[FFmpeg-trac] #4873(avcodec:new): crashes in h264 decoder(decode_postinit)

FFmpeg trac at avcodec.org
Tue Sep 22 06:13:55 CEST 2015 

#4873: crashes in h264 decoder(decode_postinit)
-------------------------------------+-------------------------------------
             Reporter:  zylthinking  |                     Type:  defect
               Status:  new          |                 Priority:  critical
            Component:  avcodec      |                  Version:
             Keywords:  h264         |  unspecified
             Blocking:               |               Blocked By:
Analyzed by developer:  0            |  Reproduced by developer:  0
-------------------------------------+-------------------------------------
 Summary of the bug:
 I/DEBUG   ( 7075): *** *** *** *** *** *** *** *** *** *** *** *** *** ***
 *** ***
 I/DEBUG   ( 7075): Build fingerprint:
 'Sony/L36h_1270-9104/L36h:4.2.2/10.3.1.A.2.67/vPd3rg:user/release-keys'
 I/DEBUG   ( 7075): Revision: '0'
 I/DEBUG   ( 7075): pid: 26530, tid: 26565, name: libmm.demo2  >>>
 libmm.demo2 <<<
 I/DEBUG   ( 7075):''' signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault
 addr 00000058'''
 I/DEBUG   ( 7075):     r0 77cb1020  r1 00000001  r2 00000002  r3 00000000
 I/DEBUG   ( 7075):     r4 77cb1020  r5 00000000  r6 00000001  r7 77cb1e80
 I/DEBUG   ( 7075):     r8 00000942  r9 77ab0c2c  sl 6ef44620  fp 6e979dd0
 I/DEBUG   ( 7075):     ip 00000000  sp 77ab0ac0  lr 75c98a68  pc 75c95408
 cpsr 60000010
 I/DEBUG   ( 7075):
 I/DEBUG   ( 7075): backtrace:
 I/DEBUG   ( 7075):     #00  pc 00163408  /data/app-
 lib/libmm.demo2-2/libmedia2.so (decode_postinit+48)
 I/DEBUG   ( 7075):     #01  pc 00166a64  /data/app-
 lib/libmm.demo2-2/libmedia2.so (h264_decode_frame+948)


 001633d8 <decode_postinit>:
   1633d8:       e30b3968        movw    r3, #47464      ; 0xb968
   1633dc:       e3403008        movt    r3, #8
   1633e0:       e30b2d30        movw    r2, #48432      ; 0xbd30
   1633e4:       e3402008        movt    r2, #8


   1633e8:       e7903003        ldr     r3, [r0, r3]
   1633ec:       e92d4ff0        push    {r4, r5, r6, r7, r8, r9, sl, fp,
 lr}
   1633f0:       e3530000        cmp     r3, #0
   1633f4:       e59055e0        ldr     r5, [r0, #1504] ; 0x5e0
   1633f8:       e24dd014        sub     sp, sp, #20
   1633fc:       e7902002        ldr     r2, [r0, r2]
   163400:       e1a04000        mov     r4, r0
   163404:       e1a06001        mov     r6, r1
  ''' 163408:    e5852058        str     r2, [r5, #88]   ; 0x58
 -------------------------- here'''



     if (h->next_output_pic)
         return;
   16340c:       0a000001        beq     163418 <decode_postinit+0x40>
   163410:       e28dd014        add     sp, sp, #20
   163414:       e8bd8ff0        pop     {r4, r5, r6, r7, r8, r9, sl, fp,
 pc}

 How to reproduce:
 {{{
 play video stream from rtmp://62.113.210.250:1935/medienasa-live/ok-
 magdeburg_high
 after some time, it crashes
 all the input stream seems to be roght, (having a correct nalu header at
 least)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/4873>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list