[FFmpeg-trac] #407(avcodec:new): Crash in ff_put_pixels16_neon (EXC_BAD_ACCESS)

FFmpeg trac at avcodec.org
Mon Aug 22 17:03:43 CEST 2011 

#407: Crash in ff_put_pixels16_neon (EXC_BAD_ACCESS)
------------------------------------+----------------------
Reporter:  redeemarr                |       Owner:
    Type:  defect                   |      Status:  new
Priority:  normal                   |   Component:  avcodec
 Version:  unspecified              |  Resolution:
Keywords:  Crash, Error resilience  |  Blocked By:
Blocking:                           |  Reproduced:  0
Analyzed:  0                        |
------------------------------------+----------------------

Comment (by redeemarr):

 Added sample frame, what been last before crash. I'll try to capture all
 the frames since last I-frame, if you need that.

 Also, I've noticed another crash while decoding h.264. Assertion failed
 in:
 h264_refs.c: 482
 av_assert(h->long_ref_count + h->short_ref_count <=
 h->sps.ref_frame_count);

 long_ref_count = 167772170
 short_ref_count = -442687480
 sps.ref_frame_count = 60829697

 This values are odd, I guess. That never haven't happened with latest SVN
 revision.
 Backtrace is:
 {{{
 #0  0x3348fa1c in __pthread_kill ()
 #1  0x310c63ba in pthread_kill ()
 #2  0x310bebfe in abort ()
 #3  0x0023c664 in ff_h264_decode_ref_pic_marking (h=0x7271000, gb=<value
 temporarily unavailable, due to optimizations>) at
 libavcodec/h264_refs.c:482
 #4  0x00208744 in decode_slice_header (h=0x7271000, h0=0x7271000) at
 libavcodec/h264.c:2917
 #5  0x00217018 in decode_nal_units (h=0x7271000, buf=0x5e8afc0 "",
 buf_size=409) at libavcodec/h264.c:3697
 #6  0x00217a18 in decode_frame (avctx=0xb9ba00, data=0x70b7f0,
 data_size=0x700cbe4, avpkt=<value temporarily unavailable, due to
 optimizations>) at libavcodec/h264.c:3884
 #7  0x0029b3bc in avcodec_decode_video2 (avctx=0xb9ba00, picture=0x70b7f0,
 got_picture_ptr=0x700cbe4, avpkt=0x700cdd8) at libavcodec/utils.c:769
 }}}

 Also, I couldn't reproduce 'put_pixels16 crash' running on x86 (iPhone
 simulator). But, assertion failed if I run on ARM or x86 as well.
 Probably AV occurs on x86 too, but memory being read is valid. Just in
 theory.

 As result:
 x86 crashes only on av_assert,
 ARM crashes on av_assert and put_pixels16 as well.

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/407#comment:8>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list