[FFmpeg-trac] #4942(undetermined:new): AAC encoder crash/invalid read
FFmpeg
trac at avcodec.org
Sat Oct 17 22:52:42 CEST 2015
#4942: AAC encoder crash/invalid read
-------------------------------------+-------------------------------------
Reporter: kierank | Owner:
Type: defect | Status: new
Priority: important | Component:
Version: git-master | undetermined
Keywords: aac crash | Resolution:
SIGSEGV | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* keywords: => aac crash SIGSEGV
* priority: normal => important
* version: unspecified => git-master
Comment:
With 4ffdba24, no encoder options:
{{{
(gdb) bt
#0 quantize_and_encode_band_cost_template (ROUNDING=0.405400008,
BT_STEREO=0, BT_NOISE=0,
BT_ESC=1, BT_PAIR=1, BT_UNSIGNED=1, BT_ZERO=0, energy=0x3ac6564,
bits=0x3ac6568,
uplim=inf, lambda=1, cb=11, scale_idx=127, size=8, scaled=<optimized
out>, out=0x0,
in=<optimized out>, pb=0x0, s=0x3a7c280) at
libavcodec/aacenc_quantization.h:96
#1 quantize_and_encode_band_cost_ESC (s=0x3a7c280, pb=0x0, in=<optimized
out>, quant=0x0,
scaled=<optimized out>, size=8, scale_idx=127, cb=11, lambda=1,
uplim=inf,
bits=0x3ac6568, energy=0x3ac6564) at
libavcodec/aacenc_quantization.h:190
#2 0x0000000000f1f5c4 in quantize_band_cost (rtz=0, energy=0x3ac6564,
bits=0x3ac6568,
lambda=1, cb=11, scale_idx=<optimized out>, size=<optimized out>,
scaled=0x3a86090,
in=0x3c2b290, s=0x3a7c280, uplim=inf) at
libavcodec/aacenc_quantization.h:255
#3 quantize_band_cost_cached (energy=<synthetic pointer>, bits=<synthetic
pointer>, cb=11,
scale_idx=<optimized out>, size=<optimized out>, scaled=0x3a86090,
in=0x3c2b290,
g=<optimized out>, w=<optimized out>, s=0x3a7c280, lambda=<optimized
out>,
uplim=<optimized out>, rtz=<optimized out>) at
libavcodec/aacenc_quantization_misc.h:40
#4 search_for_quantizers_twoloop (avctx=0x30, s=0x3a7c280, sce=<optimized
out>,
lambda=<optimized out>) at ./libavcodec/aaccoder_twoloop.h:384
#5 0x0000000000dedeb0 in aac_encode_frame (avctx=0x3a72e00,
avpkt=0x7fff5653cbb0,
frame=0x0, got_packet_ptr=0x7fff5653c8ec) at libavcodec/aacenc.c:655
#6 0x0000000000b445bc in avcodec_encode_audio2
(avctx=avctx at entry=0x3a72e00,
avpkt=avpkt at entry=0x7fff5653cbb0, frame=frame at entry=0x0,
got_packet_ptr=got_packet_ptr at entry=0x7fff5653c8ec) at
libavcodec/utils.c:1750
#7 0x0000000000495099 in flush_encoders () at ffmpeg.c:1741
#8 transcode () at ffmpeg.c:4100
#9 0x00000000004787cb in main (argc=<optimized out>, argv=0x7fff5653cdf8)
at ffmpeg.c:4256
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0xf236ee to 0xf2372e:
0x0000000000f236ee <quantize_and_encode_band_cost_ESC+478>: clc
0x0000000000f236ef <quantize_and_encode_band_cost_ESC+479>: add
%eax,%r8d
0x0000000000f236f2 <quantize_and_encode_band_cost_ESC+482>: add
0x95c4(%rdi,%rbp,4),%r8d
0x0000000000f236fa <quantize_and_encode_band_cost_ESC+490>: movslq
%r8d,%rcx
0x0000000000f236fd <quantize_and_encode_band_cost_ESC+493>: add
%r8d,%r8d
0x0000000000f23700 <quantize_and_encode_band_cost_ESC+496>: movslq
%r8d,%rsi
0x0000000000f23703 <quantize_and_encode_band_cost_ESC+499>: add
%rcx,%rdx
0x0000000000f23706 <quantize_and_encode_band_cost_ESC+502>: lea
0x0(,%rsi,4),%r10
=> 0x0000000000f2370e <quantize_and_encode_band_cost_ESC+510>: movzbl
(%rdx),%eax
0x0000000000f23711 <quantize_and_encode_band_cost_ESC+513>: lea
0x0(%r13,%r10,1),%r12
0x0000000000f23716 <quantize_and_encode_band_cost_ESC+518>: movss
(%r12),%xmm2
0x0000000000f2371c <quantize_and_encode_band_cost_ESC+524>: ucomiss
0x147db1(%rip),%xmm2 # 0x106b4d4
0x0000000000f23723 <quantize_and_encode_band_cost_ESC+531>: jp
0xf2372b <quantize_and_encode_band_cost_ESC+539>
0x0000000000f23725 <quantize_and_encode_band_cost_ESC+533>: je
0xf23b00 <quantize_and_encode_band_cost_ESC+1520>
0x0000000000f2372b <quantize_and_encode_band_cost_ESC+539>: movaps
%xmm12,%xmm7
End of assembler dump.
(gdb) info register
rax 0x80000000 2147483648
rbx 0x0 0
rcx 0xffffffff80000010 -2147483632
rdx 0xffffffff812a1d90 -2127946352
rsi 0x20 32
rdi 0x3a7c280 61325952
rbp 0x0 0x0
rsp 0x7fff5653af10 0x7fff5653af10
r8 0x20 32
r9 0x8 8
r10 0x80 128
r11 0x1 1
r12 0x0 0
r13 0x12a1030 19533872
r14 0x3c2b290 63091344
r15 0x0 0
rip 0xf2370e 0xf2370e <quantize_and_encode_band_cost_ESC+510>
eflags 0x10286 [ PF SF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
}}}
Allow me to take the opportunity to express how very rude these kind of
reports are.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/4942#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list