Context Navigation

#40 closed defect (fixed)

ffplay crashes for svq1 samples with avfilter enabled

Reported by:	Carl Eugen Hoyos	Owned by:	Michael Niedermayer
Priority:	normal	Component:	ffplay
Version:	git	Keywords:
Cc:		Blocked By:
Blocking:		Reproduced by developer:	no
Analyzed by developer:	no

Description

Does not crash with --disable-avfilter

(gdb) r -an fate-suite/svq1/marymary-shackles.mov
FFplay version git-N-28882-g4d1d6f7, Copyright (c) 2003-2011 the FFmpeg developers
  built on Apr  5 2011 11:12:06 with gcc 4.5.2
  configuration: --cc=/usr/local/gcc-4.5.2/bin/gcc --enable-gpl
  libavutil    50. 40. 0 / 50. 40. 0
  libavcodec   52.117. 0 / 52.117. 0
  libavformat  52.105. 0 / 52.105. 0
  libavdevice  52.  4. 0 / 52.  4. 0
  libavfilter   1. 77. 0 /  1. 77. 0
  libswscale    0. 13. 0 /  0. 13. 0
[New Thread 0x7ffff54c4910 (LWP 13633)]
[New Thread 0x7ffff4bf5910 (LWP 13634)]
[mov,mp4,m4a,3gp,3g2,mj2 @ 0x12966b0] max_analyze_duration reached
Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'fate-suite/svq1/marymary-shackles.mov':
  Metadata:
    creation_time   : 2000-04-10 18:23:06
  Duration: 00:00:31.00, start: 0.000000, bitrate: 484 kb/s
    Stream #0.0(eng): Video: svq1, yuv410p, 160x120, 307 kb/s, 15 fps, 15 tbr, 600 tbn, 600 tbc
    Metadata:
      creation_time   : 2000-04-10 18:23:06
    Stream #0.1(eng): Audio: pcm_u8, 22050 Hz, 1 channels, u8, 176 kb/s
    Metadata:
      creation_time   : 2000-04-10 18:23:06
[New Thread 0x7ffff43f4910 (LWP 13635)]
[New Thread 0x7ffff3bf3910 (LWP 13636)]
[ffsink @ 0x129e790] auto-inserting filter 'auto-inserted scaler 0' between the filter 'src' and the filter 'out'
[scale @ 0x129ea80] w:160 h:120 fmt:yuv410p -> w:160 h:120 fmt:yuv420p flags:0x4
1301995985.87 A-V:  0.000 s:0.0 aq=    0KB vq=    1KB sq=    0B f=0/0
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff43f4910 (LWP 13635)]
0x00000000007be9ba in put_pixels16_sse2 (block=0x133f4c4 "qqsssqrstttttttt", pixels=0x1350584 "qqsssqrstttttttt", line_size=64, h=16) at libavcodec/x86/dsputil_mmx.c:452
452         __asm__ volatile(
(gdb) bt
#0  0x00000000007be9ba in put_pixels16_sse2 (block=0x133f4c4 "qqsssqrstttttttt", pixels=0x1350584 "qqsssqrstttttttt", line_size=64, h=16) at libavcodec/x86/dsputil_mmx.c:452
#1  0x000000000072f803 in svq1_motion_inter_block (y=16, x=32, motion=0x129a340, pitch=64, previous=0x1350164 "ssx}\177\201\177~~~~~~~~~", '{' <repeats 16 times>, "xz{||}||~~~~~~~~", current=0x133f4c4 "qqsssqrstttttttt",
    bitbuf=0x12b2118, s=0x12ae540) at libavcodec/svq1dec.c:391
#2  svq1_decode_delta_block (y=16, x=32, motion=0x129a340, pitch=64, previous=0x1350164 "ssx}\177\201\177~~~~~~~~~", '{' <repeats 16 times>, "xz{||}||~~~~~~~~", current=0x133f4c4 "qqsssqrstttttttt", bitbuf=0x12b2118, s=0x12ae540)
    at libavcodec/svq1dec.c:511
#3  svq1_decode_frame (y=16, x=32, motion=0x129a340, pitch=64, previous=0x1350164 "ssx}\177\201\177~~~~~~~~~", '{' <repeats 16 times>, "xz{||}||~~~~~~~~", current=0x133f4c4 "qqsssqrstttttttt", bitbuf=0x12b2118, s=0x12ae540)
    at libavcodec/svq1dec.c:745
#4  0x000000000074cd68 in avcodec_decode_video2 (avctx=0x125a340, picture=0x129a1d0, got_picture_ptr=0x7ffff43f3e2c, avpkt=0x7ffff43f3de0) at libavcodec/utils.c:708
#5  0x0000000000407e01 in get_video_frame (pkt=0x7ffff43f3de0, pts=<value optimized out>, frame=0x129a1d0, is=0x7ffff4bf6010) at ffplay.c:1543
#6  input_request_frame (pkt=0x7ffff43f3de0, pts=<value optimized out>, frame=0x129a1d0, is=0x7ffff4bf6010) at ffplay.c:1689
#7  0x0000000000413ca0 in avfilter_request_frame (link=<value optimized out>) at libavfilter/avfilter.c:369
#8  0x000000000040e3c0 in get_filtered_video_frame (ctx=0x129e790, frame=0x129b910, picref_ptr=0x7ffff43f4070, tb=0x7ffff43f4060) at cmdutils.c:818
#9  0x0000000000408f3e in video_thread (arg=0x7ffff4bf6010) at ffplay.c:1832
#10 0x00007ffff6ff03b5 in ?? () from /usr/lib64/libSDL-1.2.so.0
#11 0x00007ffff7033539 in ?? () from /usr/lib64/libSDL-1.2.so.0
#12 0x00007ffff6dc665d in start_thread () from /lib64/libpthread.so.0
#13 0x00007ffff6b35ecd in clone () from /lib64/libc.so.6
#14 0x0000000000000000 in ?? ()
(gdb) disass $pc-26 $pc+32
Dump of assembler code from 0x7be9a0 to 0x7be9da:
0x00000000007be9a0 <put_pixels16_sse2+0>:       movslq %edx,%rdx
0x00000000007be9a3 <put_pixels16_sse2+3>:       lea    (%rdx,%rdx,2),%rax
0x00000000007be9a7 <put_pixels16_sse2+7>:       movdqu (%rsi),%xmm0
0x00000000007be9ab <put_pixels16_sse2+11>:      movdqu (%rsi,%rdx,1),%xmm1
0x00000000007be9b0 <put_pixels16_sse2+16>:      movdqu (%rsi,%rdx,2),%xmm2
0x00000000007be9b5 <put_pixels16_sse2+21>:      movdqu (%rsi,%rax,1),%xmm3
0x00000000007be9ba <put_pixels16_sse2+26>:      movdqa %xmm0,(%rdi)
0x00000000007be9be <put_pixels16_sse2+30>:      movdqa %xmm1,(%rdi,%rdx,1)
0x00000000007be9c3 <put_pixels16_sse2+35>:      movdqa %xmm2,(%rdi,%rdx,2)
0x00000000007be9c8 <put_pixels16_sse2+40>:      movdqa %xmm3,(%rdi,%rax,1)
0x00000000007be9cd <put_pixels16_sse2+45>:      sub    $0x4,%ecx
0x00000000007be9d0 <put_pixels16_sse2+48>:      lea    (%rsi,%rdx,4),%rsi
0x00000000007be9d4 <put_pixels16_sse2+52>:      lea    (%rdi,%rdx,4),%rdi
0x00000000007be9d8 <put_pixels16_sse2+56>:      jne    0x7be9a7 <put_pixels16_sse2+7>
End of assembler dump.
(gdb) info all-registers
rax            0xc0     192
rbx            0x20     32
rcx            0x10     16
rdx            0x40     64
rsi            0x1350584        20252036
rdi            0x133f4c4        20182212
rbp            0x12ae540        0x12ae540
rsp            0x7ffff43f3ba8   0x7ffff43f3ba8
r8             0x0      0
r9             0x12c7fe0        19693536
r10            0x129a340        19505984
r11            0x10ea520        17736992
r12            0x129a340        19505984
r13            0x40     64
r14            0x12b2118        19603736
r15            0x12b2128        19603752
rip            0x7be9ba 0x7be9ba <put_pixels16_sse2+26>
eflags         0x10206  [ PF IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
st0            -nan(0x7574706a65636567) (raw 0xffff7574706a65636567)
st1            -nan(0x7500740070006a)   (raw 0xffff007500740070006a)
st2            -nan(0x62006400660068)   (raw 0xffff0062006400660068)
st3            -nan(0x740071006c0066)   (raw 0xffff00740071006c0066)
st4            -nan(0xc800c600ca00ce)   (raw 0xffff00c800c600ca00ce)
st5            -nan(0xe700e500dd00d2)   (raw 0xffff00e700e500dd00d2)
st6            -nan(0x2000200020002)    (raw 0xffff0002000200020002)
st7            -inf     (raw 0xffff0000000000000000)
fctrl          0x37f    895
fstat          0x0      0
ftag           0xaaaa   43690
fiseg          0x0      0
fioff          0x0      0
foseg          0x0      0
fooff          0x0      0
fop            0x0      0
xmm0           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x71, 0x71, 0x73, 0x73, 0x73, 0x71, 0x72, 0x73, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74}, v8_int16 = {0x7171,
    0x7373, 0x7173, 0x7372, 0x7474, 0x7474, 0x7474, 0x7474}, v4_int32 = {0x73737171, 0x73727173, 0x74747474, 0x74747474}, v2_int64 = {0x7372717373737171, 0x7474747474747474}, uint128 = 0x74747474747474747372717373737171}
xmm1           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x71, 0x73, 0x73, 0x73, 0x73, 0x71, 0x71, 0x73, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74}, v8_int16 = {0x7371,
    0x7373, 0x7173, 0x7371, 0x7474, 0x7474, 0x7474, 0x7474}, v4_int32 = {0x73737371, 0x73717173, 0x74747474, 0x74747474}, v2_int64 = {0x7371717373737371, 0x7474747474747474}, uint128 = 0x74747474747474747371717373737371}
xmm2           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x73, 0x73, 0x72, 0x71, 0x71, 0x70, 0x71, 0x73, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74}, v8_int16 = {0x7373,
    0x7172, 0x7071, 0x7371, 0x7474, 0x7474, 0x7474, 0x7474}, v4_int32 = {0x71727373, 0x73717071, 0x74747474, 0x74747474}, v2_int64 = {0x7371707171727373, 0x7474747474747474}, uint128 = 0x74747474747474747371707171727373}
xmm3           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x75, 0x74, 0x72, 0x70, 0x6f, 0x6f, 0x70, 0x72, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74, 0x74}, v8_int16 = {0x7475,
    0x7072, 0x6f6f, 0x7270, 0x7474, 0x7474, 0x7474, 0x7474}, v4_int32 = {0x70727475, 0x72706f6f, 0x74747474, 0x74747474}, v2_int64 = {0x72706f6f70727475, 0x7474747474747474}, uint128 = 0x747474747474747472706f6f70727475}
xmm4           {v4_float = {0x2b020000, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xfc, 0xa9, 0xf1, 0xd2, 0x4d, 0x62, 0x40, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xa9fc, 0xd2f1, 0x624d, 0x3f40, 0x0, 0x0,
    0x0, 0x0}, v4_int32 = {0xd2f1a9fc, 0x3f40624d, 0x0, 0x0}, v2_int64 = {0x3f40624dd2f1a9fc, 0x0}, uint128 = 0x00000000000000003f40624dd2f1a9fc}
xmm5           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm6           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm7           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm8           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm9           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm10          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm11          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm12          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
---Type <return> to continue, or q <return> to quit---
  uint128 = 0x00000000000000000000000000000000}
xmm13          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm14          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
xmm15          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
  uint128 = 0x00000000000000000000000000000000}
mxcsr          0x1fa0   [ PE IM DM ZM OM UM PM ]

Change History (1)

comment:1 by Michael Niedermayer, 14 years ago

Resolution:	→ fixed
Status:	new → closed

Note: See TracTickets for help on using tickets.

Download in other formats: