Opened 9 years ago
Closed 9 years ago
#4817 closed defect (fixed)
mxf encoder segfaults on 1 frame input and mpeg2 long gop video
| Reported by: | Marton Balint | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avformat |
| Version: | git-master | Keywords: | mxf crash SIGSEGV mpeg2video |
| Cc: | cus@passwd.hu | Blocked By: | |
| Blocking: | Reproduced by developer: | yes | |
| Analyzed by developer: | no |
Description
Summary of the bug:
The mxf encoder segfaults when encoding 1 mpeg2 video with bframes from an 1 frame long source.
How to reproduce:
% ./ffmpeg -f lavfi -i "testsrc=d=0.01" -f lavfi -i "aevalsrc=1:d=0.01" -acodec pcm_s24le -ar 48000 -bf 2 -vcodec mpeg2video out.mxf
ffmpeg version N-74749-g648de46 Copyright (c) 2000-2015 the FFmpeg developers
built with gcc 4.8 (SUSE Linux)
configuration: --disable-vaapi --enable-vdpau --enable-gpl --enable-libfreetype --enable-libzvbi --enable-libass --enable-frei0r --enable-openssl --enable-nonfree --enable-libx264 --enable-libfdk-aac --enable-nonfree
libavutil 54. 31.100 / 54. 31.100
libavcodec 56. 59.100 / 56. 59.100
libavformat 56. 40.101 / 56. 40.101
libavdevice 56. 4.100 / 56. 4.100
libavfilter 5. 40.100 / 5. 40.100
libswscale 3. 1.101 / 3. 1.101
libswresample 1. 2.101 / 1. 2.101
libpostproc 53. 3.100 / 53. 3.100
Input #0, lavfi, from 'testsrc=d=0.01':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Video: rawvideo (RGB[24] / 0x18424752), rgb24, 320x240 [SAR 1:1 DAR 4:3], 25 tbr, 25 tbn, 25 tbc
Input #1, lavfi, from 'aevalsrc=1:d=0.01':
Duration: N/A, start: 0.000000, bitrate: 2822 kb/s
Stream #1:0: Audio: pcm_f64le, 44100 Hz, mono, dbl, 2822 kb/s
File 'out.mxf' already exists. Overwrite ? [y/N] y
Output #0, mxf, to 'out.mxf':
Metadata:
encoder : Lavf56.40.101
Stream #0:0: Video: mpeg2video, yuv420p, 320x240 [SAR 1:1 DAR 4:3], q=2-31, 200 kb/s, 25 fps, 25 tbn, 25 tbc
Metadata:
encoder : Lavc56.59.100 mpeg2video
Stream #0:1: Audio: pcm_s24le, 48000 Hz, mono, s32, 1152 kb/s
Metadata:
encoder : Lavc56.59.100 pcm_s24le
Stream mapping:
Stream #0:0 -> #0:0 (rawvideo (native) -> mpeg2video (native))
Stream #1:0 -> #0:1 (pcm_f64le (native) -> pcm_s24le (native))
Press [q] to stop, [?] for help
[mxf @ 0x3b16380] -d10_channelcount requires MXF D-10 and will be ignored
Segmentation fault
Valgrind output:
==16078== Invalid read of size 4 ==16078== at 0x61180F: mxf_write_packet (mxfenc.c:2451) ==16078== by 0x602C1E: write_packet (mux.c:660) ==16078== by 0x602C1E: av_write_trailer (mux.c:998) ==16078== by 0x479859: transcode (ffmpeg.c:4016) ==16078== by 0x479859: main (ffmpeg.c:4165) ==16078== Address 0x180cc38860 is not stack'd, malloc'd or (recently) free'd
mxf->edit_units_count is zero therefore indexing with mxf->edit_units_count-1 will segfault...
Change History (5)
comment:1 by , 9 years ago
| Keywords: | SIGSEGV added; mxfenc segfault removed |
|---|---|
| Version: | unspecified → git-master |
comment:2 by , 9 years ago
| Reproduced by developer: | set |
|---|---|
| Status: | new → open |
comment:3 by , 9 years ago
comment:4 by , 9 years ago
This crash was fixed by Alexis in 6e8d856ad6d3decfabad83bc169c2e7a16a16b55
comment:5 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | open → closed |
Note:
See TracTickets
for help on using tickets.
I have closed #4914 as a duplicate of this ticket. It crashes at the same location with the same condition.