Opened 12 years ago

Closed 12 years ago

#1067 closed defect (needs_more_info)

VPX encoding fails on intialization with av_log_set_level( AV_LOG_DEBUG );

Reported by: Pavel Gurevich Owned by:
Priority: normal Component: undetermined
Version: 0.10 Keywords: crash libvpx
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

With FFMPEG 0.10/MinGW32 the following code crashes in the last if:

av_log_set_level( AV_LOG_DEBUG );

/* register all the codecs */
av_register_all( );

codec = avcodec_find_encoder( CODEC_ID_VP8 );
if ( !codec ) {

fprintf( stderr, "codec not found\n" );
exit( 1 );

}

c = avcodec_alloc_context3( codec );

/* put sample parameters */
c->bit_rate = 400000;
/* resolution must be a multiple of two */
c->width = 352;
c->height = 288;

/* open it */
if ( avcodec_open2( c, codec, NULL ) < 0 ) {

fprintf( stderr, "could not open codec\n" );
exit( 1 );

}

Change History (4)

comment:1 by Carl Eugen Hoyos, 12 years ago

Keywords: libvpx added; AV_LOG_DEBUG CODEC_ID_VP8 removed

Does only 0.10 crash or also current git head?

Could you provide a backtrace?

comment:2 by Pavel Gurevich, 12 years ago

It looks like a memory corruption rather than plain crash (see the backtrace)

Starting program: C:\workspace\ffmpeg-open-encoder\debug\ffmpeg-open-encode

[New Thread 4588.0x2758]
[New Thread 4588.0x1b34]

Program received signal SIGSEGV, Segmentation fault.
0x77c42a16 in wscanf () from C:\WINDOWS\system32\msvcrt.dll
(gdb) bt
#0 0x77c42a16 in wscanf () from C:\WINDOWS\system32\msvcrt.dll
#1 0x0022f8ea in ?? ()
#2 0x77c3ffb9 in vsnprintf () from C:\WINDOWS\system32\msvcrt.dll
#3 0x68b88b14 in avutil-51!av_evaluate_lls ()

from C:\libs\ffmpeg\bin\avutil-51.dll

#4 0x000003ec in ?? ()
#5 0x6aada600 in ff_dct_init_mmx () from C:\libs\ffmpeg\bin\avcodec-54.dll
#6 0x02f456a0 in ?? ()
#7 0x6c007870 in ?? ()
#8 0x70766269 in ?? ()
#9 0x50562078 in ?? ()
#10 0x50560038 in ?? ()
#11 0x555f4538 in ?? ()
#12 0x455f4450 in ?? ()
#13 0x4f52544e in ?? ()
#14 0x56005950 in ?? ()
#15 0x5f453850 in ?? ()
#16 0x5f445055 in ?? ()
#17 0x45464552 in ?? ()
#18 0x434e4552 in ?? ()
#19 0x50560045 in ?? ()
#20 0x555f4538 in ?? ()
#21 0x525f4553 in ?? ()
#22 0x52454645 in ?? ()
#23 0x45434e45 in ?? ()
#24 0x38505600 in ?? ()
#25 0x45535f45 in ?? ()
#26 0x4f525f54 in ?? ()
#27 0x414d5f49 in ?? ()
#28 0x50560050 in ?? ()
#29 0x535f4538 in ?? ()
#30 0x415f5445 in ?? ()
#31 0x56495443 in ?? ()
#32 0x50414d45 in ?? ()
#33 0x38505600 in ?? ()
#34 0x45535f45 in ?? ()
#35 0x43535f54 in ?? ()
#36 0x4d454c41 in ?? ()
#37 0x0045444f in ?? ()
Cannot access memory at address 0x76626970
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x77c429f6 to 0x77c42a36:

0x77c429f6 <wscanf+1840>: call *%ecx
0x77c429f8 <wscanf+1842>: clc
0x77c429f9 <wscanf+1843>: jmp 0x77c42be6 <wscanf+2336>
0x77c429fe <wscanf+1848>: test %eax,%eax
0x77c42a00 <wscanf+1850>: jne 0x77c42a0d <wscanf+1863>
0x77c42a02 <wscanf+1852>: mov 0x77c5ff08,%eax
0x77c42a07 <wscanf+1857>: mov %eax,-0x21c(%ebp)
0x77c42a0d <wscanf+1863>: mov -0x21c(%ebp),%eax
0x77c42a13 <wscanf+1869>: jmp 0x77c42a1c <wscanf+1878>
0x77c42a15 <wscanf+1871>: dec %ecx

=> 0x77c42a16 <wscanf+1872>: cmpb $0x0,(%eax)

0x77c42a19 <wscanf+1875>: je 0x77c42a20 <wscanf+1882>
0x77c42a1b <wscanf+1877>: inc %eax
0x77c42a1c <wscanf+1878>: test %ecx,%ecx
0x77c42a1e <wscanf+1880>: jne 0x77c42a15 <wscanf+1871>
0x77c42a20 <wscanf+1882>: sub -0x21c(%ebp),%eax
0x77c42a26 <wscanf+1888>: jmp 0x77c42be6 <wscanf+2336>
0x77c42a2b <wscanf+1893>: movl $0x8,-0x218(%ebp)
0x77c42a35 <wscanf+1903>: mov %ecx,-0x248(%ebp)

End of assembler dump.
(gdb) info all-registers
eax 0xffffffe2 -30
ecx 0x7ffffffe 2147483646
edx 0x22f9ee 2292206
ebx 0x73 115
esp 0x22f600 0x22f600
ebp 0x22f86c 0x22f86c
esi 0x22f648 2291272
edi 0x6aada650 1789765200
eip 0x77c42a16 0x77c42a16 <wscanf+1872>
eflags 0x10202 [ IF RF ]
cs 0x1b 27
ss 0x23 35
ds 0x23 35
es 0x23 35
fs 0x3b 59
gs 0x0 0
st0 <invalid float value> (raw 0xe830008970887c9100b8)
st1 <invalid float value> (raw 0x20a07c91005d008908f8)
st2 <invalid float value> (raw 0xe9b07c90e9200022ea60)
st3 -2147483648 (raw 0xc01e8000000000000000)
st4 -1 (raw 0xbfff8000000000000000)
st5 -1 (raw 0xbfff8000000000000000)
st6 -1 (raw 0xbfff8000000000000000)
st7 -1 (raw 0xbfff8000000000000000)
fctrl 0xffff037f -64641
fstat 0xffff0420 -64480
ftag 0xffffffff -1
fiseg 0x1b 27
fioff 0x68b8b2d5 1756934869
foseg 0xffff0023 -65501
fooff 0x22fca8 2292904
fop 0x77c 1916
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x66, 0x0, 0x35, 0x0, 0x36, 0x0, 0x33, 0x0, 0x30, 0x0, 0x37,

0x0, 0x2d, 0x0, 0x62, 0x0}, v8_int16 = {0x66, 0x35, 0x36, 0x33, 0x30,
0x37, 0x2d, 0x62}, v4_int32 = {0x350066, 0x330036, 0x370030, 0x62002d},

v2_int64 = {0x33003600350066, 0x62002d00370030},
uint128 = 0x0062002d003700300033003600350066}

xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x36, 0x0, 0x62, 0x0, 0x66, 0x0, 0x2d, 0x0, 0x31, 0x0, 0x31,

0x0, 0x64, 0x0, 0x30, 0x0}, v8_int16 = {0x36, 0x62, 0x66, 0x2d, 0x31,
0x31, 0x64, 0x30}, v4_int32 = {0x620036, 0x2d0066, 0x310031, 0x300064},

v2_int64 = {0x2d006600620036, 0x30006400310031},
uint128 = 0x0030006400310031002d006600620036}

xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x2d, 0x0, 0x39, 0x0, 0x34, 0x0, 0x66, 0x0, 0x32, 0x0, 0x2d,

0x0, 0x30, 0x0, 0x30, 0x0}, v8_int16 = {0x2d, 0x39, 0x34, 0x66, 0x32,
0x2d, 0x30, 0x30}, v4_int32 = {0x39002d, 0x660034, 0x2d0032, 0x300030},

v2_int64 = {0x6600340039002d, 0x300030002d0032},
uint128 = 0x00300030002d0032006600340039002d}

xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x61, 0x0, 0x30, 0x0, 0x63, 0x0, 0x39, 0x0, 0x31, 0x0, 0x65,

0x0, 0x66, 0x0, 0x62, 0x0}, v8_int16 = {0x61, 0x30, 0x63, 0x39, 0x31,
0x65, 0x66, 0x62}, v4_int32 = {0x300061, 0x390063, 0x650031, 0x620066},

v2_int64 = {0x39006300300061, 0x62006600650031},
uint128 = 0x00620066006500310039006300300061}

xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x38, 0x0, 0x62, 0x0, 0x7d, 0x0, 0x5c, 0x0, 0x23, 0x0, 0x23,

0x0, 0x3f, 0x0, 0x23, 0x0}, v8_int16 = {0x38, 0x62, 0x7d, 0x5c, 0x23,
0x23, 0x3f, 0x23}, v4_int32 = {0x620038, 0x5c007d, 0x230023, 0x23003f},

v2_int64 = {0x5c007d00620038, 0x23003f00230023},
uint128 = 0x0023003f00230023005c007d00620038}

xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x49, 0x0, 0x44, 0x0, 0x45, 0x0, 0x23, 0x0, 0x44, 0x0, 0x69,

0x0, 0x73, 0x0, 0x6b, 0x0}, v8_int16 = {0x49, 0x44, 0x45, 0x23, 0x44,
0x69, 0x73, 0x6b}, v4_int32 = {0x440049, 0x230045, 0x690044, 0x6b0073},

v2_int64 = {0x23004500440049, 0x6b007300690044},
uint128 = 0x006b0073006900440023004500440049}

xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x56, 0x0, 0x4f, 0x0, 0x4c, 0x0, 0x30, 0x0, 0x31, 0x0, 0x31,

0x0, 0x2e, 0x0, 0x30, 0x0}, v8_int16 = {0x56, 0x4f, 0x4c, 0x30, 0x31,
0x31, 0x2e, 0x30}, v4_int32 = {0x4f0056, 0x30004c, 0x310031, 0x30002e},

v2_int64 = {0x30004c004f0056, 0x30002e00310031},
uint128 = 0x0030002e003100310030004c004f0056}

xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x2e, 0x0, 0x30, 0x0, 0x30, 0x0, 0x5f, 0x0, 0x5f, 0x0, 0x23,

0x0, 0x34, 0x0, 0x26, 0x0}, v8_int16 = {0x2e, 0x30, 0x30, 0x5f, 0x5f,
0x23, 0x34, 0x26}, v4_int32 = {0x30002e, 0x5f0030, 0x23005f, 0x260034},

v2_int64 = {0x5f00300030002e, 0x2600340023005f},
uint128 = 0x002600340023005f005f00300030002e}

mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x8970887c9100b8, v2_int32 = {0x7c9100b8, 0x897088

v4_int16 = {0xb8, 0x7c91, 0x7088, 0x89}, v8_int8 = {0xb8, 0x0, 0x91, 0x7c

0x88, 0x70, 0x89, 0x0}}

mm1 {uint64 = 0x7c91005d008908f8, v2_int32 = {0x8908f8,

0x7c91005d}, v4_int16 = {0x8f8, 0x89, 0x5d, 0x7c91}, v8_int8 = {0xf8,
0x8, 0x89, 0x0, 0x5d, 0x0, 0x91, 0x7c}}

mm2 {uint64 = 0x7c90e9200022ea60, v2_int32 = {0x22ea60,

0x7c90e920}, v4_int16 = {0xea60, 0x22, 0xe920, 0x7c90}, v8_int8 = {0x60
0xea, 0x22, 0x0, 0x20, 0xe9, 0x90, 0x7c}}

mm3 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},

v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x80}}

mm4 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},

v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x80}}

mm5 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},

v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x80}}

mm6 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},

v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x80}}

mm7 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000},

v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x80}}

(gdb)

comment:3 by Michael Niedermayer, 12 years ago

Does this still happen ?
if yes, can you please provide a backtrace from dlls that have been build with
configure --disable-stripping
also if you suspect memory corruption then some tool that checks for that, something like valgrind should be interresting.

comment:4 by Carl Eugen Hoyos, 12 years ago

Resolution: needs_more_info
Status: newclosed

Please reopen if you can add the missing information.

Note: See TracTickets for help on using tickets.