Opened 8 years ago
Closed 8 years ago
#2318 closed defect (fixed)
Crash signal 11 in demux_open with webm/vp9
Reported by: | redxii | Owned by: | beastd |
---|---|---|---|
Priority: | high | Component: | libavcodec |
Version: | HEAD | Severity: | critical |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Reproduced by developer: | yes | Analyzed by developer: | yes |
Description
MPlayer is crashing with some webm files. A sample is provided: https://streams.videolan.org/MPlayer/incoming/sample.clip.crashes.mplayer-r37927.webm
(gdb) run mplayer -v -v -v ../sample.clip.crashes.mplayer-r37927.webm Starting program: C:\Users\Joshua\Downloads\mplayer-svn-37927-d\mplayer.exe mplayer -v -v -v ../sample.clip.crashes.mplayer-r37927.webm [New Thread 3820.0x4b8] this_opt = option: v Setting v=../sample.clip.crashes.mplayer-r37927.webm Adding file ../sample.clip.crashes.mplayer-r37927.webm Config pushed level is now 2 Config pushed level is now 3 MPlayer SVN-r37927-6.2.0 (C) 2000-2017 MPlayer Team CPU vendor name: GenuineIntel max cpuid level: 13 CPU: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz (Family: 6, Model: 42, Stepping: 7) extended cpuid-level: 8 extended cache-info: 16801856 Detected cache-line size is 64 bytes Testing OS support for SSE... yes. CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNowExt: 0 SSE: 1 SSE2: 1 SSE3: 1 SSSE3: 1 SSE4: 1 SSE4.2: 1 AVX: 1 Compiled with runtime CPU detection. Setting PATH to C:\Users\Joshua\Downloads\mplayer-svn-37927-d\codecs get_path('codecs.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/codecs.conf' Reading optional codecs config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/codecs.conf: No such file or directory Reading optional codecs config file /usr/local/etc/mplayer/codecs.conf: No such file or directory Using built-in default codecs.conf. init_freetype Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay get_path('fonts') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/fonts' Configuration: --enable-static --enable-runtime-cpudetection --enable-menu --disable-liba52 --disable-libmpeg2-internal --disable-tv --disable-vidix --disable-f aac-lavc --disable-mencoder --enable-debug=3 CommandLine: 'mplayer' '-v' '-v' '-v' '../sample.clip.crashes.mplayer-r37927.webm' Using Windows native timing get_path('input.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf' Parsing input config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf Input config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf parsed: 92 binds get_path('mplayer.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/mplayer.conf' [[[init getch2]]] Playing mplayer. get_path('sub/') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/sub/' WINSOCK2 init: 0 WINSOCK2 init: 0 File not found: 'mplayer' Failed to open mplayer. *** uninit(0x8) [[[uninit getch2]]] Config poped level=2 Config pushed level is now 3 get_path('sample.clip.crashes.mplayer-r37927.webm.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/sample.clip.crashes.mplayer-r37927.webm.conf' [[[init getch2]]] Playing ../sample.clip.crashes.mplayer-r37927.webm. get_path('sub/') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/sub/' WINSOCK2 init: 0 WINSOCK2 init: 0 [file] File size is 4774919 bytes STREAM: [file] ../sample.clip.crashes.mplayer-r37927.webm STREAM: Description: File STREAM: Author: Albeu STREAM: Comment: based on the code from ??? (probably Arpi) seek to 0x0 libavformat version 57.67.100 (internal) Configuration: --enable-gpl --enable-postproc Probing h263 score:25 size:2048 Probing matroska,webm score:100 size:2048 Probing mp3 score:1 size:2048 LAVF_check: Matroska / WebM libavformat file format detected. seek to 0x0 32768=mp_read(29390450, 29393680, 32768), pos: 32768, eof:0 mp_seek(29390450, 0, 65536) st:0 removing common factor 1000000 from timebase [matroska,webm @ 014f68a0]Before avformat_find_stream_info() pos: 423 bytes read:32768 seeks:0 nb_streams:1 Program received signal SIGSEGV, Segmentation fault. 0x00a65011 in ff_vp9_ipred_h_32x32_avx () (gdb) bt #0 0x00a65011 in ff_vp9_ipred_h_32x32_avx () #1 0x0097f43b in intra_recon (bytesperpixel=1, uv_off=<optimized out>, y_off=<optimized out>, ctx=<optimized out>) at libavcodec/vp9.c:2694 #2 intra_recon_8bpp (y_off=<optimized out>, uv_off=0, ctx=<optimized out>) at libavcodec/vp9.c:2736 #3 0x009b59a4 in decode_b (ctx=ctx@entry=0x2939cd20, row=row@entry=0, col=col@entry=0, lflvl=<optimized out>, lflvl@entry=0x293b7a70, yoff=<optimized out>, yoff@entry=0, uvoff=<optimized out>, uvoff@entry=0, bl=<optimized out>, bl@entry=BL_64X64, bp=<optimized out>, bp@entry=PARTITION_H) at libavcodec/vp9.c:3327 #4 0x009cbef6 in decode_sb (ctx=ctx@entry=0x2939cd20, row=row@entry=0, col=col@entry=0, lflvl=lflvl@entry=0x293b7a70, yoff=yoff@entry=0, uvoff=uvoff@entry=0, bl=bl@entry=BL_64X64) at libavcodec/vp9.c:3434 #5 0x009d0701 in vp9_decode_frame (ctx=<optimized out>, frame=<optimized out>, got_frame=<optimized out>, pkt=<optimized out>) at libavcodec/vp9.c:4209 #6 0x0090edc9 in avcodec_decode_video2 (avctx=avctx@entry=0x2939cd20, picture=0x2939d580, got_picture_ptr=got_picture_ptr@entry=0x28e11c, avpkt=avpkt@entry=0x28e218) at libavcodec/utils.c:2275 #7 0x0090fa98 in do_decode (avctx=avctx@entry=0x2939cd20, pkt=pkt@entry=0x28e218) at libavcodec/utils.c:2822 #8 0x009107f9 in avcodec_send_packet (avctx=avctx@entry=0x2939cd20, avpkt=<optimized out>, avpkt@entry=0x28e218) at libavcodec/utils.c:2917 #9 0x0067dd00 in try_decode_frame (s=s@entry=0x29393118, st=st@entry=0x2939c4e0, avpkt=avpkt@entry=0x28e368, options=0x0) at libavformat/utils.c:3004 #10 0x00686929 in avformat_find_stream_info (ic=0x29393118, options=options@entry=0x0) at libavformat/utils.c:3705 #11 0x005201c0 in demux_open_lavf (demuxer=0x29381e70) at libmpdemux/demux_lavf.c:611 #12 0x004998cd in demux_open_stream (stream=stream@entry=0x29390450, file_format=44, file_format@entry=0, force=force@entry=0, audio_id=-1, video_id=video_id@entry=-1, dvdsub_id=-1, filename=filename@entry=0x2937ee98 "../sample.clip.crashes.mplayer-r37927.webm") at libmpdemux/demuxer.c:1112 #13 0x0049a184 in demux_open (vs=0x29390450, file_format=0, audio_id=-1, video_id=-1, dvdsub_id=-1, filename=0x2937ee98 "../sample.clip.crashes.mplayer-r37927.webm") at libmpdemux/demuxer.c:1286 #14 0x01313a20 in main (argc=<optimized out>, argv=<optimized out>) at mplayer.c:3380 (gdb) disass $pc-32,$pc+32 Dump of assembler code from 0xa64ff1 to 0xa65031: 0x00a64ff1 <ff_vp9_ipred_h_32x32_avx+33>: cmp $0x17492e0,%eax 0x00a64ff6 <ff_vp9_ipred_h_32x32_avx+38>: vpxor %xmm4,%xmm4,%xmm4 0x00a64ffa <ff_vp9_ipred_h_32x32_avx+42>: lea (%ecx,%ecx,2),%ebx 0x00a64ffd <ff_vp9_ipred_h_32x32_avx+45>: mov $0x7,%esi 0x00a65002 <ff_vp9_ipred_h_32x32_avx+50>: vmovd (%edx,%esi,4),%xmm3 0x00a65007 <ff_vp9_ipred_h_32x32_avx+55>: vpshufb %xmm7,%xmm3,%xmm0 0x00a6500c <ff_vp9_ipred_h_32x32_avx+60>: vpshufb %xmm6,%xmm3,%xmm1 => 0x00a65011 <ff_vp9_ipred_h_32x32_avx+65>: vmovdqa %xmm0,(%eax) 0x00a65015 <ff_vp9_ipred_h_32x32_avx+69>: vmovdqa %xmm0,0x10(%eax) 0x00a6501a <ff_vp9_ipred_h_32x32_avx+74>: vmovdqa %xmm1,(%eax,%ecx,1) 0x00a6501f <ff_vp9_ipred_h_32x32_avx+79>: vmovdqa %xmm1,0x10(%eax,%ecx,1) 0x00a65025 <ff_vp9_ipred_h_32x32_avx+85>: vpshufb %xmm5,%xmm3,%xmm2 0x00a6502a <ff_vp9_ipred_h_32x32_avx+90>: vpshufb %xmm4,%xmm3,%xmm3 0x00a6502f <ff_vp9_ipred_h_32x32_avx+95>: vmovdqa %xmm2,(%eax,%ecx,2) End of assembler dump. (gdb) info all-registers eax 0x293b80a8 691765416 ecx 0x1e0 480 edx 0x28dc80 2677888 ebx 0x5a0 1440 esp 0x28db84 0x28db84 ebp 0x28dd48 0x28dd48 esi 0x7 7 edi 0x2939d778 691656568 eip 0xa65011 0xa65011 <ff_vp9_ipred_h_32x32_avx+65> eflags 0x10216 [ PF AF IF RF ] cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x53 83 gs 0x2b 43 st0 0 (raw 0x00000000000000000000) st1 0 (raw 0x00000000000000000000) st2 0 (raw 0x00000000000000000000) st3 1 (raw 0x3fff8000000000000000) st4 1 (raw 0x3fff8000000000000000) st5 1 (raw 0x3fff8000000000000000) st6 0 (raw 0x00000000000000000000) st7 8000 (raw 0x400bfa00000000000000) fctrl 0x37f 895 fstat 0x120 288 ftag 0xffff 65535 fiseg 0x23 35 fioff 0x5d6ea0 6123168 foseg 0x2b 43 fooff 0x2939c038 691650616 fop 0x0 0 xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x12 <repeats 16 times>}, v8_int16 = {0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212}, v4_int32 = {0x12121212, 0x12121212, 0x12121212, 0x12121212}, v2_int64 = {0x1212121212121212, 0x1212121212121212}, uint128 = 0x12121212121212121212121212121212} xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x12 <repeats 16 times>}, v8_int16 = {0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212}, v4_int32 = {0x12121212, 0x12121212, 0x12121212, 0x12121212}, v2_int64 = {0x1212121212121212, 0x1212121212121212}, uint128 = 0x12121212121212121212121212121212} xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x91, 0xff, 0x90, 0xff, 0x90, 0xff, 0x90, 0xff, 0x90, 0xff, 0x90, 0xff, 0x90, 0xff, 0x90, 0xff}, v8_int16 = {0xff91, 0xff90, 0xff90, 0xff90, 0xff90, 0xff90, 0xff90, 0xff90}, v4_int32 = { 0xff90ff91, 0xff90ff90, 0xff90ff90, 0xff90ff90}, v2_int64 = {0xff90ff90ff90ff91, 0xff90ff90ff90ff90}, uint128 = 0xff90ff90ff90ff90ff90ff90ff90ff91} xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x12, 0x12, 0x12, 0x12, 0x0 <repeats 12 times>}, v8_int16 = {0x1212, 0x1212, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x12121212, 0x0, 0x0, 0x0}, v2_int64 = {0x12121212, 0x0}, uint128 = 0x00000000000000000000000012121212} xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x1 <repeats 16 times>}, v8_int16 = {0x101, 0x101, 0x101, 0x101, 0x101, 0x101, 0x101, 0x101}, v4_int32 = {0x1010101, 0x1010101, 0x1010101, 0x1010101}, v2_int64 = {0x101010101010101, 0x101010101010101}, uint128 = 0x01010101010101010101010101010101} xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x2 <repeats 16 times>}, v8_int16 = {0x202, 0x202, 0x202, 0x202, 0x202, ---Type <return> to continue, or q <return> to quit--- 0x202, 0x202, 0x202}, v4_int32 = {0x2020202, 0x2020202, 0x2020202, 0x2020202}, v2_int64 = {0x202020202020202, 0x202020202020202}, uint128 = 0x02020202020202020202020202020202} xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x3 <repeats 16 times>}, v8_int16 = {0x303, 0x303, 0x303, 0x303, 0x303, 0x303, 0x303, 0x303}, v4_int32 = {0x3030303, 0x3030303, 0x3030303, 0x3030303}, v2_int64 = {0x303030303030303, 0x303030303030303}, uint128 = 0x03030303030303030303030303030303} mxcsr 0x9fc0 [ DAZ IM DM ZM OM UM PM FZ ] mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm3 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm4 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm5 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm6 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm7 {uint64 = 0xfa00000000000000, v2_int32 = {0x0, 0xfa000000}, v4_int16 = {0x0, 0x0, 0x0, 0xfa00}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfa}} (gdb)
Current configuration:
r37927 compile with FFmpeg b3a2adaac6526428843a1fa74eb9f896e898a78a
Last working version:
r37926 compiled with FFmpeg 6e913f212907048d7009cf2f15551781c69b9985
Attachments (2)
Change History (16)
comment:1 by , 8 years ago
Component: | libavcodec → undetermined |
---|
comment:3 by , 8 years ago
Component: | undetermined → libavcodec |
---|---|
Priority: | normal → high |
comment:4 by , 8 years ago
Reproduced by developer: | set |
---|---|
Status: | new → open |
I can reproduce at least a similar crash.
No analysis yet.
comment:5 by , 8 years ago
Seems that we do not fulfill the alignment requirements on those memory locations.
In your case vmovdqa, eax is only 8-byte aligned and but needs 16-byte alignment.
In my case vmovaps, r9 is only 16-byte aligned, but needs 32-byte alignment AFAICT.
comment:6 by , 8 years ago
Analyzed by developer: | set |
---|
Ok, found it now - it is because of the removal of the memalign hack in FFmpeg.
I was able to get it working by activating HAVE_ALIGNED_MALLOC
in config.h and appending -D__MSVCRT_VERSION__=0x0700
to CFLAGS in config.mak.
Working on a fix for MPlayer's configure now.
comment:7 by , 8 years ago
Seems to be a combination of FFmpeg commit 6c4665d (one your referred to in your comment) and of FFmpeg commit 3835283 (removal of the memalign hack).
I have posted a patch set on the MPlayer devel ml:
[MPlayer-dev-eng] [PATCH 0/2][ticket 2318] Problems with memory alignment
http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2017-April/thread.html#73588
Can you test if it fixes the problems for you too?
comment:8 by , 8 years ago
Unfortunately it didn't seem to fix it for the particular sample I uploaded. I'm certain the patches are applied correctly, this is the FFmpeg I'm using, the latest master is broken for a different reason relating to libavcodec/qsvdec_other.c & libmxf headers:
b613245c9715c34358522737bf0cf6a4f9392ca3 Mon Mar 27 20:37:29 2017 -0300 ffprobe: free log buffer's parent_name during cleanup
Debug output (32-bit)
(gdb) run -v -v -v ../sample.clip.crashes.mplayer-r37927.webm Starting program: C:\Users\Joshua\Downloads\mplayer-svn-37927-d\mplayer.exe -v -v -v ../sample.clip.crashes.mplayer-r37927.webm [New Thread 256.0xa64] this_opt = option: v Setting v=../sample.clip.crashes.mplayer-r37927.webm Adding file ../sample.clip.crashes.mplayer-r37927.webm Config pushed level is now 2 Config pushed level is now 3 MPlayer SVN-r37927-6.2.0 (C) 2000-2017 MPlayer Team CPU vendor name: GenuineIntel max cpuid level: 13 CPU: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz (Family: 6, Model: 42, Stepping: 7) extended cpuid-level: 8 extended cache-info: 16801856 Detected cache-line size is 64 bytes Testing OS support for SSE... yes. CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNowExt: 0 SSE: 1 SSE2: 1 SSE3: 1 SSSE3: 1 SSE4: 1 SSE4.2: 1 AVX: 1 Compiled with runtime CPU detection. Setting PATH to C:\Users\Joshua\Downloads\mplayer-svn-37927-d\codecs get_path('codecs.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/codecs.conf' Reading optional codecs config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/codecs.conf: No such file or directory Reading optional codecs config file /usr/local/etc/mplayer/codecs.conf: No such file or directory Using built-in default codecs.conf. init_freetype Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay get_path('fonts') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/fonts' Configuration: --enable-static --enable-runtime-cpudetection --enable-menu --disable-liba52 --disable-libmpeg2-internal --disable-tv --disable-vidix --disable-f aac-lavc --disable-mencoder --enable-debug=3 CommandLine: '-v' '-v' '-v' '../sample.clip.crashes.mplayer-r37927.webm' Using Windows native timing get_path('input.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf' Parsing input config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf Input config file C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/input.conf parsed: 92 binds get_path('sample.clip.crashes.mplayer-r37927.webm.conf') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/sample.clip.crashes.mplayer-r37927.webm.conf' [[[init getch2]]] Playing ../sample.clip.crashes.mplayer-r37927.webm. get_path('sub/') -> 'C:/Users/Joshua/Downloads/mplayer-svn-37927-d/mplayer/sub/' WINSOCK2 init: 0 WINSOCK2 init: 0 [file] File size is 4774919 bytes STREAM: [file] ../sample.clip.crashes.mplayer-r37927.webm STREAM: Description: File STREAM: Author: Albeu STREAM: Comment: based on the code from ??? (probably Arpi) seek to 0x0 libavformat version 57.68.100 (internal) Configuration: --enable-gpl --enable-postproc Probing h263 score:25 size:2048 Probing matroska,webm score:100 size:2048 Probing mp3 score:1 size:2048 LAVF_check: Matroska / WebM libavformat file format detected. seek to 0x0 32768=mp_read(29440658, 29443900, 32768), pos: 32768, eof:0 mp_seek(29440658, 0, 65536) st:0 removing common factor 1000000 from timebase [matroska,webm @ 014f87c0]Before avformat_find_stream_info() pos: 423 bytes read:32768 seeks:0 nb_streams:1 Program received signal SIGSEGV, Segmentation fault. 0x00a604d1 in ff_vp9_ipred_v_32x32_avx () (gdb) bt #0 0x00a604d1 in ff_vp9_ipred_v_32x32_avx () #1 0x0097ba9b in intra_recon (bytesperpixel=1, uv_off=<optimized out>, y_off=<optimized out>, avctx=<optimized out>) at libavcodec/vp9block.c:1398 #2 intra_recon_8bpp (y_off=<optimized out>, uv_off=23168, avctx=<optimized out>) at libavcodec/vp9block.c:1411 #3 0x009b1491 in ff_vp9_decode_block (avctx=<optimized out>, avctx@entry=0x2944d140, row=<optimized out>, row@entry=24, col=<optimized out>, col@entry=32, lflvl=<optimized out>, lflvl@entry=0x29468680, yoff=<optimized out>, yoff@entry=92416, uvoff=<optimized out>, uvoff@entry=23168, bl=<optimized out>, bl@entry=BL_64X64, bp=<optimized out>, bp@entry=PARTITION_NONE) at libavcodec/vp9block.c:2005 #4 0x00970b46 in decode_sb (avctx=avctx@entry=0x2944d140, row=row@entry=24, col=col@entry=32, lflvl=lflvl@entry=0x29468680, yoff=yoff@entry=92416, uvoff=uvoff@entry=23168, bl=bl@entry=BL_64X64) at libavcodec/vp9.c:953 #5 0x00975726 in vp9_decode_frame (avctx=<optimized out>, frame=<optimized out>, got_frame=<optimized out>, pkt=<optimized out>) at libavcodec/vp9.c:1492 #6 0x00906979 in avcodec_decode_video2 (avctx=avctx@entry=0x2944d140, picture=0x2944dd20, got_picture_ptr=got_picture_ptr@entry=0x28e11c, avpkt=avpkt@entry=0x28e218) at libavcodec/utils.c:2275 #7 0x00907648 in do_decode (avctx=avctx@entry=0x2944d140, pkt=pkt@entry=0x28e218) at libavcodec/utils.c:2822 #8 0x009083a9 in avcodec_send_packet (avctx=avctx@entry=0x2944d140, avpkt=<optimized out>, avpkt@entry=0x28e218) at libavcodec/utils.c:2917 #9 0x0067dc80 in try_decode_frame (s=s@entry=0x29443380, st=st@entry=0x2944c840, avpkt=avpkt@entry=0x28e368, options=0x0) at libavformat/utils.c:3004 #10 0x006868a9 in avformat_find_stream_info (ic=0x29443380, options=options@entry=0x0) at libavformat/utils.c:3705 #11 0x005201c0 in demux_open_lavf (demuxer=0x294426d8) at libmpdemux/demux_lavf.c:611 #12 0x004998cd in demux_open_stream (stream=stream@entry=0x29440658, file_format=44, file_format@entry=0, force=force@entry=0, audio_id=-1, video_id=video_id@entry=-1, dvdsub_id=-1, filename=filename@entry=0x2942ed88 "../sample.clip.crashes.mplayer-r37927.webm") at libmpdemux/demuxer.c:1112 #13 0x0049a184 in demux_open (vs=0x29440658, file_format=0, audio_id=-1, video_id=-1, dvdsub_id=-1, filename=0x2942ed88 "../sample.clip.crashes.mplayer-r37927.webm") at libmpdemux/demuxer.c:1286 #14 0x013181a0 in main (argc=<optimized out>, argv=<optimized out>) at mplayer.c:3380 (gdb) disass $pc-32,$pc+32 Dump of assembler code from 0xa604b1 to 0xa604f1: 0x00a604b1 <ff_vp9_ipred_v_32x32_avx+1>: mov 0x8(%esp),%eax 0x00a604b5 <ff_vp9_ipred_v_32x32_avx+5>: mov 0xc(%esp),%ecx 0x00a604b9 <ff_vp9_ipred_v_32x32_avx+9>: mov 0x10(%esp),%edx 0x00a604bd <ff_vp9_ipred_v_32x32_avx+13>: mov 0x14(%esp),%ebx 0x00a604c1 <ff_vp9_ipred_v_32x32_avx+17>: vmovaps (%ebx),%ymm0 0x00a604c5 <ff_vp9_ipred_v_32x32_avx+21>: lea (%ecx,%ecx,2),%edx 0x00a604c8 <ff_vp9_ipred_v_32x32_avx+24>: mov $0x4,%ebx 0x00a604cd <ff_vp9_ipred_v_32x32_avx+29>: vmovaps %ymm0,(%eax) => 0x00a604d1 <ff_vp9_ipred_v_32x32_avx+33>: vmovaps %ymm0,(%eax,%ecx,1) 0x00a604d6 <ff_vp9_ipred_v_32x32_avx+38>: vmovaps %ymm0,(%eax,%ecx,2) 0x00a604db <ff_vp9_ipred_v_32x32_avx+43>: vmovaps %ymm0,(%eax,%edx,1) 0x00a604e0 <ff_vp9_ipred_v_32x32_avx+48>: lea (%eax,%ecx,4),%eax 0x00a604e3 <ff_vp9_ipred_v_32x32_avx+51>: vmovaps %ymm0,(%eax) 0x00a604e7 <ff_vp9_ipred_v_32x32_avx+55>: vmovaps %ymm0,(%eax,%ecx,1) 0x00a604ec <ff_vp9_ipred_v_32x32_avx+60>: vmovaps %ymm0,(%eax,%ecx,2) End of assembler dump. (gdb) info all-registers eax 0x2949b720 692696864 ecx 0xf0 240 edx 0x2d0 720 ebx 0x4 4 esp 0x28db88 0x28db88 ebp 0x28dd48 0x28dd48 esi 0x2944df60 692379488 edi 0xf0 240 eip 0xa604d1 0xa604d1 <ff_vp9_ipred_v_32x32_avx+33> eflags 0x10216 [ PF AF IF RF ] cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x53 83 gs 0x2b 43 st0 -nan(0x8080808080808080) (raw 0xffff8080808080808080) st1 -nan(0x0000003f8) (raw 0xffff00000000000003f8) st2 -inf (raw 0xffff0000000000000000) st3 1 (raw 0x3fff8000000000000000) st4 1 (raw 0x3fff8000000000000000) st5 1 (raw 0x3fff8000000000000000) st6 0 (raw 0x00000000000000000000) st7 8000 (raw 0x400bfa00000000000000) fctrl 0x37f 895 fstat 0x120 288 ftag 0x102a 4138 fiseg 0x23 35 fioff 0x5d6da0 6122912 foseg 0x2b 43 fooff 0x2944c258 692372056 fop 0x0 0 xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x7f <repeats 16 times>}, v8_int16 = { 0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f, 0x7f7f}, v4_int32 = {0x7f7f7f7f, 0x7f7f7f7f, 0x7f7f7f7f, 0x7f7f7f7f}, v2_int64 = { 0x7f7f7f7f7f7f7f7f, 0x7f7f7f7f7f7f7f7f}, uint128 = 0x7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f7f} xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x12 <repeats 16 times>}, v8_int16 = {0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212, 0x1212}, v4_int32 = {0x12121212, 0x12121212, 0x12121212, 0x12121212}, v2_int64 = {0x1212121212121212, 0x1212121212121212}, uint128 = 0x12121212121212121212121212121212} xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ---Type <return> to continue, or q <return> to quit--- 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000} mxcsr 0x9fc0 [ DAZ IM DM ZM OM UM PM FZ ] mm0 {uint64 = 0x8080808080808080, v2_int32 = {0x80808080, 0x80808080}, v4_int16 = {0x8080, 0x8080, 0x8080, 0x8080}, v8_int8 = {0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80}} mm1 {uint64 = 0x3f8, v2_int32 = {0x3f8, 0x0}, v4_int16 = {0x3f8, 0x0, 0x0, 0x0}, v8_int8 = {0xf8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm3 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm4 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm5 {uint64 = 0x8000000000000000, v2_int32 = {0x0, 0x80000000}, v4_int16 = {0x0, 0x0, 0x0, 0x8000}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}} mm6 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} mm7 {uint64 = 0xfa00000000000000, v2_int32 = {0x0, 0xfa000000}, v4_int16 = {0x0, 0x0, 0x0, 0xfa00}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfa}} (gdb)
comment:9 by , 8 years ago
Thanks for testing.
Can you upload your config.log file here?
Or at least paste output of:
grep ALIGN config.h
by , 8 years ago
by , 8 years ago
Attachment: | config.log added |
---|
comment:10 by , 8 years ago
Uploaded both. config.h:
#define ATTRIBUTE_ALIGNED_MAX 16 #define HAVE_MEMALIGN 0 #define ASMALIGN(ZEROBITS) ".align 1<<" #ZEROBITS "\n\t" #define CONFIG_MEMALIGN_HACK 1 #define HAVE_FAST_UNALIGNED 1 #define HAVE_LOCAL_ALIGNED_8 1 #define HAVE_LOCAL_ALIGNED_16 1 #define HAVE_LOCAL_ALIGNED_32 1 #define HAVE_ALIGNED_MALLOC 1 #define HAVE_POSIX_MEMALIGN 0 #define HAVE_ALIGNED_STACK 1 #define HAVE_SIMD_ALIGN_16 1 #define HAVE_SIMD_ALIGN_32 0
comment:11 by , 8 years ago
I was using runtime cpu detection, it doesn't run the individual check for AVX and enable HAVE_SIMD_ALIGN_32.
'Forcing' HAVE_SIMD_ALIGN_32 to 1 so it's enabled when using --enable-runtime-cpudetection no longer crashes on my sample.
follow-up: 13 comment:12 by , 8 years ago
Yes, I somehow forgot about runtime cpu detection :(
I have posted a replacement for the 2nd patch here:
http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2017-April/073592.html
comment:13 by , 8 years ago
Everything is good now, HAVE_SIMD_ALIGN_32 enables properly and no longer crashes. Thanks.
comment:14 by , 8 years ago
Resolution: | → fixed |
---|---|
Status: | open → closed |
Thanks again for testing quickly.
Should be fixed in MPlayer SVN with revision 37929 and 37930
The problem seems to be some combination of:
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b5122b040fe9441871b3d275d7f5e9eb352d4f28
and
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6c4665deb4d20e3e305e54b4fb4431e57497d374
A user reported this happening with webm/vp9 files and according to the debug seems to be some kind of alignment issue, but it is possible that other formats/use of instruction sets are affected.