[FFmpeg-trac] #4960(swscale:new): sws_init_context crashes for destination width of 4 or 2 when doing any operation with FAST_BILINEAR
FFmpeg
trac at avcodec.org
Fri Oct 23 20:08:01 CEST 2015
#4960: sws_init_context crashes for destination width of 4 or 2 when doing any
operation with FAST_BILINEAR
-------------------------------------+-------------------------------------
Reporter: | Type: defect
danilogasques | Priority: normal
Status: new | Version: git-
Component: swscale | master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Summary: I'm trying to scale an RGB32 image down from 8x8 to 4x4 using
SWS_FAST_BILINEAR and sws_init_context crashes with an arithmetic
exception.
I'm using lastest source code from git (10/23/2015 16:49AM GMT) on Linux
x64, gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3
Build options:
./configure --enabled-shared --enable-debug=3 --disable-stripping
mytest.cpp
{{{
#include <stdio.h>
#include "libavutil/avutil.h"
#include "libavutil/log.h"
#include "libavutil/pixfmt.h"
#include "libswscale/swscale.h"
#include "libavcodec/avcodec.h"
#include <math.h>
int main(int argc, char *argv[])
{
AVPicture input;
avpicture_alloc(&input, AV_PIX_FMT_RGB32, 8, 8);
uint32_t* pixels = (uint32_t*)input.data[0];
// create a bitmap
int i = 0;
for (i=0; i < 8*8; ++i)
{
*pixels = 0xFF0000FF;
++pixels;
}
AVPicture output;
avpicture_alloc(&output, AV_PIX_FMT_RGB32, 4, 4);
struct SwsContext *ctx = sws_getContext(8,8, AV_PIX_FMT_RGB32,
4,4, AV_PIX_FMT_RGB32,
SWS_FAST_BILINEAR, NULL, NULL,
NULL);
if (ctx != NULL)
{
sws_scale(ctx, (const uint8_t * const*) &input.data[0],
&input.linesize[0], 0, 4, &output.data[0], &output.linesize[0]);
sws_freeContext(ctx);
}
avpicture_free(&output);
avpicture_free(&input);
return 0;
}
}}}
Running it gives:
{{{
Floating point exception (core dumped)
}}}
Inspecting the core file with gdb:
{{{
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /home/danilo/.tmp/23-10-2015/ffmpeg/mytest...(no
debugging symbols found)...done.
[New LWP 13273]
warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
warning: no loadable sections found in added symbol-file system-supplied
DSO at 0x7fff001ed000
Core was generated by `./mytest'.
Program terminated with signal 8, Arithmetic exception.
#0 0x00007f3beae229e8 in sws_init_context (c=0x1b2b220,
srcFilter=0x7ffcc31f9300, dstFilter=0x7ffcc31f9300) at
libswscale/utils.c:1391
1391 c->chrXInc = ((int64_t)(c->chrSrcW - 2) << 16) /
(c->chrDstW - 2) - 20;
(gdb) p c->chrDstW
$1 = 2
(gdb) p c->dstW
$2 = 4
(gdb) p c->srcW
$3 = 8
(gdb) bt full
#0 0x00007f3beae229e8 in sws_init_context (c=0x1b2b220,
srcFilter=0x7ffcc31f9300, dstFilter=0x7ffcc31f9300) at
libswscale/utils.c:1391
i = <optimized out>
j = <optimized out>
usesVFilter = 0
usesHFilter = 0
unscaled = 0
dummyFilter = {lumH = 0x0, lumV = 0x0, chrH = 0x0, chrV = 0x0}
srcW = 8
srcH = 8
dstW = 4
dstH = 4
dst_stride = <optimized out>
flags = 1
cpu_flags = 21467
srcFormat = AV_PIX_FMT_BGRA
dstFormat = AV_PIX_FMT_BGRA
desc_src = 0x7f3b00000002
desc_dst = 0x7f3bea81f9e0
ret = 0
tmpFmt = <optimized out>
#1 0x00007f3beae7205e in sws_getContext (srcW=<optimized out>,
srcH=<optimized out>, srcFormat=<optimized out>, dstW=<optimized out>,
dstH=<optimized out>, dstFormat=<optimized out>, flags=1,
srcFilter=0x0, dstFilter=0x0, param=0x0) at libswscale/utils.c:1867
c = 0x1b2b220
#2 0x0000000000400870 in main ()
}}}
The problem seems to be related to destination size other than anything
else. I could also reproduce it with an input width equals to the
destination width. Moreover, sws_init_context also divides by zero if the
destination width equals to 2.
{{{
libswscale/utils.c:1390
1390 c->lumXInc = ((int64_t)(srcW - 2) << 16) / (dstW
- 2) - 20;
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/4960>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list