Opened 15 years ago
Closed 15 years ago
#1646 closed defect (fixed)
Segfault in fast_memcpy_SSE
| Reported by: | Owned by: | beastd | |
|---|---|---|---|
| Priority: | normal | Component: | vo |
| Version: | HEAD | Severity: | critical |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
I'm trying to play a file named "The Coca-Cola Case.mkv" but mplayer segfaults at start. I've run it under gdb, backtrace below.
#0 0x00000000005075ae in fast_memcpy_SSE (to=0x7ffff7f7fd00, from=0x135eac0, len=18446744073709171456) at libvo/aclib_template.c:230
delta = <value optimized out>
i = 288230376151705804
#1 fast_memcpy (to=0x7ffff7f7fd00, from=0x135eac0, len=18446744073709171456) at libvo/aclib.c:179
No locals.
#2 0x0000000000434433 in memcpy_pic2 (image=<value optimized out>, stride=<value optimized out>, w=<value optimized out>, h=-528,
x=<value optimized out>, y=20671936) at libvo/fastmemcpy.h:87
i = <value optimized out>
#3 draw_slice (image=<value optimized out>, stride=<value optimized out>, w=<value optimized out>, h=-528, x=<value optimized out>, y=20671936)
at libvo/vo_xv.c:436
dst = 0x7ffff7f7fd00 "\033\033\034", '\035' <repeats 13 times>, '\034' <repeats 68 times>, "\035\035\035\035\034\034\034\034\035\035\035\035", '\034' <repeats 72 times>, '\035' <repeats 32 times>...
#4 0x0000000000494e75 in draw_slice (vf=<value optimized out>, src=0x7ffff7fd8000, stride=0x135eac0, w=-380160, h=361216, x=-11584, y=528)
at libmpcodecs/vf_vo.c:227
No locals.
#5 0x000000000046c60f in mpcodecs_draw_slice (sh=<value optimized out>, src=0x135eac0, stride=0xfffffffffffa3300, w=361216, h=-11584, x=20671936,
y=528) at libmpcodecs/vd.c:374
vf = 0x7ffff7f7fd00
#6 0x000000000051f9a1 in draw_slice (s=<value optimized out>, src=<value optimized out>, offset=<value optimized out>, y=<value optimized out>,
type=<value optimized out>, height=-11584) at libmpcodecs/vd_ffmpeg.c:505
sh = 0x7ffff7f7fd00
source = {
0x135eac0 "\033\033\034", '\035' <repeats 13 times>, '\034' <repeats 68 times>, "\035\035\035\035\034\034\034\034\035\035\035\035", '\034' <repeats 72 times>, '\035' <repeats 32 times>...,
0x13941c0 "\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200"...,
0x137b800 "\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200"..., 0x0}
#7 0x00000000007d2f78 in vp3_draw_horiz_band (s=0x11b9dd0, y=528) at vp3.c:1376
h = -528
cy = <value optimized out>
offset = {380160, 95040, 95040, 0}
#8 0x00000000007d6492 in render_slice (avctx=<value optimized out>, data=<value optimized out>, data_size=<value optimized out>,
avpkt=<value optimized out>) at vp3.c:1557
block = {0 <repeats 64 times>}
motion_y = -559038737
motion_halfpel_index = <value optimized out>
x = 360
dequantizer = <value optimized out>
motion_x = -559038737
motion_source = <value optimized out>
plane = <value optimized out>
#9 vp3_decode_frame (avctx=<value optimized out>, data=<value optimized out>, data_size=<value optimized out>, avpkt=<value optimized out>)
at vp3.c:1891
buf = <value optimized out>
buf_size = 2639
s = 0x11b9dd0
gb = {buffer = 0x1265880 "9\n", buffer_end = 0x12662cf "", index = 21110, size_in_bits = 21112}
counter = 1
i = <value optimized out>
#10 0x00000000005d8d02 in avcodec_decode_video2 (avctx=0x11b4520, picture=0x11b43f0, got_picture_ptr=0x7fffffffb76c, avpkt=0x7fffffffb720)
at utils.c:586
ret = -134742784
#11 0x000000000051f059 in decode (sh=0x11a71b0, data=0x1265880, len=2639, flags=<value optimized out>) at libmpcodecs/vd_ffmpeg.c:811
got_picture = 0
ret = <value optimized out>
ctx = 0x11b4310
pic = 0x11b43f0
avctx = 0x11b4520
mpi = 0x0
dr1 = <value optimized out>
pkt = {pts = -9223372036854775808, dts = -9223372036854775808, data = 0x1265880 "9\n", size = 2639, stream_index = 0, flags = 1,
duration = 0, destruct = 0, priv = 0x0, pos = -1, convergence_duration = 0}
#12 0x00000000004676fe in decode_video (sh_video=0x11a71b0, start=0x1265880 "9\n", in_size=2639, drop_frame=0, pts=<value optimized out>)
at libmpcodecs/dec_video.c:386
mpi = <value optimized out>
t = 2555601248
t2 = 4160224512
#13 0x0000000000417d13 in generate_video_frame (blit_frame=<value optimized out>) at mplayer.c:1813
drop_frame = 0
decoded_frame = 0x10000
start = 0x1265880 "9\n"
in_size = -134742784
hit_eof = 0
pts = 0
#14 update_video (blit_frame=<value optimized out>) at mplayer.c:2391
res = <value optimized out>
sh_video = 0x11a71b0
frame_time = 9.096712956078031e-317
#15 0x000000000041abbe in main (argc=<value optimized out>, argv=<value optimized out>) at mplayer.c:3782
frame_time = -nan(0xfffff00000000)
aq_sleep_time = 4.59163468e-41
frame_time_remaining = <value optimized out>
blit_frame = 0
mem_ptr = 0x10000 <Address 0x10000 out of bounds>
opt_exit = <value optimized out>
i = <value optimized out>
=====================
Bunch of infos as requested at http://www.mplayerhq.hu/DOCS/HTML/en/bugreports_what.html
- localh0st / # uname -a
Linux localh0st 2.6.33-rc8-zen1 #39 ZEN SMP PREEMPT Sun Feb 14 06:26:40 CET 2010 x86_64 Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz GenuineIntel GNU/Linux
- localh0st / # ls -l /lib/libc[.-]*
-rwxr-xr-x 1 root root 1395888 Jan 26 04:44 /lib/libc-2.11.so
lrwxrwxrwx 1 root root 12 Jan 26 04:44 /lib/libc.so.6 -> libc-2.11.so
- localh0st / # gcc -v
Using built-in specs.
Target: x86_64-pc-linux-gnu
Configured with: /var/tmp/portage/sys-devel/gcc-4.4.3/work/gcc-4.4.3/configure --prefix=/usr --bindir=/usr/x86_64-pc-linux-gnu/gcc-bin/4.4.3 --includedir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.3/include --datadir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.4.3 --mandir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.4.3/man --infodir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.4.3/info --with-gxx-include-dir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.3/include/g++-v4 --host=x86_64-pc-linux-gnu --build=x86_64-pc-linux-gnu --disable-altivec --disable-fixed-point --with-ppl --with-cloog --enable-nls --without-included-gettext --with-system-zlib --disable-checking --disable-werror --enable-secureplt --enable-multilib --disable-libmudflap --disable-libssp --disable-libgomp --enable-cld --with-python-dir=/share/gcc-data/x86_64-pc-linux-gnu/4.4.3/python --disable-libgcj --enable-languages=c,c++ --enable-shared --enable-threads=posix --enable-cxa_atexit --enable-clocale=gnu --with-bugurl=http://bugs.gentoo.org/ --with-pkgversion='Gentoo 4.4.3 p1.0'
Thread model: posix
gcc version 4.4.3 (Gentoo 4.4.3 p1.0)
- localh0st / # ld -v
GNU ld (Linux/GNU Binutils) 2.20.51.0.6.20100205
- localh0st / # as --version
GNU assembler (Linux/GNU Binutils) 2.20.51.0.6.20100205
Copyright 2010 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or later.
This program has absolutely no warranty.
This assembler was configured for a target of `x86_64-pc-linux-gnu'.
=====================
The CPU is a E8400, I've reproduced that bug on MPlayer 30589-4.4.3 compiled with CFLAGS="-O1 -pipe -ggdb" for debugging purpose.
Happens on with xv and sdl vos.
Fixed in SVN r30630