[FFmpeg-trac] #2088(avcodec:open): crash with forced aac and h264

FFmpeg trac at avcodec.org
Tue Jan 1 22:46:42 CET 2013


#2088: crash with forced aac and h264
------------------------------------+-----------------------------------
             Reporter:  ami_stuff   |                    Owner:
                 Type:  defect      |                   Status:  open
             Priority:  normal      |                Component:  avcodec
              Version:  git-master  |               Resolution:
             Keywords:  h264        |               Blocked By:
             Blocking:              |  Reproduced by developer:  1
Analyzed by developer:  0           |
------------------------------------+-----------------------------------
Changes (by cehoyos):

 * keywords:   => h264
 * status:  new => open
 * version:  unspecified => git-master
 * component:  undetermined => avcodec
 * reproduced:  0 => 1


Comment:

 I can only reproduce invalid memory accesses:
 {{{
 valgrind ./ffmpeg_g -vcodec h264 -threads 1 -i dvdsub.vob
 ==7217== Memcheck, a memory error detector
 ==7217== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
 ==7217== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
 ==7217== Command: ffmpeg_g -vcodec h264 -threads 1 -i dvdsub.vob
 ==7217==
 ffmpeg version N-48385-g5ed5e90 Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Jan  1 2013 21:30:44 with gcc 4.7 (SUSE Linux)
   configuration: --enable-gpl --disable-indev=jack
   libavutil      52. 13.100 / 52. 13.100
   libavcodec     54. 85.100 / 54. 85.100
   libavformat    54. 59.100 / 54. 59.100
   libavdevice    54.  3.102 / 54.  3.102
   libavfilter     3. 30.102 /  3. 30.102
   libswscale      2.  1.103 /  2.  1.103
   libswresample   0. 17.102 /  0. 17.102
   libpostproc    52.  2.100 / 52.  2.100
 ==7217== Invalid read of size 4
 ==7217==    at 0x77E289: avpriv_h264_has_num_reorder_frames (h264.c:80)
 ==7217==    by 0x5951BC: try_decode_frame (utils.c:906)
 ==7217==    by 0x59C755: avformat_find_stream_info (utils.c:2889)
 ==7217==    by 0x454C80: open_input_file (ffmpeg_opt.c:794)
 ==7217==    by 0x45349F: open_files.isra.6 (ffmpeg_opt.c:2295)
 ==7217==    by 0x458E48: ffmpeg_parse_options (ffmpeg_opt.c:2332)
 ==7217==    by 0x451377: main (ffmpeg.c:3185)
 ==7217==  Address 0x68a58d4 is 1,396 bytes inside a block of size 2,048
 free'd
 ==7217==    at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-
 amd64-linux.so)
 ==7217==    by 0xBB7FBB: av_freep (mem.c:185)
 ==7217==    by 0x5DCEE3: ff_init_vlc_sparse (bitstream.c:338)
 ==7217==    by 0x423E78: ff_mpeg12_init_vlcs (mpeg12.c:690)
 ==7217==    by 0x4242BF: mpeg_decode_init (mpeg12.c:1150)
 ==7217==    by 0x9A0FC5: avcodec_open2 (utils.c:1030)
 ==7217==    by 0x595269: try_decode_frame (utils.c:2453)
 ==7217==    by 0x59C755: avformat_find_stream_info (utils.c:2889)
 ==7217==    by 0x454C80: open_input_file (ffmpeg_opt.c:794)
 ==7217==    by 0x45349F: open_files.isra.6 (ffmpeg_opt.c:2295)
 ==7217==    by 0x458E48: ffmpeg_parse_options (ffmpeg_opt.c:2332)
 ==7217==    by 0x451377: main (ffmpeg.c:3185)
 ==7217==
 [mpeg @ 0x66bcbe0] max_analyze_duration 5000000 reached at 5000000
 ==7217== Invalid read of size 4
 ==7217==    at 0x77E289: avpriv_h264_has_num_reorder_frames (h264.c:80)
 ==7217==    by 0x5951BC: try_decode_frame (utils.c:906)
 ==7217==    by 0x59DB02: avformat_find_stream_info (utils.c:2909)
 ==7217==    by 0x454C80: open_input_file (ffmpeg_opt.c:794)
 ==7217==    by 0x45349F: open_files.isra.6 (ffmpeg_opt.c:2295)
 ==7217==    by 0x458E48: ffmpeg_parse_options (ffmpeg_opt.c:2332)
 ==7217==    by 0x451377: main (ffmpeg.c:3185)
 ==7217==  Address 0x68a58d4 is 1,396 bytes inside a block of size 2,048
 free'd
 ==7217==    at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-
 amd64-linux.so)
 ==7217==    by 0xBB7FBB: av_freep (mem.c:185)
 ==7217==    by 0x5DCEE3: ff_init_vlc_sparse (bitstream.c:338)
 ==7217==    by 0x423E78: ff_mpeg12_init_vlcs (mpeg12.c:690)
 ==7217==    by 0x4242BF: mpeg_decode_init (mpeg12.c:1150)
 ==7217==    by 0x9A0FC5: avcodec_open2 (utils.c:1030)
 ==7217==    by 0x595269: try_decode_frame (utils.c:2453)
 ==7217==    by 0x59C755: avformat_find_stream_info (utils.c:2889)
 ==7217==    by 0x454C80: open_input_file (ffmpeg_opt.c:794)
 ==7217==    by 0x45349F: open_files.isra.6 (ffmpeg_opt.c:2295)
 ==7217==    by 0x458E48: ffmpeg_parse_options (ffmpeg_opt.c:2332)
 ==7217==    by 0x451377: main (ffmpeg.c:3185)
 ==7217==
 Input #0, mpeg, from 'dvdsub.vob':
   Duration: 00:00:07.97, start: 1556.319267, bitrate: 5263 kb/s
     Stream #0:0[0x1e0]: Video: h264, yuv420p, 720x576 [SAR 64:45 DAR
 16:9], 25 fps, 1.67 tbr, 90k tbn, 50 tbc
     Stream #0:1[0x80]: Audio: ac3, 48000 Hz, stereo, fltp, 192 kb/s
     Stream #0:2[0x20]: Subtitle: dvd_subtitle
     Stream #0:3[0x22]: Subtitle: dvd_subtitle
     Stream #0:4[0x24]: Subtitle: dvd_subtitle
     Stream #0:5[0x25]: Subtitle: dvd_subtitle
     Stream #0:6[0x26]: Subtitle: dvd_subtitle
     Stream #0:7[0x28]: Subtitle: dvd_subtitle
     Stream #0:8[0x29]: Subtitle: dvd_subtitle
     Stream #0:9[0x21]: Subtitle: dvd_subtitle
     Stream #0:10[0x23]: Subtitle: dvd_subtitle
     Stream #0:11[0x27]: Subtitle: dvd_subtitle
     Stream #0:12[0x2a]: Subtitle: dvd_subtitle
 At least one output file must be specified
 ==7217==
 ==7217== HEAP SUMMARY:
 ==7217==     in use at exit: 0 bytes in 0 blocks
 ==7217==   total heap usage: 3,559 allocs, 3,559 frees, 12,151,708 bytes
 allocated
 ==7217==
 ==7217== All heap blocks were freed -- no leaks are possible
 ==7217==
 ==7217== For counts of detected and suppressed errors, rerun with: -v
 ==7217== ERROR SUMMARY: 119 errors from 2 contexts (suppressed: 2 from 2)
 }}}

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2088#comment:2>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list