[FFmpeg-trac] #2449(undetermined:new): Segfault when using idet filter with an MPEG TS file
FFmpeg
trac at avcodec.org
Mon Apr 8 17:07:39 CEST 2013
#2449: Segfault when using idet filter with an MPEG TS file
--------------------------------------+----------------------------------
Reporter: eseifert | Type: defect
Status: new | Priority: normal
Component: undetermined | Version: 1.0.6
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
--------------------------------------+----------------------------------
Summary of the bug:
ffmpeg crashes when I try to analyze a MPEG2 TS recording from VDR using
the idet filter. Without the idet filter everything runs fine, even with
other filters like cropdetect.
How to reproduce:
{{{
/usr/bin/ffmpeg -y -i 00001.ts -filter:v idet -f rawvideo -an /dev/null
ffmpeg version 1.0.6 Copyright (c) 2000-2013 the FFmpeg developers
built on Apr 8 2013 16:29:58 with gcc 4.6.3 (Gentoo 4.6.3 p1.11,
pie-0.5.2)
configuration: --prefix=/usr --libdir=/usr/lib64 --shlibdir=/usr/lib64
--mandir=/usr/share/man --enable-shared --cc=x86_64-pc-linux-gnu-gcc
--cxx=x86_64-pc-linux-gnu-g++ --ar=x86_64-pc-linux-gnu-ar
--optflags='-march=core2 -mtune=core2 -mcx16 -msahf -mpopcnt -msse4.2 -O2
-fomit-frame-pointer -pipe -O1 -fvar-tracking -ggdb' --extra-
cflags='-march=core2 -mtune=core2 -mcx16 -msahf -mpopcnt -msse4.2 -O2
-fomit-frame-pointer -pipe -O1 -fvar-tracking -ggdb' --extra-
cxxflags='-march=core2 -mtune=core2 -mcx16 -msahf -mpopcnt -msse4.2 -O2
-fomit-frame-pointer -pipe -O1 -fvar-tracking -ggdb' --disable-static
--enable-gpl --enable-version3 --enable-postproc --enable-avfilter
--enable-avresample --disable-stripping --disable-debug --disable-doc
--disable-network --disable-vaapi --disable-runtime-cpudetect --enable-
libmp3lame --enable-libvo-aacenc --enable-libtheora --enable-libx264
--enable-libxvid --enable-libfaac --enable-nonfree --disable-indev=v4l2
--disable-indev=oss --disable-indev=jack --enable-x11grab --disabl
libavutil 51. 73.101 / 51. 73.101
libavcodec 54. 59.100 / 54. 59.100
libavformat 54. 29.104 / 54. 29.104
libavdevice 54. 2.101 / 54. 2.101
libavfilter 3. 17.100 / 3. 17.100
libswscale 2. 1.101 / 2. 1.101
libswresample 0. 15.100 / 0. 15.100
libpostproc 52. 0.100 / 52. 0.100
[mpegts @ 0x632150] max_analyze_duration 5000000 reached at 5000000
[NULL @ 0x6388b0] start time is not set in estimate_timings_from_pts
[mpegts @ 0x632150] PES packet size mismatch
Last message repeated 3 times
Input #0, mpegts, from '00001.ts':
Duration: 00:28:29.52, start: 59010.275933, bitrate: 6054 kb/s
Program 132
Stream #0:0[0x6e]: Video: mpeg2video (Main) ([2][0][0][0] / 0x0002),
yuv420p, 720x576 [SAR 16:15 DAR 4:3], 15000 kb/s, 25 fps, 25 tbr, 90k tbn,
50 tbc
Stream #0:1[0x78](deu): Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz,
stereo, s16, 256 kb/s
Stream #0:2[0x79](mis): Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz,
stereo, s16, 192 kb/s
Stream #0:3[0x7a](mul): Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz,
stereo, s16, 192 kb/s
Stream #0:4[0x7d](deu): Audio: ac3 ([6][0][0][0] / 0x0006), 48000 Hz,
stereo, s16, 448 kb/s
Stream #0:5[0x83](deu): Subtitle: dvb_subtitle ([6][0][0][0] / 0x0006)
(hearing impaired)
[New Thread 0x7ffff6006700 (LWP 29188)]
[New Thread 0x7ffff5805700 (LWP 29189)]
[New Thread 0x7ffff5004700 (LWP 29190)]
[New Thread 0x7ffff4803700 (LWP 29191)]
[New Thread 0x7ffff4002700 (LWP 29192)]
[New Thread 0x7ffff3801700 (LWP 29193)]
[New Thread 0x7ffff3000700 (LWP 29194)]
[New Thread 0x7ffff27ff700 (LWP 29195)]
[New Thread 0x7ffff1ffe700 (LWP 29196)]
Output #0, rawvideo, to '/dev/null':
Metadata:
encoder : Lavf54.29.104
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 720x576
[SAR 16:15 DAR 4:3], q=2-31, 200 kb/s, 90k tbn, 25 tbc
Stream mapping:
Stream #0:0 -> #0:0 (mpeg2video -> rawvideo)
Press [q] to stop, [?] for help
Program received signal SIGSEGV, Segmentation fault.
copy_video_props (dst=0x6c9750, src=0x100000240) at
libavfilter/buffer.c:43
43 libavfilter/buffer.c: Datei oder Verzeichnis nicht gefunden.
(gdb) bt
#0 copy_video_props (dst=0x6c9750, src=0x100000240) at
libavfilter/buffer.c:43
#1 0x00007ffff7b3752d in avfilter_ref_buffer (ref=0x6d3d60, pmask=-1) at
libavfilter/buffer.c:63
#2 0x00007ffff7b6b32f in start_frame (link=<optimized out>,
picref=0x6c95b0) at libavfilter/vf_idet.c:184
#3 0x00007ffff7b784dd in ff_start_frame (link=0x661090, picref=0x6c95b0)
at libavfilter/video.c:304
#4 0x00007ffff7b37ee5 in request_frame (link=0x661090) at
libavfilter/buffersrc.c:378
#5 0x00007ffff7b385b2 in av_buffersrc_add_ref (s=0x660b00, buf=0x6c95b0,
flags=7) at libavfilter/buffersrc.c:152
#6 0x00000000004169d2 in decode_video (got_output=0x7fffffffd59c,
pkt=0x7fffffffd540, ist=0x638f80) at ffmpeg.c:1655
#7 output_packet (ist=<optimized out>, pkt=<optimized out>) at
ffmpeg.c:1775
#8 0x0000000000418497 in process_input (file_index=<optimized out>) at
ffmpeg.c:2840
#9 0x0000000000418aee in transcode_step () at ffmpeg.c:2936
#10 transcode () at ffmpeg.c:2988
#11 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3168
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7ffff7b373f9 to 0x7ffff7b37439:
0x00007ffff7b373f9 <ff_calculate_bounding_box+377>: movslq %edx,%esi
0x00007ffff7b373fb <ff_calculate_bounding_box+379>: jmpq
0x7ffff7b3736c <ff_calculate_bounding_box+236>
0x00007ffff7b37400 <copy_video_props+0>: mov %rbx,-0x18(%rsp)
0x00007ffff7b37405 <copy_video_props+5>: mov %rbp,-0x10(%rsp)
0x00007ffff7b3740a <copy_video_props+10>: mov %r12,-0x8(%rsp)
0x00007ffff7b3740f <copy_video_props+15>: sub $0x18,%rsp
0x00007ffff7b37413 <copy_video_props+19>: mov %rdi,%rbp
0x00007ffff7b37416 <copy_video_props+22>: mov %rsi,%rbx
=> 0x00007ffff7b37419 <copy_video_props+25>: mov (%rsi),%rax
0x00007ffff7b3741c <copy_video_props+28>: mov %rax,(%rdi)
0x00007ffff7b3741f <copy_video_props+31>: mov 0x8(%rsi),%rax
0x00007ffff7b37423 <copy_video_props+35>: mov %rax,0x8(%rdi)
0x00007ffff7b37427 <copy_video_props+39>: mov 0x10(%rsi),%rax
0x00007ffff7b3742b <copy_video_props+43>: mov %rax,0x10(%rdi)
0x00007ffff7b3742f <copy_video_props+47>: mov 0x18(%rsi),%rax
0x00007ffff7b37433 <copy_video_props+51>: mov %rax,0x18(%rdi)
0x00007ffff7b37437 <copy_video_props+55>: mov 0x20(%rsi),%rax
End of assembler dump.
(gdb) info all-registers
rax 0x6c96a0 7116448
rbx 0x100000240 4294967872
rcx 0x3a123a2678 249413903992
rdx 0x6c9750 7116624
rsi 0x100000240 4294967872
rdi 0x6c9750 7116624
rbp 0x6c9750 0x6c9750
rsp 0x7fffffffd2d0 0x7fffffffd2d0
r8 0x1 1
r9 0x2 2
r10 0x0 0
r11 0x3a12170640 249411601984
r12 0xffffffff 4294967295
r13 0x7ffff7b6b2d6 140737349333718
r14 0x660c10 6687760
r15 0x697bd0 6912976
rip 0x7ffff7b37419 0x7ffff7b37419 <copy_video_props+25>
eflags 0x10202 [ IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 -nan(0x8080808080808080) (raw 0xffff8080808080808080)
st1 -nan(0x80008000800080) (raw 0xffff0080008000800080)
st2 -nan(0x8080808080808080) (raw 0xffff8080808080808080)
st3 -nan(0x80008000800080) (raw 0xffff0080008000800080)
st4 -nan(0x8080808080808080) (raw 0xffff8080808080808080)
st5 -nan(0x80008000800080) (raw 0xffff0080008000800080)
st6 -nan(0x8080808080808080) (raw 0xffff8080808080808080)
st7 -nan(0x80008000800080) (raw 0xffff0080008000800080)
fctrl 0x37f 895
fstat 0x220 544
ftag 0xffff 65535
fiseg 0x3a 58
fioff 0x12426de7 306343399
foseg 0x7fff 32767
fooff 0xffffd418 -11240
fop 0x51f 1311
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 15 times>, 0x0}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x4}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x40404}, v2_int64 = {0x404040404040404,
0x4040404040404}, uint128 = 0x00040404040404040404040404040404}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4, 0x0, 0x4 <repeats 14 times>}, v8_int16 = {0x4, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040004,
0x4040404, 0x4040404, 0x4040404}, v2_int64 = {
0x404040404040004, 0x404040404040404}, uint128 =
0x04040404040404040404040404040004}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 15 times>, 0x0}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x4}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x40404}, v2_int64 = {0x404040404040404,
0x4040404040404}, uint128 = 0x00040404040404040404040404040404}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 13 times>, 0x0, 0x4, 0x4}, v8_int16 = {0x404,
0x404, 0x404, 0x404, 0x404, 0x404, 0x4, 0x404}, v4_int32 = {0x4040404,
0x4040404, 0x4040404, 0x4040004}, v2_int64 = {
0x404040404040404, 0x404000404040404}, uint128 =
0x04040004040404040404040404040404}
xmm8 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm9 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x4 <repeats 16 times>}, v8_int16 = {0x404, 0x404, 0x404,
0x404, 0x404, 0x404, 0x404, 0x404}, v4_int32 = {0x4040404, 0x4040404,
0x4040404, 0x4040404}, v2_int64 = {0x404040404040404,
0x404040404040404}, uint128 = 0x04040404040404040404040404040404}
xmm10 {v4_float = {0x0, 0x1, 0x0, 0x0}, v2_double = {0x1, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0, 0x3f, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x0, 0x3ff0, 0x0, 0x0, 0x0,
0x0}, v4_int32 = {0x0, 0x3ff00000, 0x0, 0x0},
v2_int64 = {0x3ff0000000000000, 0x0}, uint128 =
0x00000000000000003ff0000000000000}
xmm11 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x11, 0x11, 0x11, 0x71, 0x3e, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x1100, 0x1111, 0x3e71, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x11000000, 0x3e711111,
0x0, 0x0}, v2_int64 = {0x3e71111111000000, 0x0}, uint128 =
0x00000000000000003e71111111000000}
xmm12 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
xmm13 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x56, 0x3c, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x0, 0x0, 0x2000, 0x3c56, 0x0, 0x0, 0x0,
0x0}, v4_int32 = {0x0, 0x3c562000, 0x0, 0x0},
v2_int64 = {0x3c56200000000000, 0x0}, uint128 =
0x00000000000000003c56200000000000}
xmm14 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0xb8, 0x45, 0x3c, 0x33, 0xa5, 0xd, 0x48, 0x3c, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x45b8, 0x333c, 0xda5, 0x3c48, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x333c45b8,
0x3c480da5, 0x0, 0x0}, v2_int64 = {0x3c480da5333c45b8, 0x0}, uint128 =
0x00000000000000003c480da5333c45b8}
xmm15 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0},
v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0},
uint128 = 0x00000000000000000000000000000000}
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2449>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list