[FFmpeg-trac] #2140(avfilter:new): Crash using mp=il=i on gray input
FFmpeg
trac at avcodec.org
Tue Jan 15 18:01:38 CET 2013
#2140: Crash using mp=il=i on gray input
-------------------------------------+-------------------------------------
Reporter: cehoyos | Owner:
Type: defect | Status: new
Priority: important | Component: avfilter
Version: git- | Keywords: crash
master | SIGSEGV mp
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
$ ffmpeg -i tests/lena.pnm -vf mp=il=d -pix_fmt gray gray.png
{{{
(gdb) r -i gray.png -vf mp=il=i gray2.png
Starting program: ffmpeg_g -i gray.png -vf mp=il=i gray2.png
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-48916-ge074fe2 Copyright (c) 2000-2013 the FFmpeg
developers
built on Jan 15 2013 15:59:20 with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl --disable-indev=jack
libavutil 52. 14.100 / 52. 14.100
libavcodec 54. 89.100 / 54. 89.100
libavformat 54. 59.107 / 54. 59.107
libavdevice 54. 3.102 / 54. 3.102
libavfilter 3. 32.100 / 3. 32.100
libswscale 2. 1.103 / 2. 1.103
libswresample 0. 17.102 / 0. 17.102
libpostproc 52. 2.100 / 52. 2.100
Input #0, image2, from 'gray.png':
Duration: 00:00:00.04, start: 0.000000, bitrate: N/A
Stream #0:0: Video: png, gray, 256x256, 25 tbr, 25 tbn, 25 tbc
[Parsed_mp_0 @ 0x15d2a20] 'il' is a wrapped MPlayer filter (libmpcodecs).
This filter may be removed
once it has been ported to a native libavfilter.
[New Thread 0x7ffff6563700 (LWP 11883)]
[New Thread 0x7ffff5d62700 (LWP 11884)]
[New Thread 0x7ffff5561700 (LWP 11885)]
[New Thread 0x7ffff4d60700 (LWP 11886)]
[New Thread 0x7fffe7fff700 (LWP 11887)]
[New Thread 0x7fffe77fe700 (LWP 11888)]
[New Thread 0x7fffe6ffd700 (LWP 11889)]
[New Thread 0x7fffe67fc700 (LWP 11890)]
Output #0, image2, to 'gray2.png':
Metadata:
encoder : Lavf54.59.107
Stream #0:0: Video: png, gray, 256x256, q=2-31, 200 kb/s, 90k tbn, 25
tbc
Stream mapping:
Stream #0:0 -> #0:0 (png -> png)
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
0x0000000000bb9ae0 in av_image_copy (dst_data=dst_data at entry=0x15b9108,
dst_linesizes=dst_linesizes at entry=0x15b9150,
src_data=src_data at entry=0x15c6b88,
src_linesizes=src_linesizes at entry=0x15c6bd0, pix_fmt=AV_PIX_FMT_GRAY8,
width=256,
height=256) at libavutil/imgutils.c:272
272 memcpy(dst_data[1], src_data[1], 4*256);
(gdb) bt
#0 0x0000000000bb9ae0 in av_image_copy
(dst_data=dst_data at entry=0x15b9108,
dst_linesizes=dst_linesizes at entry=0x15b9150,
src_data=src_data at entry=0x15c6b88,
src_linesizes=src_linesizes at entry=0x15c6bd0, pix_fmt=AV_PIX_FMT_GRAY8,
width=256,
height=256) at libavutil/imgutils.c:272
#1 0x0000000000470667 in ff_filter_frame_framed
(link=link at entry=0x15d42c0,
frame=frame at entry=0x15c6b80) at libavfilter/avfilter.c:693
#2 0x0000000000470a71 in ff_filter_frame (frame=0x15c6b80,
link=0x15d42c0)
at libavfilter/avfilter.c:791
#3 default_filter_frame (link=<optimized out>, frame=0x15c6b80)
at libavfilter/avfilter.c:638
#4 0x00000000004707d6 in ff_filter_frame_framed
(link=link at entry=0x15d4020,
frame=frame at entry=0x15c6b80) at libavfilter/avfilter.c:719
#5 0x000000000047242b in ff_filter_frame (link=link at entry=0x15d4020,
frame=frame at entry=0x15c6b80) at libavfilter/avfilter.c:791
#6 0x000000000048af2c in ff_vf_next_put_image (vf=0x15d2ac0,
mpi=0x15d43a0, pts=0)
at libavfilter/vf_mp.c:588
#7 0x000000000048abd2 in filter_frame (inlink=0x15d41e0, inpic=0x15d4700)
at libavfilter/vf_mp.c:824
#8 0x00000000004707d6 in ff_filter_frame_framed
(link=link at entry=0x15d41e0,
frame=frame at entry=0x15d4700) at libavfilter/avfilter.c:719
#9 0x000000000047242b in ff_filter_frame (link=link at entry=0x15d41e0,
frame=0x15d4700)
at libavfilter/avfilter.c:791
#10 0x0000000000475182 in request_frame (link=0x15d41e0) at
libavfilter/buffersrc.c:372
#11 0x00000000004755b4 in av_buffersrc_add_ref (s=0x15c6e00, buf=0x0,
flags=flags at entry=7)
at libavfilter/buffersrc.c:150
#12 0x000000000045e5ed in decode_video (ist=ist at entry=0x15ddb40,
pkt=pkt at entry=0x7fffffffdb00,
got_output=got_output at entry=0x7fffffffd89c)
at ffmpeg.c:1672
#13 0x00000000004615ff in output_packet (pkt=0x7fffffffdaa0,
ist=0x15ddb40)
at ffmpeg.c:1792
#14 process_input (file_index=<optimized out>) at ffmpeg.c:2886
#15 0x0000000000451cb0 in transcode_step () at ffmpeg.c:2982
#16 transcode () at ffmpeg.c:3034
#17 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3209
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0xbb9ac0 to 0xbb9b00:
0x0000000000bb9ac0 <av_image_copy+848>: add %al,(%rax)
0x0000000000bb9ac2 <av_image_copy+850>: add %al,-0xa(%rax)
0x0000000000bb9ac5 <av_image_copy+853>: movl $0x10d850f,(%rdx)
0x0000000000bb9acb <av_image_copy+859>: add %al,(%rax)
0x0000000000bb9acd <av_image_copy+861>: test $0x4,%dil
0x0000000000bb9ad1 <av_image_copy+865>: jne 0xbb9bc6
<av_image_copy+1110>
0x0000000000bb9ad7 <av_image_copy+871>: mov %eax,%ecx
0x0000000000bb9ad9 <av_image_copy+873>: xor %edx,%edx
0x0000000000bb9adb <av_image_copy+875>: shr $0x3,%ecx
0x0000000000bb9ade <av_image_copy+878>: test $0x4,%al
=> 0x0000000000bb9ae0 <av_image_copy+880>: rep movsq
%ds:(%rsi),%es:(%rdi)
0x0000000000bb9ae3 <av_image_copy+883>: je 0xbb9aee
<av_image_copy+894>
0x0000000000bb9ae5 <av_image_copy+885>: mov (%rsi),%edx
0x0000000000bb9ae7 <av_image_copy+887>: mov %edx,(%rdi)
0x0000000000bb9ae9 <av_image_copy+889>: mov $0x4,%edx
0x0000000000bb9aee <av_image_copy+894>: test $0x2,%al
0x0000000000bb9af0 <av_image_copy+896>: je 0xbb9afe
<av_image_copy+910>
0x0000000000bb9af2 <av_image_copy+898>: movzwl (%rsi,%rdx,1),%ecx
0x0000000000bb9af6 <av_image_copy+902>: mov %cx,(%rdi,%rdx,1)
0x0000000000bb9afa <av_image_copy+906>: add $0x2,%rdx
0x0000000000bb9afe <av_image_copy+910>: test $0x1,%al
(gdb) info register
rax 0x400 1024
rbx 0x100 256
rcx 0x80 128
rdx 0x0 0
rsi 0x0 0
rdi 0x162daa0 23255712
rbp 0x100 0x100
rsp 0x7fffffffd1f0 0x7fffffffd1f0
r8 0x162d9a0 23255456
r9 0xf0 240
r10 0x0 0
r11 0x7ffff68d1d60 140737329831264
r12 0x161d840 23189568
r13 0x162daa0 23255712
r14 0x0 0
r15 0x100 256
rip 0xbb9ae0 0xbb9ae0 <av_image_copy+880>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2140>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list