[FFmpeg-trac] #2139(undetermined:new): Crash on invalid command-line

FFmpeg trac at avcodec.org
Tue Jan 15 16:02:09 CET 2013


#2139: Crash on invalid command-line
-------------------------------------+-------------------------------------
               Reporter:  cehoyos    |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  important  |              Component:
                Version:  git-       |  undetermined
  master                             |               Keywords:  crash
             Blocked By:             |  SIGSEGV
Reproduced by developer:  0          |               Blocking:
                                     |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 {{{
 (gdb) r -i tests/lena.pnm concat:out.bmp
 Starting program: /home/cehoyos/test/cehoyos/FFmpeg/ffmpeg_g -i
 tests/lena.pnm concat:out.bmp
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib64/libthread_db.so.1".
 ffmpeg version N-48916-ge074fe2 Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Jan 15 2013 15:59:20 with gcc 4.7 (SUSE Linux)
   configuration: --enable-gpl --disable-indev=jack
   libavutil      52. 14.100 / 52. 14.100
   libavcodec     54. 89.100 / 54. 89.100
   libavformat    54. 59.107 / 54. 59.107
   libavdevice    54.  3.102 / 54.  3.102
   libavfilter     3. 32.100 /  3. 32.100
   libswscale      2.  1.103 /  2.  1.103
   libswresample   0. 17.102 /  0. 17.102
   libpostproc    52.  2.100 / 52.  2.100
 Input #0, image2, from 'tests/lena.pnm':
   Duration: 00:00:00.04, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: ppm, rgb24, 256x256, 25 tbr, 25 tbn, 25 tbc
 Output #0, image2, to 'concat:out.bmp':
   Metadata:
     encoder         : Lavf54.59.107
     Stream #0:0: Video: bmp, bgr24, 256x256, q=2-31, 200 kb/s, 90k tbn, 25
 tbc
 Stream mapping:
   Stream #0:0 -> #0:0 (ppm -> bmp)
 Press [q] to stop, [?] for help

 Program received signal SIGSEGV, Segmentation fault.
 0x0000000000000000 in ?? ()
 (gdb) bt
 #0  0x0000000000000000 in ?? ()
 #1  0x00000000004dc053 in retry_transfer_wrapper (transfer_func=0x0,
 size_min=32768,
     size=32768, buf=0x16772c0 "BM6", h=0x15d6d60) at
 libavformat/avio.c:262
 #2  ffurl_write (h=0x15d6d60, buf=0x16772c0 "BM6", size=32768) at
 libavformat/avio.c:313
 #3  0x00000000004dcf26 in writeout (len=32768, data=<optimized out>,
 s=0x15d48e0)
     at libavformat/aviobuf.c:129
 #4  flush_buffer (s=0x15d48e0) at libavformat/aviobuf.c:140
 #5  avio_write (s=0x15d48e0, buf=0x1647240 "BM6", size=196662)
     at libavformat/aviobuf.c:185
 #6  0x0000000000504167 in write_packet (s=0x15d7b00, pkt=0x7fffffffd600)
     at libavformat/img2enc.c:117
 #7  0x000000000053fbe3 in split_write_packet (pkt=0x7fffffffd600,
 s=0x15d7b00)
     at libavformat/mux.c:496
 #8  av_interleaved_write_frame (s=s at entry=0x15d7b00, pkt=<optimized out>,
     pkt at entry=0x7fffffffd920) at libavformat/mux.c:751
 #9  0x000000000045da03 in write_frame (s=s at entry=0x15d7b00,
 pkt=pkt at entry=0x7fffffffd920,
     ost=ost at entry=0x15ddb80) at ffmpeg.c:589
 #10 0x000000000045f648 in do_video_out (in_picture=0x15ce520,
 ost=0x15ddb80, s=0x15d7b00)
     at ffmpeg.c:932
 #11 reap_filters () at ffmpeg.c:1060
 #12 0x0000000000451c25 in transcode_step () at ffmpeg.c:2991
 #13 transcode () at ffmpeg.c:3034
 #14 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3209
 }}}
 {{{
 $ valgrind ./ffmpeg_g -i tests/lena.pnm concat:out.bmp
 ==11105== Memcheck, a memory error detector
 ==11105== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
 ==11105== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
 info
 ==11105== Command: ./ffmpeg_g -i tests/lena.pnm concat:out.bmp
 ==11105==
 ffmpeg version N-48916-ge074fe2 Copyright (c) 2000-2013 the FFmpeg
 developers
   built on Jan 15 2013 15:59:20 with gcc 4.7 (SUSE Linux)
   configuration: --enable-gpl --disable-indev=jack
   libavutil      52. 14.100 / 52. 14.100
   libavcodec     54. 89.100 / 54. 89.100
   libavformat    54. 59.107 / 54. 59.107
   libavdevice    54.  3.102 / 54.  3.102
   libavfilter     3. 32.100 /  3. 32.100
   libswscale      2.  1.103 /  2.  1.103
   libswresample   0. 17.102 /  0. 17.102
   libpostproc    52.  2.100 / 52.  2.100
 Input #0, image2, from 'tests/lena.pnm':
   Duration: 00:00:00.04, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: ppm, rgb24, 256x256, 25 tbr, 25 tbn, 25 tbc
 Output #0, image2, to 'concat:out.bmp':
   Metadata:
     encoder         : Lavf54.59.107
     Stream #0:0: Video: bmp, bgr24, 256x256, q=2-31, 200 kb/s, 90k tbn, 25
 tbc
 Stream mapping:
   Stream #0:0 -> #0:0 (ppm -> bmp)
 Press [q] to stop, [?] for help
 ==11105== Jump to the invalid address stated on the next line
 ==11105==    at 0x0: ???
 ==11105==    by 0x4DC052: ffurl_write (avio.c:262)
 ==11105==    by 0x4DCF25: avio_write (aviobuf.c:129)
 ==11105==    by 0x504166: write_packet (img2enc.c:117)
 ==11105==    by 0x53FBE2: av_interleaved_write_frame (mux.c:496)
 ==11105==    by 0x45DA02: write_frame (ffmpeg.c:589)
 ==11105==    by 0x45F647: reap_filters (ffmpeg.c:932)
 ==11105==    by 0x451C24: main (ffmpeg.c:2991)
 ==11105==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
 ==11105==
 ==11105==
 ==11105== Process terminating with default action of signal 11 (SIGSEGV)
 ==11105==  Bad permissions for mapped region at address 0x0
 ==11105==    at 0x0: ???
 ==11105==    by 0x4DC052: ffurl_write (avio.c:262)
 ==11105==    by 0x4DCF25: avio_write (aviobuf.c:129)
 ==11105==    by 0x504166: write_packet (img2enc.c:117)
 ==11105==    by 0x53FBE2: av_interleaved_write_frame (mux.c:496)
 ==11105==    by 0x45DA02: write_frame (ffmpeg.c:589)
 ==11105==    by 0x45F647: reap_filters (ffmpeg.c:932)
 ==11105==    by 0x451C24: main (ffmpeg.c:2991)
 ==11105==
 ==11105== HEAP SUMMARY:
 ==11105==     in use at exit: 1,077,722 bytes in 114 blocks
 ==11105==   total heap usage: 2,315 allocs, 2,201 frees, 2,892,263 bytes
 allocated
 ==11105==
 ==11105== LEAK SUMMARY:
 ==11105==    definitely lost: 0 bytes in 0 blocks
 ==11105==    indirectly lost: 0 bytes in 0 blocks
 ==11105==      possibly lost: 0 bytes in 0 blocks
 ==11105==    still reachable: 1,077,722 bytes in 114 blocks
 ==11105==         suppressed: 0 bytes in 0 blocks
 ==11105== Rerun with --leak-check=full to see details of leaked memory
 ==11105==
 ==11105== For counts of detected and suppressed errors, rerun with: -v
 ==11105== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
 Segmentation fault
 }}}

-- 
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2139>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list