Ticket #625 (new defect)

Opened 19 months ago

Crash in decode_nal_units

Reported by: astrange Owned by:
Priority: normal Milestone:
Component: Perian-Main Version: 1.2.3
Severity: normal Keywords:
Cc:

Description

Someone sent me a crash log that crashes here:

 http://trac.perian.org/browser/ffmpeg/libavcodec/h264.c#L3764 

astrange@~> gdb
GNU gdb 6.3.50-20050815 (Apple version gdb-1708) (Thu Nov  3 21:59:02 UTC 2011)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-apple-darwin".
(gdb) set sharedlibrary preload-libraries off(gdb) file /Users/astrange/perian/Perian\ 1.2.3\ dSYM/Perian.component/Contents/MacOS/Perian
Reading symbols from /Users/astrange/perian/Perian 1.2.3 dSYM/Perian.component/Contents/MacOS/Perian...Reading symbols from /Users/astrange/perian/Perian 1.2.3 dSYM/Perian.component.dSYM/Contents/Resources/DWARF/Perian...done.
done.
(gdb) p/x 0x07bf943d - 0x7b32000$1 = 0xc743d
(gdb) info line *$1Line 2656 of "/Users/astrange/Projects/video/Perian/ffmpeg/libavcodec/h264.c" starts at address 0xc7438 <decode_nal_units+1192> and ends at 0xc7444 <decode_nal_units+1204>.
(gdb) x/i $1
0xc743d <decode_nal_units+1197>:	movzbl (%edx),%eax
(gdb) x/64i $1-32
0xc741d <decode_nal_units+1165>:	add    (%eax),%al
0xc741f <decode_nal_units+1167>:	test   %ebx,%ebx
0xc7421 <decode_nal_units+1169>:	jle    0xc7ac6 <decode_nal_units+2870>
0xc7427 <decode_nal_units+1175>:	mov    0x44(%esp),%eax
0xc742b <decode_nal_units+1179>:	lea    (%esi,%eax,1),%edx
0xc742e <decode_nal_units+1182>:	movl   $0x0,0x60(%esp)
0xc7436 <decode_nal_units+1190>:	xor    %ecx,%ecx
0xc7438 <decode_nal_units+1192>:	shll   $0x8,0x60(%esp)
0xc743d <decode_nal_units+1197>:	movzbl (%edx),%eax
0xc7440 <decode_nal_units+1200>:	or     %eax,0x60(%esp)
0xc7444 <decode_nal_units+1204>:	inc    %ecx
0xc7445 <decode_nal_units+1205>:	inc    %edx
0xc7446 <decode_nal_units+1206>:	cmp    %ebx,%ecx
0xc7448 <decode_nal_units+1208>:	jne    0xc7438 <decode_nal_units+1192>
…

Attachments

crash.txt Download (51.7 KB) - added by astrange 19 months ago.

Change History

Changed 19 months ago by astrange

Note: See TracTickets for help on using tickets.