#3515: Crashes or artifacts when playing a specific file/stream -------------------------------------+------------------------------------- Reporter: evol | Owner: Type: defect | Status: new Priority: important | Component: Version: unspecified | undetermined Keywords: crash | Resolution: Blocking: | Blocked By: Analyzed by developer: 0 | Reproduced by developer: 0 -------------------------------------+------------------------------------- Comment (by evol): I made a new one. {{{ * thread #53: tid = 0x14718, 0x26666082 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50, stop reason = EXC_BAD_ACCESS (code=1, address=0x33beb160) frame #0: 0x26666082 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50: -> 0x26666082: movq %mm0, (%eax,%ecx,2) 0x26666086: ret 0x26666087: jmp 0x26666090 ; ff_pred8x8_horizontal_8_mmx 0x26666089: nop (lldb) bt * thread #53: tid = 0x14718, 0x26666082 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50, stop reason = EXC_BAD_ACCESS (code=1, address=0x33beb160) * frame #0: 0x26666082 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50 frame #1: 0x264dfbdf ffmpegsumo.so`hl_decode_mb_simple_8(h=<unavailable>) + 1663 at h264_mb_template.c:162 frame #2: 0x264e7eb6 ffmpegsumo.so`decode_slice(avctx=<unavailable>, arg=0xbabdadb4) + 406 at h264.c:4485 frame #3: 0x264e7bf2 ffmpegsumo.so`execute_decode_slices(h=0x2cfb5000, context_count=<unavailable>) + 82 at h264.c:4636 frame #4: 0x264d58ce ffmpegsumo.so`decode_nal_units(h=<unavailable>, buf=<unavailable>, buf_size=535452056, parse_extradata=<unavailable>) + 2046 at h264.c:4999 frame #5: 0x264e3124 ffmpegsumo.so`decode_frame(avctx=<unavailable>, data=<unavailable>, got_frame=<unavailable>, avpkt=0x1fea59f4) + 324 at h264.c:5136 frame #6: 0x265ce3dc ffmpegsumo.so`frame_worker_thread(arg=0x1fea5938) + 492 at pthread_frame.c:153 frame #7: 0x907bb5fb libsystem_pthread.dylib`_pthread_body + 144 frame #8: 0x907bb485 libsystem_pthread.dylib`_pthread_start + 130 (lldb) disassemble --start-address 0x26666062 --end-address 0x266660A2 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 18: 0x26666062: jg 0x26666068 ; ff_pred8x8_vertical_8_mmx + 24 0x26666064: decl %eax 0x26666065: leal (%eax,%ecx,2), %eax 0x26666068: movq %mm0, (%eax,%ecx) 0x2666606c: movq %mm0, (%eax,%ecx,2) 0x26666070: leal (%eax,%ecx,2), %eax 0x26666073: movq %mm0, (%eax,%ecx) 0x26666077: movq %mm0, (%eax,%ecx,2) 0x2666607b: leal (%eax,%ecx,2), %eax 0x2666607e: movq %mm0, (%eax,%ecx) -> 0x26666082: movq %mm0, (%eax,%ecx,2) 0x26666086: ret 0x26666087: jmp 0x26666090 ; ff_pred8x8_horizontal_8_mmx 0x26666089: nop 0x2666608a: nop 0x2666608b: nop 0x2666608c: nop 0x2666608d: nop 0x2666608e: nop 0x2666608f: nop ffmpegsumo.so`ff_pred8x8_horizontal_8_mmx: 0x26666090: movl 0x4(%esp), %eax 0x26666094: movl 0x8(%esp), %ecx 0x26666098: movl $0x4, %edx 0x2666609d: movd -0x4(%eax), %mm0 (lldb) register read --all General Purpose Registers: eax = 0x33beae20 ebx = 0x000001a0 ecx = 0x000001a0 edx = 0x33bc5000 edi = 0x33b9fa00 esi = 0x2cfb5000 ebp = 0xbabdad38 esp = 0xbabdac6c ss = 0x00000023 eflags = 0x00010206 Chromium Framework`(anonymous namespace)::SubprocessNeedsResourceBundle(std::string const&) + 278 at chrome_main_delegate.cc:258 eip = 0x26666082 ffmpegsumo.so`ff_pred8x8_vertical_8_mmx + 50 cs = 0x0000001b ds = 0x00000023 es = 0x00000023 fs = 0x00000023 gs = 0x0000000f ax = 0xae20 bx = 0x01a0 cx = 0x01a0 dx = 0x5000 di = 0xfa00 si = 0x5000 bp = 0xad38 sp = 0xac6c ah = 0xae bh = 0x01 ch = 0x01 dh = 0x50 al = 0x20 bl = 0xa0 cl = 0xa0 dl = 0x00 dil = 0x00 sil = 0x00 bpl = 0x38 spl = 0x6c Floating Point Registers: fctrl = 0x037f fstat = 0x0000 ftag = 0xff fop = 0x0000 fioff = 0x00000000 fiseg = 0x0000 fooff = 0x00000000 foseg = 0x0000 mxcsr = 0x00001f80 Chromium`switches::kDisableThreadedHTMLParser + 18 mxcsrmask = 0x0000ffff Chromium Framework`(anonymous namespace)::InitializeUserDataDir() + 895 at chrome_main_delegate.cc:379 stmm0 = {0x80 0x80 0x80 0x80 0x80 0x80 0x80 0x80 0xff 0xff} stmm1 = {0x80 0x80 0x80 0x80 0x80 0x80 0x80 0x80 0xff 0xff} stmm2 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xff 0xff} stmm3 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xff 0xff} stmm4 = {0xf8 0xff 0xf8 0xff 0x00 0x00 0x00 0x00 0xff 0xff} stmm5 = {0x80 0x80 0x80 0x80 0x80 0x80 0x80 0x80 0xff 0xff} stmm6 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xff 0xff} stmm7 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xff 0xff} xmm0 = {0x18 0x47 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm1 = {0x7f 0x7f 0x7f 0x7f 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm2 = {0xff 0xff 0xff 0xff 0xff 0xff 0xff 0xff 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm3 = {0x01 0x00 0x01 0x00 0x01 0x00 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm4 = {0x80 0x80 0x80 0x80 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm5 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} xmm6 = {0x00 0x00 0x01 0x01 0x00 0x01 0x00 0x00 0x00 0x00 0x01 0x00 0x00 0x00 0x00 0x00} xmm7 = {0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00} Exception State Registers: trapno = 0x0000000e err = 0x00000006 faultvaddr = 0x33beb160 }}} -- Ticket URL: <https://trac.ffmpeg.org/ticket/3515#comment:2> FFmpeg <https://ffmpeg.org> FFmpeg issue tracker