Opened 8 years ago

Closed 8 years ago

#5259 closed defect (fixed)

Segmentation fault on pp=ha

Reported by: Ilya87 Owned by:
Priority: important Component: postproc
Version: git-master Keywords: crash SIGSEGV gcc
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

Summary of the bug:
How to reproduce:

% ffplay VTS_04_1.VOB -vf nnedi=weights=$HOME/nnedi3_weights.bin,pp=ha
VTS_04_1.VOB - interlaced mpeg2 source
Segmentation fault
ffmpeg version g1ec7a70
built on Arch Linux x86_64, gcc
backtrace
#0  0x00007ffff58c7dc6 in pp_postprocess (src=0x7fffd0532a60, srcStride=0x7fffd0532aa0, dst=0x7fffd0532fa0, 
    dstStride=0x7fffd0532fe0, width=720, height=576, QP_store=0x7fffd02fe41d '\f' <repeats 45 times>, 
    QPStride=<optimized out>, vm=0x7fffd03a74a0, vc=0x7fffd03a8220, pict_type=19) at libpostproc/postprocess.c:976
#1  0x00007ffff78e462a in pp_filter_frame (inlink=inlink@entry=0x7fffd03a7fc0, inbuf=0x7fffd0532a60)
    at libavfilter/vf_pp.c:142
#2  0x00007ffff78370db in ff_filter_frame_framed (link=link@entry=0x7fffd03a7fc0, frame=0x7fffd0532a60)
    at libavfilter/avfilter.c:1108
#3  0x00007ffff7837fa8 in ff_filter_frame (link=link@entry=0x7fffd03a7fc0, frame=0x7fffd0532a60)
    at libavfilter/avfilter.c:1206
#4  0x00007ffff783c212 in request_frame (link=0x7fffd03a7fc0) at libavfilter/buffersrc.c:383
#5  0x00007ffff78372d2 in ff_request_frame_to_filter (link=0x7fffd03a7fc0) at libavfilter/avfilter.c:374
#6  0x00007ffff783b055 in ff_filter_graph_run_once (graph=<optimized out>) at libavfilter/avfiltergraph.c:1429
#7  0x00007ffff783b90b in av_buffersink_get_frame_flags (ctx=ctx@entry=0x7fffd03a6d40, frame=0x7fffd00008c0, 
    flags=flags@entry=0) at libavfilter/buffersink.c:144
#8  0x000000000041376e in video_thread (arg=0x7ffff7e0d040) at ffplay.c:2250
#9  0x00007ffff4eaffe8 in ?? () from /usr/lib/libSDL-1.2.so.0
#10 0x00007ffff4ef18a9 in ?? () from /usr/lib/libSDL-1.2.so.0
#11 0x00007ffff4c894a4 in start_thread () from /usr/lib/libpthread.so.0
#12 0x00007ffff46c8dcd in clone () from /usr/lib/libc.so.6
  1. S. uspp works fine.

Attachments (1)

segfault_pp_ha.VOB (2.0 MB ) - added by Carl Eugen Hoyos 8 years ago.

Change History (14)

comment:1 by Carl Eugen Hoyos, 8 years ago

Keywords: crash added
Priority: normalimportant

Please provide the source file(s) that allow to reproduce this issue.

comment:2 by Ilya87, 8 years ago

http://www.filedropper.com/segfaultppha - As I failed to proved you with direct link via http://upload.ffmpeg.org/upload/

by Carl Eugen Hoyos, 8 years ago

Attachment: segfault_pp_ha.VOB added

comment:3 by Carl Eugen Hoyos, 8 years ago

Is one file enough to reproduce the crash or is a second input file necessary?

comment:4 by Carl Eugen Hoyos, 8 years ago

Resolution: worksforme
Status: newclosed

I found the following file:

$ md5sum nnedi3_weights.bin
5c97e25c4a7277d06d3e3851373f1065  nnedi3_weights.bin

But I cannot reproduce a crash:

$ ffplay -autoexit segfault_pp_ha.VOB -vf nnedi=weights=nnedi3_weights.bin,pp=ha
ffplay version N-78627-g1ec7a70 Copyright (c) 2003-2016 the FFmpeg developers
  built with gcc 4.7 (SUSE Linux)
  configuration: --enable-gpl
  libavutil      55. 18.100 / 55. 18.100
  libavcodec     57. 24.105 / 57. 24.105
  libavformat    57. 26.100 / 57. 26.100
  libavdevice    57.  0.101 / 57.  0.101
  libavfilter     6. 34.100 /  6. 34.100
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
Input #0, mpeg, from 'segfault_pp_ha.VOB':    0KB sq=    0B f=0/0
  Duration: 00:00:03.08, start: 0.620000, bitrate: 5580 kb/s
    Stream #0:0[0x1e0]: Video: mpeg2video (Main), yuv420p(tv), 720x576 [SAR 16:15 DAR 4:3], 5350 kb/s, 25 fps, 25 tbr, 90k tbn, 50 tbc
   3.66 M-V:  0.000 fd=  13 aq=    0KB vq=    0KB sq=    0B f=0/0

Please reopen if you can provide the command line that allows to reproduce the crash together with the complete, uncut console output and all information required for crash reports as mentioned on https://ffmpeg.org/bugreports.html

comment:5 by Ilya87, 8 years ago

Crash appears even with yadif filter or without it.

Can it be compilation option? -march=native (for Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz) -mfpmath=sse -fstack-protector -fPIC --param=ssp-buffer-size=4 were used.

ffplay -autoexit /home/ilya/Video/segfault_pp_ha.VOB -v 9 -loglevel 99 -vf yadif,pp=ha
ffplay version N-78627-g1ec7a70 Copyright (c) 2003-2016 the FFmpeg developers
  built with gcc 5.3.0 (GCC)
  configuration: --prefix=/usr --enable-debug --disable-static --disable-stripping --enable-avisynth --enable-avresample --enable-fontconfig --enable-gnutls --enable-gpl --enable-ladspa --enable-libass --enable-libbluray --enable-libdcadec --enable-libfreetype --enable-libfribidi --enable-libgsm --enable-libmodplug --enable-libmp3lame --enable-libopencore_amrnb --enable-libopencore_amrwb --enable-libopenjpeg --enable-libopus --enable-libpulse --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libssh --enable-libtheora --enable-libv4l2 --enable-libvidstab --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxvid --enable-shared --enable-version3 --enable-x11grab
  libavutil      55. 18.100 / 55. 18.100
  libavcodec     57. 24.105 / 57. 24.105
  libavformat    57. 26.100 / 57. 26.100
  libavdevice    57.  0.101 / 57.  0.101
  libavfilter     6. 34.100 /  6. 34.100
  libavresample   3.  0.  0 /  3.  0.  0
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
[file @ 0x7fce5c001260] Setting default whitelist 'file' 0B f=0/0   
Probing mpeg score:26 size:2048                                                                                             
[mpeg @ 0x7fce5c000920] Format mpeg probed with size=2048 and score=26                                                      
[mpeg @ 0x7fce5c000920] Before avformat_find_stream_info() pos: 0 bytes read:32768 seeks:0                                  
[mpeg @ 0x7fce5c000920] probing stream 0 pp:2500                                                                            
Probing mp3 score:1 size:2011                                                                                               
Probing mpegvideo score:25 size:2011                                                                                        
[mpeg @ 0x7fce5c000920] Probe with size=2011, packets=1 detected mpegvideo with score=25                                    
[mpeg @ 0x7fce5c000920] probed stream 0                                                                                     
[mpeg @ 0x7fce5c000920] 0: start_time: 0.056 duration: 0.277                                                                
[mpeg @ 0x7fce5c000920] stream: start_time: 0.620 duration: 3.080 bitrate=5580 kb/s                                         
[mpeg @ 0x7fce5c000920] After avformat_find_stream_info() pos: 0 bytes read:2398352 seeks:2 frames:78                       
Input #0, mpeg, from '/home/ilya/Video/segfault_pp_ha.VOB':                                                                 
  Duration: 00:00:03.08, start: 0.620000, bitrate: 5580 kb/s
    Stream #0:0[0x1e0], 78, 1/90000: Video: mpeg2video (Main), 1 reference frame, yuv420p(tv, left), 720x576 [SAR 16:15 DAR 4:3], 1/50, 5350 kb/s, 25 fps, 25 tbr, 90k tbn, 50 tbc
detected 4 logical cores
[mpeg2video @ 0x7fce5c001e20] allocating dummy last picture for B frame                                                     
Video frame changed from size:0x0 format:none serial:-1 to size:720x576 format:yuv420p serial:1                             
[ffplay_buffer @ 0x7fce543a6880] Setting 'video_size' to value '720x576'                                                    
[ffplay_buffer @ 0x7fce543a6880] Setting 'pix_fmt' to value '0'                                                             
[ffplay_buffer @ 0x7fce543a6880] Setting 'time_base' to value '1/90000'                                                     
[ffplay_buffer @ 0x7fce543a6880] Setting 'pixel_aspect' to value '16/15'                                                    
[ffplay_buffer @ 0x7fce543a6880] Setting 'frame_rate' to value '25/1'                                                       
[ffplay_buffer @ 0x7fce543a6880] w:720 h:576 pixfmt:yuv420p tb:1/90000 fr:25/1 sar:16/15 sws_param:                         
[ffplay_crop @ 0x7fce543a6fc0] Setting 'out_w' to value 'floor(in_w/2)*2'                                                   
[ffplay_crop @ 0x7fce543a6fc0] Setting 'out_h' to value 'floor(in_h/2)*2'                                                   
[Parsed_pp_1 @ 0x7fce543a7820] compat: called with args=[ha]                                                                
[Parsed_pp_1 @ 0x7fce543a7820] Setting 'subfilters' to value 'ha'                                                           
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
pp: ha                                                                                                                      
pp: ha::ha                                                                                                                  
pp: lumMode=4000, chromMode=4000                                                                                            
[AVFilterGraph @ 0x7fce54000ae0] query_formats: 5 queried, 4 merged, 0 already done, 0 delayed                              
[ffplay_crop @ 0x7fce543a6fc0] w:720 h:576 sar:16/15 -> w:720 h:576 sar:16/15                                               
Ошибка сегментирования (core dumped)

Dump of assembler code from 0x7ffff58c7da6 to 0x7ffff58c7de6:

0x00007ffff58c7da6 <pp_postprocess+486>: jl 0x7ffff58c7dcc <pp_postprocess+524>
0x00007ffff58c7da8 <pp_postprocess+488>: sub %cl,-0x73(%rcx)
0x00007ffff58c7dab <pp_postprocess+491>: cmp $0xa,%al
0x00007ffff58c7dad <pp_postprocess+493>: add %rax,%rcx
0x00007ffff58c7db0 <pp_postprocess+496>: mov %rdi,0x18(%rsp)
0x00007ffff58c7db5 <pp_postprocess+501>: xor %edi,%edi
0x00007ffff58c7db7 <pp_postprocess+503>: mov %rcx,0x8(%rsp)
0x00007ffff58c7dbc <pp_postprocess+508>: xor %ecx,%ecx
0x00007ffff58c7dbe <pp_postprocess+510>: mov 0x18(%rsp),%r8
0x00007ffff58c7dc3 <pp_postprocess+515>: add $0x1,%ecx

=> 0x00007ffff58c7dc6 <pp_postprocess+518>: vmovdqa (%r8,%rdi,1),%xmm0

0x00007ffff58c7dcc <pp_postprocess+524>: mov 0x8(%rsp),%r8
0x00007ffff58c7dd1 <pp_postprocess+529>: vpsrld $0x1,%xmm0,%xmm0
0x00007ffff58c7dd6 <pp_postprocess+534>: vpand %xmm1,%xmm0,%xmm0
0x00007ffff58c7dda <pp_postprocess+538>: vmovups %xmm0,(%r8,%rdi,1)
0x00007ffff58c7de0 <pp_postprocess+544>: add $0x10,%rdi
0x00007ffff58c7de4 <pp_postprocess+548>: cmp %ecx,0x20(%rsp)

info all-registers
rax 0x7fffd84c8bc0 140736822283200
rbx 0x7fffd83a8540 140736821101888
rcx 0x1 1
rdx 0x19e 414
rsi 0x1 1
rdi 0x0 0
rbp 0x7fffd82ff3a0 0x7fffd82ff3a0
rsp 0x7fffddffa900 0x7fffddffa900
r8 0x7fffd82fe421 140736820405281
r9 0x13 19
r10 0x7fffd82fe41d 140736820405277
r11 0x7fffd83a81e0 140736821101024
r12 0x7fffd82ff900 140736820410624
r13 0x7fffd82ff360 140736820409184
r14 0x7fffd82ff8c0 140736820410560
r15 0x678 1656
rip 0x7ffff58c7dc6 0x7ffff58c7dc6 <pp_postprocess+518>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
---Type <return> to continue, or q <return> to quit---
st0 -nan(0x11a8000011a80) (raw 0xffff00011a8000011a80)
st1 -nan(0xfff64ad1fff581ad) (raw 0xfffffff64ad1fff581ad)
st2 -nan(0x81008100810081) (raw 0xffff0081008100810081)
st3 -nan(0xfffd68d5fffc05c1) (raw 0xfffffffd68d5fffc05c1)
st4 -nan(0x80008100800081) (raw 0xffff0080008100800081)
st5 -nan(0x7f007f007f007f) (raw 0xffff007f007f007f007f)
st6 -nan(0x80008000800080) (raw 0xffff0080008000800080)
st7 -nan(0xac4be000bf1c6) (raw 0xffff000ac4be000bf1c6)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa8 [ OE PE IM DM ZM OM UM PM ]
ymm0 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x7b,

0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x1, 0x0 <repeats 22 times>}, v16_int16 = {0x17b, 0x0, 0x0, 0x0, 0x17b,
0x0 <repeats 11 times>}, v8_int32 = {0x17b, 0x0, 0x17b, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x17b, 0x17b, 0x0, 0x0},

v2_int128 = {0x000000000000017b000000000000017b, 0x00000000000000000000000000000000}}

ymm1 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x8000000000000000,

0x0, 0x0}, v32_int8 = {0x7f <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f,
0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x7f7f7f7f, 0x7f7f7f7f,

---Type <return> to continue, or q <return> to quit---

0x7f7f7f7f, 0x7f7f7f7f, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7f7f7f7f7f7f7f7f, 0x7f7f7f7f7f7f7f7f, 0x0, 0x0},

v2_int128 = {0x7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f, 0x00000000000000000000000000000000}}

ymm2 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm3 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xd0,

0x2, 0x0 <repeats 30 times>}, v16_int16 = {0x2d0, 0x0 <repeats 15 times>}, v8_int32 = {0x2d0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x2d0, 0x0, 0x0, 0x0}, v2_int128 = {0x000000000000000000000000000002d0,
0x00000000000000000000000000000000}}

ymm4 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x40,

0xee, 0x1, 0xd8, 0xff, 0x7f, 0x0, 0x0, 0xc0, 0xee, 0x1, 0xd8, 0xff, 0x7f, 0x0 <repeats 18 times>}, v16_int16 = {
0xee40, 0xd801, 0x7fff, 0x0, 0xeec0, 0xd801, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {
0xd801ee40, 0x7fff, 0xd801eec0, 0x7fff, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7fffd801ee40, 0x7fffd801eec0, 0x0, 0x0},

v2_int128 = {0x00007fffd801eec000007fffd801ee40, 0x00000000000000000000000000000000}}

ymm5 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm6 {v8_float = {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x90,

0xc2, 0xf5, 0x28, 0x5c, 0x8f, 0xe2, 0x3f, 0x0 <repeats 24 times>}, v16_int16 = {0xc290, 0x28f5, 0x8f5c, 0x3fe2,
0x0 <repeats 12 times>}, v8_int32 = {0x28f5c290, 0x3fe28f5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {
0x3fe28f5c28f5c290, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000003fe28f5c28f5c290,
0x00000000000000000000000000000000}}

ymm7 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x20 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x2020, 0x2020, 0x2020, 0x2020, 0x2020, 0x2020, 0x2020,

---Type <return> to continue, or q <return> to quit---

0x2020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x20202020, 0x20202020, 0x20202020, 0x20202020, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x2020202020202020, 0x2020202020202020, 0x0, 0x0}, v2_int128 = {
0x20202020202020202020202020202020, 0x00000000000000000000000000000000}}

ymm8 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm9 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm10 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm11 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm12 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0,

0xff, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0 <repeats 20 times>}, v16_int16 = {0xff00, 0x0, 0xff00,
0x0, 0x0, 0xff00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xff00, 0xff00, 0xff000000, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int64 = {0xff000000ff00, 0xff000000, 0x0, 0x0}, v2_int128 = {0x00000000ff0000000000ff000000ff00,
0x00000000000000000000000000000000}}

ymm13 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm14 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {
---Type <return> to continue, or q <return> to quit---

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

ymm15 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {

0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},

v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}

Last edited 8 years ago by Ilya87 (previous) (diff)

comment:6 by Ilya87, 8 years ago

Resolution: worksforme
Status: closedreopened

in reply to:  5 comment:7 by Carl Eugen Hoyos, 8 years ago

Replying to Ilya87:

Can it be compilation option? -march=native (for Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz) -mfpmath=sse -fstack-protector -fPIC --param=ssp-buffer-size=4 were used.

None of these options are visible in your console output:

  configuration: --prefix=/usr --disable-debug --disable-static --disable-stripping --enable-avisynth --enable-avresample --enable-fontconfig --enable-gnutls --enable-gpl --enable-ladspa --enable-libass --enable-libbluray --enable-libdcadec --enable-libfreetype --enable-libfribidi --enable-libgsm --enable-libmodplug --enable-libmp3lame --enable-libopencore_amrnb --enable-libopencore_amrwb --enable-libopenjpeg --enable-libopus --enable-libpulse --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libssh --enable-libtheora --enable-libv4l2 --enable-libvidstab --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxvid --enable-shared --enable-version3 --enable-x11grab

comment:8 by Ilya87, 8 years ago

Sorry, I'll change my binary to debug now.

Last edited 8 years ago by Ilya87 (previous) (diff)

comment:9 by Carl Eugen Hoyos, 8 years ago

Resolution: worksforme
Status: reopenedclosed

Still works fine here:

$ ffplay -autoexit segfault_pp_ha.VOB -vf yadif,pp=ha
ffplay version N-78627-g1ec7a70 Copyright (c) 2003-2016 the FFmpeg developers
  built with gcc 4.7 (SUSE Linux)
  configuration: --enable-gpl --enable-shared --disable-debug --disable-stripping
  libavutil      55. 18.100 / 55. 18.100
  libavcodec     57. 24.105 / 57. 24.105
  libavformat    57. 26.100 / 57. 26.100
  libavdevice    57.  0.101 / 57.  0.101
  libavfilter     6. 34.100 /  6. 34.100
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
Input #0, mpeg, from 'segfault_pp_ha.VOB':    0KB sq=    0B f=0/0
  Duration: 00:00:03.08, start: 0.620000, bitrate: 5580 kb/s
    Stream #0:0[0x1e0]: Video: mpeg2video (Main), yuv420p(tv), 720x576 [SAR 16:15 DAR 4:3], 5350 kb/s, 25 fps, 25 tbr, 90k tbn, 50 tbc
   3.58 M-V:  0.000 fd=   0 aq=    0KB vq=    0KB sq=    0B f=0/0

Please test with a binary from http://johnvansickle.com/ffmpeg/

Unrelated: Please remove --disable-stripping, it only needlessly increases binary size (not stripping useful debug information is the default).

comment:11 by Ilya87, 8 years ago

Resolution: worksforme
Status: closedreopened

binary from http://johnvansickle.com/ffmpeg/ gives segfault with the following command line
./ffmpeg -i $HOME/Video/segfault_pp_ha.VOB -vf yadif,pp=ha 123.avi

Last edited 8 years ago by Ilya87 (previous) (diff)

comment:12 by Carl Eugen Hoyos, 8 years ago

Keywords: gcc added
Reproduced by developer: set
Status: reopenedopen

Regression since cb8646af24bd8e9627cc5e1c62b049a00fe0b07b

$ valgrind ffmpeg_g -i segfault_pp_ha.VOB -vf yadif,pp=ha -f null -
==28356== Memcheck, a memory error detector
==28356== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==28356== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==28356== Command: ffmpeg_g -i segfault_pp_ha.VOB -vf yadif,pp=ha -f null -
==28356==
ffmpeg version N-78637-g7586b3a Copyright (c) 2000-2016 the FFmpeg developers
  built with gcc 5.1.0 (GCC)
  configuration: --cc=/usr/local/gcc-5.1.0/bin/gcc --enable-gpl
  libavutil      55. 18.100 / 55. 18.100
  libavcodec     57. 24.105 / 57. 24.105
  libavformat    57. 26.100 / 57. 26.100
  libavdevice    57.  0.101 / 57.  0.101
  libavfilter     6. 35.100 /  6. 35.100
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
Input #0, mpeg, from 'segfault_pp_ha.VOB':
  Duration: 00:00:03.08, start: 0.620000, bitrate: 5580 kb/s
    Stream #0:0[0x1e0]: Video: mpeg2video (Main), yuv420p(tv), 720x576 [SAR 16:15 DAR 4:3], 5350 kb/s, 25 fps, 25 tbr, 90k tbn, 50 tbc
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf57.26.100
    Stream #0:0: Video: wrapped_avframe, yuv420p, 720x576 [SAR 16:15 DAR 4:3], q=2-31, 200 kb/s, 25 fps, 25 tbn, 25 tbc
    Metadata:
      encoder         : Lavc57.24.105 wrapped_avframe
Stream mapping:
  Stream #0:0 -> #0:0 (mpeg2video (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
==28356==
==28356== Process terminating with default action of signal 11 (SIGSEGV)
==28356==  General Protection Fault
==28356==    at 0x1121D86: pp_postprocess (postprocess.c:976)
==28356==    by 0x55B7D9: pp_filter_frame (vf_pp.c:142)
==28356==    by 0x4B1480: ff_filter_frame_framed (avfilter.c:1108)
==28356==    by 0x4B22B2: ff_filter_frame (avfilter.c:1206)
==28356==    by 0x5948C0: return_frame (vf_yadif.c:285)
==28356==    by 0x5951F9: filter_frame (vf_yadif.c:375)
==28356==    by 0x4B1480: ff_filter_frame_framed (avfilter.c:1108)
==28356==    by 0x4B22B2: ff_filter_frame (avfilter.c:1206)
==28356==    by 0x4B6621: request_frame (buffersrc.c:383)
==28356==    by 0x4B632A: av_buffersrc_add_frame_internal (buffersrc.c:180)
==28356==    by 0x4B6A1C: av_buffersrc_add_frame_flags (buffersrc.c:105)
==28356==    by 0x4920D1: decode_video (ffmpeg.c:2184)
==28356==
==28356== HEAP SUMMARY:
==28356==     in use at exit: 8,950,683 bytes in 442 blocks
==28356==   total heap usage: 5,857 allocs, 5,415 frees, 18,446,788 bytes allocated
==28356==
==28356== LEAK SUMMARY:
==28356==    definitely lost: 0 bytes in 0 blocks
==28356==    indirectly lost: 0 bytes in 0 blocks
==28356==      possibly lost: 5,472 bytes in 18 blocks
==28356==    still reachable: 8,945,211 bytes in 424 blocks
==28356==         suppressed: 0 bytes in 0 blocks
==28356== Rerun with --leak-check=full to see details of leaked memory
==28356==
==28356== For counts of detected and suppressed errors, rerun with: -v
==28356== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 2 from 2)
Killed

comment:13 by Carl Eugen Hoyos, 8 years ago

Keywords: SIGSEGV added
Resolution: fixed
Status: openclosed

Fixed in 2aa21eec1adcb3737be59f0eab7081c5a790faa9
Thank you for the useful report!

Note: See TracTickets for help on using tickets.