[Ffmpeg-devel] segfault in ff_mpeg1_find_frame_end()

Måns Rullgård mru
Sat May 14 00:17:34 CEST 2005


Stefan Lucke <stefan at lucke.in-berlin.de> writes:

> Ok, back to list.
>
> On Donnerstag, 12. Mai 2005 21:55, Stefan Lucke wrote:
>
>> Now I think it could be fixed in softdevice. At least when replacing
>> av_read_packet() by av_read_frame() it doesn't crash anymore.
>
> On Freitag, 13. Mai 2005 23:30, M?ns Rullg?rd wrote:
>> Stefan Lucke <stefan at lucke.in-berlin.de> writes:
>> 
>> > Hi M?ns,
>> >
>> > Sorry for contacing you private, but no one seems to be interested in
>> > this problem.
>> 
>> It's still better to post to the list.  Even if it has sparked little
>> interest in the past, it may catch someone's attention.
>> 
>> > In contrast of my post yesterday, I got a crash when using
>> > av_read_frame() too. At the time it crashed I was using softplay
>> > plugin for vdr. So softdevice was not feed with data from vdr.
>> >
>> > I uploaded my sample to: http://www.lucke.in-berlin.de
>> > file: crash.2.4_3-16_9.001.vdr
>> >
>> > I just need some help in locating the crash.
>> 
>> Decoding that file with ffmpeg is perfectly valgrind-clean.  Without
>> any evidence suggesting otherwise, I'd say the bug is in vdr.  Have
>> you reported it there?
>> 
>
> No. At the time the crash happend the file was read via softplay.
> Softplay feeds data direct to softdevice. So vdr has no chance to
> do something with data.

I don't know what softplay and softdevice are, but they are certainly
not part of ffmpeg.  If they crash, and ffmpeg does not, I can only
assume that the fault is on softplay/softdevice, and should be
reported to whoever accepts bug reports on those.

> I just made some progress. At the beginning of function MPV_common_end()
> there are av_freep() for the parser buffer and parser buffer_size
> is set to 0. But I think pointer into the parses buffer are still
> present. So I commented out these two lines and even with av_read_packet()
> I get __no__ crash.
>
> I run valgrind with the modified code and there are no new leaks compared
> to run without my modification.

What does a valgrind say when it does crash?  That's what's
interesting.

-- 
M?ns Rullg?rd
mru at inprovide.com





More information about the ffmpeg-devel mailing list