Opened 5 years ago

Closed 5 years ago

#3539 closed defect (fixed)

ffplay crashes when playing a swf file

Reported by: hxuanyu Owned by:
Priority: normal Component: undetermined
Version: git-master Keywords: swf
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

ffplay crashes when plying this swf file while it plays fine if opened with IE.

$ ./ffplay.exe crash.swf
ffplay version N-62283-ged96241 Copyright (c) 2003-2014 the FFmpeg developers

built on Apr 8 2014 22:01:49 with gcc 4.8.2 (GCC)
configuration: --enable-gpl --enable-version3 --disable-w32threads --enable-avisynth --enable-bzlib --enable-fontconfig --enable-frei0r --enable-gnutls --enable-iconv --enable-libass --enable-libbluray --enable-libcaca --enable-libfreetype --enable-libgsm --enable-libilbc --enable-libmodplug --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libtwolame --enable-libvidstab --enable-libvo-aacenc --enable-libvo-amrwbenc --enable-libvorbis --enable-libvpx --enable-libwavpack --enable-libx264 --enable-libx265 --enable-libxavs --enable-libxvid --enable-zlib
libavutil 52. 75.100 / 52. 75.100
libavcodec 55. 58.103 / 55. 58.103
libavformat 55. 36.102 / 55. 36.102
libavdevice 55. 11.100 / 55. 11.100
libavfilter 4. 3.100 / 4. 3.100
libswscale 2. 6.100 / 2. 6.100
libswresample 0. 18.100 / 0. 18.100
libpostproc 52. 3.100 / 52. 3.100

[swf @ 03553560] Stream #1: not enough frames to estimate rate; consider increasing probesize
Input #0, swf, from 'crash.swf':

Duration: N/A, bitrate: N/A

Stream #0:0: Video: rawvideo (ARGB / 0x42475241), argb, 840x876, 20 fps, 20 tbr, 20 tbn
Stream #0:1: Video: mjpeg, yuvj420p(pc), 1137x892 [SAR 1:1 DAR 1137:892], 20 tbr, 20 tbn

[rawvideo @ 03572820] Invalid buffer size, packet size 2640 < expected frame_size 51456

Last message repeated 3 times

[rawvideo @ 03572820] Invalid buffer size, packet size 800 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 640 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1280 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 4096 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1024 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1280 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 5760 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1024 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 39476 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 30528 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1088 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 1024 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 4704 < expected frame_size 51456
[rawvideo @ 03572820] Invalid buffer size, packet size 34968 < expected frame_size 50432
[rawvideo @ 03572820] Invalid buffer size, packet size 1024 < expected frame_size 50432
[swscaler @ 035f8760] Warning: data is not aligned! This can lead to a speedloss
[rawvideo @ 03572820] Invalid buffer size, packet size 1024 < expected frame_size 50432
[rawvideo @ 03572820] Invalid buffer size, packet size 2304 < expected frame_size 50432
[rawvideo @ 03572820] Invalid buffer sizeSegmentation fault

Change History (8)

comment:2 Changed 5 years ago by cehoyos

  • Keywords swf added
  • Version changed from unspecified to git-master

Please provide a backtrace etc. as explained on http://ffmpeg.org/bugreports.html

Work-around is to use ffplay -vst 1

comment:3 Changed 5 years ago by cehoyos

Does not crash here with 3b06208

==1535== Invalid read of size 4
==1535==    at 0xCE905C: sws_scale (swscale.c:964)
==1535==    by 0x4BECE4: filter_frame (vf_scale.c:423)
==1535==    by 0x481E99: ff_filter_frame_framed (avfilter.c:1081)
==1535==    by 0x482F98: ff_filter_frame (avfilter.c:1161)
==1535==    by 0x487051: request_frame (buffersrc.c:500)
==1535==    by 0x482279: ff_request_frame (avfilter.c:346)
==1535==    by 0x4822E3: ff_request_frame (avfilter.c:348)
==1535==    by 0x4822E3: ff_request_frame (avfilter.c:348)
==1535==    by 0x486877: av_buffersink_get_frame_flags (buffersink.c:138)
==1535==    by 0x473FE4: video_thread (ffplay.c:1972)
==1535==    by 0x5A8CD35: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==    by 0x5ACDC08: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==  Address 0xdbe83d4 is 13,492 bytes inside a block of size 32,640 free'd
==1535==    at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1535==    by 0x68758B3: __gconv_close (in /lib64/libc-2.15.so)
==1535==    by 0x6874E0E: iconv_close (in /lib64/libc-2.15.so)
==1535==    by 0x5A8C647: SDL_iconv_string (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==    by 0x5ABBAEB: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==    by 0x5ABBD1E: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==    by 0x5AAA26D: SDL_WM_SetCaption (in /usr/lib64/libSDL-1.2.so.0.11.4)
==1535==    by 0x47162D: video_open (ffplay.c:1109)
==1535==    by 0x4699CE: main (ffplay.c:1521)

comment:4 Changed 5 years ago by DonMoir

Lots of width, height, pix_fmt changes etc. frame and codec may have confused pix formats.

comment:5 Changed 5 years ago by cehoyos

  • Summary changed from ffply crashes when playing a swf file to ffplay crashes when playing a swf file

comment:6 Changed 5 years ago by hxuanyu

Hi, since the Stream #0:0 contains so many width, height and pix_fmt changing frames, can you check why av_find_best_stream return #0:0 instead of #0:1 which is obviously better?

comment:7 Changed 5 years ago by cehoyos

I suspect it is because rawvideo streams contain larger frames than mjpeg streams.

comment:8 Changed 5 years ago by michael

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.