[FFmpeg-trac] #5353(undetermined:new): vc2 enc: invalid read

FFmpeg trac at avcodec.org
Sun Mar 20 14:52:28 CET 2016


#5353: vc2 enc: invalid read
-------------------------------------+-------------------------------------
               Reporter:  ami_stuff  |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  normal     |              Component:
                Version:             |  undetermined
  unspecified                        |               Keywords:
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 http://www.datafilehost.com/d/f87905a4

 {{{
 aaa at aaa-VirtualBox /media/sdb1 $ valgrind --leak-check=full
 ffmpeg/ffmpeg_g -i  test.bmp -s 111x111 -vcodec vc2 -strict -1 out.ts
 ==13353== Memcheck, a memory error detector
 ==13353== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
 ==13353== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright
 info
 ==13353== Command: ffmpeg/ffmpeg_g -i test.bmp -s 111x111 -vcodec vc2
 -strict -1 out.ts
 ==13353==
 ffmpeg version 3.0.git Copyright (c) 2000-2016 the FFmpeg developers
   built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04.1)
   configuration: --disable-ffplay --disable-ffprobe --disable-ffserver
 --enable-gpl
   libavutil      55. 19.100 / 55. 19.100
   libavcodec     57. 28.103 / 57. 28.103
   libavformat    57. 28.102 / 57. 28.102
   libavdevice    57.  0.101 / 57.  0.101
   libavfilter     6. 39.102 /  6. 39.102
   libswscale      4.  0.100 /  4.  0.100
   libswresample   2.  0.101 /  2.  0.101
   libpostproc    54.  0.100 / 54.  0.100
 Input #0, bmp_pipe, from 'test.bmp':
   Duration: N/A, bitrate: N/A
     Stream #0:0: Video: bmp, bgr24, 1024x768, 25 tbr, 25 tbn, 25 tbc
 [vc2 @ 0x544e960] Disabling strict compliance
 Output #0, mpegts, to 'out.ts':
   Metadata:
     encoder         : Lavf57.28.102
     Stream #0:0: Video: dirac (vc2), yuv444p, 111x111, q=2-31, 600000
 kb/s, 25 fps, 90k tbn, 25 tbc
     Metadata:
       encoder         : Lavc57.28.103 vc2
 Stream mapping:
   Stream #0:0 -> #0:0 (bmp (native) -> dirac (vc2))
 Press [q] to stop, [?] for help
 ==13353== Thread 9:
 ==13353== Use of uninitialised value of size 4
 ==13353==    at 0x878815E: count_hq_slice (vc2enc.c:567)
 ==13353==    by 0x8788631: rate_control (vc2enc.c:638)
 ==13353==    by 0x8696530: worker (pthread_slice.c:93)
 ==13353==    by 0x40B5F6F: start_thread (pthread_create.c:312)
 ==13353==    by 0x41B6BED: clone (clone.S:129)
 ==13353==
 ==13353== Invalid read of size 4
 ==13353==    at 0x878815E: count_hq_slice (vc2enc.c:567)
 ==13353==    by 0x8788631: rate_control (vc2enc.c:638)
 ==13353==    by 0x8696530: worker (pthread_slice.c:93)
 ==13353==    by 0x40B5F6F: start_thread (pthread_create.c:312)
 ==13353==    by 0x41B6BED: clone (clone.S:129)
 ==13353==  Address 0xe5decf94 is not stack'd, malloc'd or (recently)
 free'd
 ==13353==
 ==13353==
 ==13353== Process terminating with default action of signal 11 (SIGSEGV)
 ==13353==  Access not within mapped region at address 0xE5DECF94
 ==13353==    at 0x878815E: count_hq_slice (vc2enc.c:567)
 ==13353==    by 0x8788631: rate_control (vc2enc.c:638)
 ==13353==    by 0x8696530: worker (pthread_slice.c:93)
 ==13353==    by 0x40B5F6F: start_thread (pthread_create.c:312)
 ==13353==    by 0x41B6BED: clone (clone.S:129)
 ==13353==  If you believe this happened as a result of a stack
 ==13353==  overflow in your program's main thread (unlikely but
 ==13353==  possible), you can try to increase the size of the
 ==13353==  main thread stack using the --main-stacksize= flag.
 ==13353==  The main thread stack size used in this run was 8388608.
 ==13353==
 ==13353== HEAP SUMMARY:
 ==13353==     in use at exit: 4,381,759 bytes in 407 blocks
 ==13353==   total heap usage: 3,914 allocs, 3,507 frees, 50,252,454 bytes
 allocated
 ==13353==
 ==13353== Thread 1:
 ==13353== 680 bytes in 5 blocks are possibly lost in loss record 153 of
 188
 ==13353==    at 0x402C109: calloc (in
 /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
 ==13353==    by 0x401117E: allocate_dtv (dl-tls.c:296)
 ==13353==    by 0x40118EB: _dl_allocate_tls (dl-tls.c:460)
 ==13353==    by 0x40B67A2: allocate_stack (allocatestack.c:589)
 ==13353==    by 0x40B67A2: pthread_create@@GLIBC_2.1
 (pthread_create.c:500)
 ==13353==    by 0x81167C9: thread_init_internal (pthread.c:179)
 ==13353==    by 0x81167C9: ff_graph_thread_init (pthread.c:210)
 ==13353==    by 0x8106F87: avfilter_graph_alloc_filter
 (avfiltergraph.c:182)
 ==13353==    by 0x8114A55: create_filter (graphparser.c:114)
 ==13353==    by 0x8114A55: parse_filter (graphparser.c:176)
 ==13353==    by 0x81154BC: avfilter_graph_parse2 (graphparser.c:411)
 ==13353==    by 0x80DB2DE: configure_filtergraph (ffmpeg_filter.c:1010)
 ==13353==    by 0x80E4630: transcode_init (ffmpeg.c:3057)
 ==13353==    by 0x80E88CD: transcode (ffmpeg.c:4114)
 ==13353==    by 0x80C6AC4: main (ffmpeg.c:4334)
 ==13353==
 ==13353== 680 bytes in 5 blocks are possibly lost in loss record 154 of
 188
 ==13353==    at 0x402C109: calloc (in
 /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
 ==13353==    by 0x401117E: allocate_dtv (dl-tls.c:296)
 ==13353==    by 0x40118EB: _dl_allocate_tls (dl-tls.c:460)
 ==13353==    by 0x40B67A2: allocate_stack (allocatestack.c:589)
 ==13353==    by 0x40B67A2: pthread_create@@GLIBC_2.1
 (pthread_create.c:500)
 ==13353==    by 0x86969B8: ff_slice_thread_init (pthread_slice.c:231)
 ==13353==    by 0x8751256: avcodec_open2 (utils.c:1367)
 ==13353==    by 0x80E303C: init_output_stream (ffmpeg.c:2621)
 ==13353==    by 0x80E303C: transcode_init (ffmpeg.c:3224)
 ==13353==    by 0x80E88CD: transcode (ffmpeg.c:4114)
 ==13353==    by 0x80C6AC4: main (ffmpeg.c:4334)
 ==13353==
 ==13353== LEAK SUMMARY:
 ==13353==    definitely lost: 0 bytes in 0 blocks
 ==13353==    indirectly lost: 0 bytes in 0 blocks
 ==13353==      possibly lost: 1,360 bytes in 10 blocks
 ==13353==    still reachable: 4,380,399 bytes in 397 blocks
 ==13353==         suppressed: 0 bytes in 0 blocks
 ==13353== Reachable blocks (those to which a pointer was found) are not
 shown.
 ==13353== To see them, rerun with: --leak-check=full --show-leak-kinds=all
 ==13353==
 ==13353== For counts of detected and suppressed errors, rerun with: -v
 ==13353== Use --track-origins=yes to see where uninitialised values come
 from
 ==13353== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)
 Killed
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/5353>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list