AUDIO PAYLOAD: 30 51 22 26
AUDIO PAYLOAD: 51 22 26 f
AUDIO PAYLOAD: 22 26 f c
AUDIO PAYLOAD: 26 f c 1f
AUDIO PAYLOAD: f c 1f 8f
AUDIO PAYLOAD: c 1f 8f d
AUDIO PAYLOAD: 1f 8f d ef
AUDIO PAYLOAD: 8f d ef e0
AUDIO PAYLOAD: d ef e0 3
AUDIO PAYLOAD: ef e0 3 d
AUDIO PAYLOAD: e0 3 d b0
AUDIO PAYLOAD: 3 d b0 a
AUDIO PAYLOAD: d b0 a e
AUDIO PAYLOAD: b0 a e ff
AUDIO PAYLOAD: a e ff e8
AUDIO PAYLOAD: e ff e8 e
AUDIO PAYLOAD: ff e8 e 3
AUDIO PAYLOAD: e8 e 3 0
AUDIO PAYLOAD: e 3 0 11
AUDIO PAYLOAD: 3 0 11 f1
AUDIO PAYLOAD: 0 11 f1 20
AUDIO PAYLOAD: 11 f1 20 2
AUDIO PAYLOAD: f1 20 2 d4
AUDIO PAYLOAD: 20 2 d4 e
AUDIO PAYLOAD: 2 d4 e 20
AUDIO PAYLOAD: d4 e 20 60
AUDIO PAYLOAD: e 20 60 14
AUDIO PAYLOAD: 20 60 14 fe
AUDIO PAYLOAD: 60 14 fe 13
AUDIO PAYLOAD: 14 fe 13 73
AUDIO PAYLOAD: fe 13 73 1f
AUDIO PAYLOAD: 13 73 1f f5
AUDIO PAYLOAD: 73 1f f5 0
AUDIO PAYLOAD: 1f f5 0 30
AUDIO PAYLOAD: f5 0 30 47
AUDIO PAYLOAD: 0 30 47 1e
AUDIO PAYLOAD: 30 47 1e f3
AUDIO PAYLOAD: 47 1e f3 0
AUDIO PAYLOAD: 1e f3 0 5f
AUDIO PAYLOAD: f3 0 5f 2
AUDIO PAYLOAD: 0 5f 2 2f
AUDIO PAYLOAD: 5f 2 2f f3
AUDIO PAYLOAD: 2 2f f3 cc
AUDIO PAYLOAD: 2f f3 cc 43
AUDIO PAYLOAD: f3 cc 43 bf
AUDIO PAYLOAD: cc 43 bf 20
AUDIO PAYLOAD: 43 bf 20 0
AUDIO PAYLOAD: bf 20 0 c0
AUDIO PAYLOAD: 20 0 c0 30
AUDIO PAYLOAD: 0 c0 30 a3
AUDIO PAYLOAD: c0 30 a3 b
AUDIO PAYLOAD: 30 a3 b 1f
AUDIO PAYLOAD: a3 b 1f c1
AUDIO PAYLOAD: b 1f c1 2d
AUDIO PAYLOAD: 1f c1 2d a1
AUDIO PAYLOAD: c1 2d a1 1c
AUDIO PAYLOAD: 2d a1 1c 4
AUDIO PAYLOAD: a1 1c 4 d
AUDIO PAYLOAD: 1c 4 d db
AUDIO PAYLOAD: 4 d db ee
AUDIO PAYLOAD: d db ee 11
AUDIO PAYLOAD: db ee 11 30
AUDIO PAYLOAD: ee 11 30 ec
AUDIO PAYLOAD: 11 30 ec 3f
AUDIO PAYLOAD: 30 ec 3f 0
AUDIO PAYLOAD: ec 3f 0 c4
AUDIO PAYLOAD: 3f 0 c4 40
AUDIO PAYLOAD: 0 c4 40 fc
AUDIO PAYLOAD: c4 40 fc d3
AUDIO PAYLOAD: 40 fc d3 51
AUDIO PAYLOAD: fc d3 51 31
AUDIO PAYLOAD: d3 51 31 3
AUDIO PAYLOAD: 51 31 3 1e
AUDIO PAYLOAD: 31 3 1e 20
AUDIO PAYLOAD: 3 1e 20 f4
AUDIO PAYLOAD: 1e 20 f4 32
AUDIO PAYLOAD: 20 f4 32 de
AUDIO PAYLOAD: f4 32 de 62
AUDIO PAYLOAD: 32 de 62 f
AUDIO PAYLOAD: de 62 f 2d
AUDIO PAYLOAD: 62 f 2d 47
AUDIO PAYLOAD: f 2d 47 30
AUDIO PAYLOAD: 2d 47 30 22
AUDIO PAYLOAD: 47 30 22 10
AUDIO PAYLOAD: 30 22 10 35
AUDIO PAYLOAD: 22 10 35 5
AUDIO PAYLOAD: 10 35 5 40
AUDIO PAYLOAD: 35 5 40 2
AUDIO PAYLOAD: 5 40 2 10
AUDIO PAYLOAD: 40 2 10 e0
AUDIO PAYLOAD: 2 10 e0 de
AUDIO PAYLOAD: 10 e0 de cb
AUDIO PAYLOAD: e0 de cb e0
AUDIO PAYLOAD: de cb e0 bc
AUDIO PAYLOAD: cb e0 bc fd
AUDIO PAYLOAD: e0 bc fd d2
AUDIO PAYLOAD: bc fd d2 2b
AUDIO PAYLOAD: fd d2 2b d2
AUDIO PAYLOAD: d2 2b d2 2c
AUDIO PAYLOAD: 2b d2 2c cd
AUDIO PAYLOAD: d2 2c cd b0
AUDIO PAYLOAD: 2c cd b0 f
AUDIO PAYLOAD: cd b0 f fa
AUDIO PAYLOAD: b0 f fa f
AUDIO PAYLOAD: f fa f f
AUDIO PAYLOAD: fa f f 12
AUDIO PAYLOAD: f f 12 2
AUDIO PAYLOAD: f 12 2 5f
AUDIO PAYLOAD: 12 2 5f e0
AUDIO PAYLOAD: 2 5f e0 25
AUDIO PAYLOAD: 5f e0 25 1
AUDIO PAYLOAD: e0 25 1 fc
AUDIO PAYLOAD: 25 1 fc 2
AUDIO PAYLOAD: 1 fc 2 1
AUDIO PAYLOAD: fc 2 1 72
AUDIO PAYLOAD: 2 1 72 1f
AUDIO PAYLOAD: 1 72 1f 13
AUDIO PAYLOAD: 72 1f 13 f
AUDIO PAYLOAD: 1f 13 f 37
AUDIO PAYLOAD: 13 f 37 21
AUDIO PAYLOAD: f 37 21 e
AUDIO PAYLOAD: 37 21 e 17
AUDIO PAYLOAD: 21 e 17 6f
AUDIO PAYLOAD: e 17 6f f0
AUDIO PAYLOAD: 17 6f f0 10
AUDIO PAYLOAD: 6f f0 10 1
AUDIO PAYLOAD: f0 10 1 10
AUDIO PAYLOAD: 10 1 10 0
AUDIO PAYLOAD: 1 10 0 fe
AUDIO PAYLOAD: 10 0 fe 3
AUDIO PAYLOAD: 0 fe 3 23
AUDIO PAYLOAD: fe 3 23 30
AUDIO PAYLOAD: 3 23 30 4
AUDIO PAYLOAD: 23 30 4 8
AUDIO PAYLOAD: 30 4 8 0
AUDIO PAYLOAD: 4 8 0 20
AUDIO PAYLOAD: 8 0 20 fc
AUDIO PAYLOAD: 0 20 fc ee
AUDIO PAYLOAD: 20 fc ee ee
AUDIO PAYLOAD: fc ee ee 2
AUDIO PAYLOAD: ee ee 2 1a
AUDIO PAYLOAD: ee 2 1a 1f
AUDIO PAYLOAD: 2 1a 1f d0
AUDIO PAYLOAD: 1a 1f d0 cc
AUDIO PAYLOAD: 1f d0 cc 11
AUDIO PAYLOAD: d0 cc 11 d0
AUDIO PAYLOAD: cc 11 d0 f
AUDIO PAYLOAD: 11 d0 f 8e
AUDIO PAYLOAD: d0 f 8e 0
AUDIO PAYLOAD: f 8e 0 80
AUDIO PAYLOAD: 8e 0 80 20
AUDIO PAYLOAD: 0 80 20 1
AUDIO PAYLOAD: 80 20 1 fe
AUDIO PAYLOAD: 20 1 fe 40
AUDIO PAYLOAD: 1 fe 40 f0
AUDIO PAYLOAD: fe 40 f0 e
AUDIO PAYLOAD: 40 f0 e 22
AUDIO PAYLOAD: f0 e 22 d3
AUDIO PAYLOAD: e 22 d3 2b
AUDIO PAYLOAD: 22 d3 2b 27
AUDIO PAYLOAD: d3 2b 27 e0
AUDIO PAYLOAD: 2b 27 e0 30
AUDIO PAYLOAD: 27 e0 30 7
AUDIO PAYLOAD: e0 30 7 e
AUDIO PAYLOAD: 30 7 e 0
AUDIO PAYLOAD: 7 e 0 e0
AUDIO PAYLOAD: e 0 e0 32
AUDIO PAYLOAD: 0 e0 32 3
AUDIO PAYLOAD: e0 32 3 20
AUDIO PAYLOAD: 32 3 20 d3
AUDIO PAYLOAD: 3 20 d3 54
AUDIO PAYLOAD: 20 d3 54 24
AUDIO PAYLOAD: d3 54 24 3
AUDIO PAYLOAD: 54 24 3 d2
AUDIO PAYLOAD: 24 3 d2 7f
AUDIO PAYLOAD: 3 d2 7f 16
AUDIO PAYLOAD: d2 7f 16 0
AUDIO PAYLOAD: 7f 16 0 20
AUDIO PAYLOAD: 16 0 20 1f
AUDIO PAYLOAD: 0 20 1f d2
AUDIO PAYLOAD: 20 1f d2 e
AUDIO PAYLOAD: 1f d2 e 8b
AUDIO PAYLOAD: d2 e 8b 0
AUDIO PAYLOAD: e 8b 0 fe
AUDIO PAYLOAD: 8b 0 fe ff
AUDIO PAYLOAD: 0 fe ff f0
AUDIO PAYLOAD: fe ff f0 ec
AAC_PROBE: ret 4264
AAC SYNC AFTER 4264 bytes
FAAD: error: Gain control not yet implemented, trying to resync!
AAC_PROBE: 4608 bytes
AUDIO PAYLOAD: f0 ec 50 ed
AUDIO PAYLOAD: ec 50 ed 1b
AUDIO PAYLOAD: 50 ed 1b f1
AUDIO PAYLOAD: ed 1b f1 c2
AUDIO PAYLOAD: 1b f1 c2 1f
AUDIO PAYLOAD: f1 c2 1f 1
AUDIO PAYLOAD: c2 1f 1 11
AUDIO PAYLOAD: 1f 1 11 0
AUDIO PAYLOAD: 1 11 0 af
AUDIO PAYLOAD: 11 0 af 8
AUDIO PAYLOAD: 0 af 8 32
AUDIO PAYLOAD: af 8 32 b
AUDIO PAYLOAD: 8 32 b 71
AUDIO PAYLOAD: 32 b 71 f0
AUDIO PAYLOAD: b 71 f0 1
AUDIO PAYLOAD: 71 f0 1 11
AUDIO PAYLOAD: f0 1 11 dc
AUDIO PAYLOAD: 1 11 dc 1
AUDIO PAYLOAD: 11 dc 1 11
AUDIO PAYLOAD: dc 1 11 10
AUDIO PAYLOAD: 1 11 10 fe
AUDIO PAYLOAD: 11 10 fe 67
AUDIO PAYLOAD: 10 fe 67 0
AUDIO PAYLOAD: fe 67 0 0
AUDIO PAYLOAD: 67 0 0 21
AUDIO PAYLOAD: 0 0 21 f1
AUDIO PAYLOAD: 0 21 f1 30
AUDIO PAYLOAD: 21 f1 30 14
AUDIO PAYLOAD: f1 30 14 f0
AUDIO PAYLOAD: 30 14 f0 34
AUDIO PAYLOAD: 14 f0 34 61
AUDIO PAYLOAD: f0 34 61 e2
AUDIO PAYLOAD: 34 61 e2 10
AUDIO PAYLOAD: 61 e2 10 12
AUDIO PAYLOAD: e2 10 12 dd
AUDIO PAYLOAD: 10 12 dd 34
AUDIO PAYLOAD: 12 dd 34 c0
AUDIO PAYLOAD: dd 34 c0 e
AUDIO PAYLOAD: 34 c0 e 45
AUDIO PAYLOAD: c0 e 45 ef
AUDIO PAYLOAD: e 45 ef 0
AUDIO PAYLOAD: 45 ef 0 f0
AUDIO PAYLOAD: ef 0 f0 f1
AUDIO PAYLOAD: 0 f0 f1 2f
AUDIO PAYLOAD: f0 f1 2f a0
AUDIO PAYLOAD: f1 2f a0 1a
AUDIO PAYLOAD: 2f a0 1a 3
AUDIO PAYLOAD: a0 1a 3 dd
AUDIO PAYLOAD: 1a 3 dd 2d
AUDIO PAYLOAD: 3 dd 2d d4
AUDIO PAYLOAD: dd 2d d4 b
AUDIO PAYLOAD: 2d d4 b e0
AUDIO PAYLOAD: d4 b e0 c
AUDIO PAYLOAD: b e0 c 3e
AUDIO PAYLOAD: e0 c 3e ce
AUDIO PAYLOAD: c 3e ce b0
AUDIO PAYLOAD: 3e ce b0 0
AUDIO PAYLOAD: ce b0 0 e2
AUDIO PAYLOAD: b0 0 e2 15
AUDIO PAYLOAD: 0 e2 15 ef
AUDIO PAYLOAD: e2 15 ef d
AUDIO PAYLOAD: 15 ef d 16
AUDIO PAYLOAD: ef d 16 e
AUDIO PAYLOAD: d 16 e 0
AUDIO PAYLOAD: 16 e 0 34
AUDIO PAYLOAD: e 0 34 f2
AUDIO PAYLOAD: 0 34 f2 70
AUDIO PAYLOAD: 34 f2 70 21
AUDIO PAYLOAD: f2 70 21 fd
AUDIO PAYLOAD: 70 21 fd f0
AUDIO PAYLOAD: 21 fd f0 46
AUDIO PAYLOAD: fd f0 46 b
AUDIO PAYLOAD: f0 46 b 1
AUDIO PAYLOAD: 46 b 1 12
AUDIO PAYLOAD: b 1 12 30
AUDIO PAYLOAD: 1 12 30 d1
AUDIO PAYLOAD: 12 30 d1 1b
AUDIO PAYLOAD: 30 d1 1b e7
AUDIO PAYLOAD: d1 1b e7 1
AUDIO PAYLOAD: 1b e7 1 21
AUDIO PAYLOAD: e7 1 21 6
AUDIO PAYLOAD: 1 21 6 fe
AUDIO PAYLOAD: 21 6 fe 33
AUDIO PAYLOAD: 6 fe 33 12
AUDIO PAYLOAD: fe 33 12 4d
AUDIO PAYLOAD: 33 12 4d 32
AUDIO PAYLOAD: 12 4d 32 bf
AUDIO PAYLOAD: 4d 32 bf 50
AUDIO PAYLOAD: 32 bf 50 df
AUDIO PAYLOAD: bf 50 df f8
AUDIO PAYLOAD: 50 df f8 0
AUDIO PAYLOAD: df f8 0 ef
AUDIO PAYLOAD: f8 0 ef fd
AUDIO PAYLOAD: 0 ef fd 0
AUDIO PAYLOAD: ef fd 0 0
AUDIO PAYLOAD: fd 0 0 1d
AUDIO PAYLOAD: 0 0 1d e3
AUDIO PAYLOAD: 0 1d e3 da
AUDIO PAYLOAD: 1d e3 da bf
AUDIO PAYLOAD: e3 da bf 1
AUDIO PAYLOAD: da bf 1 d0
AUDIO PAYLOAD: bf 1 d0 0
AUDIO PAYLOAD: 1 d0 0 13
AUDIO PAYLOAD: d0 0 13 f1
AUDIO PAYLOAD: 0 13 f1 73
AUDIO PAYLOAD: 13 f1 73 e1
AUDIO PAYLOAD: f1 73 e1 3d
AUDIO PAYLOAD: 73 e1 3d ef
AUDIO PAYLOAD: e1 3d ef ff
AUDIO PAYLOAD: 3d ef ff f0
AUDIO PAYLOAD: ef ff f0 12
AAC_PROBE: ret 111
AAC SYNC AFTER 111 bytes
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1209816864 (LWP 13456)]
ic_prediction (ics=0xbff5d258, spec=0xbff5c210, state=0x0,
92 r[0] = inv_quant_pred(state->r[0]);
(gdb) bt
#0 ic_prediction (ics=0xbff5d258, spec=0xbff5c210, state=0x0,
#1 0x081c4599 in reconstruct_single_channel (hDecoder=0x89c4ec8,
#2 0x081ca496 in decode_sce_lfe (hDecoder=0x89c4ec8,
#3 0x081cacc9 in raw_data_block (hDecoder=0x89c4ec8,
#4 0x081ab72a in aac_frame_decode (hDecoder=0x89c4ec8,
#5 0x0818b423 in decode_audio (sh=0x89a7b80, buf=0x89a8eb0 "",
#6 0x080daa75 in decode_audio (sh_audio=0x89a7b80, minlen=65536)
#7 0x080784ea in main (argc=3, argv=0xbff64034) at mplayer.c:2044
(gdb) disass $pc-32 $pc+32
Dump of assembler code from 0x81aff45 to 0x81aff85:
0x081aff45 <ic_prediction+549>: mov 0xffffff9c(%ebp),%edx
0x081aff48 <ic_prediction+552>: cmpb $0x0,0x27ed(%edx,%eax,1)
0x081aff50 <ic_prediction+560>: setne 0xffffffd3(%ebp)
0x081aff54 <ic_prediction+564>: mov 0xc(%ebp),%eax
0x081aff57 <ic_prediction+567>: mov 0x10(%ebp),%edx
0x081aff5a <ic_prediction+570>: lea (%eax,%edi,4),%esi
0x081aff5d <ic_prediction+573>: lea (%edi,%edi,2),%eax
0x081aff60 <ic_prediction+576>: flds (%esi)
0x081aff62 <ic_prediction+578>: lea (%edx,%eax,4),%ebx
0x081aff65 <ic_prediction+581>: movswl (%ebx),%eax
0x081aff68 <ic_prediction+584>: fstps 0xffffffb0(%ebp)
0x081aff6b <ic_prediction+587>: call 0x81afb80 <inv_quant_pred>
0x081aff70 <ic_prediction+592>: movswl 0x2(%ebx),%eax
0x081aff74 <ic_prediction+596>: fstps 0xffffffb8(%ebp)
0x081aff77 <ic_prediction+599>: call 0x81afb80 <inv_quant_pred>
0x081aff7c <ic_prediction+604>: movswl 0x4(%ebx),%eax
0x081aff80 <ic_prediction+608>: fstps 0xffffffb4(%ebp)
0x081aff83 <ic_prediction+611>: call 0x81afb80 <inv_quant_pred>
End of assembler dump.
(gdb) info all-registers
eax 0x0 0
ecx 0xbff5d252 -1074408878
edx 0x0 0
ebx 0x0 0
esp 0xbff5c120 0xbff5c120
ebp 0xbff5c1a8 0xbff5c1a8
esi 0xbff5c210 -1074413040
edi 0x0 0
eip 0x81aff65 0x81aff65 <ic_prediction+581>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51
st0 -1.8923294931028067367151379585266113e-07 (raw 0xbfe8cb2ff50000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
---Type <return> to continue, or q <return> to quit---
st6 0 (raw 0x00000000000000000000)
st7 2.98023223876953125e-08 (raw 0x3fe68000000000000000)
fctrl 0x37f 895
fstat 0x3820 14368
ftag 0x3fff 16383
fiseg 0x73 115
fioff 0x81aff60 135987040
foseg 0x7b 123
fooff 0xbff5c210 -1074413040
fop 0x106 262
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
---Type <return> to continue, or q <return> to quit---
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x8000000000000000, v2_int32 = {0x0,
---Type <return> to continue, or q <return> to quit---
mm1 {uint64 = 0xcb2ff50000000000, v2_int32 = {0x0,
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,
mm3 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,
mm4 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,
mm5 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,
mm6 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,
mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0,