Context Navigation

#5055 closed defect (fixed)

maskedmerge filter crashes on 64 bit

Reported by:	nicol	Owned by:
Priority:	important	Component:	avfilter
Version:	git-master	Keywords:	crash SIGSEGV maskedmerge
Cc:		Blocked By:
Blocking:		Reproduced by developer:	yes
Analyzed by developer:	no

Description

Summary of the bug: 64bit ffmpeg/ffplay cannot mask gray format using maskedmerge filter, but 32bit ffmpeg/ffplay are no problem.

ffmpeg-20151130-git-7b11eea-win64-static\bin>ffplay -f lavfi color -vf split=3[0][1][2];[2]format=gray[2a];[0][1][2a]maskedmerge
ffplay version N-76957-g7b11eea Copyright (c) 2003-2015 the FFmpeg developers
  built with gcc 5.2.0 (GCC)
  configuration: --enable-gpl --enable-version3 --disable-w32threads --enable-avisynth --enable-bzlib --enable-fontconfig --enable-frei0r --enable-gnutls --enable-iconv --enable-libass --enable-libbluray --enable-libbs2b --enable-libcaca --enable-libdcadec --enable-libfreetype --enable-libgme --enable-libgsm --enable-libilbc --enable-libmodplug --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libtwolame --enable-libvidstab --enable-libvo-aacenc --enable-libvo-amrwbenc --enable-libvorbis --enable-libvpx --enable-libwavpack --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxavs --enable-libxvid --enable-libzimg --enable-lzma --enable-decklink --enable-zlib
  libavutil      55.  9.100 / 55.  9.100
  libavcodec     57. 16.101 / 57. 16.101
  libavformat    57. 19.100 / 57. 19.100
  libavdevice    57.  0.100 / 57.  0.100
  libavfilter     6. 17.100 /  6. 17.100
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
Input #0, lavfi, from 'color':=    0KB vq=    0KB sq=    0B f=0/0
  Duration: N/A, start: 0.000000, bitrate: N/A
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
    nan M-V:    nan fd=   0 aq=    0KB vq= 2927KB sq=    0B f=0/0

Popup Alert, cannot preview.

Change History (6)

comment:1 by Carl Eugen Hoyos, 8 years ago

Do you want to report a crash?
If I avoid the crash, I get bit-identical output for both 32- and 64-bit FFmpeg.

Generally, please do not report an issue with ffplay if it is also reproducible with ffmpeg.

follow-up: 3 comment:2 by Elon Musk, 8 years ago

I dont get any crash. Is there actually crash?
Carl, could you be more helpful?

in reply to: 2 comment:3 by Carl Eugen Hoyos, 8 years ago

Replying to richardpl:

I dont get any crash. Is there actually crash?

Do you get different output for 32 bit and 64 bit binaries? I get identical output.

Carl, could you be more helpful?

It is difficult to be helpful if it isn't explained what the issue is. Once we agree on an actual issue, I will try to be helpful.

comment:4 by nicol, 8 years ago

I am using zeranoe ffmpeg(32bit/64bit) .
http://ffmpeg.zeranoe.com/builds/win32/static/ffmpeg-20151130-git-7b11eea-win32-static.7z
http://ffmpeg.zeranoe.com/builds/win64/static/ffmpeg-20151130-git-7b11eea-win64-static.7z

I dont get any crash. Is there actually crash?

I dont know why get crash on my PC(Win10 64bit jpn) using 64bit ffmpeg.

comment:5 by Carl Eugen Hoyos, 8 years ago

Keywords:	crash SIGSEGV added
Priority:	normal → important
Reproduced by developer:	set
Status:	new → open
Summary:	64bit ffmpeg/ffplay cannot mask gray format using maskedmerge filter → maskedmerge filter crashes on 64 bit

$ valgrind ./ffmpeg_g -f lavfi -i color -vf "split=3[0][1][2];[2]format=gray[2a];[0][1][2a]maskedmerge" -f null -
==16690== Memcheck, a memory error detector
==16690== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==16690== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==16690== Command: ./ffmpeg_g -f lavfi -i color -vf split=3[0][1][2];[2]format=gray[2a];[0][1][2a]maskedmerge -f null -
==16690==
ffmpeg version N-77003-g64f7db5 Copyright (c) 2000-2015 the FFmpeg developers
  built with gcc 4.7 (SUSE Linux)
  configuration: --enable-gpl
  libavutil      55.  9.100 / 55.  9.100
  libavcodec     57. 16.101 / 57. 16.101
  libavformat    57. 19.100 / 57. 19.100
  libavdevice    57.  0.100 / 57.  0.100
  libavfilter     6. 19.100 /  6. 19.100
  libswscale      4.  0.100 /  4.  0.100
  libswresample   2.  0.101 /  2.  0.101
  libpostproc    54.  0.100 / 54.  0.100
Input #0, lavfi, from 'color':
  Duration: N/A, start: 0.000000, bitrate: N/A
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf57.19.100
    Stream #0:0: Video: wrapped_avframe, yuv420p, 320x240 [SAR 1:1 DAR 4:3], q=2-31, 200 kb/s, 25 fps, 25 tbn, 25 tbc
    Metadata:
      encoder         : Lavc57.16.101 wrapped_avframe
Stream mapping:
  Stream #0:0 -> #0:0 (rawvideo (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
==16690== Use of uninitialised value of size 8
==16690==    at 0x5720AE: ??? (vf_maskedmerge.asm:48)
==16690==
==16690== Use of uninitialised value of size 8
==16690==    at 0x5720B3: ??? (vf_maskedmerge.asm:49)
==16690==
==16690== Use of uninitialised value of size 8
==16690==    at 0x5720B8: ??? (vf_maskedmerge.asm:50)
==16690==
==16690== Use of uninitialised value of size 8
==16690==    at 0x5720EA: ??? (vf_maskedmerge.asm:62)
==16690==
==16690== Conditional jump or move depends on uninitialised value(s)
==16690==    at 0x5720F3: ??? (vf_maskedmerge.asm:64)
==16690==
==16690== Invalid read of size 8
==16690==    at 0x5720B8: ??? (vf_maskedmerge.asm:50)
==16690==  Address 0xb905a78 is 81,944 bytes inside a block of size 81,951 alloc'd
==16690==    at 0x4C290FE: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16690==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16690==    by 0x1004C09: av_malloc (mem.c:97)
==16690==    by 0xFF6627: av_buffer_alloc (buffer.c:71)
==16690==    by 0xFFE38F: get_video_buffer (frame.c:193)
==16690==    by 0x5469F8: ff_get_video_buffer (video.c:55)
==16690==    by 0x523560: filter_frame (vf_scale.c:516)
==16690==    by 0x4AE0CD: ff_filter_frame_framed (avfilter.c:1080)
==16690==    by 0x4AEEDC: ff_filter_frame (avfilter.c:1174)
==16690==    by 0x4AE0CD: ff_filter_frame_framed (avfilter.c:1080)
==16690==    by 0x4AEEDC: ff_filter_frame (avfilter.c:1174)
==16690==    by 0x52385C: filter_frame (vf_scale.c:583)
==16690==
==16690== Invalid write of size 8
==16690==    at 0x5720EA: ??? (vf_maskedmerge.asm:62)
==16690==  Address 0xb9243f8 is 81,944 bytes inside a block of size 81,951 alloc'd
==16690==    at 0x4C290FE: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16690==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16690==    by 0x1004C09: av_malloc (mem.c:97)
==16690==    by 0xFF6627: av_buffer_alloc (buffer.c:71)
==16690==    by 0xFFE38F: get_video_buffer (frame.c:193)
==16690==    by 0x5469F8: ff_get_video_buffer (video.c:55)
==16690==    by 0x505632: process_frame (vf_maskedmerge.c:84)
==16690==    by 0x56F84D: ff_framesync_process_frame (framesync.c:288)
==16690==    by 0x56FA4F: ff_framesync_filter_frame (framesync.c:309)
==16690==    by 0x4AE0CD: ff_filter_frame_framed (avfilter.c:1080)
==16690==    by 0x4AEEDC: ff_filter_frame (avfilter.c:1174)
==16690==    by 0x52385C: filter_frame (vf_scale.c:583)
==16834==
==16834== Invalid read of size 8
==16834==    at 0x5720AE: ??? (vf_maskedmerge.asm:48)
==16834==  Address 0xb7b2790 is 0 bytes after a block of size 115,232 alloc'd
==16834==    at 0x4C2ABED: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16834==    by 0x4C2AD6F: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16834==    by 0xFF6C59: av_buffer_realloc (buffer.c:176)
==16834==    by 0x6DEC6D: av_new_packet (avpacket.c:77)
==16834==    by 0x49B9E0: lavfi_read_packet (lavfi.c:434)
==16834==    by 0x692B5C: ff_read_packet (utils.c:681)
==16834==    by 0x6956A3: read_frame_internal (utils.c:1338)
==16834==    by 0x69A40D: avformat_find_stream_info (utils.c:3285)
==16834==    by 0x487660: open_input_file (ffmpeg_opt.c:970)
==16834==    by 0x481402: open_files.isra.8 (ffmpeg_opt.c:2939)
==16834==    by 0x488F80: ffmpeg_parse_options (ffmpeg_opt.c:2976)
==16834==    by 0x479AE2: main (ffmpeg.c:4273)
==16834==
==16834== Invalid read of size 8
==16834==    at 0x5720B3: ??? (vf_maskedmerge.asm:49)
==16834==  Address 0xb7b2790 is 0 bytes after a block of size 115,232 alloc'd
==16834==    at 0x4C2ABED: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16834==    by 0x4C2AD6F: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==16834==    by 0xFF6C59: av_buffer_realloc (buffer.c:176)
==16834==    by 0x6DEC6D: av_new_packet (avpacket.c:77)
==16834==    by 0x49B9E0: lavfi_read_packet (lavfi.c:434)
==16834==    by 0x692B5C: ff_read_packet (utils.c:681)
==16834==    by 0x6956A3: read_frame_internal (utils.c:1338)
==16834==    by 0x69A40D: avformat_find_stream_info (utils.c:3285)
==16834==    by 0x487660: open_input_file (ffmpeg_opt.c:970)
==16834==    by 0x481402: open_files.isra.8 (ffmpeg_opt.c:2939)
==16834==    by 0x488F80: ffmpeg_parse_options (ffmpeg_opt.c:2976)
==16834==    by 0x479AE2: main (ffmpeg.c:4273)
==16834==
==16834==
==16834== Process terminating with default action of signal 11 (SIGSEGV)
==16834==  Bad permissions for mapped region at address 0xBB18000
==16834==    at 0x5720EA: ??? (vf_maskedmerge.asm:62)

I get no useful backtrace with gdb.

comment:6 by Michael Niedermayer, 8 years ago

Resolution:	→ fixed
Status:	open → closed

Fixed in e42e0b11f1df41e034c22c71656b43f402302ab5

Note: See TracTickets for help on using tickets.

Download in other formats: