[FFmpeg-trac] #212(avcodec:open): mpeg2video: crash with lowres 3
FFmpeg
trac at avcodec.org
Wed May 18 10:36:33 CEST 2011
#212: mpeg2video: crash with lowres 3
-----------------------+----------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: open
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: x86 x86-64 | Blocked By:
Blocking: | Reproduced: 1
Analyzed: 0 |
-----------------------+----------------------
Changes (by cehoyos):
* keywords: => x86 x86-64
Comment:
Works fine with --disable-mmx.
{{{
(gdb) r -vlowres 3 -i mpeg2_field_encoding.ts -f null -
ffmpeg version git-N-30011-gb4bcd1e, Copyright (c) 2000-2011 the FFmpeg
developers
built on May 18 2011 10:26:56 with gcc 4.5.3
configuration: --cc=/usr/local/gcc-4.5.3/bin/gcc --disable-sse
libavutil 51. 2. 1 / 51. 2. 1
libavcodec 53. 6. 0 / 53. 6. 0
libavformat 53. 1. 0 / 53. 1. 0
libavdevice 53. 0. 0 / 53. 0. 0
libavfilter 2. 5. 0 / 2. 5. 0
libswscale 0. 14. 0 / 0. 14. 0
[mpeg2video @ 0x1256e40] mpeg_decode_postinit() failure
Last message repeated 8 times
[mpeg2video @ 0x1256e40] allocate dummy last picture for field based first
keyframe
Input #0, mpegts, from 'mpeg2_field_encoding.ts':
Duration: 00:00:01.58, start: 22953.408322, bitrate: 4050 kb/s
Program 1
Stream #0.0[0x1023]: Video: mpeg2video (Simple), yuv420p, 90x72 [PAR
16:15 DAR 4:3], 3364 kb/s, 31.45 fps, 25 tbr, 90k tbn, 50 tbc
[buffer @ 0x1251a90] w:90 h:72 pixfmt:yuv420p tb:1/1000000 sar:16/15
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf53.1.0
Stream #0.0: Video: rawvideo, yuv420p, 90x72 [PAR 16:15 DAR 4:3],
q=2-31, 200 kb/s, 90k tbn, 25 tbc
Stream mapping:
Stream #0.0 -> #0.0
Press [q] to stop, [?] for help
[mpeg2video @ 0x1256e40] mpeg_decode_postinit() failure
Error while decoding stream #0.0
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Error while decoding stream #0.0s
Last message repeated 8 times
[mpeg2video @ 0x1256e40] allocate dummy last picture for field based first
keyframe
Program received signal SIGSEGV, Segmentation fault.
ff_put_h264_chroma_mc2_mmx2.nextrow () at
libavcodec/x86/h264_chromamc.asm:434
434 chroma_mc2_mmx_func put, h264, mmx2
(gdb) bt
#0 ff_put_h264_chroma_mc2_mmx2.nextrow () at
libavcodec/x86/h264_chromamc.asm:434
#1 0x00000000006a95b4 in mpeg_motion_lowres (mb_y=0, h=1, motion_y=<value
optimized out>,
motion_x=<value optimized out>, pix_op=0x12b3f78, ref_picture=<value
optimized out>, field_select=1,
bottom_field=0, field_based=0,
dest_cr=0x12f6471
"}\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200}~\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177}}}~}}}}|}||||||}~|}\177}|}~~}~\204\210\204\203\201\177\177\177~}|}{~|\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200}|\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177{{}}|}~|}}~}}}}}}|}|}~~~~~~\177\177\201\200\177~}}\177|}}}}}~\200\200\200\200\200\200\200\200\200\200\200\200\200"...,
dest_cb=0x12f5b21
"\201\201\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177\201\201~~\177\177\177\200\200\200\200\201\202\202\202\201\201\201\202~{\200\201\201\201\201\201\200ysty|}||\200\200\200\200\200\200\200\200\200\200\200\200\177\177\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\201\177\177\200\200\201~\200\201\201\202\200\200\202\201\203\203\203\203\202\177|}\177\200\201\201\201\177|z|}~\177\200\177\200\200\200\200\201\201\201\200\200\200\200\200\177\201\200\200\200\200\200\200"...,
dest_y=0x12f3642
">9\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\024I>92=?@ZR>9B?@875G at 9=;6.'&%\"!,+0))10,45<BFA700128BCB<52>\206\270\243\247\241\246\257\231\320\302\212^VYcYd]A0,.0,/2634CF\022\017\200\200\200\200\200\200\023C\200\200\200\200\200\200\200\200"...,
s=0x12b2280) at libavcodec/mpegvideo.c:1725
#2 MPV_motion_lowres (mb_y=0, h=1, motion_y=<value optimized out>,
motion_x=<value optimized out>,
pix_op=0x12b3f78, ref_picture=<value optimized out>, field_select=1,
bottom_field=0, field_based=0,
dest_cr=0x12f6471
"}\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200}~\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177}}}~}}}}|}||||||}~|}\177}|}~~}~\204\210\204\203\201\177\177\177~}|}{~|\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200}|\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177{{}}|}~|}}~}}}}}}|}|}~~~~~~\177\177\201\200\177~}}\177|}}}}}~\200\200\200\200\200\200\200\200\200\200\200\200\200"...,
dest_cb=0x12f5b21
"\201\201\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\177\201\201~~\177\177\177\200\200\200\200\201\202\202\202\201\201\201\202~{\200\201\201\201\201\201\200ysty|}||\200\200\200\200\200\200\200\200\200\200\200\200\177\177\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\201\177\177\200\200\201~\200\201\201\202\200\200\202\201\203\203\203\203\202\177|}\177\200\201\201\201\177|z|}~\177\200\177\200\200\200\200\201\201\201\200\200\200\200\200\177\201\200\200\200\200\200\200"...,
dest_y=0x12f3642
">9\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200\024I>92=?@ZR>9B?@875G at 9=;6.'&%\"!,+0))10,45<BFA700128BCB<52>\206\270\243\247\241\246\257\231\320\302\212^VYcYd]A0,.0,/2634CF\022\017\200\200\200\200\200\200\023C\200\200\200\200\200\200\200\200"...,
s=0x12b2280) at libavcodec/mpegvideo.c:1865
#3 0x00000000006befff in MPV_decode_mb_internal (is_mpeg12=1,
lowres_flag=1,
block=<value optimized out>, s=0x12b2280) at
libavcodec/mpegvideo.c:2123
#4 MPV_decode_mb (is_mpeg12=1, lowres_flag=1, block=<value optimized
out>, s=0x12b2280)
at libavcodec/mpegvideo.c:2269
#5 0x0000000000673040 in mpeg_decode_slice (s1=0x12b2280, mb_y=<value
optimized out>,
buf=0x7fffffffc630, buf_size=<value optimized out>) at
libavcodec/mpeg12.c:1843
#6 0x0000000000676228 in decode_chunks (avctx=0x1256e40,
picture=0x7fffffffc9c0,
data_size=0x7fffffffccec, buf=0x12b60c0 "", buf_size=24296) at
libavcodec/mpeg12.c:2527
#7 0x0000000000678b58 in mpeg_decode_frame (avctx=0x1256e40,
data=0x7fffffffc9c0,
data_size=0x7fffffffccec, avpkt=<value optimized out>) at
libavcodec/mpeg12.c:2323
#8 0x000000000077d31c in avcodec_decode_video2 (avctx=0x1256e40,
picture=0x7fffffffc9c0,
got_picture_ptr=0x7fffffffccec, avpkt=0x7fffffffcb90) at
libavcodec/utils.c:743
#9 0x000000000040861d in output_packet (ist=<value optimized out>,
ist_index=0, ost_table=0x1257c70,
nb_ostreams=1, pkt=<value optimized out>) at ffmpeg.c:1590
#10 0x000000000040b838 in transcode (nb_output_files=1, nb_input_files=1,
stream_maps=0x0,
nb_stream_maps=0, input_files=0xce43e0, output_files=0xce40c0) at
ffmpeg.c:2753
#11 0x0000000000410649 in main (argc=<value optimized out>, argv=<value
optimized out>) at ffmpeg.c:4565
(gdb) disass $pc-9 $pc+40
Dump of assembler code from 0x81f187 to 0x81f1b8:
0x000000000081f187 <ff_put_h264_chroma_mc2_mmx2.nextrow+0>: add
%rdx,%rsi
0x000000000081f18a <ff_put_h264_chroma_mc2_mmx2.nextrow+3>: movq
%mm2,%mm1
0x000000000081f18d <ff_put_h264_chroma_mc2_mmx2.nextrow+6>: pmaddwd
%mm5,%mm1
0x000000000081f190 <ff_put_h264_chroma_mc2_mmx2.nextrow+9>: movd
(%rsi),%mm0
0x000000000081f193 <ff_put_h264_chroma_mc2_mmx2.nextrow+12>: punpcklbw
%mm7,%mm0
0x000000000081f196 <ff_put_h264_chroma_mc2_mmx2.nextrow+15>: pshufw
$0x94,%mm0,%mm0
0x000000000081f19a <ff_put_h264_chroma_mc2_mmx2.nextrow+19>: movq
%mm0,%mm2
0x000000000081f19d <ff_put_h264_chroma_mc2_mmx2.nextrow+22>: pmaddwd
%mm6,%mm0
0x000000000081f1a0 <ff_put_h264_chroma_mc2_mmx2.nextrow+25>: paddw
0xa31050,%mm1
0x000000000081f1a8 <ff_put_h264_chroma_mc2_mmx2.nextrow+33>: paddw
%mm0,%mm1
0x000000000081f1ab <ff_put_h264_chroma_mc2_mmx2.nextrow+36>: psrlw
$0x6,%mm1
0x000000000081f1af <ff_put_h264_chroma_mc2_mmx2.nextrow+40>: packssdw
%mm7,%mm1
0x000000000081f1b2 <ff_put_h264_chroma_mc2_mmx2.nextrow+43>: packuswb
%mm7,%mm1
0x000000000081f1b5 <ff_put_h264_chroma_mc2_mmx2.nextrow+46>: movd
%mm1,%r9d
End of assembler dump.
(gdb) info all-registers
rax 0x0 0
rbx 0x12b2280 19604096
rcx 0xfffffb49 4294966089
rdx 0x60 96
rsi 0x1312051 19996753
rdi 0x1311fc1 19996609
rbp 0x1 0x1
rsp 0x7fffffffc138 0x7fffffffc138
r8 0x40 64
r9 0x0 0
r10 0x0 0
r11 0x12f5b21 19880737
r12 0x12b3f88 19611528
r13 0x12b2658 19605080
r14 0x12b3f78 19611512
r15 0x0 0
rip 0x81f190 0x81f190 <ff_put_h264_chroma_mc2_mmx2.nextrow+9>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 -inf (raw 0xffff0000000000000000)
st1 -inf (raw 0xffff0000000000000000)
st2 -inf (raw 0xffff0000000000000000)
st3 -nan(0x9000000000000000) (raw 0xffff9000000000000000)
st4 -nan(0x7f007e007e007e) (raw 0xffff007f007e007e007e)
st5 -nan(0x4000000040) (raw 0xffff0000004000000040)
st6 -inf (raw 0xffff0000000000000000)
st7 -inf (raw 0xffff0000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xaaaa 43690
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x25 <repeats 16 times>}, v8_int16 = {0x2525, 0x2525, 0x2525, 0x2525,
0x2525, 0x2525, 0x2525,
0x2525}, v4_int32 = {0x25252525, 0x25252525, 0x25252525, 0x25252525},
v2_int64 = {0x2525252525252525,
0x2525252525252525}, uint128 = 0x25252525252525252525252525252525}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0,
0x8000000000000000}, v16_int8 = {0xff,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0,
0xff}, v8_int16 = {0xff, 0x0,
0x0, 0x0, 0x0, 0xff, 0x0, 0xff00}, v4_int32 = {0xff, 0x0, 0xff0000,
0xff000000}, v2_int64 = {0xff,
0xff00000000ff0000}, uint128 = 0xff00000000ff000000000000000000ff}
xmm4 {v4_float = {0x0, 0x7, 0x0, 0x0}, v2_double = {0x15f90,
0x0}, v16_int8 = {0x0, 0x0, 0x0,
0x0, 0x0, 0xf9, 0xf5, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v8_int16 = {0x0, 0x0, 0xf900,
0x40f5, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x40f5f900, 0x0, 0x0},
v2_int64 = {0x40f5f90000000000,
0x0}, uint128 = 0x000000000000000040f5f90000000000}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm8 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm9 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm10 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm11 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
xmm15 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {
0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int32 = {0x0, 0x0,
0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 =
0x00000000000000000000000000000000}
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
}}}
--
Ticket URL: <https://avcodec.org/trac/ffmpeg/ticket/212#comment:3>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list