[FFmpeg-trac] #1453(undetermined:new): Segfault when decoding H264 video

FFmpeg trac at avcodec.org
Sun Jun 17 21:48:03 CEST 2012 

#1453: Segfault when decoding H264 video
-------------------------------------+-------------------------------------
             Reporter:  kyl416       |                    Owner:
                 Type:  defect       |                   Status:  new
             Priority:  important    |                Component:
              Version:  git-master   |  undetermined
             Keywords:               |               Resolution:
             Blocking:               |               Blocked By:
Analyzed by developer:  0            |  Reproduced by developer:  0
-------------------------------------+-------------------------------------

Comment (by kyl416):

 Also just incase you need it, the valgrind output

 {{{
 valgrind ffmpeg -i rtsp://(hidden)
 ==11942== Memcheck, a memory error detector
 ==11942== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
 ==11942== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
 info
 ==11942== Command: ffmpeg -i rtsp://(hidden)
 ==11942==
 ffmpeg version N-41656-g1125606 Copyright (c) 2000-2012 the FFmpeg
 developers
   built on Jun 17 2012 15:39:21 with gcc 4.6.3
   configuration: --prefix=/usr --enable-gpl --enable-version3 --enable-
 nonfree --enable-shared --enable-postproc --enable-libx264 --enable-frei0r
 --enable-librtmp --enable-libopencore-amrnb --enable-libopencore-amrwb
 --enable-libdc1394 --enable-libmp3lame --enable-libtheora --enable-
 libopenjpeg --enable-libvpx --enable-libgsm --enable-libschroedinger
 --enable-libspeex --enable-libvorbis --enable-libxvid --enable-libfaac
 --cpu=amdfam10 --arch=x86_64 --enable-x11grab --enable-libxavs --enable-
 libfreetype --e  libavutil      51. 58.100 / 51. 58.100
   libavcodec     54. 25.100 / 54. 25.100
   libavformat    54.  6.101 / 54.  6.101
   libavdevice    54.  0.100 / 54.  0.100
   libavfilter     2. 81.100 /  2. 81.100
   libswscale      2.  1.100 /  2.  1.100
   libswresample   0. 15.100 /  0. 15.100
   libpostproc    52.  0.100 / 52.  0.100
 ==11942== Invalid write of size 4
 ==11942==    at 0x58858B0: ff_h264_decode_nal (h264.c:175)
 ==11942==    by 0x58CB448: decode_nal_units (h264.c:4266)
 ==11942==    by 0x58CC244: ff_h264_decode_extradata (h264.c:1206)
 ==11942==    by 0x58EFDD6: h264_parse (h264_parser.c:311)
 ==11942==    by 0x5A3821C: av_parser_parse2 (parser.c:149)
 ==11942==    by 0x53C1422: parse_packet (utils.c:1183)
 ==11942==    by 0x53C18DB: read_frame_internal (utils.c:1352)
 ==11942==    by 0x53C3310: avformat_find_stream_info (utils.c:2582)
 ==11942==    by 0x413155: opt_input_file (ffmpeg.c:4300)
 ==11942==    by 0x41994F: parse_option (cmdutils.c:311)
 ==11942==    by 0x419AF2: parse_options (cmdutils.c:344)
 ==11942==    by 0x4062D8: main (ffmpeg.c:5897)
 ==11942==  Address 0x4cb48 is not stack'd, malloc'd or (recently) free'd
 ==11942==
 ==11942==
 ==11942== Process terminating with default action of signal 11 (SIGSEGV)
 ==11942==  Access not within mapped region at address 0x4CB48
 ==11942==    at 0x58858B0: ff_h264_decode_nal (h264.c:175)
 ==11942==    by 0x58CB448: decode_nal_units (h264.c:4266)
 ==11942==    by 0x58CC244: ff_h264_decode_extradata (h264.c:1206)
 ==11942==    by 0x58EFDD6: h264_parse (h264_parser.c:311)
 ==11942==    by 0x5A3821C: av_parser_parse2 (parser.c:149)
 ==11942==    by 0x53C1422: parse_packet (utils.c:1183)
 ==11942==    by 0x53C18DB: read_frame_internal (utils.c:1352)
 ==11942==    by 0x53C3310: avformat_find_stream_info (utils.c:2582)
 ==11942==    by 0x413155: opt_input_file (ffmpeg.c:4300)
 ==11942==    by 0x41994F: parse_option (cmdutils.c:311)
 ==11942==    by 0x419AF2: parse_options (cmdutils.c:344)
 ==11942==    by 0x4062D8: main (ffmpeg.c:5897)
 ==11942==  If you believe this happened as a result of a stack
 ==11942==  overflow in your program's main thread (unlikely but
 ==11942==  possible), you can try to increase the size of the
 ==11942==  main thread stack using the --main-stacksize= flag.
 ==11942==  The main thread stack size used in this run was 8388608.
 ==11942==
 ==11942== HEAP SUMMARY:
 ==11942==     in use at exit: 1,363,620 bytes in 2,868 blocks
 ==11942==   total heap usage: 4,466 allocs, 1,598 frees, 1,526,169 bytes
 allocated
 ==11942==
 ==11942== LEAK SUMMARY:
 ==11942==    definitely lost: 61 bytes in 2 blocks
 ==11942==    indirectly lost: 336 bytes in 4 blocks
 ==11942==      possibly lost: 0 bytes in 0 blocks
 ==11942==    still reachable: 1,363,223 bytes in 2,862 blocks
 ==11942==         suppressed: 0 bytes in 0 blocks
 ==11942== Rerun with --leak-check=full to see details of leaked memory
 ==11942==
 ==11942== For counts of detected and suppressed errors, rerun with: -v
 ==11942== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
 Segmentation fault (core dumped)
 }}}

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/1453#comment:3>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list