Topic: Crash when playing a MPEG-TS file. The AAC decoder is from: http://svn.mplayerhq.hu/soc/aac/ Directory revision: 2624 (of 2676) (the current date is 07/04/2008) -- $ ffplay ffaac_crash.ts FFplay version SVN-r14067, Copyright (c) 2003-2008 Fabrice Bellard, et al. configuration: --prefix=/usr --enable-shared --enable-pthreads --enable-swscale --enable-debug --enable-x11grab --enable-libmp3lame --enable-libvorbis --enable-libtheora --enable-libfaac --enable-libx264 --enable-postproc --enable-gpl --disable-stripping libavutil version: 49.7.0 libavcodec version: 51.58.0 libavformat version: 52.16.0 libavdevice version: 52.0.0 built on Jul 4 2008 13:19:52, gcc: 4.2.3 -- Now running inside gdb: $ gdb ffplay_g GNU gdb 6.8 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-slackware-linux"... (gdb) run ffaac_crash.ts Starting program: /usr/bin/ffplay_g ffaac_crash.ts [Thread debugging using libthread_db enabled] FFplay version SVN-r14067, Copyright (c) 2003-2008 Fabrice Bellard, et al. configuration: --prefix=/usr --enable-shared --enable-pthreads --enable-swscale --enable-debug --enable-x11grab --enable-libmp3lame --enable-libvorbis --enable-libtheora --enable-libfaac --enable-libx264 --enable-postproc --enable-gpl --disable-stripping libavutil version: 49.7.0 libavcodec version: 51.58.0 libavformat version: 52.16.0 libavdevice version: 52.0.0 built on Jul 4 2008 13:19:52, gcc: 4.2.3 [New Thread 0xb71986c0 (LWP 4089)] [New Thread 0xb7161b90 (LWP 4092)] [New Thread 0xb68dab90 (LWP 4093)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb68dab90 (LWP 4093)] ff_mpeg4audio_get_config (c=0x80d32d4, buf=0x0, buf_size=0) at libavcodec/bitstream.h:658 658 UPDATE_CACHE(re, s) (gdb) bt #0 ff_mpeg4audio_get_config (c=0x80d32d4, buf=0x0, buf_size=0) at libavcodec/bitstream.h:658 #1 0xb79a6aa2 in aac_decode_init (avccontext=0x8072cc0) at libavcodec/aac.c:741 #2 0xb793e5c9 in avcodec_open (avctx=0x8072cc0, codec=0xb7cbd740) at libavcodec/utils.c:831 #3 0x0804be8e in stream_component_open (is=0xb68db020, stream_index=0) at ffplay.c:1715 #4 0x0804d78b in decode_thread (arg=0xb68db020) at ffplay.c:1962 #5 0xb778696b in ?? () from /usr/lib/libSDL-1.2.so.0 #6 0xb68db020 in ?? () #7 0x0804d590 in ?? () #8 0x0809b7f0 in ?? () #9 0xb77dc9c4 in ?? () from /usr/lib/libSDL-1.2.so.0 #10 0x00000000 in ?? () (gdb) disass $pc-32 $pc+32 Dump of assembler code from 0xb7b37aba to 0xb7b37afa: 0xb7b37aba : sbb $0x8b,%al 0xb7b37abc : je 0xb7b37ae2 0xb7b37abe : and %cl,-0x3edbdbbc(%ebx) 0xb7b37ac4 : loopne 0xb7b37ac9 0xb7b37ac6 : mov %eax,(%esp) 0xb7b37ac9 : js 0xb7b37be7 0xb7b37acf : js 0xb7b37be7 0xb7b37ad5 : mov %esi,%eax 0xb7b37ad7 : lea 0x1(%esi),%ecx 0xb7b37ada : mov (%eax),%eax 0xb7b37adc : bswap %eax 0xb7b37ade : mov %eax,%edx 0xb7b37ae0 : shr $0xfb,%edx 0xb7b37ae3 : cmp $0x1f,%edx 0xb7b37ae6 : je 0xb7b37cb5 0xb7b37aec : mov %ecx,%eax 0xb7b37aee : mov %esi,%ecx 0xb7b37af0 : mov $0x5,%edi 0xb7b37af5 : movl $0x9,0x4(%esp) End of assembler dump. (gdb) info all-registers eax 0x0 0 ecx 0x1 1 edx 0x0 0 ebx 0x0 0 esp 0xb68da0d4 0xb68da0d4 ebp 0x80d32d4 0x80d32d4 esi 0x0 0 edi 0x0 0 eip 0xb7b37ada 0xb7b37ada eflags 0x10246 [ PF ZF IF RF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 st0 -nan(0x8080808080808080) (raw 0xffff8080808080808080) st1 -nan(0x8080808080808080) (raw 0xffff8080808080808080) st2 -nan(0x08f8f8f8f) (raw 0xffff000000008f8f8f8f) st3 -nan(0x080808080) (raw 0xffff0000000080808080) st4 -nan(0x081818181) (raw 0xffff0000000081818181) st5 22.4775218963623046875 (raw 0x4003b3d1f70000000000) st6 5000000 (raw 0x40159896800000000000) st7 16384000 (raw 0x4016fa00000000000000) fctrl 0x37f 895 fstat 0x120 288 ftag 0xffff 65535 fiseg 0x73 115 fioff 0xb7f05d52 -1208984238 foseg 0x7b 123 fooff 0x809cb28 134859560 fop 0x398 920 xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} ---Type to continue, or q to quit--- xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 }, v8_int16 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} mxcsr 0x1f80 [ IM DM ZM OM UM PM ] mm0 {uint64 = 0x8080808080808080, v2_int32 = {0x80808080, 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}} mm1 {uint64 = 0x8080808080808080, v2_int32 = {0x80808080, 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}} mm2 {uint64 = 0x8f8f8f8f, v2_int32 = {0x8f8f8f8f, 0x0}, v4_int16 = {0x8f8f, 0x8f8f, 0x0, 0x0}, v8_int8 = {0x8f, 0x8f, 0x8f, 0x8f, 0x0, 0x0, 0x0, 0x0}} mm3 {uint64 = 0x80808080, v2_int32 = {0x80808080, 0x0}, v4_int16 = {0x8080, 0x8080, 0x0, 0x0}, v8_int8 = {0x80, 0x80, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0}} mm4 {uint64 = 0x81818181, v2_int32 = {0x81818181, 0x0}, v4_int16 = {0x8181, 0x8181, 0x0, 0x0}, v8_int8 = {0x81, 0x81, 0x81, 0x81, 0x0, 0x0, 0x0, 0x0}} mm5 {uint64 = 0xb3d1f70000000000, v2_int32 = {0x0, 0xb3d1f700}, v4_int16 = {0x0, 0x0, 0xf700, 0xb3d1}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0xf7, 0xd1, 0xb3}} mm6 {uint64 = 0x9896800000000000, v2_int32 = {0x0, 0x98968000}, v4_int16 = {0x0, 0x0, 0x8000, 0x9896}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x96, 0x98}} mm7 {uint64 = 0xfa00000000000000, v2_int32 = {0x0, 0xfa000000}, v4_int16 = {0x0, 0x0, 0x0, 0xfa00}, v8_int8 = { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfa}} Rafael Diniz rafael (at) riseup (dot) net