Opened 7 years ago
Closed 7 years ago
#6861 closed defect (wontfix)
ABI broken by "add vector_dmac_scalar()"
| Reported by: | Carl Eugen Hoyos | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avutil |
| Version: | 3.4 | Keywords: | crash regression |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882598
Crash on decoding AC-3 when updating (only) libavutil since 4dc2dd80dc78f4abb19052682bfb68d64a7a96d6
$ ffmpeg -f lavfi -i sine=d=1 test.ac3
(gdb) r -i test.ac3 -f null -
Starting program: ffmpeg_g -i test.ac3 -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-85441-g9cd44e6 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.7 (SUSE Linux)
configuration: --enable-shared
libavutil 55. 60.100 / 55. 78.100
libavcodec 57. 92.100 / 57. 92.100
libavformat 57. 72.100 / 57. 72.100
libavdevice 57. 7.100 / 57. 7.100
libavfilter 6. 84.101 / 6. 84.101
libswscale 4. 7.100 / 4. 7.100
libswresample 2. 8.100 / 2. 8.100
[ac3 @ 0x63a3c0] Estimating duration from bitrate, this may be inaccurate
Input #0, ac3, from 'test.ac3':
Duration: 00:00:01.01, start: 0.000000, bitrate: 96 kb/s
Stream #0:0: Audio: ac3, 44100 Hz, mono, fltp, 96 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (ac3 (native) -> pcm_s16le (native))
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff55553b3 in ff_vector_dmul_scalar_avx () from libavutil/libavutil.so.55
(gdb) bt
#0 0x00007ffff55553b3 in ff_vector_dmul_scalar_avx () from libavutil/libavutil.so.55
#1 0x00007ffff5d70b75 in do_imdct (channels=1, s=0x64b1c0) at libavcodec/ac3dec.c:713
#2 decode_audio_block (s=s@entry=0x64b1c0, blk=6675712, blk@entry=0) at libavcodec/ac3dec.c:1449
#3 0x00007ffff5d722bb in ac3_decode_frame (avctx=<optimized out>, data=<optimized out>,
got_frame_ptr=0x7fffffffd23c, avpkt=<optimized out>) at libavcodec/ac3dec.c:1610
#4 0x00007ffff5e1a14a in avcodec_decode_audio4 (avctx=avctx@entry=0x63c940, frame=0x66a000,
got_frame_ptr=got_frame_ptr@entry=0x7fffffffd23c, avpkt=avpkt@entry=0x7fffffffd730)
at libavcodec/decode.c:531
#5 0x00007ffff5e1aae8 in do_decode (avctx=avctx@entry=0x63c940, pkt=pkt@entry=0x7fffffffd730)
at libavcodec/decode.c:229
#6 0x00007ffff5e1aef1 in avcodec_send_packet (avctx=avctx@entry=0x63c940, avpkt=<optimized out>,
avpkt@entry=0x7fffffffd730) at libavcodec/decode.c:319
#7 0x0000000000425e2a in decode (pkt=0x7fffffffd730, got_frame=0x7fffffffd428, frame=0x66b300, avctx=0x63c940)
at ffmpeg.c:2254
#8 decode_audio (ist=ist@entry=0x63daa0, pkt=0x7fffffffd730, got_output=got_output@entry=0x7fffffffd428,
decode_failed=decode_failed@entry=0x7fffffffd42c) at ffmpeg.c:2311
#9 0x0000000000429230 in process_input_packet (no_eof=0, pkt=0x7fffffffd6d0, ist=0x63daa0) at ffmpeg.c:2629
#10 process_input (file_index=6544040) at ffmpeg.c:4390
#11 transcode_step () at ffmpeg.c:4501
#12 transcode () at ffmpeg.c:4555
#13 0x0000000000409e62 in main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:4760
(gdb) disass $pc-19,$pc+32
Dump of assembler code from 0x7ffff55553a0 to 0x7ffff55553d3:
0x00007ffff55553a0 <ff_vector_dmul_scalar_avx+0>: vmovlhps %xmm0,%xmm0,%xmm0
0x00007ffff55553a4 <ff_vector_dmul_scalar_avx+4>: vinsertf128 $0x1,%xmm0,%ymm0,%ymm0
0x00007ffff55553aa <ff_vector_dmul_scalar_avx+10>: lea -0x40(,%edx,8),%rdx
=> 0x00007ffff55553b3 <ff_vector_dmul_scalar_avx+19>: vmulpd (%rsi,%rdx,1),%ymm0,%ymm1
0x00007ffff55553b8 <ff_vector_dmul_scalar_avx+24>: vmulpd 0x20(%rsi,%rdx,1),%ymm0,%ymm2
0x00007ffff55553be <ff_vector_dmul_scalar_avx+30>: vmovaps %ymm1,(%rdi,%rdx,1)
0x00007ffff55553c3 <ff_vector_dmul_scalar_avx+35>: vmovaps %ymm2,0x20(%rdi,%rdx,1)
0x00007ffff55553c9 <ff_vector_dmul_scalar_avx+41>: sub $0x40,%rdx
0x00007ffff55553cd <ff_vector_dmul_scalar_avx+45>: jge 0x7ffff55553b3 <ff_vector_dmul_scalar_avx+19>
0x00007ffff55553cf <ff_vector_dmul_scalar_avx+47>: vzeroupper
0x00007ffff55553d2 <ff_vector_dmul_scalar_avx+50>: retq
End of assembler dump.
(gdb) info all-register
rax 0x66a2a0 6726304
rbx 0x65e300 6677248
rcx 0x65dd00 6675712
rdx 0x32f07c0 53413824
rsi 0x65c100 6668544
rdi 0x66b760 6731616
rbp 0x65e100 0x65e100
rsp 0x7fffffffce48 0x7fffffffce48
r8 0x80 128
r9 0x65c100 6668544
r10 0x66a980 6728064
r11 0x66afa0 6729632
r12 0x64b5c0 6600128
r13 0x0 0
r14 0x64b1c0 6599104
r15 0x1 1
rip 0x7ffff55553b3 0x7ffff55553b3 <ff_vector_dmul_scalar_avx+19>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0.010737659167264571302894782083015013 (raw 0x3ff8afed01bd6030746e)
st7 0.99994234967602390229575448632459711 (raw 0x3ffefffc38c9be717754)
fctrl 0x37f 895
fstat 0x220 544
ftag 0xffff 65535
fiseg 0x7fff 32767
fioff 0xf50234a7 -184404825
foseg 0x7fff 32767
fooff 0xffffcba8 -13400
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
ymm0 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x90, 0x81, 0x38, 0x0, 0x0, 0x96, 0x35, 0x0, 0x90, 0x81, 0x38, 0x0, 0x0, 0x96, 0x35, 0x0,
0x90, 0x81, 0x38, 0x0, 0x0, 0x96, 0x35, 0x0, 0x90, 0x81, 0x38, 0x0, 0x0, 0x96, 0x35}, v16_int16 = {0x9000,
0x3881, 0x0, 0x3596, 0x9000, 0x3881, 0x0, 0x3596, 0x9000, 0x3881, 0x0, 0x3596, 0x9000, 0x3881, 0x0, 0x3596},
v8_int32 = {0x38819000, 0x35960000, 0x38819000, 0x35960000, 0x38819000, 0x35960000, 0x38819000, 0x35960000},
v4_int64 = {0x3596000038819000, 0x3596000038819000, 0x3596000038819000, 0x3596000038819000}, v2_int128 = {
0x35960000388190003596000038819000, 0x35960000388190003596000038819000}}
ymm1 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xae, 0x44, 0xf5, 0x3b, 0x90, 0x33, 0xbe, 0x3c, 0xf6, 0x8a, 0x1d, 0x3d, 0xd4, 0x9c, 0x59, 0x3d,
0x0 <repeats 16 times>}, v16_int16 = {0x44ae, 0x3bf5, 0x3390, 0x3cbe, 0x8af6, 0x3d1d, 0x9cd4, 0x3d59, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x3bf544ae, 0x3cbe3390, 0x3d1d8af6, 0x3d599cd4, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x3cbe33903bf544ae, 0x3d599cd43d1d8af6, 0x0, 0x0}, v2_int128 = {
0x3d599cd43d1d8af63cbe33903bf544ae, 0x00000000000000000000000000000000}}
ymm2 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xd4, 0xeb, 0xdb, 0x39, 0x3b, 0x7d, 0x81, 0x3c, 0xb6, 0x9d, 0xfe, 0x3c, 0x54, 0x10, 0x3c, 0x3d,
0x0 <repeats 16 times>}, v16_int16 = {0xebd4, 0x39db, 0x7d3b, 0x3c81, 0x9db6, 0x3cfe, 0x1054, 0x3d3c, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x39dbebd4, 0x3c817d3b, 0x3cfe9db6, 0x3d3c1054, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x3c817d3b39dbebd4, 0x3d3c10543cfe9db6, 0x0, 0x0}, v2_int128 = {
0x3d3c10543cfe9db63c817d3b39dbebd4, 0x00000000000000000000000000000000}}
ymm3 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0xc0, 0xb9, 0x36, 0x0, 0x0, 0xcc, 0x36, 0x0, 0x48, 0x8, 0xb8, 0x0, 0xfc, 0x10, 0x38,
0x0 <repeats 16 times>}, v16_int16 = {0xc000, 0x36b9, 0x0, 0x36cc, 0x4800, 0xb808, 0xfc00, 0x3810, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x36b9c000, 0x36cc0000, 0xb8084800, 0x3810fc00, 0x0, 0x0, 0x0,
0x0}, v4_int64 = {0x36cc000036b9c000, 0x3810fc00b8084800, 0x0, 0x0}, v2_int128 = {
0x3810fc00b808480036cc000036b9c000, 0x00000000000000000000000000000000}}
ymm4 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xb6, 0x9d, 0xfe, 0x3c, 0xf6, 0x8a, 0x1d, 0x3d, 0x54, 0x10, 0x3c, 0x3d, 0xd4, 0x9c, 0x59, 0x3d,
0x0 <repeats 16 times>}, v16_int16 = {0x9db6, 0x3cfe, 0x8af6, 0x3d1d, 0x1054, 0x3d3c, 0x9cd4, 0x3d59, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x3cfe9db6, 0x3d1d8af6, 0x3d3c1054, 0x3d599cd4, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x3d1d8af63cfe9db6, 0x3d599cd43d3c1054, 0x0, 0x0}, v2_int128 = {
0x3d599cd43d3c10543d1d8af63cfe9db6, 0x00000000000000000000000000000000}}
ymm5 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x64, 0x1c, 0x38, 0x0, 0x48, 0x8, 0xb8, 0x0, 0x18, 0x1, 0x38, 0x0, 0xfc, 0x10, 0x38,
0x0 <repeats 16 times>}, v16_int16 = {0x6400, 0x381c, 0x4800, 0xb808, 0x1800, 0x3801, 0xfc00, 0x3810, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x381c6400, 0xb8084800, 0x38011800, 0x3810fc00, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0xb8084800381c6400, 0x3810fc0038011800, 0x0, 0x0}, v2_int128 = {
0x3810fc0038011800b8084800381c6400, 0x00000000000000000000000000000000}}
ymm6 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xd4, 0xeb, 0xdb, 0x39, 0xae, 0x44, 0xf5, 0x3b, 0x3b, 0x7d, 0x81, 0x3c, 0x90, 0x33, 0xbe, 0x3c,
0x0 <repeats 16 times>}, v16_int16 = {0xebd4, 0x39db, 0x44ae, 0x3bf5, 0x7d3b, 0x3c81, 0x3390, 0x3cbe, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x39dbebd4, 0x3bf544ae, 0x3c817d3b, 0x3cbe3390, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0x3bf544ae39dbebd4, 0x3cbe33903c817d3b, 0x0, 0x0}, v2_int128 = {
0x3cbe33903c817d3b3bf544ae39dbebd4, 0x00000000000000000000000000000000}}
ymm7 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x90, 0x81, 0x38, 0x0, 0xc0, 0xb9, 0x36, 0x0, 0x0, 0x96, 0x35, 0x0, 0x0, 0xcc, 0x36,
0x0 <repeats 16 times>}, v16_int16 = {0x9000, 0x3881, 0xc000, 0x36b9, 0x0, 0x3596, 0x0, 0x36cc, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x38819000, 0x36b9c000, 0x35960000, 0x36cc0000, 0x0, 0x0, 0x0,
0x0}, v4_int64 = {0x36b9c00038819000, 0x36cc000035960000, 0x0, 0x0}, v2_int128 = {
0x36cc00003596000036b9c00038819000, 0x00000000000000000000000000000000}}
ymm8 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0 <repeats 24 times>}, v16_int16 = {0x0, 0x0, 0x0,
0x8000, 0x0 <repeats 12 times>}, v8_int32 = {0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {
0x8000000000000000, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000008000000000000000,
0x00000000000000000000000000000000}}
ymm9 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0 <repeats 24 times>}, v16_int16 = {0x0, 0x0, 0x0,
0x8000, 0x0 <repeats 12 times>}, v8_int32 = {0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {
0x8000000000000000, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000008000000000000000,
0x00000000000000000000000000000000}}
ymm10 {v8_float = {0xffffcfa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x16, 0x70, 0x41, 0xc6, 0x58, 0xac, 0x98, 0xb5, 0x0 <repeats 24 times>}, v16_int16 = {0x7016,
0xc641, 0xac58, 0xb598, 0x0 <repeats 12 times>}, v8_int32 = {0xc6417016, 0xb598ac58, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0}, v4_int64 = {0xb598ac58c6417016, 0x0, 0x0, 0x0}, v2_int128 = {0x0000000000000000b598ac58c6417016,
0x00000000000000000000000000000000}}
ymm11 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0, 0x0, 0x0, 0xb8, 0x76, 0x19, 0x1f, 0xb9, 0x0 <repeats 24 times>}, v16_int16 = {0x0, 0xb800,
0x1976, 0xb91f, 0x0 <repeats 12 times>}, v8_int32 = {0xb8000000, 0xb91f1976, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0xb91f1976b8000000, 0x0, 0x0, 0x0}, v2_int128 = {0x0000000000000000b91f1976b8000000,
0x00000000000000000000000000000000}}
ymm12 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm13 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000,
0x00000000000000000000000000000000}}
ymm14 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xa0, 0x83, 0x47, 0x3, 0x1d, 0x3c, 0x8a, 0xb5, 0x0 <repeats 24 times>}, v16_int16 = {0x83a0,
0x347, 0x3c1d, 0xb58a, 0x0 <repeats 12 times>}, v8_int32 = {0x34783a0, 0xb58a3c1d, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb58a3c1d034783a0, 0x0, 0x0, 0x0}, v2_int128 = {0x0000000000000000b58a3c1d034783a0,
0x00000000000000000000000000000000}}
ymm15 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0xa0, 0x83, 0x47, 0x3, 0x1d, 0x3c, 0xaa, 0xb5, 0x0 <repeats 24 times>}, v16_int16 = {0x83a0,
0x347, 0x3c1d, 0xb5aa, 0x0 <repeats 12 times>}, v8_int32 = {0x34783a0, 0xb5aa3c1d, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0}, v4_int64 = {0xb5aa3c1d034783a0, 0x0, 0x0, 0x0}, v2_int128 = {0x0000000000000000b5aa3c1d034783a0,
0x00000000000000000000000000000000}}
Also reproducible using a 3.3 binary as in the Debian report.
Change History (4)
follow-up: 3 comment:2 by , 7 years ago
Replying to heleppkes:
Thats unfortunate, however a release has already been made with the changed ABI, so any changes now would only make it worse. And master had a major bump to resolve any ABI concerns.
It's not the first time this happened. See 3.1 and lavfi.
vector_dmac_scalar() is only available in release/3.4 fortunately, so it should be moved down to the end of the struct for 3.4.1 and the release news entry have a line about it, just like we did with 3.1.1.
The major bump doesn't really solve this for those trying to stay compatible with the 3.x ABI, which means every 3.4 user, the latest stable release.
comment:3 by , 7 years ago
Replying to jamrial:
Replying to heleppkes:
Thats unfortunate, however a release has already been made with the changed ABI, so any changes now would only make it worse. And master had a major bump to resolve any ABI concerns.
It's not the first time this happened. See 3.1 and lavfi.
vector_dmac_scalar() is only available in release/3.4 fortunately, so it should be moved down to the end of the struct for 3.4.1 and the release news entry have a line about it, just like we did with 3.1.1
Personally I think making 3.4 and 3.4.1 ABI incompatible is worse then just keeping it as-is.
Its not a user-facing ABI break, its only inter-library. A strong recommendation to always upgrade all libraries should always be present on every release.
comment:4 by , 7 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Thats unfortunate, however a release has already been made with the changed ABI, so any changes now would only make it worse. And master had a major bump to resolve any ABI concerns.
Upgrading only one library is always discouraged, and luckily float_dsp.h is not an installed header, so simply upgrading all libraries will easily resolve this.