[FFmpeg-soc] libavfilter audio work - qualification task

Mon Apr 19 15:30:27 CEST 2010

On Mon, 19 Apr 2010 00:42:37 -0700
"S.N. Hemanth Meenakshisundaram" <smeenaks at ucsd.edu> wrote:
>[...] 
>
> Videos do play with vf_yadif in the filter chain, but there are a couple 
> of problems right now. Am working on fixing them.
> 
> The first is a memory corruption reported by valgrind :
> 
> ==30358== Conditional jump or move depends on uninitialised value(s)
> ==30358==    at 0x418218: filter_line_c (vf_yadif.c:331)
> ==30358==    by 0x418762: end_frame (vf_yadif.c:381)
> 
> ==30358==  Uninitialised value was created by a heap allocation
> [...]
> ==30358==    by 0x90D187: av_malloc (mem.c:83)
> ==30358==    by 0x4183D1: config_props_input (vf_yadif.c:405)
> 
> The offending piece of code seems to be :
> 
> filter_line_c :
> 
>          int spatial_score= FFABS(cur[-refs-1] - cur[+refs-1]) + FFABS(c-e)
>                           + FFABS(cur[-refs+1] - cur[+refs+1]) - 1;
> 
> #define CHECK(j)\
>      {   int score= FFABS(cur[-refs-1+j] - cur[+refs-1-j])\
>                   + FFABS(cur[-refs  +j] - cur[+refs  -j])\
>                   + FFABS(cur[-refs+1+j] - cur[+refs+1-j]);\
>          if(score < spatial_score){\
>              spatial_score= score;\
>              spatial_pred= (cur[-refs  +j] + cur[+refs  -j])>>1;\
> 
> Line 331:     CHECK(-1) CHECK(-2) }} }}
> 
> The allocation is here :
> 
>      for(i=0; i<3; i++) {
>          int is_chroma= !!i;
>          int w= ((link->w     + 31) & (~31))>>is_chroma;
>          int h= ((link->h + 6 + 31) & (~31))>>is_chroma;
> 
>          av_log(NULL, AV_LOG_ERROR, "Alloc dims are : '%d, %d, %d, 
> %ld'\n", w, h, i, yadif);
>          yadif->stride[i]= w;
>          for(j=0; j<3; j++)
>              yadif->ref[j][i]= (uint8_t 
> *)(av_malloc(w*h*sizeof(uint8_t)))+3*w;
> 
> 
> Am wondering if this is because the store_refs function does a :
> 
>      memcpy (p->ref[3], p->ref[0], sizeof(uint8_t *)*3);
>      memmove(p->ref[0], p->ref[1], sizeof(uint8_t *)*3*3);
> 
> Isn't ref[3] unallocated at this time? This code is from the mplayer 
> yadif, so I guess am doing something wrong here.
> 

I'll try to take a look at the code tonight.

> 
> The 2nd issue is strange and might be related :
> 
> The av_log statement above
> 
>          av_log(NULL, AV_LOG_ERROR, "Alloc dims are : '%d, %d, %d, 
> %ld'\n", w, h, i, yadif);
> 
> throws a segmentation fault in av_log code if I use yadif (which is a 
> YadifContext * pointer) instead of NULL as the logging context. I tried 
> logging the context pointer and it is not NULL and appears valid.

Use the AVFilterContext* as the av_log context.

> 
> Am working on this, but please let me know if there's something I am 
> missing. Full diff is again attached.
> 
> Thanks,

-- 
Bobby Bingham
このメールは再利用されたバイトでできている。