[FFmpeg-trac] #2946(undetermined:new): truemotion2: invalid write with max_alloc
FFmpeg
trac at avcodec.org
Mon Sep 9 13:17:46 CEST 2013
#2946: truemotion2: invalid write with max_alloc
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: normal | Component:
Version: | undetermined
unspecified | Keywords:
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
{{{
(gdb) r -max_alloc 350000 -i ./tm2_fuzz.avi -f null -
Starting program: /media/sdb1/ffmpeg-HEAD-a67dcd7/ffmpeg_g -max_alloc
350000 -i ./tm2_fuzz.avi -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.0-a67dcd7 Copyright (c) 2000-2013 the FFmpeg developers
built on Sep 5 2013 17:23:55 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 52. 43.100 / 52. 43.100
libavcodec 55. 31.101 / 55. 31.101
libavformat 55. 16.101 / 55. 16.101
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 83.102 / 3. 83.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
[avi @ 0x9105d40] non-interleaved AVI
Guessed Channel Layout for Input Stream #0.1 : stereo
Input #0, avi, from './tm2_fuzz.avi':
Duration: 00:00:10.13, start: 0.000000, bitrate: 1498 kb/s
Stream #0:0: Video: truemotion2 (TM20 / 0x30324D54), bgr24, 320x240,
15 tbr, 15 tbn, 15 tbc
Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 22050 Hz, stereo,
u8, 352 kb/s
[New Thread 0xb7df8b70 (LWP 15835)]
[New Thread 0xb75f8b70 (LWP 15836)]
[New Thread 0xb6df8b70 (LWP 15837)]
[New Thread 0xb65f8b70 (LWP 15838)]
[New Thread 0xb5df8b70 (LWP 15839)]
[New Thread 0xb55f8b70 (LWP 15840)]
[New Thread 0xb4df8b70 (LWP 15841)]
[New Thread 0xb45f8b70 (LWP 15842)]
[New Thread 0xb3df8b70 (LWP 15843)]
[New Thread 0xb35f8b70 (LWP 15844)]
[New Thread 0xb2df8b70 (LWP 15845)]
[New Thread 0xb25f8b70 (LWP 15846)]
[New Thread 0xb1df8b70 (LWP 15847)]
[New Thread 0xb15f8b70 (LWP 15848)]
[New Thread 0xb0df8b70 (LWP 15849)]
[New Thread 0xb05f8b70 (LWP 15850)]
[New Thread 0xafdf8b70 (LWP 15851)]
[New Thread 0xaf5f8b70 (LWP 15852)]
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf55.16.101
Stream #0:0: Video: rawvideo (BGR[24] / 0x18524742), bgr24, 320x240,
q=2-31, 200 kb/s, 90k tbn, 15 tbc
Stream #0:1: Audio: pcm_s16le, 22050 Hz, stereo, s16, 705 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (truemotion2 -> rawvideo)
Stream #0:1 -> #0:1 (pcm_u8 -> pcm_s16le)
Press [q] to stop, [?] for help
[null @ 0x9108f20] Encoder did not produce proper pts, making some up.
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Incorrect number of tokens: 2224
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Incorrect number of tokens: 2224
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x9106640] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Incorrect number of tokens: 19384
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Incorrect number of tokens: 69600
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Incorrect number of tokens: 4478
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 35 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Incorrect number of tokens: 6080
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Incorrect number of tokens: 6984
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Read token from stream 4 out of bounds
(840>=840)
Last message repeated 71 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4154>=4154)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 4 out of bounds
(840>=840)
Last message repeated 23 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(4154>=4154)
Last message repeated 37 times
[truemotion2 @ 0x9106640] Got less codes than expected: 3 of 7
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5632>=5632)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5632>=5632)
Last message repeated 3 times
[truemotion2 @ 0x9106640] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x9106640] Read token from stream 3 out of bounds
(5632>=5632)
Last message repeated 3 times
Program received signal SIGSEGV, Segmentation fault.
tm2_read_stream (buf_size=<optimized out>, stream_id=<optimized out>,
buf=0x925016c "", ctx=0x90f8640) at libavcodec/truemotion2.c:358
358 ctx->tokens[stream_id][i] = tm2_get_token(&ctx->gb,
&codes);
(gdb) bt
#0 tm2_read_stream (buf_size=<optimized out>, stream_id=<optimized out>,
buf=0x925016c "", ctx=0x90f8640) at libavcodec/truemotion2.c:358
#1 decode_frame (avctx=0x9106640, data=0x90f9c80, got_frame=0xbffff4e4,
avpkt=0xbffff288) at libavcodec/truemotion2.c:896
#2 0x086770fe in avcodec_decode_video2 (avctx=0x9106640,
picture=picture at entry=0x90f9c80,
got_picture_ptr=got_picture_ptr at entry=0xbffff4e4,
avpkt=avpkt at entry=0xbffff730) at libavcodec/utils.c:1983
#3 0x080b36fd in decode_video (ist=ist at entry=0x9108b40,
pkt=pkt at entry=0xbffff730, got_output=got_output at entry=0xbffff4e4)
at ffmpeg.c:1668
#4 0x080b761a in output_packet (pkt=0xbffff6c8, ist=0x9108b40)
at ffmpeg.c:1866
#5 process_input (file_index=2) at ffmpeg.c:3085
#6 0x080a2ec3 in transcode_step () at ffmpeg.c:3181
#7 transcode () at ffmpeg.c:3233
#8 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3411
(gdb)
}}}
{{{
knoppix at Microknoppix:/media/sdb1$ valgrind --leak-check=full ffmpeg-HEAD-
a67dcd7/ffmpeg_g -max_alloc 350000 -i ./tm2_fuzz.avi -f null -
==15804== Memcheck, a memory error detector
==15804== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==15804== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
info
==15804== Command: ffmpeg-HEAD-a67dcd7/ffmpeg_g -max_alloc 350000 -i
./tm2_fuzz.avi -f null -
==15804==
ffmpeg version 2.0-a67dcd7 Copyright (c) 2000-2013 the FFmpeg developers
built on Sep 5 2013 17:23:55 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 52. 43.100 / 52. 43.100
libavcodec 55. 31.101 / 55. 31.101
libavformat 55. 16.101 / 55. 16.101
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 83.102 / 3. 83.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
[avi @ 0x4229020] non-interleaved AVI
Guessed Channel Layout for Input Stream #0.1 : stereo
Input #0, avi, from './tm2_fuzz.avi':
Duration: 00:00:10.13, start: 0.000000, bitrate: 1498 kb/s
Stream #0:0: Video: truemotion2 (TM20 / 0x30324D54), bgr24, 320x240,
15 tbr, 15 tbn, 15 tbc
Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 22050 Hz, stereo,
u8, 352 kb/s
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf55.16.101
Stream #0:0: Video: rawvideo (BGR[24] / 0x18524742), bgr24, 320x240,
q=2-31, 200 kb/s, 90k tbn, 15 tbc
Stream #0:1: Audio: pcm_s16le, 22050 Hz, stereo, s16, 705 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (truemotion2 -> rawvideo)
Stream #0:1 -> #0:1 (pcm_u8 -> pcm_s16le)
Press [q] to stop, [?] for help
[null @ 0x433a300] Encoder did not produce proper pts, making some up.
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2208>=2208)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 2224
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 2224
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(278>=278)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 2 out of bounds
(2224>=2224)
Last message repeated 15 times
[truemotion2 @ 0x423a4e0] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 19384
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 69600
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 4478
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 35 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5940>=5940)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4156>=4156)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 6080
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Incorrect number of tokens: 6984
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Read token from stream 4 out of bounds
(840>=840)
Last message repeated 71 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4154>=4154)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 4 out of bounds
(840>=840)
Last message repeated 23 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(4154>=4154)
Last message repeated 37 times
[truemotion2 @ 0x423a4e0] Got less codes than expected: 3 of 7
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] invalid stream size
Error while decoding stream #0:0: Invalid data found when processing input
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5632>=5632)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5632>=5632)
Last message repeated 3 times
[truemotion2 @ 0x423a4e0] Read token from stream 1 out of bounds
(3722>=3722)
Last message repeated 1 times
[truemotion2 @ 0x423a4e0] Read token from stream 3 out of bounds
(5632>=5632)
==15804== Invalid write of size 4
==15804== at 0x866ABBA: decode_frame (truemotion2.c:358)
==15804== by 0x86770FD: avcodec_decode_video2 (utils.c:1983)
==15804== by 0x80B36FC: decode_video (ffmpeg.c:1668)
==15804== by 0x57E6B10: ???
==15804== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==15804==
==15804==
==15804== Process terminating with default action of signal 11 (SIGSEGV)
==15804== Access not within mapped region at address 0x0
==15804== at 0x866ABBA: decode_frame (truemotion2.c:358)
==15804== by 0x86770FD: avcodec_decode_video2 (utils.c:1983)
==15804== by 0x80B36FC: decode_video (ffmpeg.c:1668)
==15804== by 0x57E6B10: ???
==15804== If you believe this happened as a result of a stack
==15804== overflow in your program's main thread (unlikely but
==15804== possible), you can try to increase the size of the
==15804== main thread stack using the --main-stacksize= flag.
==15804== The main thread stack size used in this run was 8388608.
==15804==
==15804== HEAP SUMMARY:
==15804== in use at exit: 1,534,323 bytes in 231 blocks
==15804== total heap usage: 2,946 allocs, 2,715 frees, 5,670,272 bytes
allocated
==15804==
==15804== 20 bytes in 1 blocks are definitely lost in loss record 53 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0x45960EF: ???
==15804==
==15804== 20 bytes in 1 blocks are definitely lost in loss record 54 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0xF1C4B3F: ???
==15804==
==15804== 24 bytes in 1 blocks are definitely lost in loss record 62 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0x458E6E7: ???
==15804==
==15804== 24 bytes in 1 blocks are definitely lost in loss record 63 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0xF14E677: ???
==15804==
==15804== 28 bytes in 1 blocks are definitely lost in loss record 67 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0x45D04B7: ???
==15804==
==15804== 48 bytes in 1 blocks are definitely lost in loss record 81 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0xF0F5097: ???
==15804==
==15804== 52 bytes in 1 blocks are definitely lost in loss record 82 of
161
==15804== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==15804== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==15804== by 0x886CB77: av_malloc (mem.c:93)
==15804== by 0xF196F8F: ???
==15804==
==15804== 1,088 bytes in 6 blocks are definitely lost in loss record 134
of 161
==15804== at 0x4028308: malloc (vg_replace_malloc.c:263)
==15804== by 0x402849F: realloc (vg_replace_malloc.c:632)
==15804== by 0x886CC05: av_realloc_f (mem.c:164)
==15804== by 0x8285C0A: build_table (bitstream.c:114)
==15804== by 0x8286602: ff_init_vlc_sparse (bitstream.c:334)
==15804== by 0x866A47B: decode_frame (truemotion2.c:193)
==15804==
==15804== 2,592 bytes in 18 blocks are possibly lost in loss record 143 of
161
==15804== at 0x4026A68: calloc (vg_replace_malloc.c:566)
==15804== by 0x40111FB: _dl_allocate_tls (dl-tls.c:300)
==15804== by 0x407C2A8: pthread_create@@GLIBC_2.1 (allocatestack.c:580)
==15804== by 0x80D9651: ff_graph_thread_init (pthread.c:180)
==15804== by 0x80CD5C7: avfilter_graph_alloc_filter
(avfiltergraph.c:186)
==15804== by 0x80D8204: create_filter (graphparser.c:112)
==15804== by 0x80D8C59: avfilter_graph_parse2 (graphparser.c:169)
==15804==
==15804== 4,096 bytes in 1 blocks are possibly lost in loss record 145 of
161
==15804== at 0x4028308: malloc (vg_replace_malloc.c:263)
==15804== by 0x402849F: realloc (vg_replace_malloc.c:632)
==15804== by 0x886CC05: av_realloc_f (mem.c:164)
==15804== by 0x8285C0A: build_table (bitstream.c:114)
==15804== by 0x8286602: ff_init_vlc_sparse (bitstream.c:334)
==15804== by 0x866A47B: decode_frame (truemotion2.c:193)
==15804==
==15804== LEAK SUMMARY:
==15804== definitely lost: 1,304 bytes in 13 blocks
==15804== indirectly lost: 0 bytes in 0 blocks
==15804== possibly lost: 6,688 bytes in 19 blocks
==15804== still reachable: 1,526,331 bytes in 199 blocks
==15804== suppressed: 0 bytes in 0 blocks
==15804== Reachable blocks (those to which a pointer was found) are not
shown.
==15804== To see them, rerun with: --leak-check=full --show-reachable=yes
==15804==
==15804== For counts of detected and suppressed errors, rerun with: -v
==15804== ERROR SUMMARY: 11 errors from 11 contexts (suppressed: 59 from
6)
Killed
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2946>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list