[FFmpeg-user] avcodec crashes in multi-thread mode

Fri Mar 20 00:39:48 CET 2015

Hello,

we recently enabled multi-thread decoding in our code and saw the following
crash. the same issue is found by chromium
https://code.google.com/p/chromium/issues/detail?id=320102

but I'm not familiar with sse assembly to understand the function
in fpel.asm

is this a known issue? any document to help me understand it?

Thanks,

FAULTING_IP:
avcodec_55!ff_put_pixels16_sse2+15
6fcd1c75 f30f6f01       movdqu xmm0,xmmword ptr [ecx]

EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 6fcd1c75 (avcodec_55!ff_put_pixels16_sse2+0x00000015)
  ExceptionCode: c0000005 (Access violation)
 ExceptionFlags: 00000000
NumberParameters: 2
  Parameter[0]: 00000000
  Parameter[1]: 00005000
Attempt to read from address 00005000

CONTEXT: 00000000 -- (.cxr 0x0;r)
eax=00000000 ebx=0691ee64 ecx=00005000 edx=00000500 esi=00000002
edi=00000000
eip=777a014d esp=0691ee14 ebp=0691eeb0 iopl=0        nv up ei pl zr na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b            efl=00000246
ntdll!ZwWaitForMultipleObjects+0x15:
777a014d 83c404         add    esp,4

DEFAULT_BUCKET_ID: WRONG_SYMBOLS

PROCESS_NAME: GRID Workspace.exe

ADDITIONAL_DEBUG_TEXT:
You can run '.symfix; .reload' to try to fix the symbol path and load
symbols.

FAULTING_MODULE: 753d0000 kernel32

DEBUG_FLR_IMAGE_TIMESTAMP: 53e043eb

MODULE_NAME: avcodec_55

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced
memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1: 00000000

EXCEPTION_PARAMETER2: 00005000

READ_ADDRESS: 00005000

FOLLOWUP_IP:
avcodec_55!ff_put_pixels16_sse2+15
6fcd1c75 f30f6f01       movdqu xmm0,xmmword ptr [ecx]

APP: grid workspace.exe

ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre

PRIMARY_PROBLEM_CLASS: WRONG_SYMBOLS

BUGCHECK_STR: APPLICATION_FAULT_WRONG_SYMBOLS

LAST_CONTROL_TRANSFER: from 6f8b3a8c to 6fcd1c75

STACK_TEXT:
0691f630 6f8b3a8c 0b865040 00005000 00000500
avcodec_55!ff_put_pixels16_sse2+0x15
0691f6a8 6f8b43f7 00000000 00000001 00000010
avcodec_55!mc_part_420_simple_8+0xc9c
0691f71c 6f8b6c50 0b865040 0a867400 0a8bc6e0
avcodec_55!hl_motion_420_simple_8+0x127
0691f790 6f8c81fd 06670040 0691f7b8 6f8d8895
avcodec_55!hl_decode_mb_simple_8+0x780
0691f79c 6f8d8895 06670040 00000000 02864c20
avcodec_55!ff_h264_hl_decode_mb+0x7d
0691f7b8 6fafdeef 028645a0 00000000 00000000 avcodec_55!decode_slice+0x185
0691f7ec 6fafd9b0 028645a0 00000000 0691f834 avcodec_55!worker+0x10f
0691f7fc 6fd4b4b9 02864cc0 28fb3df1 00000000
avcodec_55!win32thread_worker+0x10
0691f834 6fd4b543 00000000 0691f84c 753e33ca
avcodec_55!_callthreadstartex+0x1b
0691f840 753e33ca 00853d50 0691f88c 777b9ed2 avcodec_55!_threadstartex+0x64
WARNING: Stack unwind information not available. Following frames may be
wrong.
0691f84c 777b9ed2 00853d50 ec823dcc 00000000
kernel32!BaseThreadInitThunk+0x12
0691f88c 777b9ea5 6fd4b4df 00853d50 00000000
ntdll!RtlInitializeExceptionChain+0x63
0691f8a4 00000000 6fd4b4df 00853d50 00000000
ntdll!RtlInitializeExceptionChain+0x36

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: avcodec_55!ff_put_pixels16_sse2+15

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: avcodec-55.dll

STACK_COMMAND: ~11s; .ecxr ; kb

BUCKET_ID: WRONG_SYMBOLS

FAILURE_BUCKET_ID:
WRONG_SYMBOLS_c0000005_avcodec-55.dll!ff_put_pixels16_sse2

ANALYSIS_SOURCE: UM

FAILURE_ID_HASH_STRING:
um:wrong_symbols_c0000005_avcodec-55.dll!ff_put_pixels16_sse2

FAILURE_ID_HASH: {43a3acdf-8c5d-fa10-f505-85d78ed24286}

Followup: MachineOwner