[MPlayer-users] MPEG/DVD crashing when taking screenshot

Roberto Togni rxt at rtogni.it
Mon Sep 14 23:40:26 CEST 2015


On Mon, 14 Sep 2015 20:59:46 +0200
Roberto Togni <rxt at rtogni.it> wrote:

> On Sun, 13 Sep 2015 00:26:42 -0400
> Josh <joshf87 at live.com> wrote:
> 
> > I compiled r37524 with a newer FFmpeg and got different but still 
> > seemingly useless results from gdb so I ran Dr Memory, both logs are 
> > included in the tar.xz. The logs themselves will get me queued for 
> > moderation for being too big:
> > 
> > http://sourceforge.net/projects/mplayerwin/files/Misc/mpl-bin-r37524-debug-2.tar.xz/download
> 
> Hi,
>  just to keep you updated, I was able to reproduce it with your sample
>  and get a valid backtrace on linux.
> 
> ...
> sending VFCTRL_SCREENSHOT!
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x0000555555f68625 in yuv2rgb_X_c_template (hasAlpha=0, 
>     target=AV_PIX_FMT_RGB24, y=13, dstW=2386, dest=0x555558be4680 "", 
>     alpSrc=0x0, chrFilterSize=4, chrVSrc=0x5555572d9a48, 
>     chrUSrc=0x55555711f128, chrFilter=0x5555572d76c8, lumFilterSize=1, 
>     lumSrc=0x55555712c5e8, lumFilter=0x55555711e8ba, c=<optimized out>)
>     at libswscale/output.c:1340
> 1340	            Y1 += lumSrc[j][i * 2]     * lumFilter[j];
> (gdb) bt
> #0  0x0000555555f68625 in yuv2rgb_X_c_template (hasAlpha=0, 
>     target=AV_PIX_FMT_RGB24, y=13, dstW=2386, dest=0x555558be4680 "", 
>     alpSrc=0x0, chrFilterSize=4, chrVSrc=0x5555572d9a48, 
>     chrUSrc=0x55555711f128, chrFilter=0x5555572d76c8, lumFilterSize=1, 
>     lumSrc=0x55555712c5e8, lumFilter=0x55555711e8ba, c=<optimized out>)
>     at libswscale/output.c:1340
> #1  yuv2rgb24_X_c (c=0x555557223520, lumFilter=0x55555711e8ba, 
>     lumSrc=0x55555712c5e8, lumFilterSize=1, chrFilter=0x5555572d76c8, 
>     chrUSrc=0x55555711f128, chrVSrc=0x5555572d9a48, chrFilterSize=4, 
>     alpSrc=0x0, dest=0x555558be4680 "", dstW=2386, y=13)
>     at libswscale/output.c:1515
> #2  0x0000555555f4dc9e in packed_vscale (c=<optimized out>, 
>     desc=<optimized out>, sliceY=13, sliceH=<optimized out>)
>     at libswscale/vscale.c:129
> #3  0x0000555555f3dc81 in swscale (c=0x5555572b12c0,
> src=0x55555711e8a0, srcStride=0x1000, srcSliceY=1460470520,
> srcSliceH=1460470480, dst=0x55555711f128, dstStride=0x7fffffffca80) at
> libswscale/swscale.c:682 #4  0x0000555555f3ef4b in sws_scale
> (c=0x5555572b12c0, srcSlice=0x7fffffffca90, srcStride=0x55555712c5e8,
> srcSliceY=1, srcSliceH=1462597320, dst=0x7fffffffcab0,
> dstStride=0x5555570f4c60) at libswscale/swscale.c:1263
> #5  0x00005555558295da in draw_slice (vf=0x5555570f53b0,
> src=0x7fffffffcb90, stride=0x7fffffffcb80, w=1920, h=16, x=1460791456,
> y=16)
>     at libmpcodecs/vf_screenshot.c:64
> #6  0x0000555555826021 in draw_slice (s=<optimized out>, src=<optimized
> out>, offset=<optimized out>, y=<optimized out>, type=<optimized out>, 
>     height=<optimized out>) at libmpcodecs/vd_ffmpeg.c:588
> #7  0x0000555555eb48e4 in ff_draw_horiz_band (avctx=0x5555570f69a0, 
>     cur=<optimized out>, last=<optimized out>, y=16, h=16, 
>     picture_structure=3, first_field=0, low_delay=0)
>     at libavcodec/mpegutils.c:77
> #8  0x0000555555b95135 in ff_mpeg_draw_horiz_band
> (s=s at entry=0x5555570f6e40, y=<optimized out>, h=<optimized out>) at
> libavcodec/mpegvideo.c:2720 #9  0x0000555555b60db5 in mpeg_decode_slice
> (s=s at entry=0x5555570f6e40, mb_y=mb_y at entry=1,
> buf=buf at entry=0x7fffffffcdd8, buf_size=buf_size at entry=2077) at
> libavcodec/mpeg12dec.c:1927 #10 0x0000555555b63b35 in decode_chunks
> (avctx=avctx at entry=0x5555570f69a0,
> picture=picture at entry=0x5555570f6760,
> got_output=got_output at entry=0x7fffffffcf60, buf=0x555556f088c0 "",
> buf_size=2111) at libavcodec/mpeg12dec.c:2759 #11 0x0000555555b645ab in
> mpeg_decode_frame (avctx=0x5555570f69a0, data=0x5555570f6760,
> got_output=0x7fffffffcf60, avpkt=<optimized out>) at
> libavcodec/mpeg12dec.c:2836 #12 0x0000555555c6762e in
> avcodec_decode_video2 (avctx=0x5555570f69a0, picture=0x5555570f6760,
> got_picture_ptr=0x7fffffffcf60, avpkt=0x7fffffffcf90) at
> libavcodec/utils.c:2096 ---Type <return> to continue, or q <return> to
> quit--- #13 0x0000555555826e5f in decode (sh=0x555556edc410,
> data=0x1000, len=1460848104, flags=-12400) at
> libmpcodecs/vd_ffmpeg.c:949 #14 0x0000555555775f4f in decode_video
> (sh_video=0x555556edc410, start=0x555556f088c0 "", in_size=2111,
> drop_frame=0, pts=1.083922266960144, full_frame=0x7fffffffd0b0)
>     at libmpcodecs/dec_video.c:398
> #15 0x00005555556dd772 in update_video (blit_frame=0x7fffffffd158)
>     at mplayer.c:2484
> #16 0x00005555556d0980 in main (argc=5, argv=0x7fffffffe288) at
> mplayer.c:3811
> 
> 
> You're probably right with the commit that broke it, I'm checking if
> swscale needs to be called differently now.
> 
> 
May be a problem in ffmpeg, see https://trac.ffmpeg.org/ticket/4850

I can get a crash with similar backtrace with
ffmpeg -i mpeg_crash_screenshot.mpg -dsth 1096 -c png -f null /dev/null


Program received signal SIGSEGV, Segmentation fault.
0x0000000000de5a57 in yuv2rgb_write (hasAlpha=0,
target=AV_PIX_FMT_RGB24, 
    y=1088, _b=0x1e0f266, _g=0x1e0f266, _r=0x1e0f266, A2=0, A1=0, 
    Y2=<optimized out>, Y1=<optimized out>, i=<optimized out>, 
    _dest=0x7fffcc7f8040 "") at libswscale/output.c:1246
1246	        dest[i * 6 + 0] = r_b[Y1];
(gdb) bt
#0  0x0000000000de5a57 in yuv2rgb_write (hasAlpha=0,
target=AV_PIX_FMT_RGB24, 
    y=1088, _b=0x1e0f266, _g=0x1e0f266, _r=0x1e0f266, A2=0, A1=0, 
    Y2=<optimized out>, Y1=<optimized out>, i=<optimized out>, 
    _dest=0x7fffcc7f8040 "") at libswscale/output.c:1246
#1  yuv2rgb_X_c_template (hasAlpha=0, target=AV_PIX_FMT_RGB24, y=1088, 
    dstW=1920, dest=0x7fffcc7f8040 "", alpSrc=0x0, chrFilterSize=4, 
    chrVSrc=0x1b4dd30, chrUSrc=0x1b44c70, chrFilter=0x1b6e0c0, 
    lumFilterSize=4, lumSrc=0x1b4e4f8, lumFilter=0x1b67440,
c=<optimized out>)
    at libswscale/output.c:1370
#2  yuv2rgb24_X_c (c=0x1ba75c0, lumFilter=0x1b67440, lumSrc=0x1b4e4f8, 
    lumFilterSize=4, chrFilter=0x1b6e0c0, chrUSrc=0x1b44c70, 
    chrVSrc=0x1b4dd30, chrFilterSize=4, alpSrc=0x0, dest=0x7fffcc7f8040
"", 
    dstW=1920, y=1088) at libswscale/output.c:1515
#3  0x0000000000dca58e in packed_vscale (c=<optimized out>, 
    desc=<optimized out>, sliceY=1088, sliceH=<optimized out>)
    at libswscale/vscale.c:129
#4  0x0000000000dc5d31 in swscale (c=0x1b4e980, src=0x1e0f266,
srcStride=0x0, 
    srcSliceY=28632888, srcSliceH=28632848, dst=0x1b44c70, 
    dstStride=0x7fffffffd6f0) at libswscale/swscale.c:682
#5  0x0000000000dc70ba in sws_scale (c=0x1b4e980,
srcSlice=0x7fffffffd700, 
    srcStride=0x1b4e4f8, srcSliceY=4, srcSliceH=28762304,
dst=0x7fffffffd720, 
    dstStride=0x7fffffffd7d0) at libswscale/swscale.c:1263
#6  0x000000000050a088 in scale_slice (y=<optimized out>, 
    link=<optimized out>, field=<optimized out>, mul=<optimized out>, 
    h=<optimized out>, sws=<optimized out>, cur_pic=<optimized out>, 
    out_buf=<optimized out>) at libavfilter/vf_scale.c:477
#7  filter_frame (link=0x1b44520, in=0x1e0ecc0) at
libavfilter/vf_scale.c:579
#8  0x000000000049f1df in ff_filter_frame_framed (link=0x1b44520, 
    frame=0x1e0ecc0) at libavfilter/avfilter.c:1089
#9  0x00000000004a1299 in ff_filter_frame (link=0x1b44520,
frame=0x1e0ecc0)
    at libavfilter/avfilter.c:1173
#10 0x000000000049f1df in ff_filter_frame_framed (link=0x1b44b20, 
    frame=0x1e0ecc0) at libavfilter/avfilter.c:1089
#11 0x00000000004a1299 in ff_filter_frame (link=0x1b44b20,
frame=0x1e0ecc0)
    at libavfilter/avfilter.c:1173
#12 0x00000000004a53a2 in request_frame (link=0x1b44b20)
    at libavfilter/buffersrc.c:378
#13 0x00000000004a50d4 in av_buffersrc_add_frame_internal (
    ctx=ctx at entry=0x1b455e0, frame=frame at entry=0x1cca620,
flags=flags at entry=4)
    at libavfilter/buffersrc.c:180
#14 0x00000000004a55cd in av_buffersrc_add_frame_flags (ctx=0x1b455e0, 
    frame=frame at entry=0x1cca620, flags=flags at entry=4)
    at libavfilter/buffersrc.c:105
#15 0x0000000000487272 in decode_video (ist=0x1b3ca00, pkt=<optimized
out>, 
    got_output=<optimized out>) at ffmpeg.c:2179
#16 0x00000000004715d3 in process_input_packet (pkt=<optimized out>, 
    ist=<optimized out>) at ffmpeg.c:2327
#17 process_input (file_index=<optimized out>) at ffmpeg.c:3833
#18 transcode_step () at ffmpeg.c:3921
#19 transcode () at ffmpeg.c:3974
#20 main (argc=28559872, argv=0x7fffffffe010) at ffmpeg.c:4157
(gdb) 


Seems that the problem is related to slices, in MPlayer it works for the
first slice but fails for the 2nd (slice height is 16; offset 0 is ok,
offset 16 crashes).


The attached workaroud fixes the crash, but produces a wrong picture;
unless I missed some stupid detail, it should be equivalent to the old
code.


Ciao,
 Roberto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vf_screenshot.c.diff
Type: text/x-patch
Size: 663 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-users/attachments/20150914/121feab7/attachment-0001.bin>


More information about the MPlayer-users mailing list