#2288: Decoding with h264_vda crashes ffplay
-------------------------------------+-------------------------------------
Reporter: gjdfgh | Owner:
Type: defect | Status: new
Priority: important | Component:
Version: git-master | undetermined
Keywords: crash | Resolution:
SIGSEGV vda regression h264 | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Comment (by pigoz):
I ran the rest of what is advised in the bugreports page you linked
(Pasted them below). Is it possible to test that the culprit is really the
h264_vda decoder and only using vda only through HWACCEL infrastructure
works?
{{{
(gdb) bt
#0 pred8x8_128_dc_8_c (_src=0x0, stride=0) at h264pred_template.c:559
#1 0x0000000100230366 in hl_decode_mb_simple_8 (h=0x101464000) at
h264_mb_template.c:161
Previous frame inner to this frame (gdb could not unwind past this frame)
Current language: auto; currently minimal
(gdb) disass $pc-32,$pc+32
Dump of assembler code for function pred8x8_128_dc_8_c:
0x00000001002a7800 <pred8x8_128_dc_8_c+0>: movl $0x80808080,(%rdi)
0x00000001002a7806 <pred8x8_128_dc_8_c+6>: movl
$0x80808080,0x4(%rdi)
0x00000001002a780d <pred8x8_128_dc_8_c+13>: movl
$0x80808080,(%rdi,%rsi,1)
0x00000001002a7814 <pred8x8_128_dc_8_c+20>: movl
$0x80808080,0x4(%rdi,%rsi,1)
0x00000001002a781c <pred8x8_128_dc_8_c+28>: movl
$0x80808080,(%rdi,%rsi,2)
0x00000001002a7823 <pred8x8_128_dc_8_c+35>: movl
$0x80808080,0x4(%rdi,%rsi,2)
0x00000001002a782b <pred8x8_128_dc_8_c+43>: lea (%rsi,%rsi,2),%rax
0x00000001002a782f <pred8x8_128_dc_8_c+47>: movl
$0x80808080,(%rdi,%rax,1)
0x00000001002a7836 <pred8x8_128_dc_8_c+54>: imul $0x7,%rsi,%rcx
0x00000001002a783a <pred8x8_128_dc_8_c+58>: lea (%rsi,%rsi,4),%rdx
0x00000001002a783e <pred8x8_128_dc_8_c+62>: movl
$0x80808080,0x4(%rdi,%rax,1)
0x00000001002a7846 <pred8x8_128_dc_8_c+70>: movl
$0x80808080,(%rdi,%rsi,4)
0x00000001002a784d <pred8x8_128_dc_8_c+77>: movl
$0x80808080,0x4(%rdi,%rsi,4)
0x00000001002a7855 <pred8x8_128_dc_8_c+85>: movl
$0x80808080,(%rdi,%rdx,1)
0x00000001002a785c <pred8x8_128_dc_8_c+92>: movl
$0x80808080,0x4(%rdi,%rdx,1)
0x00000001002a7864 <pred8x8_128_dc_8_c+100>: movl
$0x80808080,(%rdi,%rax,2)
0x00000001002a786b <pred8x8_128_dc_8_c+107>: movl
$0x80808080,0x4(%rdi,%rax,2)
0x00000001002a7873 <pred8x8_128_dc_8_c+115>: movl
$0x80808080,(%rdi,%rcx,1)
0x00000001002a787a <pred8x8_128_dc_8_c+122>: movl
$0x80808080,0x4(%rdi,%rcx,1)
0x00000001002a7882 <pred8x8_128_dc_8_c+130>: retq
End of assembler dump.
(gdb) info all-registers
rax 0x6 6
rbx 0x0 0
rcx 0x0 0
rdx 0x0 0
rsi 0x0 0
rdi 0x0 0
rbp 0x101464000 0x101464000
rsp 0x7fff5fbf8b78 0x7fff5fbf8b78
r8 0x0 0
r9 0x101464000 4316348416
r10 0x0 0
r11 0x13 19
r12 0x101464000 4316348416
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0x1002a7800 0x1002a7800 <pred8x8_128_dc_8_c>
eflags 0x10246 66118
cs 0x2b 43
ss 0x0 0
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 <invalid float value> (raw 0xffff0000000000000000)
st1 <invalid float value> (raw 0xffff0000000000000000)
st2 -nan(0x002000200) (raw 0xffff0000000002000200)
st3 -nan(0x200020002000200) (raw 0xffff0200020002000200)
st4 -nan(0x1010101010101010) (raw 0xffff1010101010101010)
st5 -9223359428144598417 (raw 0xc03dffffe9109c9e1b22)
st6 12608710177391 (raw 0x402ab77b1b0f26f00000)
st7 12608710177391 (raw 0x402ab77b1b0f26f00000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x2b 43
fioff 0x97928d2b -1752003285
foseg 0x23 35
fooff 0x5fbf5b30 1606376240
fop 0x0 0
xmm0 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm1 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm2 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm3 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm4 {
v4_float = {8.90725532e+11, 183973696, 2.4375, 0},
v2_double = {2.0460447893299908e+93, 7},
v16_int8 = {83, 79, 99, 97, 77, 47, 115, 116, 64, 28, 0, 0, 0, 0, 0, 0},
v8_int16 = {21327, 25441, 19759, 29556, 16412, 0, 0, 0},
v4_int32 = {1397711713, 1294955380, 1075576832, 0},
v2_int64 = {6003126097866093428, 4619567317775286272},
uint128 = 0x534f63614d2f7374401c000000000000
} (raw 0x0000000000001c4074732f4d61634f53)
xmm5 {
v4_float = {0, 0, 2.87462521, -5.40669532e-07},
v2_double = {0, 23.976023976023978},
v16_int8 = {0, 0, 0, 0, 0, 0, 0, 0, 64, 55, -7, -36, -75, 17, 34, -121},
v8_int16 = {0, 0, 0, 0, 16439, -1572, -19183, 8839},
v4_int32 = {0, 0, 1077410268, -1257168249},
v2_int64 = {0, 4627441868472394375},
uint128 = 9737364817122506560
} (raw 0x872211b5dcf937400000000000000000)
xmm6 {
v4_float = {-0.836791635, -5.53769217e-33, -0.836791635,
-5.53769217e-33},
v2_double = {-0.0013561197916662129, -0.0013561197916662129},
v16_int8 = {-65, 86, 55, -6, -119, -26, 6, -40, -65, 86, 55, -6, -119,
-26, 6, -40},
v8_int16 = {-16554, 14330, -30234, 1752, -16554, 14330, -30234, 1752},
v4_int32 = {-1084868614, -1981413672, -1084868614, -1981413672},
v2_int64 = {-4659475215273294120, -4659475215273294120},
uint128 = 0xbf5637fa89e606d8bf5637fa89e606d8
} (raw 0xd806e689fa3756bfd806e689fa3756bf)
xmm7 {
v4_float = {0, 0, 1.875, 0},
v2_double = {0, 1},
v16_int8 = {0, 0, 0, 0, 0, 0, 0, 0, 63, -16, 0, 0, 0, 0, 0, 0},
v8_int16 = {0, 0, 0, 0, 16368, 0, 0, 0},
v4_int32 = {0, 0, 1072693248, 0},
v2_int64 = {0, 4607182418800017408},
uint128 = 61503
} (raw 0x000000000000f03f0000000000000000)
xmm8 {
v4_float = {0, 0, 0, 7.62939453e-06},
v2_double = {0, 4.5589753321519522e-315},
v16_int8 = {0 <repeats 12 times>, 55, 0, 0, 0},
v8_int16 = {0, 0, 0, 0, 0, 0, 14080, 0},
v4_int32 = {0, 0, 0, 922746880},
v2_int64 = {0, 922746880},
uint128 = 236223201280
} (raw 0x00000037000000000000000000000000)
xmm9 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm10 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm11 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm12 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm13 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm14 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
xmm15 {
v4_float = {0, 0, 0, 0},
v2_double = {0, 0},
v16_int8 = {0 <repeats 16 times>},
v8_int16 = {0, 0, 0, 0, 0, 0, 0, 0},
v4_int32 = {0, 0, 0, 0},
v2_int64 = {0, 0},
uint128 = 0
} (raw 0x00000000000000000000000000000000)
mxcsr 0x1fa0 8096
(gdb)
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2288#comment:18>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
http://avcodec.org/mailman/listinfo/ffmpeg-trac
