[FFmpeg-trac] #3582(swscale:new): invalid read in swscale with cpu optimizations

FFmpeg trac at avcodec.org
Tue Apr 22 10:19:24 CEST 2014 

#3582: invalid read in swscale with cpu optimizations
--------------------------------------+---------------------------------
               Reporter:  ubitux      |                  Owner:
                   Type:  defect      |                 Status:  new
               Priority:  normal      |              Component:  swscale
                Version:  git-master  |               Keywords:
             Blocked By:              |               Blocking:
Reproduced by developer:  0           |  Analyzed by developer:  0
--------------------------------------+---------------------------------
 {{{
 ☭ valgrind ./ffmpeg_g -f lavfi -i testsrc=s=634x320 -frames:v 1 -y
 test.avi
 ==18764== Memcheck, a memory error detector
 ==18764== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
 ==18764== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright
 info
 ==18764== Command: ./ffmpeg_g -f lavfi -i testsrc=s=634x320 -frames:v 1 -y
 test.avi
 ==18764==
 ffmpeg version N-62606-g57fb570 Copyright (c) 2000-2014 the FFmpeg
 developers
   built on Apr 22 2014 09:42:25 with gcc 4.8.2 (GCC) 20140206 (prerelease)
   configuration: --enable-fontconfig --enable-libfreetype --enable-nonfree
 --enable-gpl --enable-libx264 --enable-libmp3lame --enable-x11grab
 --enable-libvorbis --samples=/home/ux/fate-samples --enable-libvpx
 --cpu=native --enable-libfaac --cc='ccache cc'
   libavutil      52. 77.100 / 52. 77.100
   libavcodec     55. 58.105 / 55. 58.105
   libavformat    55. 37.101 / 55. 37.101
   libavdevice    55. 13.100 / 55. 13.100
   libavfilter     4.  4.100 /  4.  4.100
   libswscale      2.  6.100 /  2.  6.100
   libswresample   0. 18.100 /  0. 18.100
   libpostproc    52.  3.100 / 52.  3.100
 Input #0, lavfi, from 'testsrc=s=634x320':
   Duration: N/A, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 634x320
 [SAR 1:1 DAR 317:160], 25 tbr, 25 tbn, 25 tbc
 Output #0, avi, to 'test.avi':
   Metadata:
     ISFT            : Lavf55.37.101
     Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 634x320 [SAR
 1:1 DAR 317:160], q=2-31, 200 kb/s, 25 tbn, 25 tbc
 Stream mapping:
   Stream #0:0 -> #0:0 (rawvideo -> mpeg4)
 Press [q] to stop, [?] for help
 [swscaler @ 0xa77a540] Warning: data is not aligned! This can lead to a
 speedloss
 ==18764== Invalid read of size 16
 ==18764==    at 0xC063C7: ??? (input.asm:334)
 ==18764==    by 0xBC0C08: swscale (swscale.c:255)
 ==18764==    by 0xBC2944: sws_scale (swscale.c:1109)
 ==18764==    by 0x4D01E0: filter_frame (vf_scale.c:423)
 ==18764==    by 0x49428D: ff_filter_frame_framed (avfilter.c:1081)
 ==18764==    by 0x495108: ff_filter_frame (avfilter.c:1161)
 ==18764==    by 0x49428D: ff_filter_frame_framed (avfilter.c:1081)
 ==18764==    by 0x495108: ff_filter_frame (avfilter.c:1161)
 ==18764==    by 0x499881: request_frame (buffersrc.c:500)
 ==18764==    by 0x4995A7: av_buffersrc_add_frame_internal
 (buffersrc.c:181)
 ==18764==    by 0x499AAC: av_buffersrc_add_frame_flags (buffersrc.c:106)
 ==18764==    by 0x480B61: decode_video (ffmpeg.c:1931)
 ==18764==  Address 0xa6038c6 is 608,646 bytes inside a block of size
 608,656 alloc'd
 ==18764==    at 0x4C28730: malloc (in /usr/lib/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==18764==    by 0x4C2AACF: realloc (in /usr/lib/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==18764==    by 0xC17866: av_buffer_realloc (buffer.c:164)
 ==18764==    by 0x62D86D: av_new_packet (avpacket.c:74)
 ==18764==    by 0x48984C: lavfi_read_packet (lavfi.c:365)
 ==18764==    by 0x5EC9A5: ff_read_packet (utils.c:777)
 ==18764==    by 0x5EF76F: read_frame_internal (utils.c:1446)
 ==18764==    by 0x5F2E86: avformat_find_stream_info (utils.c:3181)
 ==18764==    by 0x47763E: open_input_file (ffmpeg_opt.c:861)
 ==18764==    by 0x47B7BE: ffmpeg_parse_options (ffmpeg_opt.c:2610)
 ==18764==    by 0x46B757: main (ffmpeg.c:3722)
 ==18764==
 frame=    1 fps=0.0 q=5.0 Lsize=      21kB time=00:00:00.04
 bitrate=4199.6kbits/s
 video:15kB audio:0kB subtitle:0kB other streams:0kB global headers:0kB
 muxing overhead: 37.999474%
 ==18764==
 ==18764== HEAP SUMMARY:
 ==18764==     in use at exit: 80 bytes in 2 blocks
 ==18764==   total heap usage: 3,924 allocs, 3,922 frees, 9,025,400 bytes
 allocated
 ==18764==
 ==18764== LEAK SUMMARY:
 ==18764==    definitely lost: 0 bytes in 0 blocks
 ==18764==    indirectly lost: 0 bytes in 0 blocks
 ==18764==      possibly lost: 0 bytes in 0 blocks
 ==18764==    still reachable: 80 bytes in 2 blocks
 ==18764==         suppressed: 0 bytes in 0 blocks
 ==18764== Rerun with --leak-check=full to see details of leaked memory
 ==18764==
 ==18764== For counts of detected and suppressed errors, rerun with: -v
 ==18764== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 3)
 }}}

 OK with no cpu flags:

 {{{
 ☭ valgrind ./ffmpeg_g -cpuflags none -f lavfi -i testsrc=s=634x320
 -frames:v 1 -y test.avi
 ==18780== Memcheck, a memory error detector
 ==18780== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
 ==18780== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright
 info
 ==18780== Command: ./ffmpeg_g -cpuflags none -f lavfi -i testsrc=s=634x320
 -frames:v 1 -y test.avi
 ==18780==
 ffmpeg version N-62606-g57fb570 Copyright (c) 2000-2014 the FFmpeg
 developers
   built on Apr 22 2014 09:42:25 with gcc 4.8.2 (GCC) 20140206 (prerelease)
   configuration: --enable-fontconfig --enable-libfreetype --enable-nonfree
 --enable-gpl --enable-libx264 --enable-libmp3lame --enable-x11grab
 --enable-libvorbis --samples=/home/ux/fate-samples --enable-libvpx
 --cpu=native --enable-libfaac --cc='ccache cc'
   libavutil      52. 77.100 / 52. 77.100
   libavcodec     55. 58.105 / 55. 58.105
   libavformat    55. 37.101 / 55. 37.101
   libavdevice    55. 13.100 / 55. 13.100
   libavfilter     4.  4.100 /  4.  4.100
   libswscale      2.  6.100 /  2.  6.100
   libswresample   0. 18.100 /  0. 18.100
   libpostproc    52.  3.100 / 52.  3.100
 Input #0, lavfi, from 'testsrc=s=634x320':
   Duration: N/A, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 634x320
 [SAR 1:1 DAR 317:160], 25 tbr, 25 tbn, 25 tbc
 Output #0, avi, to 'test.avi':
   Metadata:
     ISFT            : Lavf55.37.101
     Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 634x320 [SAR
 1:1 DAR 317:160], q=2-31, 200 kb/s, 25 tbn, 25 tbc
 Stream mapping:
   Stream #0:0 -> #0:0 (rawvideo -> mpeg4)
 Press [q] to stop, [?] for help
 frame=    1 fps=0.0 q=5.0 Lsize=      21kB time=00:00:00.04
 bitrate=4200.0kbits/s
 video:15kB audio:0kB subtitle:0kB other streams:0kB global headers:0kB
 muxing overhead: 38.003548%
 ==18780==
 ==18780== HEAP SUMMARY:
 ==18780==     in use at exit: 80 bytes in 2 blocks
 ==18780==   total heap usage: 3,925 allocs, 3,923 frees, 8,996,883 bytes
 allocated
 ==18780==
 ==18780== LEAK SUMMARY:
 ==18780==    definitely lost: 0 bytes in 0 blocks
 ==18780==    indirectly lost: 0 bytes in 0 blocks
 ==18780==      possibly lost: 0 bytes in 0 blocks
 ==18780==    still reachable: 80 bytes in 2 blocks
 ==18780==         suppressed: 0 bytes in 0 blocks
 ==18780== Rerun with --leak-check=full to see details of leaked memory
 ==18780==
 ==18780== For counts of detected and suppressed errors, rerun with: -v
 ==18780== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 3 from 3)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/3582>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list