[FFmpeg-trac] #5013(ffmpeg:open): Format conversion from yuv420p to NV12 for 720x480 crashes
FFmpeg
trac at avcodec.org
Wed Nov 18 16:25:57 CET 2015
#5013: Format conversion from yuv420p to NV12 for 720x480 crashes
-------------------------------------+-------------------------------------
Reporter: mwarrier | Owner:
Type: defect | Status: open
Priority: important | Component: ffmpeg
Version: git-master | Resolution:
Keywords: crash | Blocked By:
SIGSEGV regression | Reproduced by developer: 1
Blocking: |
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* keywords: ffmpeg,yuv,nv12 => crash SIGSEGV regression
* priority: normal => important
* version: unspecified => git-master
* status: new => open
* reproduced: 0 => 1
Comment:
Regression since a05a44e2 - workaround is to use {{{-cpuflags -sse2}}}
{{{
(gdb) r -s 720x480 -f rawvideo -i /dev/zero -pix_fmt nv12 -f null -
Starting program: ffmpeg_g -s 720x480 -f rawvideo -i /dev/zero -pix_fmt
nv12 -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-76707-g3a4d828 Copyright (c) 2000-2015 the FFmpeg
developers
built with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl
libavutil 55. 6.100 / 55. 6.100
libavcodec 57. 15.100 / 57. 15.100
libavformat 57. 15.100 / 57. 15.100
libavdevice 57. 0.100 / 57. 0.100
libavfilter 6. 15.100 / 6. 15.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
Input #0, rawvideo, from '/dev/zero':
Duration: N/A, start: 0.000000, bitrate: 103680 kb/s
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 720x480,
103680 kb/s, 25 tbr, 25 tbn, 25 tbc
[New Thread 0x7ffff14f0700 (LWP 12002)]
[New Thread 0x7ffff0cef700 (LWP 12003)]
[New Thread 0x7ffff04ee700 (LWP 12004)]
[New Thread 0x7fffefced700 (LWP 12005)]
[New Thread 0x7fffef4ec700 (LWP 12006)]
[New Thread 0x7fffeeceb700 (LWP 12007)]
[New Thread 0x7fffee4ea700 (LWP 12008)]
[New Thread 0x7fffedce9700 (LWP 12009)]
[New Thread 0x7fffed4e8700 (LWP 12010)]
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf57.15.100
Stream #0:0: Video: wrapped_avframe, nv12, 720x480, q=2-31, 200 kb/s,
25 fps, 25 tbn, 25 tbc
Metadata:
encoder : Lavc57.15.100 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (rawvideo (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
0x0000000000fe5b9f in interleaveBytes_sse2 (src1=0x7ffff7f89778 "",
src2=0x7ffff7f9e8f8 "", dest=0x7ffff7eb2320 "", width=360, height=240,
src1Stride=360, src2Stride=360, dstStride=736)
at libswscale/x86/rgb2rgb_template.c:1892
1892 __asm__(
(gdb) bt
#0 0x0000000000fe5b9f in interleaveBytes_sse2 (src1=0x7ffff7f89778 "",
src2=0x7ffff7f9e8f8 "", dest=0x7ffff7eb2320 "", width=360, height=240,
src1Stride=360, src2Stride=360, dstStride=736)
at libswscale/x86/rgb2rgb_template.c:1892
#1 0x0000000000fdd6c3 in planarToNv12Wrapper (c=0x1cd8600,
src=0x7fffffffd060,
srcStride=0x7fffffffd040, srcSliceY=<optimized out>, srcSliceH=480,
dstParam=<optimized out>, dstStride=0x7fffffffd050)
at libswscale/swscale_unscaled.c:170
#2 0x0000000000f8b346 in sws_scale (c=<optimized out>,
srcSlice=srcSlice at entry=0x7fffffffd170,
srcStride=srcStride at entry=0x7fffffffd130,
srcSliceY=srcSliceY at entry=0, srcSliceH=480,
dst=dst at entry=0x7fffffffd190,
dstStride=0x7fffffffd140) at libswscale/swscale.c:1268
#3 0x0000000000523848 in scale_slice (field=<optimized out>,
mul=<optimized out>,
h=<optimized out>, sws=<optimized out>, cur_pic=<optimized out>,
out_buf=<optimized out>, link=<optimized out>, y=<optimized out>)
at libavfilter/vf_scale.c:477
#4 filter_frame (link=link at entry=0x1cd7960, in=0x1ce6a20)
at libavfilter/vf_scale.c:579
#5 0x00000000004ad78e in ff_filter_frame_framed
(link=link at entry=0x1cd7960,
frame=0x7ffff7f9e8f8) at libavfilter/avfilter.c:1080
#6 0x00000000004ae59d in ff_filter_frame (link=0x1cd7960,
frame=0x7ffff7f9e8f8)
at libavfilter/avfilter.c:1174
#7 0x00000000004ad78e in ff_filter_frame_framed
(link=link at entry=0x1cd7500,
frame=0x7ffff7f9e8f8) at libavfilter/avfilter.c:1080
#8 0x00000000004ae59d in ff_filter_frame (link=link at entry=0x1cd7500,
frame=0x7ffff7f9e8f8) at libavfilter/avfilter.c:1174
#9 0x00000000004b2472 in request_frame (link=0x1cd7500) at
libavfilter/buffersrc.c:382
#10 0x00000000004b270b in av_buffersrc_add_frame_internal
(ctx=ctx at entry=0x1cd5700,
frame=frame at entry=0x1ce65a0, flags=flags at entry=4) at
libavfilter/buffersrc.c:180
#11 0x00000000004b2a9d in av_buffersrc_add_frame_flags (ctx=0x1cd5700,
frame=frame at entry=0x1ce65a0, flags=flags at entry=4) at
libavfilter/buffersrc.c:105
#12 0x0000000000493ec2 in decode_video (ist=ist at entry=0x1cd3ec0,
pkt=pkt at entry=0x7fffffffdaa0,
got_output=got_output at entry=0x7fffffffd79c)
at ffmpeg.c:2196
#13 0x0000000000496f69 in process_input_packet (no_eof=0,
pkt=0x7fffffffda40,
ist=0x1cd3ec0) at ffmpeg.c:2340
#14 process_input (file_index=30225728) at ffmpeg.c:3960
#15 transcode_step () at ffmpeg.c:4048
#16 transcode () at ffmpeg.c:4102
#17 0x000000000047954b in main (argc=<optimized out>, argv=0x7fffffffdce8)
at ffmpeg.c:4295
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0xfe5b7f to 0xfe5bbf:
0x0000000000fe5b7f <interleaveBytes_sse2+79>: and $0xe8,%al
0x0000000000fe5b81 <interleaveBytes_sse2+81>: movslq %r12d,%rbp
0x0000000000fe5b84 <interleaveBytes_sse2+84>: nopl 0x0(%rax)
0x0000000000fe5b88 <interleaveBytes_sse2+88>: cmp $0xf,%ecx
0x0000000000fe5b8b <interleaveBytes_sse2+91>: jle 0xfe5bca
<interleaveBytes_sse2+154>
0x0000000000fe5b8d <interleaveBytes_sse2+93>: mov
-0x8(%rsp),%r9
0x0000000000fe5b92 <interleaveBytes_sse2+98>: xor %rax,%rax
0x0000000000fe5b95 <interleaveBytes_sse2+101>: prefetchnta
0x40(%rdi,%rax,1)
0x0000000000fe5b9a <interleaveBytes_sse2+106>: prefetchnta
0x40(%rsi,%rax,1)
=> 0x0000000000fe5b9f <interleaveBytes_sse2+111>: movdqa
(%rdi,%rax,1),%xmm0
0x0000000000fe5ba4 <interleaveBytes_sse2+116>: movdqa
(%rdi,%rax,1),%xmm1
0x0000000000fe5ba9 <interleaveBytes_sse2+121>: movdqa
(%rsi,%rax,1),%xmm2
0x0000000000fe5bae <interleaveBytes_sse2+126>: punpcklbw
%xmm2,%xmm0
0x0000000000fe5bb2 <interleaveBytes_sse2+130>: punpckhbw
%xmm2,%xmm1
0x0000000000fe5bb6 <interleaveBytes_sse2+134>: movntdq
%xmm0,(%rdx,%rax,2)
0x0000000000fe5bbb <interleaveBytes_sse2+139>: movntdq
%xmm1,0x10(%rdx,%rax,2)
End of assembler dump.
(gdb) info register
rax 0x0 0
rbx 0x1 1
rcx 0x168 360
rdx 0x7ffff7eb2320 140737352770336
rsi 0x7ffff7f9e8f8 140737353738488
rdi 0x7ffff7f89778 140737353652088
rbp 0x160 0x160
rsp 0x7fffffffcf38 0x7fffffffcf38
r8 0xf0 240
r9 0x159 345
r10 0x7ffff7f9e8f0 140737353738480
r11 0x8 8
r12 0x160 352
r13 0x2e0 736
r14 0x2c0 704
r15 0x7ffff7f89770 140737353652080
rip 0xfe5b9f 0xfe5b9f <interleaveBytes_sse2+111>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
}}}
{{{
$ valgrind ./ffmpeg_g -s 720x480 -f rawvideo -i /dev/zero -pix_fmt nv12 -f
null -
==12023== Memcheck, a memory error detector
==12023== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==12023== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
info
==12023== Command: ./ffmpeg_g -s 720x480 -f rawvideo -i /dev/zero -pix_fmt
nv12 -f null -
==12023==
ffmpeg version N-76707-g3a4d828 Copyright (c) 2000-2015 the FFmpeg
developers
built with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl
libavutil 55. 6.100 / 55. 6.100
libavcodec 57. 15.100 / 57. 15.100
libavformat 57. 15.100 / 57. 15.100
libavdevice 57. 0.100 / 57. 0.100
libavfilter 6. 15.100 / 6. 15.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
Input #0, rawvideo, from '/dev/zero':
Duration: N/A, start: 0.000000, bitrate: 103680 kb/s
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 720x480,
103680 kb/s, 25 tbr, 25 tbn, 25 tbc
==12023== Invalid read of size 8
==12023== at 0x777A59F: __GI___strncasecmp_l (in /lib64/libc-2.15.so)
==12023== by 0x772E8A5: ____strtod_l_internal (in /lib64/libc-2.15.so)
==12023== by 0xFF68BE: av_strtod (eval.c:100)
==12023== by 0xFF7104: parse_primary (eval.c:333)
==12023== by 0xFF7BB0: parse_factor (eval.c:493)
==12023== by 0xFF7DAB: parse_term (eval.c:542)
==12023== by 0xFF6E4E: parse_expr (eval.c:566)
==12023== by 0xFF7FB2: av_expr_parse (eval.c:684)
==12023== by 0xFF8173: av_expr_parse_and_eval (eval.c:725)
==12023== by 0x5228AE: config_props (vf_scale.c:268)
==12023== by 0x4AC9F0: avfilter_config_links (avfilter.c:262)
==12023== by 0x4AC9D3: avfilter_config_links (avfilter.c:251)
==12023== Address 0xb829f80 is 0 bytes inside a block of size 3 alloc'd
==12023== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==12023== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==12023== by 0x10006B9: av_malloc (mem.c:97)
==12023== by 0xFF7EF1: av_expr_parse (eval.c:661)
==12023== by 0xFF8173: av_expr_parse_and_eval (eval.c:725)
==12023== by 0x5228AE: config_props (vf_scale.c:268)
==12023== by 0x4AC9F0: avfilter_config_links (avfilter.c:262)
==12023== by 0x4AC9D3: avfilter_config_links (avfilter.c:251)
==12023== by 0x4B10CE: avfilter_graph_config (avfiltergraph.c:263)
==12023== by 0x48A784: configure_filtergraph (ffmpeg_filter.c:1042)
==12023== by 0x48FD30: transcode_init (ffmpeg.c:3035)
==12023== by 0x495975: transcode (ffmpeg.c:4073)
==12023==
==12023== Invalid read of size 8
==12023== at 0x777A5A7: __GI___strncasecmp_l (in /lib64/libc-2.15.so)
==12023== by 0x772E8A5: ____strtod_l_internal (in /lib64/libc-2.15.so)
==12023== by 0xFF68BE: av_strtod (eval.c:100)
==12023== by 0xFF7104: parse_primary (eval.c:333)
==12023== by 0xFF7BB0: parse_factor (eval.c:493)
==12023== by 0xFF7DAB: parse_term (eval.c:542)
==12023== by 0xFF6E4E: parse_expr (eval.c:566)
==12023== by 0xFF7FB2: av_expr_parse (eval.c:684)
==12023== by 0xFF8173: av_expr_parse_and_eval (eval.c:725)
==12023== by 0x5228AE: config_props (vf_scale.c:268)
==12023== by 0x4AC9F0: avfilter_config_links (avfilter.c:262)
==12023== by 0x4AC9D3: avfilter_config_links (avfilter.c:251)
==12023== Address 0xb829f88 is 5 bytes after a block of size 3 alloc'd
==12023== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==12023== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==12023== by 0x10006B9: av_malloc (mem.c:97)
==12023== by 0xFF7EF1: av_expr_parse (eval.c:661)
==12023== by 0xFF8173: av_expr_parse_and_eval (eval.c:725)
==12023== by 0x5228AE: config_props (vf_scale.c:268)
==12023== by 0x4AC9F0: avfilter_config_links (avfilter.c:262)
==12023== by 0x4AC9D3: avfilter_config_links (avfilter.c:251)
==12023== by 0x4B10CE: avfilter_graph_config (avfiltergraph.c:263)
==12023== by 0x48A784: configure_filtergraph (ffmpeg_filter.c:1042)
==12023== by 0x48FD30: transcode_init (ffmpeg.c:3035)
==12023== by 0x495975: transcode (ffmpeg.c:4073)
==12023==
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf57.15.100
Stream #0:0: Video: wrapped_avframe, nv12, 720x480, q=2-31, 200 kb/s,
25 fps, 25 tbn, 25 tbc
Metadata:
encoder : Lavc57.15.100 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (rawvideo (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
==12023==
==12023== Process terminating with default action of signal 11 (SIGSEGV)
==12023== General Protection Fault
==12023== at 0xFE5B9F: interleaveBytes_sse2 (rgb2rgb_template.c:1892)
==12023== by 0xFDD6C2: planarToNv12Wrapper (swscale_unscaled.c:170)
==12023== by 0xF8B345: sws_scale (swscale.c:1268)
==12023== by 0x523847: filter_frame (vf_scale.c:477)
==12023== by 0x4AD78D: ff_filter_frame_framed (avfilter.c:1080)
==12023== by 0x4AE59C: ff_filter_frame (avfilter.c:1174)
==12023== by 0x4AD78D: ff_filter_frame_framed (avfilter.c:1080)
==12023== by 0x4AE59C: ff_filter_frame (avfilter.c:1174)
==12023== by 0x4B2471: request_frame (buffersrc.c:382)
==12023== by 0x4B270A: av_buffersrc_add_frame_internal
(buffersrc.c:180)
==12023== by 0x4B2A9C: av_buffersrc_add_frame_flags (buffersrc.c:105)
==12023== by 0x493EC1: decode_video (ffmpeg.c:2196)
==12023==
==12023== HEAP SUMMARY:
==12023== in use at exit: 1,176,993 bytes in 166 blocks
==12023== total heap usage: 1,741 allocs, 1,575 frees, 1,674,757 bytes
allocated
==12023==
==12023== LEAK SUMMARY:
==12023== definitely lost: 0 bytes in 0 blocks
==12023== indirectly lost: 0 bytes in 0 blocks
==12023== possibly lost: 2,736 bytes in 9 blocks
==12023== still reachable: 1,174,257 bytes in 157 blocks
==12023== suppressed: 0 bytes in 0 blocks
==12023== Rerun with --leak-check=full to see details of leaked memory
==12023==
==12023== For counts of detected and suppressed errors, rerun with: -v
==12023== ERROR SUMMARY: 6 errors from 2 contexts (suppressed: 2 from 2)
Killed
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5013#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list