Hi, * A Mennucc <[EMAIL PROTECTED]> [2008-07-20 14:43]: > the file > http://libcaca.zoy.org/attachment/wiki/zzuf/bugs/lol-mplayer.mpg?format=raw > crashes both my packaged version 1.0~rc2-15 > and SVN 27184 > > according to the backtrace, the crash is in libavcodec > > see in > http://bugzilla.mplayerhq.hu/show_bug.cgi?id=1212 > for more details
According my backtrace the problem is in pred_direct_motion(): mb_type_col = <value optimized out> l1mv0 = <value optimized out> l1mv1 = <value optimized out> l1ref0 = <value optimized out> l1ref1 = <value optimized out> is_b8x8 = 0x0 sub_mb_type = <value optimized out> i8 = <value optimized out> Looking at the code I think this is just a null ptr dereference: 1062 if(!is_b8x8) 1063 *mb_type |= MB_TYPE_DIRECT2; 1064 if(MB_FIELD) 1065 *mb_type |= MB_TYPE_INTERLACED; 1066 1067 tprintf(s->avctx, "mb_type = %08x, sub_mb_type = %08x, is_b8x8 = %d, mb_type_col = %08x\n", *mb_type, sub_mb_type, is_b8x8, mb_type_col); is_b8x8 is checked before but not when dereferencing it in tprintf. I could not check this as I have no possibility to recompile mplayer right now, Andrea can you test this? Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgprB0o8iP071.pgp
Description: PGP signature
