New submission from jslav <[email protected]>:
Decoding the MPEG4 stream I encountered the issue of memory violation.
FFMPEG build without MMX/SSE support doesn't raise this exception.
Looked carefully difference in _c vs _ssse4 implementation, I found, that in
routine put_h264_chroma_mc4_c(...) has variable step value ( = 1 : stride )
while put_h264_chroma_mc4_ssse3(...) doesn't take into account last line
boundaries ( y=0 )
Unfortunately, I'm not quite aware of what this method does do.
I attach the source file and gdb output:
Starting program: s:\src\ffmpeg\Find-FFMPEG-failure\ffmpeg-0.5/ffplay_g.exe
-lowres 1 ../run-ffmpeg/0.mp4
[New Thread 1936.0x4f0]
[New Thread 1936.0x364]
[New Thread 1936.0xda0]
[New Thread 1936.0x3ec]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1936.0x3ec]
0x005807df in put_h264_chroma_mc4_ssse3 (
dst=0x41ceddc "qqqq", 'А' <repeats 48 times>, "aaa`^^", '[' <repeats 14 time
s>, "]]]]]]]]XXXXXXXXZYXXXXXZ^^^]^^^^[[[[[[]^`aaaaaaajjjihggg\\ZSS`aaatttsqqqqnn
nmmlllihhhggggqqqq", 'А' <repeats 36 times>...,
src=0x4177ddc "qqqq", 'w' <repeats 12 times>, "ttttmmmm", 'q' <repeats 28 ti
mes>, "aaaa", '[' <repeats 20 times>, "]]]]]]]]^^^^ZZZZXXXX^^^^]]]][[[[^^^^aaaaa
aaajjjjgggg^^^^aaaattttqqqqmmmmllllggggggggqqqq", 'w' <repeats 12 times>, "ttttm
mmm", 'q' <repeats 16 times>..., stride=160, h=4, x=0, y=0)
at libavcodec/x86/dsputil_h264_template_ssse3.c:172
172 __asm__ volatile(
(gdb) bt
#0 0x005807df in put_h264_chroma_mc4_ssse3 (
dst=0x41ceddc "qqqq", 'А' <repeats 48 times>, "aaa`^^", '[' <repeats 14 time
s>, "]]]]]]]]XXXXXXXXZYXXXXXZ^^^]^^^^[[[[[[]^`aaaaaaajjjihggg\\ZSS`aaatttsqqqqnn
nmmlllihhhggggqqqq", 'А' <repeats 36 times>...,
src=0x4177ddc "qqqq", 'w' <repeats 12 times>, "ttttmmmm", 'q' <repeats 28 ti
mes>, "aaaa", '[' <repeats 20 times>, "]]]]]]]]^^^^ZZZZXXXX^^^^]]]][[[[^^^^aaaaa
aaajjjjgggg^^^^aaaattttqqqqmmmmllllggggggggqqqq", 'w' <repeats 12 times>, "ttttm
mmm", 'q' <repeats 16 times>..., stride=160, h=4, x=0, y=0)
at libavcodec/x86/dsputil_h264_template_ssse3.c:172
#1 0x0049cfa5 in mpeg_motion_lowres (s=0x3e0c680,
dest_y=<value optimized out>, dest_cb=<value optimized out>,
dest_cr=0x41d4ddc 'А' <repeats 52 times>, "\243\243\243\244\243\243\243\243\
246\246\246\245\246\246\245\243\243\243\243\243\242\242\237\237\242\242", '\237'
<repeats 17 times>, "ЮЬЬЬЮ", '\237' <repeats 12 times>, "ЭЬЬЬЪЩЩЩ\223\223\223\2
23\223\223\223\223Ю\237\241\241Ф\223\223\223ННН\216\216\216\216\216ТТТТ\223\223\
223\223Ф\225\225\225\226\226\226\226", 'А' <repeats 40 times>..., dir=0,
ref_picture=0x3e0c778, pix_op=0x3e0d6e0) at libavcodec/mpegvideo.c:1490
#2 MPV_motion_lowres (s=0x3e0c680, dest_y=<value optimized out>,
dest_cb=<value optimized out>,
dest_cr=0x41d4ddc 'А' <repeats 52 times>, "\243\243\243\244\243\243\243\243\
246\246\246\245\246\246\245\243\243\243\243\243\242\242\237\237\242\242", '\237'
<repeats 17 times>, "ЮЬЬЬЮ", '\237' <repeats 12 times>, "ЭЬЬЬЪЩЩЩ\223\223\223\2
23\223\223\223\223Ю\237\241\241Ф\223\223\223ННН\216\216\216\216\216ТТТТ\223\223\
223\223Ф\225\225\225\226\226\226\226", 'А' <repeats 40 times>..., dir=0,
ref_picture=0x3e0c778, pix_op=0x3e0d6e0) at libavcodec/mpegvideo.c:1572
#3 0x004b03bf in MPV_decode_mb_internal (s=0x3e0c680, block=0x4157400)
at libavcodec/mpegvideo.c:1839
#4 MPV_decode_mb (s=0x3e0c680, block=0x4157400)
at libavcodec/mpegvideo.c:1990
#5 0x005d8396 in decode_slice (s=0x3e0c680) at libavcodec/h263dec.c:252
#6 0x005d930f in ff_h263_decode_frame (avctx=0x3b9fc90, data=0x3e6af30,
data_size=0x40aff04, buf=0x37744b0 "", buf_size=2888)
at libavcodec/h263dec.c:647
#7 0x004906b3 in avcodec_decode_video (avctx=0x3b9fc90, picture=0x3e6af30,
got_picture_ptr=0x40aff04, buf=0x37744b0 "", buf_size=2888)
at libavcodec/utils.c:529
#8 0x00403d05 in video_thread (arg=0x3ab0f90) at ffplay.c:1372
#9 0x68109af1 in SDL_RunThread (data=0x3e1aff0)
at ./src/thread/SDL_thread.c:204
#10 0x68132e59 in RunThread (data=0x3e42ff8)
at ./src/thread/win32/SDL_systhread.c:74
#11 0x77c3a3b0 in msvcrt!_endthreadex () from C:\WINDOWS\system32\msvcrt.dll
#12 0x7c80b713 in KERNEL32!GetModuleFileNameA ()
from C:\WINDOWS\system32\kernel32.dll
#13 0x00000000 in ?? ()
(gdb) info all-registers
eax 0xa0 160
ecx 0x4177fbc 68648892
edx 0x41cef1c 69005084
ebx 0x2 2
esp 0x40afba0 0x40afba0
ebp 0x0 0x0
esi 0x0 0
edi 0x8 8
eip 0x5807df 0x5807df <put_h264_chroma_mc4_ssse3+83>
eflags 0x210202 [ IF RF ID ]
cs 0x1b 27
ss 0x23 35
ds 0x23 35
es 0x23 35
fs 0x3b 59
gs 0x0 0
st0 -nan(0x7771717171717171) (raw 0xffff7771717171717171)
st1 -nan(0x071717171) (raw 0xffff0000000071717171)
st2 -nan(0x1c601c601c601c60) (raw 0xffff1c601c601c601c60)
st3 -nan(0x7171717171717171) (raw 0xffff7171717171717171)
st4 -nan(0x7771717171717171) (raw 0xffff7771717171717171)
st5 -nan(0x20002000200020) (raw 0xffff0020002000200020)
st6 -inf (raw 0xffff0000000000000000)
st7 -nan(0x40004000400040) (raw 0xffff0040004000400040)
fctrl 0xffff027f -64897
fstat 0xffff0000 -65536
ftag 0xffffaaaa -21846
fiseg 0x1b 27
fioff 0x403fc4 4210628
foseg 0xffff0023 -65501
fooff 0x0 0
fop 0x5d8 1496
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x25,
0x25, 0x25, 0x25, 0x25, 0x25, 0x25}, v8_int16 = {0x3434, 0x3434, 0x3434,
0x3434, 0x2534, 0x2525, 0x2525, 0x2525}, v4_int32 = {0x34343434,
0x34343434, 0x25252534, 0x25252525}, v2_int64 = {0x3434343434343434,
0x2525252525252534}, uint128 = 0x25252525252525343434343434343434}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x34, 0x34, 0x34, 0x34, 0x30, 0x25, 0x25, 0x25, 0x34, 0x34,
0x34, 0x34, 0x30, 0x25, 0x25, 0x25}, v8_int16 = {0x3434, 0x3434, 0x2530,
0x2525, 0x3434, 0x3434, 0x2530, 0x2525}, v4_int32 = {0x34343434,
0x25252530, 0x34343434, 0x25252530}, v2_int64 = {0x2525253034343434,
0x2525253034343434}, uint128 = 0x25252530343434342525253034343434}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0xa0, 0x6, 0xa0, 0x6, 0xa0, 0x6, 0xa0, 0x6, 0x28, 0x6, 0xc0,
0x4, 0xc0, 0x4, 0xc0, 0x4}, v8_int16 = {0x6a0, 0x6a0, 0x6a0, 0x6a0,
0x628, 0x4c0, 0x4c0, 0x4c0}, v4_int32 = {0x6a006a0, 0x6a006a0, 0x4c00628,
0x4c004c0}, v2_int64 = {0x6a006a006a006a0, 0x4c004c004c00628},
uint128 = 0x04c004c004c0062806a006a006a006a0}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x34, 0x0, 0x34, 0x0, 0x34, 0x0, 0x34, 0x0, 0x30, 0x0, 0x25,
0x0, 0x25, 0x0, 0x25, 0x0}, v8_int16 = {0x34, 0x34, 0x34, 0x34, 0x30,
0x25, 0x25, 0x25}, v4_int32 = {0x340034, 0x340034, 0x250030, 0x250025},
v2_int64 = {0x34003400340034, 0x25002500250030},
uint128 = 0x00250025002500300034003400340034}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x34, 0x25,
0x25, 0x25, 0x25, 0x25, 0x25, 0x25}, v8_int16 = {0x3434, 0x3434, 0x3434,
0x3434, 0x2534, 0x2525, 0x2525, 0x2525}, v4_int32 = {0x34343434,
0x34343434, 0x25252534, 0x25252525}, v2_int64 = {0x3434343434343434,
0x2525252525252534}, uint128 = 0x25252525252525343434343434343434}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x20, 0x0, 0x20, 0x0, 0x20, 0x0, 0x20, 0x0, 0x20, 0x0, 0x20,
0x0, 0x20, 0x0, 0x20, 0x0}, v8_int16 = {0x20, 0x20, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20}, v4_int32 = {0x200020, 0x200020, 0x200020, 0x200020},
v2_int64 = {0x20002000200020, 0x20002000200020},
uint128 = 0x00200020002000200020002000200020}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18,
0x8, 0x18, 0x8, 0x18, 0x8}, v8_int16 = {0x818, 0x818, 0x818, 0x818,
0x818, 0x818, 0x818, 0x818}, v4_int32 = {0x8180818, 0x8180818, 0x8180818,
0x8180818}, v2_int64 = {0x818081808180818, 0x818081808180818},
uint128 = 0x08180818081808180818081808180818}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18, 0x8, 0x18,
0x8, 0x18, 0x8, 0x18, 0x8}, v8_int16 = {0x818, 0x818, 0x818, 0x818,
0x818, 0x818, 0x818, 0x818}, v4_int32 = {0x8180818, 0x8180818, 0x8180818,
0x8180818}, v2_int64 = {0x818081808180818, 0x818081808180818},
uint128 = 0x08180818081808180818081808180818}
mxcsr 0x1f80 [ IM DM ZM OM UM PM ]
mm0 {uint64 = 0x7771717171717171, v2_int32 = {0x71717171,
0x77717171}, v4_int16 = {0x7171, 0x7171, 0x7171, 0x7771}, v8_int8 = {
0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x77}}
mm1 {uint64 = 0x71717171, v2_int32 = {0x71717171, 0x0},
v4_int16 = {0x7171, 0x7171, 0x0, 0x0}, v8_int8 = {0x71, 0x71, 0x71, 0x71,
0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x1c601c601c601c60, v2_int32 = {0x1c601c60,
0x1c601c60}, v4_int16 = {0x1c60, 0x1c60, 0x1c60, 0x1c60}, v8_int8 = {
0x60, 0x1c, 0x60, 0x1c, 0x60, 0x1c, 0x60, 0x1c}}
mm3 {uint64 = 0x7171717171717171, v2_int32 = {0x71717171,
0x71717171}, v4_int16 = {0x7171, 0x7171, 0x7171, 0x7171}, v8_int8 = {
0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x71}}
mm4 {uint64 = 0x7771717171717171, v2_int32 = {0x71717171,
0x77717171}, v4_int16 = {0x7171, 0x7171, 0x7171, 0x7771}, v8_int8 = {
0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x71, 0x77}}
mm5 {uint64 = 0x20002000200020, v2_int32 = {0x200020, 0x200020},
v4_int16 = {0x20, 0x20, 0x20, 0x20}, v8_int8 = {0x20, 0x0, 0x20, 0x0, 0x20,
0x0, 0x20, 0x0}}
mm6 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm7 {uint64 = 0x40004000400040, v2_int32 = {0x400040, 0x400040},
v4_int16 = {0x40, 0x40, 0x40, 0x40}, v8_int8 = {0x40, 0x0, 0x40, 0x0, 0x40,
0x0, 0x40, 0x0}}
File '0.mp4' not attached - you can download it from
https://roundup.ffmpeg.org/file1025.
----------
files: 0.mp4
messages: 11608
priority: normal
status: new
substatus: new
title: MPEG4 decoding in -lowres 1 mode SIGSEGV
type: bug
________________________________________________
FFmpeg issue tracker <[email protected]>
<https://roundup.ffmpeg.org/issue2155>
________________________________________________
