[FFmpeg-trac] #7835(undetermined:new): crashes using crop with zscale

FFmpeg trac at avcodec.org
Sat Apr 13 14:18:45 EEST 2019


#7835: crashes using crop with zscale
-------------------------------------+-------------------------------------
             Reporter:  nicol        |                    Owner:
                 Type:  defect       |                   Status:  new
             Priority:  normal       |                Component:
                                     |  undetermined
              Version:  git-master   |               Resolution:
             Keywords:               |               Blocked By:
             Blocking:               |  Reproduced by developer:  0
Analyzed by developer:  0            |
-------------------------------------+-------------------------------------

Comment (by nicol):

 Replying to [comment:3 cehoyos]:
 > Is there a reason why you cannot provide the missing information?
 Sorry my misread https://ffmpeg.org/bugreports.html .

 {{{
 L:\>gdb --args ffmpeg
 GNU gdb (GDB) 7.7.50.20140303-cvs
 Copyright (C) 2014 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
 and "show warranty" for details.
 This GDB was configured as "x86_64-w64-mingw32".
 Type "show configuration" for configuration details.
 For bug reporting instructions, please see:
 <http://www.gnu.org/software/gdb/bugs/>.
 Find the GDB manual and other documentation resources online at:
 <http://www.gnu.org/software/gdb/documentation/>.
 For help, type "help".
 Type "apropos word" to search for commands related to "word".

 This binary was built by Equation Solution <http://www.Equation.com>...
 Reading symbols from ffmpeg...Reading symbols from L:\ffmpeg.exe.debug...
 warning: section .gnu_debuglink not found in L:\ffmpeg.exe.debug
 done.
 done.
 (gdb) r -f lavfi -i testsrc2=s=640x360 -vf crop=320:180:16:0,zscale=160:-2
 -vframes 1 -f null -
 Starting program: L:\ffmpeg.exe -f lavfi -i testsrc2=s=640x360 -vf
 crop=320:180:16:0,zscale=160:-2 -vframes 1 -f null -
 [New Thread 5824.0x1bb0]
 ffmpeg version N-93543-gbb5efd1727 Copyright (c) 2000-2019 the FFmpeg
 developers
   built with gcc 8.3.0 (Rev2, Built by MSYS2 project)
   configuration:  --disable-autodetect --enable-debug --enable-libzimg
 --enable-schannel --enable-gpl --disable-stripping
   libavutil      56. 26.100 / 56. 26.100
   libavcodec     58. 48.101 / 58. 48.101
   libavformat    58. 27.100 / 58. 27.100
   libavdevice    58.  7.100 / 58.  7.100
   libavfilter     7. 48.100 /  7. 48.100
   libswscale      5.  4.100 /  5.  4.100
   libswresample   3.  4.100 /  3.  4.100
   libpostproc    55.  4.100 / 55.  4.100
 [New Thread 5824.0xcf8]
 [New Thread 5824.0x1534]
 [New Thread 5824.0x1d48]
 [New Thread 5824.0x16b0]
 Input #0, lavfi, from 'testsrc2=s=640x360':
   Duration: N/A, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 640x360
 [SAR 1:1 DAR 16:9], 25 tbr, 25 tbn, 25 tbc
 Stream mapping:
   Stream #0:0 -> #0:0 (rawvideo (native) -> wrapped_avframe (native))
 Press [q] to stop, [?] for help
 [New Thread 5824.0x63c]
 [New Thread 5824.0x203c]
 [New Thread 5824.0x1984]
 [New Thread 5824.0x1b04]

 Program received signal SIGSEGV, Segmentation fault.
 0x0000000140d64a16 in zimg::depth::left_shift_b2w_sse2(void const*, void*,
 unsigned int, unsigned int, unsigned int) ()
 (gdb) bt
 #0  0x0000000140d64a16 in zimg::depth::left_shift_b2w_sse2(void const*,
 void*, unsigned int, unsigned int, unsigned int) ()
 #1  0x0000000140d0c01f in zimg::graph::(anonymous
 namespace)::ChromaNode::generate_until(zimg::graph::(anonymous
 namespace)::ExecutionState*, unsigned int, bool) const ()
 #2  0x0000000140d0bfe7 in zimg::graph::(anonymous
 namespace)::ChromaNode::generate_until(zimg::graph::(anonymous
 namespace)::ExecutionState*, unsigned int, bool) const ()
 #3  0x0000000140d0bfe7 in zimg::graph::(anonymous
 namespace)::ChromaNode::generate_until(zimg::graph::(anonymous
 namespace)::ExecutionState*, unsigned int, bool) const ()
 #4  0x0000000140d0bfe7 in zimg::graph::(anonymous
 namespace)::ChromaNode::generate_until(zimg::graph::(anonymous
 namespace)::ExecutionState*, unsigned int, bool) const ()
 #5  0x0000000140d95d03 in
 zimg::graph::FilterGraph::impl::process_chroma(zimg::graph::ImageBuffer<void
 const> const*, zimg::graph::ImageBuffer<void> const*, void*) const ()
 #6  0x0000000140d094e1 in zimg_filter_graph_process ()
 #7  0x00000001401682d4 in filter_frame (link=link at entry=0x6cbf40,
 in=<optimized out>) at C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/libavfilter/vf_zscale.c:659
 #8  0x00000001400460de in ff_filter_frame_framed (frame=<optimized out>,
 link=0x6cbf40) at C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/libavfilter/avfilter.c:1071
 #9  ff_filter_frame_to_filter (link=0x6cbf40) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/avfilter.c:1219
 #10 ff_filter_activate_default (filter=<optimized out>) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/avfilter.c:1268
 #11 ff_filter_activate (filter=<optimized out>) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/avfilter.c:1430
 #12 0x000000014004976c in ff_filter_graph_run_once
 (graph=graph at entry=0x1fe24c0) at C:/MinGW/media-autobuild_suite-
 master/build/ffmpeg-git/libavfilter/avfiltergraph.c:1454
 #13 0x000000014004a63c in push_frame (graph=0x1fe24c0) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/buffersrc.c:187
 #14 av_buffersrc_add_frame_internal (ctx=ctx at entry=0x6cc100,
 frame=frame at entry=0x20958c0, flags=flags at entry=4) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/buffersrc.c:261
 #15 0x000000014004ad10 in av_buffersrc_add_frame_flags (ctx=0x6cc100,
 frame=frame at entry=0x20958c0, flags=flags at entry=4) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/libavfilter/buffersrc.c:170
 #16 0x000000014001e9d4 in ifilter_send_frame (frame=0x20958c0,
 ifilter=0x2094c80) at C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/fftools/ffmpeg.c:2196
 #17 send_frame_to_filters (ist=ist at entry=0x1fe2dc0,
 decoded_frame=decoded_frame at entry=0x20958c0) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/fftools/ffmpeg.c:2270
 #18 0x000000014001f44a in decode_video (decode_failed=<optimized out>,
 eof=<optimized out>, duration_pts=<optimized out>, got_output=<optimized
 out>, pkt=<optimized out>, ist=<optimized out>) at C:/MinGW/media-
 autobuild_suite-master/build/ffmpeg-git/fftools/ffmpeg.c:2469
 #19 process_input_packet (ist=<optimized out>, ist at entry=0x1fe2dc0,
 pkt=<optimized out>, pkt at entry=0x22f8e0, no_eof=no_eof at entry=0) at
 C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/fftools/ffmpeg.c:2623
 #20 0x00000001400225d5 in process_input (file_index=<optimized out>) at
 C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/fftools/ffmpeg.c:4516
 #21 transcode_step () at C:/MinGW/media-autobuild_suite-master/build
 /ffmpeg-git/fftools/ffmpeg.c:4636
 #22 transcode () at C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/fftools/ffmpeg.c:4690
 #23 0x0000000140da09be in main (argc=<optimized out>, argv=0x6c27e0) at
 C:/MinGW/media-autobuild_suite-master/build/ffmpeg-
 git/fftools/ffmpeg.c:4892
 (gdb) disass $pc-32,$pc+32
 Dump of assembler code from 0x140d649f6 to 0x140d64a36:
    0x0000000140d649f6 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+150>:
 fucomip %st(1),%st
    0x0000000140d649f8 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+152>:
 por    %xmm5,%xmm0
    0x0000000140d649fc <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+156>:
 movaps %xmm0,(%r8)
    0x0000000140d64a00 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+160>:
 movaps %xmm3,(%rsi)
    0x0000000140d64a03 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+163>:
 pxor   %xmm3,%xmm3
    0x0000000140d64a07 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+167>:
 cmp    %eax,%r10d
    0x0000000140d64a0a <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+170>:
 jbe    0x140d64a40 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+224>
    0x0000000140d64a0c <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+172>:
 nopl   0x0(%rax)
    0x0000000140d64a10 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+176>:
 mov    %eax,%r8d
    0x0000000140d64a13 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+179>:
 add    $0x10,%eax
 => 0x0000000140d64a16 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+182>:
 movdqa (%rcx,%r8,1),%xmm0
    0x0000000140d64a1c <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+188>:
 movdqa %xmm0,%xmm1
    0x0000000140d64a20 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+192>:
 punpckhbw %xmm3,%xmm0
    0x0000000140d64a24 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+196>:
 punpcklbw %xmm3,%xmm1
    0x0000000140d64a28 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+200>:
 psllw  %xmm2,%xmm0
    0x0000000140d64a2c <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+204>:
 psllw  %xmm2,%xmm1
    0x0000000140d64a30 <_ZN4zimg5depth19left_shift_b2w_sse2EPKvPvjjj+208>:
 movaps %xmm0,0x10(%rdx,%r8,2)
 End of assembler dump.
 (gdb) info all-registers
 rax            0x10     16
 rbx            0x0      0
 rcx            0x20766c8        34039496
 rdx            0x20ac780        34260864
 rsi            0x8      8
 rdi            0x20ad280        34263680
 rbp            0x4      0x4
 rsp            0x22e370 0x22e370
 r8             0x0      0
 r9             0x0      0
 r10            0xa0     160
 r11            0xa0     160
 r12            0x20ad280        34263680
 r13            0x20ac318        34259736
 r14            0x22e7b0 2287536
 r15            0x140d96270      5382955632
 rip            0x140d64a16      0x140d64a16
 <zimg::depth::left_shift_b2w_sse2(void const*, void*, unsigned int,
 unsigned int, unsigned int)+182>
 eflags         0x10202  [ IF RF ]
 cs             0x33     51
 ss             0x2b     43
 ds             0x0      0
 es             0x0      0
 fs             0x0      0
 gs             0x0      0
 st0            0        (raw 0x00000000000000000000)
 st1            0        (raw 0x00000000000000000000)
 st2            0        (raw 0x00000000000000000000)
 st3            0        (raw 0x00000000000000000000)
 st4            0        (raw 0x00000000000000000000)
 st5            0        (raw 0x00000000000000000000)
 st6            0        (raw 0x00000000000000000000)
 st7            12365.283018867925       (raw 0x400cc13521cfb2b79000)
 ---Type <return> to continue, or q <return> to quit---
 fctrl          0x20037f 2098047
 fstat          0x20     32
 ftag           0x0      0
 fiseg          0x33     51
 fioff          0x40d7a45e       1087874142
 foseg          0x2b     43
 fooff          0x22e64c 2287180
 fop            0x0      0
 xmm0           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0, 0xf8, 0xa, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xf800, 0x20a, 0x0, 0x0, 0xc0, 0x0, 0x0,
 0x0}, v4_int32 = {0x20af800, 0x0, 0xc0, 0x0}, v2_int64 = {0x20af800,
 0xc0}, uint128 = 0x00000000000000c000000000020af800}
 xmm1           {v4_float = {0x0, 0x6, 0x0, 0x0}, v2_double = {0x4f80,
 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, 0xd3, 0x40, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0xe000, 0x40d3, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x40d3e000, 0x0, 0x0}, v2_int64 =
 {0x40d3e00000000000, 0x0}, uint128 = 0x000000000000000040d3e00000000000}
 xmm2           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0},
 v4_int32 = {0x8, 0x0, 0x8, 0x0}, v2_int64 = {0x8, 0x8}, uint128 =
 0x00000000000000080000000000000008}
 xmm3           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm4           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x8, 0x0 <repeats 15 times>}, v8_int16 = {0x8, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x8, 0x0, 0x0, 0x0}, v2_int64 = {0x8,
 0x0}, uint128 = 0x00000000000000000000000000000008}
 xmm5           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm6           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0, 0x0, 0x0, 0x80, 0x0 <repeats 12 times>}, v8_int16 = {0x0,
 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x80000000, 0x0, 0x0,
 0x0}, v2_int64 = {0x80000000, 0x0}, uint128 =
 0x00000000000000000000000080000000}
 xmm7           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm8           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0, 0x0, 0x0, 0x80, 0x0 <repeats 12 times>}, v8_int16 = {0x0,
 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x80000000, 0x0, 0x0,
 0x0}, v2_int64 = {0x80000000, 0x0}, uint128 =
 0x00000000000000000000000080000000}
 xmm9           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm10          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm11          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm12          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm13          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm14          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 xmm15          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
 v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
 uint128 = 0x00000000000000000000000000000000}
 mxcsr          0x1fa9   [ IE OE PE IM DM ZM OM UM PM ]
 (gdb)}}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/7835#comment:4>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list