#20(FFmpeg:new): Crash when encoding to tif with high value for -ss
#20: Crash when encoding to tif with high value for -ss ------------------------+--------------------- Reporter: cehoyos | Owner: michael Type: defect | Status: new Priority: important | Component: FFmpeg Version: git | Keywords: Blocked By: | Blocking: Reproduced: 1 | Analyzed: 0 ------------------------+--------------------- (issue 2658) Reproducible with (m)any files, I used fate- suite/svq3/Vertical400kbit.sorenson3.mov {{{ (gdb) r -i Vertical400kbit.sorenson3.mov -ss 40 out.tif Starting program: ffmpeg_g -i Vertical400kbit.sorenson3.mov -ss 40 out.tif FFmpeg version git-N-28634-g0bfe349, Copyright (c) 2000-2011 the FFmpeg developers built on Mar 25 2011 20:50:13 with gcc 4.5.2 configuration: --cc='/usr/local/gcc-4.5.2/bin/gcc -m32' --enable-gpl libavutil 50. 40. 0 / 50. 40. 0 libavcodec 52.114. 1 / 52.114. 1 libavformat 52.103. 0 / 52.103. 0 libavdevice 52. 3. 0 / 52. 3. 0 libavfilter 1. 76. 0 / 1. 76. 0 libswscale 0. 12. 0 / 0. 12. 0 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x8beb6a0] max_analyze_duration reached Seems stream 0 codec frame rate differs from container frame rate: 600.00 (600/1) -> 30.00 (30/1) Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'Vertical400kbit.sorenson3.mov': Metadata: creation_time : 2001-03-20 16:17:18 title : Vertical Online SV3 Demo title-eng : Vertical Online SV3 Demo artist : Logan Kelsey artist-eng : Logan Kelsey copyright : © Vertical Online 2001 copyright-eng : © Vertical Online 2001 encoder : Sorenson Video 3 encoder-eng : Sorenson Video 3 Duration: 00:00:43.57, start: 0.000000, bitrate: 580 kb/s Stream #0.0(eng): Video: svq3, yuvj420p, 320x240, 391 kb/s, 30.02 fps, 30 tbr, 600 tbn, 600 tbc Metadata: creation_time : 2001-03-20 16:17:18 Stream #0.1(eng): Audio: adpcm_ima_qt, 44100 Hz, 1 channels, s16 Metadata: creation_time : 2001-03-20 16:17:18 [buffer @ 0x8bf05b0] w:320 h:240 pixfmt:yuvj420p [ffsink @ 0x8bfd730] auto-inserting filter 'auto-inserted scaler 0' between the filter 'src' and the filter 'out' [scale @ 0x8bfd9e0] w:320 h:240 fmt:yuvj420p -> w:320 h:240 fmt:rgb24 flags:0xa0000004 Output #0, image2, to 'out.tif': Metadata: creation_time : 2001-03-20 16:17:18 title : Vertical Online SV3 Demo title-eng : Vertical Online SV3 Demo artist : Logan Kelsey artist-eng : Logan Kelsey copyright : © Vertical Online 2001 copyright-eng : © Vertical Online 2001 encoder-eng : Sorenson Video 3 encoder : Lavf52.103.0 Stream #0.0(eng): Video: tiff, rgb24, 320x240, q=2-31, 200 kb/s, 90k tbn, 30 tbc Metadata: creation_time : 2001-03-20 16:17:18 Stream mapping: Stream #0.0 -> #0.0 Press ctrl-c to stop encoding [buffer @ 0x8bf05b0] Buffering several frames is not supported. Please consume all available frames before adding a new one. Last message repeated 1049 times Program received signal SIGSEGV, Segmentation fault. print_report (ost_table=0x8bf4020, nb_ostreams=1, is_last_report=0, output_files=0x86a5ac0) at ffmpeg.c:1334 1334 snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "frame=%5d fps=%3d q=%3.1f ", (gdb) bt #0 print_report (ost_table=0x8bf4020, nb_ostreams=1, is_last_report=0, output_files=0x86a5ac0) at ffmpeg.c:1334 #1 0x08053156 in transcode (nb_output_files=1, nb_input_files=1, stream_maps=0x0, nb_stream_maps=0, input_files=0x86a5c60, output_files=0x86a5ac0) at ffmpeg.c:2618 #2 0x08057d39 in main (argc=6, argv=0xffffcfe4) at ffmpeg.c:4345 (gdb) disass $pc-32 $pc+32 Dump of assembler code from 0x8050130 to 0x8050170: 0x08050130 <print_report+704>: in (%dx),%al 0x08050131 <print_report+705>: add %al,(%eax) 0x08050133 <print_report+707>: add %cl,-0x7376bbb0(%ebx) 0x08050139 <print_report+713>: and $0xa0,%al 0x0805013b <print_report+715>: add %al,(%eax) 0x0805013d <print_report+717>: add %al,0x42850fd2(%ebp) 0x08050143 <print_report+723>: add (%eax),%al 0x08050145 <print_report+725>: add %cl,-0x748fdb94(%ebx) 0x0805014b <print_report+731>: test %edx,-0x24ffffff(%eax) 0x08050151 <print_report+737>: inc %eax 0x08050152 <print_report+738>: dec %eax 0x08050153 <print_report+739>: fstps 0xec(%esp) 0x0805015a <print_report+746>: flds 0xec(%esp) 0x08050161 <print_report+753>: fdivs 0x8562178 0x08050167 <print_report+759>: fstpl 0xe0(%esp) 0x0805016e <print_report+766>: fldl 0xe0(%esp) End of assembler dump. (gdb) info registers eax 0x0 0 ecx 0x0 0 edx 0x0 0 ebx 0xffffbd00 -17152 esp 0xffffbc10 0xffffbc10 ebp 0x8bf3b20 0x8bf3b20 esi 0x0 0 edi 0x8bfcc90 146787472 eip 0x8050150 0x8050150 <print_report+736> eflags 0x210246 [ PF ZF IF RF ID ] cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x63 99 }}} {{{ $ valgrind ffmpeg_g -i Vertical400kbit.sorenson3.mov -ss 40 out.tif ==16721== Memcheck, a memory error detector ==16721== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al. ==16721== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info ==16721== Command: ffmpeg_g -i Vertical400kbit.sorenson3.mov -ss 40 out.tif ==16721== FFmpeg version git-N-28634-g0bfe349, Copyright (c) 2000-2011 the FFmpeg developers built on Mar 25 2011 20:50:13 with gcc 4.5.2 configuration: --cc='/usr/local/gcc-4.5.2/bin/gcc -m32' --enable-gpl libavutil 50. 40. 0 / 50. 40. 0 libavcodec 52.114. 1 / 52.114. 1 libavformat 52.103. 0 / 52.103. 0 libavdevice 52. 3. 0 / 52. 3. 0 libavfilter 1. 76. 0 / 1. 76. 0 libswscale 0. 12. 0 / 0. 12. 0 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x7be28c0] max_analyze_duration reached Seems stream 0 codec frame rate differs from container frame rate: 600.00 (600/1) -> 30.00 (30/1) Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'Vertical400kbit.sorenson3.mov': Metadata: creation_time : 2001-03-20 16:17:18 title : Vertical Online SV3 Demo title-eng : Vertical Online SV3 Demo artist : Logan Kelsey artist-eng : Logan Kelsey copyright : © Vertical Online 2001 copyright-eng : © Vertical Online 2001 encoder : Sorenson Video 3 encoder-eng : Sorenson Video 3 Duration: 00:00:43.57, start: 0.000000, bitrate: 580 kb/s Stream #0.0(eng): Video: svq3, yuvj420p, 320x240, 391 kb/s, 30.02 fps, 30 tbr, 600 tbn, 600 tbc Metadata: creation_time : 2001-03-20 16:17:18 Stream #0.1(eng): Audio: adpcm_ima_qt, 44100 Hz, 1 channels, s16 Metadata: creation_time : 2001-03-20 16:17:18 [buffer @ 0x7cef550] w:320 h:240 pixfmt:yuvj420p [ffsink @ 0x7cef910] auto-inserting filter 'auto-inserted scaler 0' between the filter 'src' and the filter 'out' [scale @ 0x7cefff0] w:320 h:240 fmt:yuvj420p -> w:320 h:240 fmt:rgb24 flags:0xa0000004 Output #0, image2, to 'out.tif': Metadata: creation_time : 2001-03-20 16:17:18 title : Vertical Online SV3 Demo title-eng : Vertical Online SV3 Demo artist : Logan Kelsey artist-eng : Logan Kelsey copyright : © Vertical Online 2001 copyright-eng : © Vertical Online 2001 encoder-eng : Sorenson Video 3 encoder : Lavf52.103.0 Stream #0.0(eng): Video: tiff, rgb24, 320x240, q=2-31, 200 kb/s, 90k tbn, 30 tbc Metadata: creation_time : 2001-03-20 16:17:18 Stream mapping: Stream #0.0 -> #0.0 Press ctrl-c to stop encoding [buffer @ 0x7cef550] Buffering several frames is not supported. Please consume all available frames before adding a new one. ==16721== Invalid read of size 4 ==16721== at 0x8050150: print_report.clone.13 (ffmpeg.c:1334) ==16721== Address 0x48 is not stack'd, malloc'd or (recently) free'd ==16721== ==16721== ==16721== Process terminating with default action of signal 11 (SIGSEGV) ==16721== Access not within mapped region at address 0x48 ==16721== at 0x8050150: print_report.clone.13 (ffmpeg.c:1334) ==16721== If you believe this happened as a result of a stack ==16721== overflow in your program's main thread (unlikely but ==16721== possible), you can try to increase the size of the ==16721== main thread stack using the --main-stacksize= flag. ==16721== The main thread stack size used in this run was 8388608. ==16721== ==16721== HEAP SUMMARY: ==16721== in use at exit: 1,650,946 bytes in 407 blocks ==16721== total heap usage: 1,098 allocs, 691 frees, 2,254,669 bytes allocated ==16721== ==16721== LEAK SUMMARY: ==16721== definitely lost: 0 bytes in 0 blocks ==16721== indirectly lost: 0 bytes in 0 blocks ==16721== possibly lost: 0 bytes in 0 blocks ==16721== still reachable: 1,650,946 bytes in 407 blocks ==16721== suppressed: 0 bytes in 0 blocks ==16721== Rerun with --leak-check=full to see details of leaked memory ==16721== ==16721== For counts of detected and suppressed errors, rerun with: -v ==16721== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 3) }}} -- Ticket URL: <http://avcodec.org/trac/ffmpeg/ticket/20> FFmpeg <http://ffmpeg.org> FFmpeg issue tracker
#20: Crash when encoding to tif with high value for -ss ----------------------+---------------------- Reporter: cehoyos | Owner: michael Type: defect | Status: closed Priority: important | Component: FFmpeg Version: git | Resolution: fixed Keywords: | Blocked By: Blocking: | Reproduced: 1 Analyzed: 0 | ----------------------+---------------------- Changes (by michael): * status: new => closed * resolution: => fixed -- Ticket URL: <https://avcodec.org/trac/ffmpeg/ticket/20#comment:1> FFmpeg <http://ffmpeg.org> FFmpeg issue tracker
#20: Crash when encoding to tif with high value for -ss -------------------------------------+------------------------------------- Reporter: cehoyos | Owner: michael Type: defect | Status: closed Priority: important | Component: FFmpeg Version: git | Resolution: fixed Keywords: crash | Blocked By: SIGSEGV roundup | Reproduced by developer: 1 Blocking: | Analyzed by developer: 0 | -------------------------------------+------------------------------------- Changes (by cehoyos): * keywords: => crash SIGSEGV roundup -- Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/20#comment:2> FFmpeg <http://ffmpeg.org> FFmpeg issue tracker
participants (1)
-
FFmpeg