[FFmpeg-trac] #6461(undetermined:new): Invalid write in decode_coeffs_b_generic()
FFmpeg
trac at avcodec.org
Wed Jun 14 03:29:40 EEST 2017
#6461: Invalid write in decode_coeffs_b_generic()
-------------------------------------+-------------------------------------
Reporter: tsmith | Type: defect
Status: new | Priority: normal
Component: | Version: git-
undetermined | master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
How to reproduce:
{{{
./ffmpeg -f ivf -i test_case.ivf -frames 5 -f null -
ffmpeg version N-86447-gfeb13ae Copyright (c) 2000-2017 the FFmpeg
developers
built with clang version 3.8.0-2ubuntu4 (tags/RELEASE_380/final)
configuration: --cc=clang --cxx=clang++ --disable-libxcb --disable-xlib
--disable-logging --disable-ffprobe --disable-ffplay --disable-sdl2
--disable-ffserver --disable-doc --disable-pthreads --disable-network
--disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-
vdpau --disable-stripping --disable-runtime-cpudetect --disable-postproc
--disable-securetransport --disable-iconv --disable-swscale --disable-
avdevice --disable-videotoolbox --disable-everything --enable-
encoder=wrapped_avframe --disable-lzma --enable-protocol='file,pipe'
--enable-muxer=null --enable-demuxer=ivf --enable-parser=vp9 --enable-
decoder=vp9 --disable-pic
libavutil 55. 63.100 / 55. 63.100
libavcodec 57. 98.100 / 57. 98.100
libavformat 57. 73.100 / 57. 73.100
libavfilter 6. 92.100 / 6. 92.100
libswresample 2. 8.100 / 2. 8.100
Invalid write of size 4
at 0x51B844: decode_coeffs_b_generic (vp9block.c:920)
by 0x51B844: decode_coeffs_b_16bpp (vp9block.c:954)
by 0x51B844: decode_coeffs (vp9block.c:1068)
by 0x51B844: decode_coeffs_16bpp (vp9block.c:1142)
by 0x4ECB2A: ff_vp9_decode_block (vp9block.c:1303)
by 0x4EA478: decode_sb (vp9.c:990)
by 0x4EA512: decode_sb (vp9.c:985)
by 0x4EA4D5: decode_sb (vp9.c:984)
by 0x4DF174: vp9_decode_frame (vp9.c:1314)
by 0x4C0FAB: decode_simple_internal (decode.c:417)
by 0x4C0FAB: decode_simple_receive_frame (decode.c:620)
by 0x4C0FAB: decode_receive_frame_internal (decode.c:638)
by 0x4C05D9: avcodec_send_packet (decode.c:678)
by 0x4A8662: try_decode_frame (utils.c:3005)
by 0x4A2FB3: avformat_find_stream_info (utils.c:3822)
by 0x411F31: open_input_file (ffmpeg_opt.c:1013)
by 0x41064B: open_files (ffmpeg_opt.c:3207)
Address 0xd005b0200 is not stack'd, malloc'd or (recently) free'd
Process terminating with default action of signal 11 (SIGSEGV)
Access not within mapped region at address 0xD005B0200
at 0x51B844: decode_coeffs_b_generic (vp9block.c:920)
by 0x51B844: decode_coeffs_b_16bpp (vp9block.c:954)
by 0x51B844: decode_coeffs (vp9block.c:1068)
by 0x51B844: decode_coeffs_16bpp (vp9block.c:1142)
by 0x4ECB2A: ff_vp9_decode_block (vp9block.c:1303)
by 0x4EA478: decode_sb (vp9.c:990)
by 0x4EA512: decode_sb (vp9.c:985)
by 0x4EA4D5: decode_sb (vp9.c:984)
by 0x4DF174: vp9_decode_frame (vp9.c:1314)
by 0x4C0FAB: decode_simple_internal (decode.c:417)
by 0x4C0FAB: decode_simple_receive_frame (decode.c:620)
by 0x4C0FAB: decode_receive_frame_internal (decode.c:638)
by 0x4C05D9: avcodec_send_packet (decode.c:678)
by 0x4A8662: try_decode_frame (utils.c:3005)
by 0x4A2FB3: avformat_find_stream_info (utils.c:3822)
by 0x411F31: open_input_file (ffmpeg_opt.c:1013)
by 0x41064B: open_files (ffmpeg_opt.c:3207)
If you believe this happened as a result of a stack
overflow in your program's main thread (unlikely but
possible), you can try to increase the size of the
main thread stack using the --main-stacksize= flag.
The main thread stack size used in this run was 8388608.
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/6461>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list