[FFmpeg-trac] #7976(ffplay:new): ffplay mpd file segfaults in refresh_manifest()
FFmpeg
trac at avcodec.org
Sat Jun 29 14:03:09 EEST 2019
#7976: ffplay mpd file segfaults in refresh_manifest()
----------------------------------+--------------------------------------
Reporter: clem | Type: defect
Status: new | Priority: normal
Component: ffplay | Version: git-master
Keywords: segfault | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
----------------------------------+--------------------------------------
ffplay http://.../test.mpd plays for a while (>30s) and then segfaults
with a null pointer deref in refresh_manifest()
libavformat/dashdec.c:1437
{{{
ffmpeg 4154f89678
ffplay version n4.1.3 Copyright (c) 2003-2019 the FFmpeg developers
built with gcc 9 (GCC)
configuration: --enable-libxml2
libavutil 56. 22.100 / 56. 22.100
libavcodec 58. 35.100 / 58. 35.100
libavformat 58. 20.100 / 58. 20.100
libavdevice 58. 5.100 / 58. 5.100
libavfilter 7. 40.101 / 7. 40.101
libswscale 5. 3.100 / 5. 3.100
libswresample 3. 3.100 / 3. 3.100
}}}
{{{
0x00000000006378b0 in refresh_manifest (s=0x0) at
libavformat/dashdec.c:1437
1437 DASHContext *c = s->priv_data;
(gdb) where
#0 0x00000000006378b0 in refresh_manifest (s=0x0) at
libavformat/dashdec.c:1437
#1 0x0000000000638203 in get_current_fragment
(pls=pls at entry=0x7fffd0005cc0)
at libavformat/dashdec.c:1542
#2 0x0000000000638669 in read_data (opaque=0x7fffd0005cc0,
buf=0x7fffd0896bc0 "", buf_size=32768)
at libavformat/dashdec.c:1709
#3 0x0000000000626b01 in read_packet_wrapper (size=32768, buf=<optimized
out>, s=0x7fffd0005cc8)
at libavformat/aviobuf.c:535
#4 fill_buffer (s=0x7fffd0005cc8) at libavformat/aviobuf.c:585
#5 avio_read (s=s at entry=0x7fffd0005cc8, buf=<optimized out>,
size=size at entry=2048)
at libavformat/aviobuf.c:678
#6 0x0000000000650a04 in av_probe_input_buffer2
(pb=pb at entry=0x7fffd0005cc8,
fmt=fmt at entry=0x7fffdcc9dad0, filename=filename at entry=0x117939c "",
logctx=logctx at entry=0x0,
offset=offset at entry=0, max_probe_size=1048576, max_probe_size at entry=0)
at libavformat/format.c:262
#7 0x0000000000650bf9 in av_probe_input_buffer (pb=pb at entry=0x7fffdNcat:
0005cc8,
fmt=fmt at entry=0x7fffdcc9dad0, filename=filename at entry=0x117939c "",
logctx=logctx at entry=0x0,
offset=offset at entry=0,Broken pipe.
max_probe_size=max_probe_size at entry=0) at libavformat/format.c:316
#8 0x0000000000633ec4 in reopen_demux_for_component
(s=s at entry=0x7fffd0000b80,
pls=pls at entry=0x7fffd0005cc0) at libavformat/dashdec.c:1850
#9 0x00000000006355cc in dash_read_packet (s=0x7fffd0000b80,
pkt=0x7fffdcc9dc60)
at libavformat/dashdec.c:2115
#10 0x0000000000732733 in ff_read_packet (s=s at entry=0x7fffd0000b80,
pkt=pkt at entry=0x7fffdcc9dc60)
at libavformat/utils.c:856
#11 0x00000000007337e9 in read_frame_internal (s=0x7fffd0000b80,
pkt=0x7fffdcc9ddc0)
at libavformat/utils.c:1582
#12 0x000000000073477d in av_read_frame (s=0x7fffd0000b80,
pkt=pkt at entry=0x7fffdcc9ddc0)
at libavformat/utils.c:472
#13 0x000000000048c2b8 in read_thread (arg=0x45869c0) at
fftools/ffplay.c:3014
#14 0x00007ffff7c126e0 in ?? () from /lib64/libSDL2-2.0.so.0
#15 0x00007ffff7c8a2ad in ?? () from /lib64/libSDL2-2.0.so.0
#16 0x00007ffff786c5a2 in start_thread () from /lib64/libpthread.so.0
#17 0x00007ffff7799163 in clone () from /lib64/libc.so.6
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7976>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list