Opened 4 years ago

Closed 4 years ago

#4405 closed defect (needs_more_info)

h264 - double free

Reported by: kierank Owned by:
Priority: normal Component: avcodec
Version: unspecified Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

No sample possible because happened on live stream. API user so no FFmpeg command line avalable.

(gdb) bt
#0  0x00007ffff6599cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007ffff659d0d8 in __GI_abort () at abort.c:89
#2  0x00007ffff65d6394 in __libc_message (do_abort=do_abort@entry=1, fmt=fmt@entry=0x7ffff66e4b28 "*** Error in `%s': %s: 0x%s ***\n")
    at ../sysdeps/posix/libc_fatal.c:175
#3  0x00007ffff65e266e in malloc_printerr (ptr=<optimized out>, str=0x7ffff66e4c58 "double free or corruption (out)", action=1) at malloc.c:4996
#4  _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3840
#5  0x00000000006e4cdc in av_freep (arg=0x7ffff0367288) at libavutil/mem.c:239
#6  0x00000000006de82e in av_buffer_unref (buf=<optimized out>) at libavutil/buffer.c:112
#7  0x000000000054723d in ff_h264_unref_picture (h=<optimized out>, pic=0x7ffff0366bc0) at libavcodec/h264_picture.c:59
#8  0x0000000000552478 in h264_frame_start (h=0x7ffff0366040) at libavcodec/h264_slice.c:768
#9  0x00000000005555a9 in ff_h264_decode_slice_header (h=0x7ffff0366040, h0=0x7ffff7ec0040) at libavcodec/h264_slice.c:1631
#10 0x000000000051d159 in decode_nal_units (h=0x7ffff7ec0040, buf=0x7fffe426f7f0 "\257", buf_size=23999, parse_extradata=0) at libavcodec/h264.c:1555
#11 0x000000000051eb66 in h264_decode_frame (avctx=0x7fffe404be60, data=0x7fffe404b9c0, got_frame=0x7fffea3fcc3c, avpkt=<optimized out>) at libavcodec/h264.c:1871
#12 0x000000000065aaf0 in avcodec_decode_video2 (avctx=0x7fffe404be60, picture=picture@entry=0x7fffe404b9c0, got_picture_ptr=got_picture_ptr@entry=0x7fffea3fcc3c,
    avpkt=avpkt@entry=0x7fffea3fcd20) at libavcodec/utils.c:2345

Change History (2)

comment:1 Changed 4 years ago by michael

which ffmpeg version/git revission is this using ?

comment:2 Changed 4 years ago by kierank

  • Resolution set to needs_more_info
  • Status changed from new to closed

Should be git head but it looks like this system was not updated.
Seems to be on e4788e9cd9878a51b7780fa3e2d070288a2918b9 and I will confirm if this happens with git head.

Note: See TracTickets for help on using tickets.