[FFmpeg-trac] #3105(undetermined:new): hevc: crash with threads 1 and max_alloc (fuzzed file)
FFmpeg
trac at avcodec.org
Thu Feb 27 13:25:16 CET 2014
#3105: hevc: crash with threads 1 and max_alloc (fuzzed file)
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: important | Component:
Version: unspecified | undetermined
Keywords: hevc crash | Resolution:
Blocking: | Blocked By:
Analyzed by developer: 0 | Reproduced by developer: 0
-------------------------------------+-------------------------------------
Comment (by ami_stuff):
Replying to [comment:7 michael]:
> No luck reproducing ...
please try this (crashes randomly):
{{{
knoppix at Microknoppix:/media/sdb1/ffmpeg-HEAD-649686d$ ./ffmpeg_g
-max_alloc 1000000 -threads 3 -i ../fhevc2_2.ts -f null -
ffmpeg version 2.1.git-649686d Copyright (c) 2000-2014 the FFmpeg
developers
built on Feb 27 2014 13:12:56 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --enable-gpl --disable-ffprobe --disable-
ffserver
libavutil 52. 66.100 / 52. 66.100
libavcodec 55. 52.102 / 55. 52.102
libavformat 55. 33.100 / 55. 33.100
libavdevice 55. 10.100 / 55. 10.100
libavfilter 4. 2.100 / 4. 2.100
libswscale 2. 5.101 / 2. 5.101
libswresample 0. 18.100 / 0. 18.100
libpostproc 52. 3.100 / 52. 3.100
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
Last message repeated 3 times
[hevc @ 0x92cacc0] vps_reserved_three_2bits is not three
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] chroma_format_idc != 1
[hevc @ 0x92cacc0] is not implemented. Update your FFmpeg version to the
newest one from Git. If the problem still occurs, it means that your file
has a feature which has not been implemented.
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[...]
[mpegts @ 0x92c6dc0] Could not find codec parameters for stream 1
(Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize'
options
[mpegts @ 0x92c6dc0] Could not find codec parameters for stream 2
(Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize'
options
[mpegts @ 0x92c6dc0] Could not find codec parameters for stream 3 (Video:
hevc): unspecified size
Consider increasing the value for the 'analyzeduration' and 'probesize'
options
[mpegts @ 0x92c6dc0] Could not find codec parameters for stream 4
(Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize'
options
[mpegts @ 0x92c6dc0] Could not find codec parameters for stream 5 (Video:
hevc): unspecified size
Consider increasing the value for the 'analyzeduration' and 'probesize'
options
Input #0, mpegts, from '../fhevc2_2.ts':
Duration: 00:00:12.52, start: 0.080000, bitrate: 1281 kb/s
Program 1
Stream #0:0[0x12d]: Video: hevc (HEVC / 0x43564548), yuv420p(tv),
320x240, 47.95 tbr, 90k tbn, 90k tbc
No Program
Stream #0:1[0x16d]: Unknown: none
Stream #0:2[0x12f]: Unknown: none
Stream #0:3[0x112d]: Video: hevc, 90k tbr, 90k tbn
Stream #0:4[0x125]: Unknown: none
Stream #0:5[0x2d]: Video: hevc, 90k tbn
[hevc @ 0x93d44a0] Unknown HEVC profile: 0
Last message repeated 1 times
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf55.33.100
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240,
q=2-31, 200 kb/s, 90k tbn, 47.95 tbc
Stream mapping:
Stream #0:0 -> #0:0 (hevc -> rawvideo)
Press [q] to stop, [?] for help
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x92cacc0] vps_reserved_three_2bits is not three
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] chroma_format_idc != 1
[hevc @ 0x92cacc0] is not implemented. Update your FFmpeg version to the
newest one from Git. If the problem still occurs, it means that your file
has a feature which has not been implemented.
[hevc @ 0x93d44a0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] vps_max_dec_pic_buffering_minus1 out of range: 61475
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] SPS id out of range: 319
[hevc @ 0x93b7ca0] vps_reserved_three_2bits is not three
[...]
[hevc @ 0x931f7c0] SPS id out of range: 319
Input stream #0:0 frame changed from size:320x240 fmt:yuv420p to
size:256x240 fmt:yuv420p
[hevc @ 0x93d44a0] Unknown HEVC profile: 0
[hevc @ 0x93d44a0] Skipping NAL unit 42
[hevc @ 0x93d44a0] PPS id out of range: 0
[hevc @ 0x93d44a0] Error parsing NAL unit #3.
[null @ 0x93b1400] Application provided invalid, non monotonically
increasing dts to muxer in stream 0: 4207954 >= 118243
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x92cacc0] SPS id out of range: 319
[hevc @ 0x92cacc0] SPS 7 does not exist.
[hevc @ 0x92cacc0] PPS id out of range: 0
[hevc @ 0x93b7ca0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x93b7ca0] SPS id out of range: 319
[hevc @ 0x93b7ca0] SPS 7 does not exist.
[hevc @ 0x93b7ca0] PPS id out of range: 0
[hevc @ 0x93b7ca0] Error parsing NAL unit #3.
[null @ 0x93b1400] Application provided invalid, non monotonically
increasing dts to muxer in stream 0: 4207954 >= 121997
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] vps_max_dec_pic_buffering_minus1 out of range: 239
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x92cacc0] vps_max_dec_pic_buffering_minus1 out of range: 239
[hevc @ 0x92cacc0] Unknown HEVC profile: 0
[hevc @ 0x92cacc0] SPS id out of range: 319
[hevc @ 0x931f7c0] Invalid NAL unit 32, skipping.
[hevc @ 0x931f7c0] Unknown HEVC profile: 0
*** glibc detected *** ./ffmpeg_g: corrupted double-linked list:
0x092bac28 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x70a8a)[0xb75fea8a]
/lib/i386-linux-gnu/libc.so.6(+0x7231c)[0xb760031c]
/lib/i386-linux-gnu/libc.so.6(cfree+0x6d)[0xb76033ed]
./ffmpeg_g[0x8927a23]
======= Memory map: ========
08048000-08c07000 r-xp 00000000 08:11 10397 /media/sdb1/ffmpeg-HEAD-
649686d/ffmpeg_g
08c07000-08c27000 rw-p 00bbe000 08:11 10397 /media/sdb1/ffmpeg-HEAD-
649686d/ffmpeg_g
08c27000-09599000 rw-p 00000000 00:00 0 [heap]
41602000-41619000 r-xp 00000000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
41619000-4161a000 r--p 00016000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
4161a000-4161b000 rw-p 00017000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
41628000-41659000 r-xp 00000000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
41659000-4165a000 r--p 00030000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
4165a000-4165b000 rw-p 00031000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
41673000-41676000 r-xp 00000000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
41676000-41677000 r--p 00002000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
41677000-41678000 rw-p 00003000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
4178e000-418c2000 r-xp 00000000 08:02 24566 /usr/lib/i386-linux-
gnu/libX11.so.6.3.0
418c2000-418c6000 rw-p 00133000 08:02 24566 /usr/lib/i386-linux-
gnu/libX11.so.6.3.0
418c8000-418e9000 r-xp 00000000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418e9000-418ea000 r--p 00020000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418ea000-418eb000 rw-p 00021000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418ed000-418ef000 r-xp 00000000 08:02 24568 /usr/lib/i386-linux-
gnu/libXau.so.6.0.0
418ef000-418f0000 rw-p 00001000 08:02 24568 /usr/lib/i386-linux-
gnu/libXau.so.6.0.0
418f2000-418f7000 r-xp 00000000 08:02 24574 /usr/lib/i386-linux-
gnu/libXdmcp.so.6.0.0
418f7000-418f8000 rw-p 00004000 08:02 24574 /usr/lib/i386-linux-
gnu/libXdmcp.so.6.0.0
41913000-41924000 r-xp 00000000 08:02 24575 /usr/lib/i386-linux-
gnu/libXext.so.6.4.0
41924000-41925000 rw-p 00010000 08:02 24575 /usr/lib/i386-linux-
gnu/libXext.so.6.4.0
41cd1000-41cd3000 r-xp 00000000 08:02 25013 /usr/lib/i386-linux-
gnu/libts-0.0.so.0.1.1
41cd3000-41cd4000 rw-p 00001000 08:02 25013 /usr/lib/i386-linux-
gnu/libts-0.0.so.0.1.1
41cd6000-41ce4000 r-xp 00000000 08:02 24578 /usr/lib/i386-linux-
gnu/libXi.so.6.1.0
41ce4000-41ce5000 rw-p 0000e000 08:02 24578 /usr/lib/i386-linux-
gnu/libXi.so.6.1.0
41f58000-41f6e000 r-xp 00000000 08:02 24654 /usr/lib/i386-linux-
gnu/libdirect-1.2.so.9.0.1
41f6e000-41f6f000 rw-p 00016000 08:02 24654 /usr/lib/i386-linux-
gnu/libdirect-1.2.so.9.0.1
41f94000-41f98000 r-xp 00000000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f98000-41f99000 r--p 00003000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f99000-41f9a000 rw-p 00004000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f9c000-41fa0000 r-xp 00000000 08:02 9985 /lib/i386-linux-
gnu/libcap.so.2.22
41fa0000-41fa1000 rw-p 00003000 08:02 9985 /lib/i386-linux-
gnu/libcap.so.2.22
41fa3000-41fab000 r-xp 00000000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41fab000-41fac000 r--p 00007000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41fac000-41fad000 rw-p 00008000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41faf000-41fb4000 r-xp 00000000 08:02 24589 /usr/lib/i386-linux-
gnu/libXtst.so.6.1.0
41fb4000-41fb5000 rw-p 00004000 08:02 24589 /usr/lib/i386-linux-
gnu/libXtst.so.6.1.0
4244e000-42457000 r-xp 00000000 08:02 24707 /usr/lib/i386-linux-
gnu/libfusion-1.2.so.9.0.1
42457000-42458000 rw-p 00008000 08:02 24707 /usr/lib/i386-linux-
gnu/libfusion-1.2.so.9.0.1
42489000-42491000 r-xp 00000000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42491000-42492000 r--p 00007000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42492000-42493000 rw-p 00008000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42495000-4249a000 r-xp 00000000 08:02 24603 /usr/lib/i386-linux-
gnu/libasyncns.so.0.3.1
4249a000-4249b000 rw-p 00004000 08:02 24603 /usr/lib/i386-linux-
gnu/libasyncns.so.0.3.1Aborted
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/3105#comment:8>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list