[FFmpeg-trac] #4597(avcodec:new): exr crash

FFmpeg trac at avcodec.org
Sat Jun 6 15:45:48 CEST 2015 

#4597: exr crash
-------------------------------------+-------------------------------------
               Reporter:  cehoyos    |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  important  |              Component:  avcodec
                Version:  git-       |               Keywords:  exr crash
  master                             |  regression
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 Regression since 95582b5c
 {{{
 $ cp fate-suite/exr/rgb_slice_pxr24.exr test1.exr
 $ cp fate-suite/exr/rgb_slice_pxr24.exr test2.exr
 }}}
 {{{
 $ valgrind ./ffmpeg_g -threads 1 -i test%1d.exr -f null -
 ==2966== Memcheck, a memory error detector
 ==2966== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
 ==2966== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
 ==2966== Command: ./ffmpeg_g -threads 1 -i test%1d.exr -f null -
 ==2966==
 ffmpeg version N-72695-g440fa77 Copyright (c) 2000-2015 the FFmpeg
 developers
   built with gcc 4.7 (SUSE Linux)
   configuration: --enable-gpl
   libavutil      54. 27.100 / 54. 27.100
   libavcodec     56. 41.101 / 56. 41.101
   libavformat    56. 34.100 / 56. 34.100
   libavdevice    56.  4.100 / 56.  4.100
   libavfilter     5. 16.101 /  5. 16.101
   libswscale      3.  1.101 /  3.  1.101
   libswresample   1.  2.100 /  1.  2.100
   libpostproc    53.  3.100 / 53.  3.100
 Input #0, image2, from 'test%1d.exr':
   Duration: 00:00:00.08, start: 0.000000, bitrate: N/A
     Stream #0:0: Video: exr, rgb48le, 800x800 [SAR 1:1 DAR 1:1], 25 tbr,
 25 tbn, 25 tbc
 Output #0, null, to 'pipe:':
   Metadata:
     encoder         : Lavf56.34.100
     Stream #0:0: Video: rawvideo (RGB0 / 0x30424752), rgb48le, 800x800
 [SAR 1:1 DAR 1:1], q=2-31, 200 kb/s, 25 fps, 25 tbn, 25 tbc
     Metadata:
       encoder         : Lavc56.41.101 rawvideo
 Stream mapping:
   Stream #0:0 -> #0:0 (exr (native) -> rawvideo (native))
 Press [q] to stop, [?] for help
 [null @ 0xbbc7780] Encoder did not produce proper pts, making some up.
 [exr @ 0xbba7040] Found more than one compression attribute.
 ==2966== Invalid read of size 1
 ==2966==    at 0x70A71E: decode_block (exr.c:813)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==  Address 0xbc1aa60 is 640 bytes inside a block of size 7,152
 free'd
 ==2966==    at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-
 amd64-linux.so)
 ==2966==    by 0x70DAD7A: inflateEnd (in /lib64/libz.so.1.2.7)
 ==2966==    by 0x70DD850: uncompress (in /lib64/libz.so.1.2.7)
 ==2966==    by 0x70938A: decode_block (exr.c:782)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==
 ==2966== Invalid write of size 2
 ==2966==    at 0x70A737: decode_block (bytestream.h:88)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==  Address 0x10ade922 is 0 bytes after a block of size 81,666
 alloc'd
 ==2966==    at 0x4C290FE: memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==2966==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==2966==    by 0xF24401: av_mallocz (mem.c:95)
 ==2966==    by 0xAF78EB: av_fast_padded_malloc (utils.c:132)
 ==2966==    by 0x7092FE: decode_block (exr.c:871)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==
 ==2966== Invalid read of size 1
 ==2966==    at 0x70A71A: decode_block (exr.c:813)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==  Address 0xbc1a782 is 0 bytes after a block of size 81,666
 alloc'd
 ==2966==    at 0x4C290FE: memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==2966==    by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==2966==    by 0xF24401: av_mallocz (mem.c:95)
 ==2966==    by 0xAF78EB: av_fast_padded_malloc (utils.c:132)
 ==2966==    by 0x709318: decode_block (exr.c:873)
 ==2966==    by 0xAF95FF: avcodec_default_execute2 (utils.c:1122)
 ==2966==    by 0x70879C: decode_frame (exr.c:1331)
 ==2966==    by 0xAFABD7: avcodec_decode_video2 (utils.c:2388)
 ==2966==    by 0x4896CC: decode_video (ffmpeg.c:1993)
 ==2966==    by 0x48F6AB: transcode (ffmpeg.c:2241)
 ==2966==    by 0x4728FA: main (ffmpeg.c:4091)
 ==2966==
 frame=    2 fps=0.5 q=0.0 Lsize=N/A time=00:00:00.08 bitrate=N/A
 video:0kB audio:0kB subtitle:0kB other streams:0kB global headers:0kB
 muxing overhead: unknown
 ==2966==
 ==2966== HEAP SUMMARY:
 ==2966==     in use at exit: 88 bytes in 2 blocks
 ==2966==   total heap usage: 1,207 allocs, 1,205 frees, 13,641,498 bytes
 allocated
 ==2966==
 ==2966== LEAK SUMMARY:
 ==2966==    definitely lost: 0 bytes in 0 blocks
 ==2966==    indirectly lost: 0 bytes in 0 blocks
 ==2966==      possibly lost: 0 bytes in 0 blocks
 ==2966==    still reachable: 88 bytes in 2 blocks
 ==2966==         suppressed: 0 bytes in 0 blocks
 ==2966== Rerun with --leak-check=full to see details of leaked memory
 ==2966==
 ==2966== For counts of detected and suppressed errors, rerun with: -v
 ==2966== ERROR SUMMARY: 5395050 errors from 3 contexts (suppressed: 2 from
 2)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/4597>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list