[FFmpeg-user] segfault in "xv" output format
Moritz Barsnick
barsnick at gmx.net
Thu Dec 26 18:53:35 CET 2013
Hi,
I recently discovered support for the "xv" output format, which
displays to an XVideo enabled X11 device. But running within a VNC
session, I haven't had much success. ffmpeg segfaults shortly after
opening the X11 window. For all I know, this VNC server supports
XVideo. (And even if not, no segfault should occur.)
The full report is below, with gdb analysis. ffmpeg is built from a
fresh snapshot.
Thanks,
Moritz
mbarsnic at hostname:/tmp/Bui/ffmpeg/ffmpeg-2013-12-25 > gdb --args ./ffmpeg_g -y -f lavfi -i color=c=orange:s=320x240:r=25 -frames:v 250 -f xv arbitraryfilename
GNU gdb (GDB) 7.5.1
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /tmp/Bui/ffmpeg/ffmpeg-2013-12-25/ffmpeg_g...done.
(gdb) r
Starting program: /tmp/Bui/ffmpeg/ffmpeg-2013-12-25/ffmpeg_g -y -f lavfi -i color=c=orange:s=320x240:r=25 -frames:v 250 -f xv arbitraryfilename
Failed to read a valid object file image from memory.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version 2.1.git Copyright (c) 2000-2013 the FFmpeg developers
built on Dec 26 2013 18:21:20 with gcc 4.8.0 (GCC)
configuration: --prefix=/home/mbarsnic/sys/linux_x86-64 --cc=gcc-4.8 --extra-cflags='-I/home/mbarsnic/sys/linux_x86-64/include -I/usr/corp/pkgs/X11/R7.6/include -I/tmp/Bui/ffmpeg/x264-tmp-install/include' --extra-ldflags='-L/home/mbarsnic/sys/linux_x86-64/lib -Wl,-rpath,/home/mbarsnic/sys/linux_x86-64/lib -L/usr/corp/pkgs/X11/R7.6/lib -Wl,-rpath,/usr/corp/pkgs/X11/R7.6/lib -Wl,-rpath,/usr/corp/pkgs/openssl/1.0.1c/lib64 -L/tmp/Bui/ffmpeg/x264-tmp-install/lib -ldl' --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libmp3lame --enable-libx264 --enable-fontconfig --enable-libopenjpeg --enable-librtmp --enable-openssl --enable-nonfree --enable-gpl --enable-version3 --enable-postproc --enable-x11grab --enable-ffprobe --enable-ffplay --enable-pthreads --enable-static --disable-shared --disable-yasm --cc=gcc-4.8 --cxx=g++-4.8
libavutil 52. 59.100 / 52. 59.100
libavcodec 55. 46.100 / 55. 46.100
libavformat 55. 22.100 / 55. 22.100
libavdevice 55. 5.102 / 55. 5.102
libavfilter 4. 0.102 / 4. 0.102
libswscale 2. 5.101 / 2. 5.101
libswresample 0. 17.104 / 0. 17.104
libpostproc 52. 3.100 / 52. 3.100
[New Thread 0x40200940 (LWP 19881)]
[New Thread 0x40401940 (LWP 19882)]
[New Thread 0x40602940 (LWP 19883)]
[New Thread 0x40803940 (LWP 19884)]
[New Thread 0x40a04940 (LWP 19885)]
[New Thread 0x40c05940 (LWP 19886)]
[New Thread 0x40e06940 (LWP 19887)]
[New Thread 0x41007940 (LWP 19888)]
[New Thread 0x41208940 (LWP 19889)]
[New Thread 0x41409940 (LWP 19890)]
[New Thread 0x4160a940 (LWP 19891)]
[New Thread 0x4180b940 (LWP 19892)]
[New Thread 0x41a0c940 (LWP 19893)]
Input #0, lavfi, from 'color=c=orange:s=320x240:r=25':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
[New Thread 0x41c0d940 (LWP 19894)]
[New Thread 0x41e0e940 (LWP 19895)]
[New Thread 0x4200f940 (LWP 19896)]
[New Thread 0x42210940 (LWP 19897)]
[New Thread 0x42411940 (LWP 19898)]
[New Thread 0x42612940 (LWP 19899)]
[New Thread 0x42813940 (LWP 19900)]
[New Thread 0x42a14940 (LWP 19901)]
[New Thread 0x42c15940 (LWP 19902)]
[New Thread 0x42e16940 (LWP 19903)]
[New Thread 0x43017940 (LWP 19904)]
[New Thread 0x43218940 (LWP 19905)]
[New Thread 0x43419940 (LWP 19906)]
Program received signal SIGSEGV, Segmentation fault.
0x000000000047ce0d in xv_write_header (s=0x17bf060) at libavdevice/xv.c:152
152 xv->xv_port = ai[0].base_id;
(gdb) bt
#0 0x000000000047ce0d in xv_write_header (s=0x17bf060) at libavdevice/xv.c:152
#1 0x0000000000562d57 in avformat_write_header (s=s at entry=0x17bf060, options=0x17bf008) at libavformat/mux.c:397
#2 0x00000000004776e6 in transcode_init () at ffmpeg.c:2641
#3 0x000000000045d29f in transcode () at ffmpeg.c:3335
#4 main (argc=11, argv=0x7fffffffd998) at ffmpeg.c:3544
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x47cded to 0x47ce2d:
0x000000000047cded <xv_write_header+493>: mov $0xfe,%cl
0x000000000047cdef <xv_write_header+495>: (bad)
0x000000000047cdf0 <xv_write_header+496>: decl (%rdi)
0x000000000047cdf2 <xv_write_header+498>: (bad)
0x000000000047cdf3 <xv_write_header+499>: addb $0x0,(%rax)
0x000000000047cdf6 <xv_write_header+502>: add %al,(%rax)
0x000000000047cdf8 <xv_write_header+504>: mov %r8d,0x20(%rbp)
0x000000000047cdfc <xv_write_header+508>: mov %r9d,0x24(%rbp)
0x000000000047ce00 <xv_write_header+512>: jmpq 0x47ccfd <xv_write_header+253>
0x000000000047ce05 <xv_write_header+517>: nopl (%rax)
0x000000000047ce08 <xv_write_header+520>: mov 0x28(%rsp),%rdi
=> 0x000000000047ce0d <xv_write_header+525>: mov (%rdi),%rax
0x000000000047ce10 <xv_write_header+528>: mov %eax,0x78(%rbp)
0x000000000047ce13 <xv_write_header+531>: callq 0x4077a0 <XvFreeAdaptorInfo at plt>
0x000000000047ce18 <xv_write_header+536>: movslq 0x78(%rbp),%rsi
0x000000000047ce1c <xv_write_header+540>: mov 0x30(%rbp),%rdi
0x000000000047ce20 <xv_write_header+544>: lea 0x24(%rsp),%rdx
0x000000000047ce25 <xv_write_header+549>: callq 0x406d30 <XvListImageFormats at plt>
0x000000000047ce2a <xv_write_header+554>: test %rax,%rax
End of assembler dump.
(gdb) info all-registers
rax 0x0 0
rbx 0x30323449 808596553
rcx 0x176c660 24561248
rdx 0x0 0
rsi 0x2aaaad060de0 46912535662048
rdi 0x0 0
rbp 0x17bede0 0x17bede0
rsp 0x7fffffff8ed0 0x7fffffff8ed0
r8 0x0 0
r9 0x0 0
r10 0x0 0
r11 0x2aaaacfc0e50 46912535006800
r12 0x140 320
r13 0x17bf060 24899680
r14 0x17bf840 24901696
r15 0x0 0
rip 0x47ce0d 0x47ce0d <xv_write_header+525>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0 (raw 0x00000000000000000000)
st7 0 (raw 0x00000000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
---Type <return> to continue, or q <return> to quit---
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm2 {v4_float = {0x0, 0x1b, 0x0, 0x0}, v2_double = {0x7fffffff, 0x0}, v16_int8 = {0x0, 0x0, 0xc0, 0xff, 0xff, 0xff, 0xdf,
0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0xffc0, 0xffff, 0x41df, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0xffc00000, 0x41dfffff, 0x0, 0x0}, v2_int64 = {0x41dfffffffc00000, 0x0}, uint128 = 0x000000000000000041dfffffffc00000}
xmm3 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x3ff00000, 0x0,
0x0}, v2_int64 = {0x3ff0000000000000, 0x0}, uint128 = 0x00000000000000003ff0000000000000}
xmm4 {v4_float = {0x0, 0xffffffff, 0x0, 0x0}, v2_double = {0xffffffffffffffff, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0xf0, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0xbff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0xbff00000, 0x0, 0x0}, v2_int64 = {0xbff0000000000000, 0x0}, uint128 = 0x0000000000000000bff0000000000000}
xmm5 {v4_float = {0x0, 0xffffffff, 0x0, 0x0}, v2_double = {0xffffffffffffffff, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0xf0, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0xbff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0xbff00000, 0x0, 0x0}, v2_int64 = {0xbff0000000000000, 0x0}, uint128 = 0x0000000000000000bff0000000000000}
xmm6 {v4_float = {0x0, 0xffffffff, 0x0, 0x0}, v2_double = {0xffffffffffffffff, 0x0}, v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0xf0, 0xbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0xbff0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0,
0xbff00000, 0x0, 0x0}, v2_int64 = {0xbff0000000000000, 0x0}, uint128 = 0x0000000000000000bff0000000000000}
xmm7 {v4_float = {0x2b020000, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xfc, 0xa9, 0xf1, 0xd2, 0x4d, 0x62, 0x50,
0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xa9fc, 0xd2f1, 0x624d, 0x3f50, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {
0xd2f1a9fc, 0x3f50624d, 0x0, 0x0}, v2_int64 = {0x3f50624dd2f1a9fc, 0x0}, uint128 = 0x00000000000000003f50624dd2f1a9fc}
xmm8 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm9 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm10 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm11 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm15 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
---Type <return> to continue, or q <return> to quit---
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
(gdb) bt
#0 0x000000000047ce0d in xv_write_header (s=0x17bf060) at libavdevice/xv.c:152
#1 0x0000000000562d57 in avformat_write_header (s=s at entry=0x17bf060, options=0x17bf008) at libavformat/mux.c:397
#2 0x00000000004776e6 in transcode_init () at ffmpeg.c:2641
#3 0x000000000045d29f in transcode () at ffmpeg.c:3335
#4 main (argc=11, argv=0x7fffffffd998) at ffmpeg.c:3544
(gdb) p *s
$1 = {av_class = 0xc22700 <av_format_context_class>, iformat = 0x0, oformat = 0x10afd00 <ff_xv_muxer>, priv_data = 0x17bede0,
pb = 0x0, ctx_flags = 0, nb_streams = 1, streams = 0x1783960, filename = "arbitraryfilename", '\000' <repeats 1006 times>,
start_time = 0, duration = 0, bit_rate = 0, packet_size = 0, max_delay = 700000, flags = 512, probesize = 5000000,
max_analyze_duration = 5000000, key = 0x0, keylen = 0, nb_programs = 0, programs = 0x0, video_codec_id = AV_CODEC_ID_NONE,
audio_codec_id = AV_CODEC_ID_NONE, subtitle_codec_id = AV_CODEC_ID_NONE, max_index_size = 1048576, max_picture_buffer = 3041280,
nb_chapters = 0, chapters = 0x0, metadata = 0x176ca40, start_time_realtime = 0, fps_probe_size = -1, error_recognition = 1,
interrupt_callback = {callback = 0x46fa60 <decode_interrupt_cb>, opaque = 0x0}, debug = 0, ts_id = 0, audio_preload = 0,
max_chunk_duration = 0, max_chunk_size = 0, use_wallclock_as_timestamps = 0, avoid_negative_ts = -1, avio_flags = 0,
duration_estimation_method = AVFMT_DURATION_FROM_PTS, skip_initial_bytes = 0, correct_ts_overflow = 1, seek2any = 0,
flush_packets = 1, probe_score = 0, packet_buffer = 0x0, packet_buffer_end = 0x0, data_offset = 0, raw_packet_buffer = 0x0,
raw_packet_buffer_end = 0x0, parse_queue = 0x0, parse_queue_end = 0x0, raw_packet_buffer_remaining_size = 0, offset = 0,
offset_timebase = {num = 0, den = 0}, io_repositioned = 0, video_codec = 0x0, audio_codec = 0x0, subtitle_codec = 0x0}
(gdb) up 1
#1 0x0000000000562d57 in avformat_write_header (s=s at entry=0x17bf060, options=0x17bf008) at libavformat/mux.c:397
397 ret = s->oformat->write_header(s);
(gdb) p *options
$2 = (AVDictionary *) 0x0
(gdb) quit
A debugging session is active.
Inferior 1 [process 19873] will be killed.
Quit anyway? (y or n) y
mbarsnic at hostname:/tmp/Bui/ffmpeg/ffmpeg-2013-12-25 > xvinfo
X-Video Extension version 2.2
screen #0
no adaptors present
mbarsnic at hostname:/tmp/Bui/ffmpeg/ffmpeg-2013-12-25 >
xdpyinfo |grep -Fi xv
XVideo
mbarsnic at hostname:/tmp/Bui/ffmpeg/ffmpeg-2013-12-25 > exit
Script done on Thu Dec 26 18:24:52 2013
More information about the ffmpeg-user
mailing list