#4416 closed defect (fixed)
H264 regression: Crash on slice multithreading with 2.6.1
Reported by: | Carl Eugen Hoyos | Owned by: | |
---|---|---|---|
Priority: | important | Component: | avcodec |
Version: | 2.6.1 | Keywords: | h264 crash SIGSEGV regression |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
The sample from ticket #4415 crashes 2.6.1 (and 2.6) when using slice multi-threading, this is a regression since 6fafc62b
(gdb) r -cpuflags 0 -thread_type slice -threads 2 -i Record1MDVideoX.h264 -f null - Starting program: ffmpeg_g -cpuflags 0 -thread_type slice -threads 2 -i Record1MDVideoX.h264 -f null - [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". ffmpeg version n2.6.1 Copyright (c) 2000-2015 the FFmpeg developers built with gcc 4.7 (SUSE Linux) configuration: --enable-gpl libavutil 54. 20.100 / 54. 20.100 libavcodec 56. 26.100 / 56. 26.100 libavformat 56. 25.101 / 56. 25.101 libavdevice 56. 4.100 / 56. 4.100 libavfilter 5. 11.102 / 5. 11.102 libswscale 3. 1.101 / 3. 1.101 libswresample 1. 1.100 / 1. 1.100 libpostproc 53. 3.100 / 53. 3.100 Input #0, h264, from 'Record1MDVideoX.h264': Duration: N/A, bitrate: N/A Stream #0:0: Video: h264 (High), yuv420p, 1280x720 [SAR 1:1 DAR 16:9], 30 fps, 30 tbr, 1200k tbn, 60 tbc [New Thread 0x7ffff14f0700 (LWP 2778)] [New Thread 0x7ffff0cef700 (LWP 2780)] [New Thread 0x7ffff04ee700 (LWP 2781)] [New Thread 0x7fffefced700 (LWP 2782)] [New Thread 0x7fffef4ec700 (LWP 2783)] [New Thread 0x7fffeeceb700 (LWP 2784)] [New Thread 0x7fffee4ea700 (LWP 2785)] [New Thread 0x7fffedce9700 (LWP 2786)] [New Thread 0x7fffed4e8700 (LWP 2787)] [New Thread 0x7fffecce7700 (LWP 2788)] [New Thread 0x7fffec4e6700 (LWP 2789)] Output #0, null, to 'pipe:': Metadata: encoder : Lavf56.25.101 Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 1280x720 [SAR 1:1 DAR 16:9], q=2-31, 200 kb/s, 30 fps, 30 tbn, 30 tbc Metadata: encoder : Lavc56.26.100 rawvideo Stream mapping: Stream #0:0 -> #0:0 (h264 (native) -> rawvideo (native)) Press [q] to stop, [?] for help [null @ 0x1af9880] Encoder did not produce proper pts, making some up. [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] top block unavailable for requested intra4x4 mode -1 at 76 0 [h264 @ 0x1b97040] error while decoding MB 76 0, bytestream 3672 [h264 @ 0x1b97040] concealing 3573 DC, 3573 AC, 3573 MV errors in P frame [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] top block unavailable for requested intra4x4 mode -1 at 51 0 [h264 @ 0x1b97040] error while decoding MB 51 0, bytestream 4298 [h264 @ 0x1b97040] concealing 3598 DC, 3598 AC, 3598 MV errors in P frame [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] concealing 3571 DC, 3571 AC, 3571 MV errors in P frame [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error [h264 @ 0x1b97040] SPS changed in the middle of the frame [h264 @ 0x1b97040] decode_slice_header error Program received signal SIGSEGV, Segmentation fault. put_h264_qpel16_mc00_8_c (dst=0x2500ec0 "", src=0x0, stride=1280) at libavcodec/h264qpel_template.c:544 544 H264_MC(put_, 16) (gdb) bt #0 put_h264_qpel16_mc00_8_c (dst=0x2500ec0 "", src=0x0, stride=1280) at libavcodec/h264qpel_template.c:544 #1 0x0000000000747bff in mc_dir_part (chroma_idc=1, pixel_shift=0, chroma_op=0x776df0 <put_h264_chroma_mc8_8_c>, qpix_op=0x1beced0, src_y_offset=0, src_x_offset=0, dest_cr=0x26213e0 "", dest_cb=0x25e7920 "", dest_y=0x2500ec0 "", list=0, delta=0, height=16, square=1, n=0, pic=0x1c20180, h=0x1becd60) at libavcodec/h264_mb.c:246 #2 mc_part_std (chroma_idc=1, pixel_shift=0, list1=0, list0=4096, chroma_avg=0x777850 <avg_h264_chroma_mc8_8_c>, qpix_avg=0x1bed0d0, chroma_put=0x776df0 <put_h264_chroma_mc8_8_c>, qpix_put=0x1beced0, y_offset=0, x_offset=0, dest_cr=0x26213e0 "", dest_cb=0x25e7920 "", dest_y=0x2500ec0 "", delta=0, height=16, square=1, n=0, h=0x1becd60) at libavcodec/h264_mb.c:349 #3 mc_part_420_simple_8 (h=0x1becd60, n=0, square=1, height=16, delta=0, dest_y=<optimized out>, dest_cb=0x25e7920 "", dest_cr=0x26213e0 "", x_offset=0, y_offset=0, qpix_put=0x1beced0, chroma_put=0x776df0 <put_h264_chroma_mc8_8_c>, qpix_avg=0x1bed0d0, chroma_avg=0x777850 <avg_h264_chroma_mc8_8_c>, weight_op=0x1becd80, weight_avg=0x1becda0, list0=4096, list1=0) at libavcodec/h264_mc_template.c:58 #4 0x00000000007627c8 in hl_motion_420_simple_8 (weight_avg=<optimized out>, weight_op=<optimized out>, chroma_avg=<optimized out>, qpix_avg=<optimized out>, chroma_put=<optimized out>, qpix_put=<optimized out>, dest_cr=<optimized out>, dest_cb=<optimized out>, dest_y=<optimized out>, h=<optimized out>) at libavcodec/h264_mc_template.c:82 #5 hl_decode_mb_simple_8 (h=h@entry=0x1becd60) at libavcodec/h264_mb_template.c:182 #6 0x000000000076372a in ff_h264_hl_decode_mb (h=h@entry=0x1becd60) at libavcodec/h264_mb.c:826 #7 0x00000000007717e9 in decode_slice (avctx=<optimized out>, arg=arg@entry=0x7fffffffd2d8) at libavcodec/h264_slice.c:2432 #8 0x000000000077686a in ff_h264_execute_decode_slices (h=h@entry=0x1becd60, context_count=context_count@entry=1) at libavcodec/h264_slice.c:2582 #9 0x00000000007387bc in decode_nal_units (h=h@entry=0x1becd60, buf=buf@entry=0x1bb7b10 "", buf_size=buf_size@entry=14735, parse_extradata=parse_extradata@entry=0) at libavcodec/h264.c:1689 #10 0x00000000007398d1 in h264_decode_frame (avctx=0x1b97040, data=0x1afad80, got_frame=0x7fffffffd75c, avpkt=<optimized out>) at libavcodec/h264.c:1826 #11 0x0000000000b00528 in avcodec_decode_video2 (avctx=0x1b97040, picture=picture@entry=0x1afad80, got_picture_ptr=got_picture_ptr@entry=0x7fffffffd75c, avpkt=avpkt@entry=0x7fffffffd9e0) at libavcodec/utils.c:2372 #12 0x0000000000484cfd in decode_video (ist=ist@entry=0x1ba6fe0, pkt=pkt@entry=0x7fffffffd9e0, got_output=got_output@entry=0x7fffffffd75c) at ffmpeg.c:1960 #13 0x0000000000488dcc in process_input_packet (pkt=0x7fffffffd980, ist=0x1ba6fe0) at ffmpeg.c:2208 #14 process_input (file_index=28281760) at ffmpeg.c:3708 #15 0x000000000046f5e0 in transcode_step () at ffmpeg.c:3802 #16 transcode () at ffmpeg.c:3854 #17 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:4032 (gdb) disass $pc,$pc+32 Dump of assembler code from 0x8046f0 to 0x804710: => 0x00000000008046f0 <put_h264_qpel16_mc00_8_c+0>: mov (%rsi),%eax 0x00000000008046f2 <put_h264_qpel16_mc00_8_c+2>: lea (%rsi,%rdx,1),%rcx 0x00000000008046f6 <put_h264_qpel16_mc00_8_c+6>: mov %eax,(%rdi) 0x00000000008046f8 <put_h264_qpel16_mc00_8_c+8>: mov 0x4(%rsi),%eax 0x00000000008046fb <put_h264_qpel16_mc00_8_c+11>: mov %eax,0x4(%rdi) 0x00000000008046fe <put_h264_qpel16_mc00_8_c+14>: mov (%rcx),%r8d 0x0000000000804701 <put_h264_qpel16_mc00_8_c+17>: lea (%rdi,%rdx,1),%rax 0x0000000000804705 <put_h264_qpel16_mc00_8_c+21>: mov %r8d,(%rax) 0x0000000000804708 <put_h264_qpel16_mc00_8_c+24>: mov 0x4(%rcx),%r8d 0x000000000080470c <put_h264_qpel16_mc00_8_c+28>: add %rdx,%rcx 0x000000000080470f <put_h264_qpel16_mc00_8_c+31>: mov %r8d,0x4(%rax) End of assembler dump. (gdb) info register rax 0x0 0 rbx 0x1becd60 29281632 rcx 0x1beced0 29282000 rdx 0x500 1280 rsi 0x0 0 rdi 0x2500ec0 38801088 rbp 0x0 0x0 rsp 0x7fffffffd018 0x7fffffffd018 r8 0x0 0 r9 0x0 0 r10 0x1beced0 29282000 r11 0x0 0 r12 0x0 0 r13 0x1c20180 29491584 r14 0x0 0 r15 0x2d0 720 rip 0x8046f0 0x8046f0 <put_h264_qpel16_mc00_8_c> eflags 0x10287 [ CF PF SF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0
Note:
See TracTickets
for help on using tickets.
seems fixed in 2.6.2