[FFmpeg-trac] #5353(undetermined:new): vc2 enc: invalid read
FFmpeg
trac at avcodec.org
Sun Mar 20 14:52:28 CET 2016
#5353: vc2 enc: invalid read
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: normal | Component:
Version: | undetermined
unspecified | Keywords:
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
http://www.datafilehost.com/d/f87905a4
{{{
aaa at aaa-VirtualBox /media/sdb1 $ valgrind --leak-check=full
ffmpeg/ffmpeg_g -i test.bmp -s 111x111 -vcodec vc2 -strict -1 out.ts
==13353== Memcheck, a memory error detector
==13353== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==13353== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright
info
==13353== Command: ffmpeg/ffmpeg_g -i test.bmp -s 111x111 -vcodec vc2
-strict -1 out.ts
==13353==
ffmpeg version 3.0.git Copyright (c) 2000-2016 the FFmpeg developers
built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04.1)
configuration: --disable-ffplay --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 55. 19.100 / 55. 19.100
libavcodec 57. 28.103 / 57. 28.103
libavformat 57. 28.102 / 57. 28.102
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 39.102 / 6. 39.102
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
Input #0, bmp_pipe, from 'test.bmp':
Duration: N/A, bitrate: N/A
Stream #0:0: Video: bmp, bgr24, 1024x768, 25 tbr, 25 tbn, 25 tbc
[vc2 @ 0x544e960] Disabling strict compliance
Output #0, mpegts, to 'out.ts':
Metadata:
encoder : Lavf57.28.102
Stream #0:0: Video: dirac (vc2), yuv444p, 111x111, q=2-31, 600000
kb/s, 25 fps, 90k tbn, 25 tbc
Metadata:
encoder : Lavc57.28.103 vc2
Stream mapping:
Stream #0:0 -> #0:0 (bmp (native) -> dirac (vc2))
Press [q] to stop, [?] for help
==13353== Thread 9:
==13353== Use of uninitialised value of size 4
==13353== at 0x878815E: count_hq_slice (vc2enc.c:567)
==13353== by 0x8788631: rate_control (vc2enc.c:638)
==13353== by 0x8696530: worker (pthread_slice.c:93)
==13353== by 0x40B5F6F: start_thread (pthread_create.c:312)
==13353== by 0x41B6BED: clone (clone.S:129)
==13353==
==13353== Invalid read of size 4
==13353== at 0x878815E: count_hq_slice (vc2enc.c:567)
==13353== by 0x8788631: rate_control (vc2enc.c:638)
==13353== by 0x8696530: worker (pthread_slice.c:93)
==13353== by 0x40B5F6F: start_thread (pthread_create.c:312)
==13353== by 0x41B6BED: clone (clone.S:129)
==13353== Address 0xe5decf94 is not stack'd, malloc'd or (recently)
free'd
==13353==
==13353==
==13353== Process terminating with default action of signal 11 (SIGSEGV)
==13353== Access not within mapped region at address 0xE5DECF94
==13353== at 0x878815E: count_hq_slice (vc2enc.c:567)
==13353== by 0x8788631: rate_control (vc2enc.c:638)
==13353== by 0x8696530: worker (pthread_slice.c:93)
==13353== by 0x40B5F6F: start_thread (pthread_create.c:312)
==13353== by 0x41B6BED: clone (clone.S:129)
==13353== If you believe this happened as a result of a stack
==13353== overflow in your program's main thread (unlikely but
==13353== possible), you can try to increase the size of the
==13353== main thread stack using the --main-stacksize= flag.
==13353== The main thread stack size used in this run was 8388608.
==13353==
==13353== HEAP SUMMARY:
==13353== in use at exit: 4,381,759 bytes in 407 blocks
==13353== total heap usage: 3,914 allocs, 3,507 frees, 50,252,454 bytes
allocated
==13353==
==13353== Thread 1:
==13353== 680 bytes in 5 blocks are possibly lost in loss record 153 of
188
==13353== at 0x402C109: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==13353== by 0x401117E: allocate_dtv (dl-tls.c:296)
==13353== by 0x40118EB: _dl_allocate_tls (dl-tls.c:460)
==13353== by 0x40B67A2: allocate_stack (allocatestack.c:589)
==13353== by 0x40B67A2: pthread_create@@GLIBC_2.1
(pthread_create.c:500)
==13353== by 0x81167C9: thread_init_internal (pthread.c:179)
==13353== by 0x81167C9: ff_graph_thread_init (pthread.c:210)
==13353== by 0x8106F87: avfilter_graph_alloc_filter
(avfiltergraph.c:182)
==13353== by 0x8114A55: create_filter (graphparser.c:114)
==13353== by 0x8114A55: parse_filter (graphparser.c:176)
==13353== by 0x81154BC: avfilter_graph_parse2 (graphparser.c:411)
==13353== by 0x80DB2DE: configure_filtergraph (ffmpeg_filter.c:1010)
==13353== by 0x80E4630: transcode_init (ffmpeg.c:3057)
==13353== by 0x80E88CD: transcode (ffmpeg.c:4114)
==13353== by 0x80C6AC4: main (ffmpeg.c:4334)
==13353==
==13353== 680 bytes in 5 blocks are possibly lost in loss record 154 of
188
==13353== at 0x402C109: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==13353== by 0x401117E: allocate_dtv (dl-tls.c:296)
==13353== by 0x40118EB: _dl_allocate_tls (dl-tls.c:460)
==13353== by 0x40B67A2: allocate_stack (allocatestack.c:589)
==13353== by 0x40B67A2: pthread_create@@GLIBC_2.1
(pthread_create.c:500)
==13353== by 0x86969B8: ff_slice_thread_init (pthread_slice.c:231)
==13353== by 0x8751256: avcodec_open2 (utils.c:1367)
==13353== by 0x80E303C: init_output_stream (ffmpeg.c:2621)
==13353== by 0x80E303C: transcode_init (ffmpeg.c:3224)
==13353== by 0x80E88CD: transcode (ffmpeg.c:4114)
==13353== by 0x80C6AC4: main (ffmpeg.c:4334)
==13353==
==13353== LEAK SUMMARY:
==13353== definitely lost: 0 bytes in 0 blocks
==13353== indirectly lost: 0 bytes in 0 blocks
==13353== possibly lost: 1,360 bytes in 10 blocks
==13353== still reachable: 4,380,399 bytes in 397 blocks
==13353== suppressed: 0 bytes in 0 blocks
==13353== Reachable blocks (those to which a pointer was found) are not
shown.
==13353== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==13353==
==13353== For counts of detected and suppressed errors, rerun with: -v
==13353== Use --track-origins=yes to see where uninitialised values come
from
==13353== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)
Killed
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/5353>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list