[FFmpeg-trac] #7038(avformat:new): Use of uninitialized values in libavformat's hvcc code
FFmpeg
trac at avcodec.org
Fri Feb 23 03:04:04 EET 2018
#7038: Use of uninitialized values in libavformat's hvcc code
------------------------------------+------------------------------------
Reporter: jamrial | Owner:
Type: defect | Status: new
Priority: important | Component: avformat
Version: git-master | Resolution:
Keywords: hevc | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
------------------------------------+------------------------------------
Description changed by jamrial:
Old description:
> {{{
> valgrind --track-origins=yes --leak-check=full ./ffmpeg -i $FATE_SAMPLES
> /hevc-conformance/WPP_A_ericsson_MAIN10_2.bit -c:v copy out.mov
> }}}
>
> The above will report a lot of such errors in different functions from
> libavformat/hevc.c
New description:
{{{
[jamrial at ArchVM build]$ valgrind --track-origins=yes --leak-check=full
./ffmpeg -i /var/tmp/samples/hevc-conformance/WPP_A_ericsson_MAIN10_2.bit
-c:v copy out.mov
==27390== Memcheck, a memory error detector
==27390== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==27390== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright
info
==27390== Command: ./ffmpeg -i /var/tmp/samples/hevc-
conformance/WPP_A_ericsson_MAIN10_2.bit -c:v copy out.mov
==27390==
ffmpeg version N-90141-gaedbb3c72c Copyright (c) 2000-2018 the FFmpeg
developers
built with gcc 7.3.0 (GCC)
configuration: --enable-gpl --valgrind=valgrind --disable-optimizations
--disable-stripping --prefix=/usr
libavutil 56. 7.101 / 56. 7.101
libavcodec 58. 12.102 / 58. 12.102
libavformat 58. 9.100 / 58. 9.100
libavdevice 58. 2.100 / 58. 2.100
libavfilter 7. 12.100 / 7. 12.100
libswscale 5. 0.101 / 5. 0.101
libswresample 3. 0.101 / 3. 0.101
libpostproc 55. 0.100 / 55. 0.100
[hevc @ 0x6c01c00] missing picture in access unit
==27390== at 0x1569AAE: VALGRIND_PRINTF_BACKTRACE (valgrind.h:6303)
==27390== by 0x156A697: av_log_default_callback (log.c:351)
==27390== by 0x156A861: av_vlog (log.c:377)
==27390== by 0x156A809: av_log (log.c:369)
==27390== by 0x1212F8E: parse_nal_units (hevc_parser.c:242)
==27390== by 0x1213211: hevc_parse (hevc_parser.c:316)
==27390== by 0xA5A7A2: av_parser_parse2 (parser.c:250)
==27390== by 0x68CB76: parse_packet (utils.c:1451)
==27390== by 0x68D20A: read_frame_internal (utils.c:1562)
==27390== by 0x694E76: avformat_find_stream_info (utils.c:3733)
==27390== by 0x1E9691: open_input_file (ffmpeg_opt.c:1091)
==27390== by 0x1F31AA: open_files (ffmpeg_opt.c:3202)
Input #0, hevc, from '/var/tmp/samples/hevc-
conformance/WPP_A_ericsson_MAIN10_2.bit':
Duration: N/A, bitrate: N/A
Stream #0:0: Video: hevc (Main 10), yuv420p10le(tv), 416x240, 25 fps,
25 tbr, 1200k tbn, 25 tbc
[mov @ 0x6d26f80] WARNING codec timebase is very high. If duration is too
long,
file may not be playable by quicktime. Specify a shorter timebase
or choose different container.
Output #0, mov, to 'out.mov':
Metadata:
encoder : Lavf58.9.100
Stream #0:0: Video: hevc (Main 10) (hev1 / 0x31766568),
yuv420p10le(tv), 416x240, q=2-31, 25 fps, 25 tbr, 1200k tbn, 1200k tbc
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Press [q] to stop, [?] for help
[mov @ 0x6d26f80] Timestamps are unset in a packet for stream 0. This is
deprecated and will stop working in the future. Fix your code to set the
timestamps properly
[mov @ 0x6d26f80] pts has no value
Last message repeated 47 times
==27390== at 0x1569AAE: VALGRIND_PRINTF_BACKTRACE (valgrind.h:6303)
==27390== by 0x156A697: av_log_default_callback (log.c:351)
==27390== by 0x156A861: av_vlog (log.c:377)
==27390== by 0x156A809: av_log (log.c:369)
==27390== by 0x20060D: term_exit (ffmpeg.c:323)
==27390== by 0x2122EA: transcode (ffmpeg.c:4662)
==27390== by 0x212AC0: main (ffmpeg.c:4843)
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA7B1: av_clip_c (common.h:132)
==27390== by 0x6CA7B1: skip_bits_long (get_bits.h:209)
==27390== by 0x6CAD66: get_ue_golomb_long (golomb.h:91)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA7BE: av_clip_c (common.h:133)
==27390== by 0x6CA7BE: skip_bits_long (get_bits.h:209)
==27390== by 0x6CAD66: get_ue_golomb_long (golomb.h:91)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA9EE: get_bits_long (get_bits.h:349)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA9FB: get_bits_long (get_bits.h:351)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Use of uninitialised value of size 8
==27390== at 0x6CA80A: get_bits (get_bits.h:266)
==27390== by 0x6CAA0D: get_bits_long (get_bits.h:352)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Use of uninitialised value of size 8
==27390== at 0x6CA80A: get_bits (get_bits.h:266)
==27390== by 0x6CAA20: get_bits_long (get_bits.h:358)
==27390== by 0x6CAB16: show_bits_long (get_bits.h:403)
==27390== by 0x6CAD43: get_ue_golomb_long (golomb.h:89)
==27390== by 0x6CB364: hvcc_parse_vui (hevc.c:316)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
}}}
--
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7038#comment:3>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list