Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#6427 closed defect (fixed)

Crash on any file - Windows build from git repository

Reported by: testuser448 Owned by:
Priority: important Component: build system
Version: git-master Keywords: win regression
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Summary of the bug:
I built ffmpeg from the git repository at https://github.com/FFmpeg/FFmpeg (last commit 220b24c7c97dc033ceab1510549f66d0e7b52ef1) with the current MinGW from http://www.mingw.org. ffmpeg crashes at the start on any file. The location of the error depends on the file but the problem function's name seems to always contain _sse.

Compiler:
gcc 5.3.0
binutils 2.25.1
w32api 5.0
mingwrt 5.0

O/S: Windows 10 Version 1607

How to reproduce:

  1. git clone https://github.com/FFmpeg/FFmpeg ffmpeg
  2. mkdir ffmpeg-build
  3. cd ffmpeg-build
  4. ../ffmpeg/configure --prefix=/mingw/local --disable-w32threads
  5. make && make install
  6. Download https://samples.ffmpeg.org/testsuite/i263.avi
  7. ffmpeg_g.exe -report -i i263.avi -y -r 24 -threads 1 test.mpg

Contents of ffmpeg-20170530-085845.log:
=======================================
ffmpeg started on 2017-05-30 at 08:58:45
Report written to "ffmpeg-20170530-085845.log"
Command line:
C:/MinGW/local/bin/ffmpeg_g.exe -report -i i263.avi -y -r 24 -threads 1 test.mpg
ffmpeg version N-86310-g220b24c7c9 Copyright (c) 2000-2017 the FFmpeg developers

built with gcc 5.3.0 (GCC)
configuration: --prefix=/mingw/local --disable-w32threads
libavutil 55. 63.100 / 55. 63.100
libavcodec 57. 96.101 / 57. 96.101
libavformat 57. 72.101 / 57. 72.101
libavdevice 57. 7.100 / 57. 7.100
libavfilter 6. 90.100 / 6. 90.100
libswscale 4. 7.101 / 4. 7.101
libswresample 2. 8.100 / 2. 8.100

Splitting the commandline.
Reading option '-report' ... matched as option 'report' (generate a report) with argument '1'.
Reading option '-i' ... matched as input url with argument 'i263.avi'.
Reading option '-y' ... matched as option 'y' (overwrite output files) with argument '1'.
Reading option '-r' ... matched as option 'r' (set frame rate (Hz value, fraction or abbreviation)) with argument '24'.
Reading option '-threads' ... matched as AVOption 'threads' with argument '1'.
Reading option 'test.mpg' ... matched as output url.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option report (generate a report) with argument 1.
Applying option y (overwrite output files) with argument 1.
Successfully parsed a group of options.
Parsing a group of options: input url i263.avi.
Successfully parsed a group of options.
Opening an input file: i263.avi.
[file @ 00025860] Setting default whitelist 'file,crypto'
[avi @ 000251c8] Format avi probed with size=2048 and score=100
[avi @ 0002db18] use odml:1
st:0 removing common factor 10 from timebase
[avi @ 000251c8] Before avformat_find_stream_info() pos: 6156 bytes read:103264 seeks:4 nb_streams:1
[avi @ 000251c8] parser not found for codec h263i, packets or times may be invalid.
[avi @ 000251c8] parser not found for codec h263i, packets or times may be invalid.
[avi @ 000251c8] All info found
[avi @ 000251c8] After avformat_find_stream_info() pos: 9655 bytes read:103264 seeks:4 frames:1
Input #0, avi, from 'i263.avi':

Duration: 00:00:01.67, start: 0.000000, bitrate: 274 kb/s

Stream #0:0, 1, 100/2997: Video: h263i (I263 / 0x33363249), yuv420p, 352x240, 29.97 fps, 29.97 tbr, 29.97 tbn, 29.97 tbc

Successfully opened the file.
Parsing a group of options: output url test.mpg.
Applying option r (set frame rate (Hz value, fraction or abbreviation)) with argument 24.
Successfully parsed a group of options.
Opening an output file: test.mpg.
[file @ 0002b3f0] Setting default whitelist 'file,crypto'
Successfully opened the file.
Stream mapping:

Stream #0:0 -> #0:0 (h263i (native) -> mpeg1video (native))

Press [q] to stop, ? for help
cur_dts is invalid (this is harmless if it occurs once at the start per stream)

GDB session
===========
GNU gdb (GDB) 7.6.1
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "mingw32".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from C:\MinGW\local\bin\ffmpeg_g.exe...done.
(gdb) Starting program: C:/MinGW/local/bin/ffmpeg_g.exe -report -i i263.avi -y -r 24 -threads 1 test.mpg
[New Thread 24944.0x3ba8]
[New Thread 24944.0x681c]
[New Thread 24944.0xe38]
[New Thread 24944.0x4688]

Program received signal SIGSEGV, Segmentation fault.
0x00e8a9e1 in ff_clear_blocks_sse.loop ()
(gdb) #0 0x00e8a9e1 in ff_clear_blocks_sse.loop ()
#1 0x008a1cf5 in ff_h263_decode_mb (s=<optimized out>, block=0x69d8338)

at c:/downloads/ffmpeg/libavcodec/ituh263dec.c:914

#2 0x007e6d9d in decode_slice (s=s@entry=0x25db0)

at c:/downloads/ffmpeg/libavcodec/h263dec.c:256

#3 0x007e7b1f in ff_h263_decode_frame (avctx=0x259a0, data=0x2b910,

got_frame=0x683f3d0, avpkt=0x683f3d8)
at c:/downloads/ffmpeg/libavcodec/h263dec.c:637

#4 0x00745021 in decode_simple_internal (avctx=avctx@entry=0x259a0,

frame=frame@entry=0x2b910)
at c:/downloads/ffmpeg/libavcodec/decode.c:417

#5 0x00745b29 in decode_simple_receive_frame (frame=<optimized out>,

avctx=<optimized out>)
at c:/downloads/ffmpeg/libavcodec/decode.c:620

#6 decode_receive_frame_internal (frame=0x2b910, avctx=0x259a0)

at c:/downloads/ffmpeg/libavcodec/decode.c:638

#7 avcodec_send_packet (avctx=avctx@entry=0x259a0,

avpkt=avpkt@entry=0x683f558)
at c:/downloads/ffmpeg/libavcodec/decode.c:678

#8 0x00422b53 in decode (pkt=0x683f558, got_frame=0x683f640,

frame=<optimized out>, avctx=0x259a0)
at c:/downloads/ffmpeg/ffmpeg.c:2246

#9 decode_video (ist=ist@entry=0x69dfe18, pkt=pkt@entry=0x683f700,

got_output=0x683f640, eof=0, decode_failed=0x683f6c0)
at c:/downloads/ffmpeg/ffmpeg.c:2390

#10 0x004246fc in process_input_packet (ist=0x69dfe18, pkt=0x683fac0,

no_eof=0) at c:/downloads/ffmpeg/ffmpeg.c:2625

#11 0x004264d2 in process_input (file_index=<optimized out>)

at c:/downloads/ffmpeg/ffmpeg.c:4409

#12 transcode_step () at c:/downloads/ffmpeg/ffmpeg.c:4520
#13 transcode () at c:/downloads/ffmpeg/ffmpeg.c:4574
#14 0x0100b42b in main (argc=10, argv=<optimized out>)

at c:/downloads/ffmpeg/ffmpeg.c:4779

(gdb) Dump of assembler code from 0xe8a9c1 to 0xe8aa01:

0x00e8a9c1 <ff_clear_blocks_mmx.loop+32>: or %dh,(%eax)
0x00e8a9c3 <ff_clear_blocks_mmx.loop+34>: movq %mm0,0x38(%eax,%ecx,1)
0x00e8a9c8 <ff_clear_blocks_mmx.loop+39>: add $0x40,%ecx
0x00e8a9cb <ff_clear_blocks_mmx.loop+42>: js 0xe8a9a1 <ff_clear_blocks_mmx.loop>
0x00e8a9cd <ff_clear_blocks_mmx.loop+44>: repz ret
0x00e8a9cf <ff_clear_blocks_mmx.loop+46>: nop
0x00e8a9d0 <ff_clear_blocks_sse+0>: mov 0x4(%esp),%eax
0x00e8a9d4 <ff_clear_blocks_sse+4>: add $0x300,%eax
0x00e8a9d9 <ff_clear_blocks_sse+9>: mov $0xfffffd00,%ecx
0x00e8a9de <ff_clear_blocks_sse+14>: xorps %xmm0,%xmm0

=> 0x00e8a9e1 <ff_clear_blocks_sse.loop+0>: movaps %xmm0,(%eax,%ecx,1)

0x00e8a9e5 <ff_clear_blocks_sse.loop+4>: movaps %xmm0,0x10(%eax,%ecx,1)
0x00e8a9ea <ff_clear_blocks_sse.loop+9>: movaps %xmm0,0x20(%eax,%ecx,1)
0x00e8a9ef <ff_clear_blocks_sse.loop+14>: movaps %xmm0,0x30(%eax,%ecx,1)
0x00e8a9f4 <ff_clear_blocks_sse.loop+19>: movaps %xmm0,0x40(%eax,%ecx,1)
0x00e8a9f9 <ff_clear_blocks_sse.loop+24>: movaps %xmm0,0x50(%eax,%ecx,1)
0x00e8a9fe <ff_clear_blocks_sse.loop+29>: movaps %xmm0,0x60(%eax,%ecx,1)

End of assembler dump.
(gdb) eax 0x69d8638 110986808
ecx 0xfffffd00 -768
edx 0x3 3
ebx 0x3 3
esp 0x683f19c 0x683f19c
ebp 0x25db0 0x25db0
esi 0x69df038 111013944
edi 0x15d5380 22893440
eip 0xe8a9e1 0xe8a9e1 <ff_clear_blocks_sse.loop>
eflags 0x10202 [ IF RF ]
cs 0x23 35
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x53 83
gs 0x2b 43
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 100 (raw 0x4005c800000000000000)
st6 29.969999999999999 (raw 0x4003efc28f5c28f5c000)
st7 0 (raw 0x00000000000000000000)
fctrl 0x37f 895
fstat 0x4020 16416
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x424110 4342032
foseg 0x0 0
fooff 0x683f628 109311528
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},

v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},

uint128 = 0x00000000000000000000000000000000}

xmm6 {v4_float = {0x0, 0x0, 0x54800000, 0x581e}, v2_double = {0x0,

0x8000000000000000}, v16_int8 = {0x30, 0x91, 0x30, 0x22, 0x5, 0xdc, 0xb1,
0x86, 0x57, 0x3, 0xcf, 0xd6, 0x60, 0x3d, 0xb0, 0x46}, v8_int16 = {0x9130,
0x2230, 0xdc05, 0x86b1, 0x357, 0xd6cf, 0x3d60, 0x46b0}, v4_int32 = {
0x22309130, 0x86b1dc05, 0xd6cf0357, 0x46b03d60}, v2_int64 = {
0x86b1dc0522309130, 0x46b03d60d6cf0357},

uint128 = 0x46b03d60d6cf035786b1dc0522309130}

xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {

0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x5, 0xc0, 0xf8,
0xf, 0x58, 0x19, 0x4, 0x6e, 0x41, 0x40, 0x48, 0x23, 0x1, 0x60, 0x16,
0x7e}, v8_int16 = {0xc005, 0xff8, 0x1958, 0x6e04, 0x4041, 0x2348, 0x6001,
0x7e16}, v4_int32 = {0xff8c005, 0x6e041958, 0x23484041, 0x7e166001},

v2_int64 = {0x6e0419580ff8c005, 0x7e16600123484041},
uint128 = 0x7e166001234840416e0419580ff8c005}

mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

mm3 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

mm4 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

mm5 {uint64 = 0xc800000000000000, v2_int32 = {0x0, 0xc8000000},

v4_int16 = {0x0, 0x0, 0x0, 0xc800}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0,

0x0, 0x0, 0xc8}}

mm6 {uint64 = 0xefc28f5c28f5c000, v2_int32 = {0x28f5c000,

0xefc28f5c}, v4_int16 = {0xc000, 0x28f5, 0x8f5c, 0xefc2}, v8_int8 = {0x0,
0xc0, 0xf5, 0x28, 0x5c, 0x8f, 0xc2, 0xef}}

mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,

0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}

(gdb) A debugging session is active.

Inferior 1 [process 24944] will be killed.

Quit anyway? (y or n) [answered Y; input not from terminal]
error return ../../gdb-7.6.1/gdb/windows-nat.c:1275 was 5

Change History (10)

comment:1 by testuser448, 7 years ago

Version: unspecifiedgit-master

I can confirm that ffmpeg works if I configure with --disable-sse.

comment:2 by Hendrik, 7 years ago

I assume the crash would be from missing alignment somewhere, although not sure why it happens.

Generally, I would strongly recommend to stop using the old and long-dead mingw32, and instead switch to mingw-w64. The easiest way to install this is likely with MSYS2.

comment:3 by testuser448, 7 years ago

Do you know for a fact that this problem will not occur if I use mingw-w64?

comment:4 by Hendrik, 7 years ago

I know for a fact that FFmpeg works just fine on Windows when build with mingw-w64. I can't speak for anything happening on your system, too many variables outside of my control.

comment:5 by testuser448, 7 years ago

Is there any hope of producing a simple test case that I can report to the MinGW maintainers?

comment:6 by Hendrik, 7 years ago

I've just pushed a potential fix to Git master (47c43ce36f0c48b800b5367674839c16f10dc597), if you want to rebuild and test.

Last edited 7 years ago by Carl Eugen Hoyos (previous) (diff)

comment:7 by Carl Eugen Hoyos, 7 years ago

Component: undeterminedbuild system
Keywords: win regression added
Priority: normalimportant
Resolution: fixed
Status: newclosed

Fixed by Martin Storsjö.

comment:8 by testuser448, 7 years ago

It works, and the new executable is a little faster than the old one, as expected.

Can you *briefly* explain what _aligned_malloc does and why it is necessary for MinGW but not other compilers? Is MinGW's behaviour incorrect according to the C standard?

comment:9 by Hendrik, 7 years ago

All compilers need some sort of aligned allocation function, but the mingw32 variant wasnt available without some special flags.

Last edited 7 years ago by Hendrik (previous) (diff)

comment:10 by testuser448, 7 years ago

Thanks.

Note: See TracTickets for help on using tickets.