[libav-bugs] [Bug 390] New: mpegvideo encoding with bframes crash

bugzilla-daemon at aruru.libav.org bugzilla-daemon at aruru.libav.org
Thu Nov 1 20:33:23 CET 2012


http://bugzilla.libav.org/show_bug.cgi?id=390

           Summary: mpegvideo encoding with bframes crash
           Product: Libav
           Version: git HEAD
          Platform: X86
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: Normal
         Component: libavcodec
        AssignedTo: bugzilla at libav.org
        ReportedBy: anton at khirnov.net


The following command crashes:
avconv -f rawvideo -pixel_format yuv420p -s 100x100 -i /dev/zero -bf 1 -c:v
mpeg4 -f null -

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffef872700 (LWP 10301)]
0x0000000000a12e89 in sad16_sse2 (v=0x0, blk2=0x16af294 "", blk1=0x16c2354 "",
stride=160, h=16) at libavcodec/x86/motion_est.c:101
101        __asm__ volatile(
(gdb) bt
#0  0x0000000000a12e89 in sad16_sse2 (v=0x0, blk2=0x16af294 "", blk1=0x16c2354
"", stride=160, h=16) at libavcodec/x86/motion_est.c:101
#1  0x00000000007fd60d in ff_mpeg4_encode_mb (s=0x156d760, block=0x165ca60,
motion_x=0, motion_y=0) at libavcodec/mpeg4videoenc.c:648
#2  0x00000000008325fc in encode_mb_internal (mb_block_count=6,
mb_block_height=8, motion_y=0, motion_x=0, s=0x156d760) at
libavcodec/mpegvideo_enc.c:2055
#3  encode_mb (motion_y=0, motion_x=0, s=0x156d760) at
libavcodec/mpegvideo_enc.c:2090
#4  encode_thread (c=0x1594d00, arg=0x156dac8) at
libavcodec/mpegvideo_enc.c:2954
#5  0x0000000000873631 in worker (v=0x1594d00) at libavcodec/pthread.c:220
#6  0x00007ffff36fcb50 in start_thread (arg=<optimized out>) at
pthread_create.c:304
#7  0x00007ffff344770d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#8  0x0000000000000000 in ?? ()
(gdb) disass
Dump of assembler code for function sad16_sse2:
   0x0000000000a12e4e <+0>:    push   %rbp
   0x0000000000a12e4f <+1>:    mov    %rsp,%rbp
   0x0000000000a12e52 <+4>:    push   %rbx
   0x0000000000a12e53 <+5>:    mov    %rdi,-0x20(%rbp)
   0x0000000000a12e57 <+9>:    mov    %rsi,-0x28(%rbp)
   0x0000000000a12e5b <+13>:    mov    %rdx,-0x30(%rbp)
   0x0000000000a12e5f <+17>:    mov    %ecx,-0x34(%rbp)
   0x0000000000a12e62 <+20>:    mov    %r8d,-0x38(%rbp)
   0x0000000000a12e66 <+24>:    mov    -0x34(%rbp),%eax
   0x0000000000a12e69 <+27>:    movslq %eax,%rsi
   0x0000000000a12e6c <+30>:    mov    -0x38(%rbp),%ecx
   0x0000000000a12e6f <+33>:    mov    -0x30(%rbp),%rdx
   0x0000000000a12e73 <+37>:    mov    -0x28(%rbp),%rax
   0x0000000000a12e77 <+41>:    pxor   %xmm2,%xmm2
   0x0000000000a12e7b <+45>:    nopl   0x0(%rax,%rax,1)
   0x0000000000a12e80 <+50>:    movdqu (%rdx),%xmm0
   0x0000000000a12e84 <+54>:    movdqu (%rdx,%rsi,1),%xmm1
=> 0x0000000000a12e89 <+59>:    psadbw (%rax),%xmm0
   0x0000000000a12e8d <+63>:    psadbw (%rax,%rsi,1),%xmm1
   0x0000000000a12e92 <+68>:    paddw  %xmm0,%xmm2
   0x0000000000a12e96 <+72>:    paddw  %xmm1,%xmm2
   0x0000000000a12e9a <+76>:    lea    (%rdx,%rsi,2),%rdx
   0x0000000000a12e9e <+80>:    lea    (%rax,%rsi,2),%rax
   0x0000000000a12ea2 <+84>:    sub    $0x2,%ecx
   0x0000000000a12ea5 <+87>:    jg     0xa12e80 <sad16_sse2+50>
   0x0000000000a12ea7 <+89>:    movhlps %xmm2,%xmm0
   0x0000000000a12eaa <+92>:    paddw  %xmm0,%xmm2
   0x0000000000a12eae <+96>:    movd   %xmm2,%ebx
   0x0000000000a12eb2 <+100>:    mov    %ecx,-0x38(%rbp)
   0x0000000000a12eb5 <+103>:    mov    %rdx,-0x30(%rbp)
   0x0000000000a12eb9 <+107>:    mov    %rax,-0x28(%rbp)
   0x0000000000a12ebd <+111>:    mov    %ebx,-0xc(%rbp)
   0x0000000000a12ec0 <+114>:    mov    -0xc(%rbp),%eax
   0x0000000000a12ec3 <+117>:    pop    %rbx
   0x0000000000a12ec4 <+118>:    pop    %rbp
   0x0000000000a12ec5 <+119>:    retq   
End of assembler dump.
(gdb) info all-registers 
rax            0x16af294    23786132
rbx            0x0    0
rcx            0x10    16
rdx            0x16c2354    23864148
rsi            0xa0    160
rdi            0x0    0
rbp            0x7fffef8655a0    0x7fffef8655a0
rsp            0x7fffef865598    0x7fffef865598
r8             0x10    16
r9             0x156db50    22469456
r10            0x156db50    22469456
r11            0x0    0
r12            0x7ffff37071a0    140737277620640
r13            0x7fffef8729c0    140737212000704
r14            0x7ffff7ffd040    140737354125376
r15            0x3    3
rip            0xa12e89    0xa12e89 <sad16_sse2+59>
eflags         0x10202    [ IF RF ]
cs             0x33    51
ss             0x2b    43
ds             0x0    0
es             0x0    0
fs             0x0    0
gs             0x0    0
st0            -inf    (raw 0xffff0000000000000000)
st1            -inf    (raw 0xffff0000000000000000)
st2            -inf    (raw 0xffff0000000000000000)
st3            -inf    (raw 0xffff0000000000000000)
st4            -inf    (raw 0xffff0000000000000000)
st5            -nan(0x1000100010001)    (raw 0xffff0001000100010001)
st6            -inf    (raw 0xffff0000000000000000)
st7            -inf    (raw 0xffff0000000000000000)
fctrl          0x37f    895
fstat          0x0    0
ftag           0xaaaa    43690
fiseg          0x0    0
fioff          0x0    0
foseg          0x0    0
fooff          0x0    0
fop            0x0    0
mxcsr          0x1fa0    [ PE IM DM ZM OM UM PM ]
ymm0           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm1           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm2           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm3           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm4           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm5           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm6           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm7           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0
<repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm8           {v8_float = {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0xffffffffffffffd2, 0x0, 0x0, 0x0}, v32_int8 = {0xe0, 0xe6, 0x35,
0x67, 0x9e, 0x6, 0x47, 0xc0, 0x0 <repeats 24 times>}, v16_int16 = {0xe6e0,
0x6735, 0x69e, 0xc047, 0x0 <repeats 12 times>}, v8_int32 = {
    0x6735e6e0, 0xc047069e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 =
{0xc047069e6735e6e0, 0x0, 0x0, 0x0}, v2_int128 =
{0x0000000000000000c047069e6735e6e0, 0x00000000000000000000000000000000}}
ymm9           {v8_float = {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x1, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f,
0x0 <repeats 24 times>}, v16_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0 <repeats 12
times>}, v8_int32 = {0x0, 0x3ff00000, 0x0, 0x0, 0x0, 0x0, 0x0, 
    0x0}, v4_int64 = {0x3ff0000000000000, 0x0, 0x0, 0x0}, v2_int128 =
{0x00000000000000003ff0000000000000, 0x00000000000000000000000000000000}}
ymm10          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x46, 0x84, 0x24, 0x59, 0xd6,
0x3e, 0x0 <repeats 24 times>}, v16_int16 = {0x0, 0x8446, 0x5924, 0x3ed6, 0x0
<repeats 12 times>}, v8_int32 = {0x84460000, 0x3ed65924, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3ed6592484460000, 0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000003ed6592484460000,
0x00000000000000000000000000000000}}
ymm11          {v8_float = {0x9689a800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x6a, 0xa2, 0x65, 0x50, 0xf2,
0xea, 0x8f, 0xbd, 0x0 <repeats 24 times>}, v16_int16 = {0xa26a, 0x5065, 0xeaf2,
0xbd8f, 0x0 <repeats 12 times>}, v8_int32 = {0x5065a26a, 0xbd8feaf2, 
    0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xbd8feaf25065a26a, 0x0, 0x0,
0x0}, v2_int128 = {0x0000000000000000bd8feaf25065a26a,
0x00000000000000000000000000000000}}
ymm12          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x29, 0xf2, 0x88, 0x6c, 0xa6, 0x49, 0xde,
0x3e, 0x0 <repeats 24 times>}, v16_int16 = {0xf229, 0x6c88, 0x49a6, 0x3ede, 0x0
<repeats 12 times>}, v8_int32 = {0x6c88f229, 0x3ede49a6, 0x0, 
    0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3ede49a66c88f229, 0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000003ede49a66c88f229,
0x00000000000000000000000000000000}}
ymm13          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xb3, 0x12, 0x58, 0x17, 0x64, 0x46, 0xe6,
0x3b, 0x0 <repeats 24 times>}, v16_int16 = {0x12b3, 0x1758, 0x4664, 0x3be6, 0x0
<repeats 12 times>}, v8_int32 = {0x175812b3, 0x3be64664, 0x0, 
    0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3be64664175812b3, 0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000003be64664175812b3,
0x00000000000000000000000000000000}}
ymm14          {v8_float = {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x2d, 0x0, 0x0, 0x0}, v32_int8 = {0xc0, 0x9, 0xf2, 0x16, 0xb5, 0xdf, 0x46,
0x40, 0x0 <repeats 24 times>}, v16_int16 = {0x9c0, 0x16f2, 0xdfb5, 0x4046, 0x0
<repeats 12 times>}, v8_int32 = {0x16f209c0, 0x4046dfb5, 0x0, 
    0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x4046dfb516f209c0, 0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000004046dfb516f209c0,
0x00000000000000000000000000000000}}
ymm15          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double
= {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x7, 0x5c, 0x14, 0x33, 0x26, 0xa6, 0x91,
0x3c, 0x0 <repeats 24 times>}, v16_int16 = {0x5c07, 0x3314, 0xa626, 0x3c91, 0x0
<repeats 12 times>}, v8_int32 = {0x33145c07, 0x3c91a626, 0x0, 
    0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3c91a62633145c07, 0x0, 0x0, 0x0},
v2_int128 = {0x00000000000000003c91a62633145c07,
0x00000000000000000000000000000000}}

-- 
Configure bugmail: http://bugzilla.libav.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.


More information about the libav-bugs mailing list