Ticket #8242: gdb-vf_neighbor_191

File gdb-vf_neighbor_191, 17.0 KB (added by Suhwan, 4 years ago)
Line 
1GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git
2Copyright (C) 2018 Free Software Foundation, Inc.
3License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
4This is free software: you are free to change and redistribute it.
5There is NO WARRANTY, to the extent permitted by law. Type "show copying"
6and "show warranty" for details.
7This GDB was configured as "x86_64-linux-gnu".
8Type "show configuration" for configuration details.
9For bug reporting instructions, please see:
10<http://www.gnu.org/software/gdb/bugs/>.
11Find the GDB manual and other documentation resources online at:
12<http://www.gnu.org/software/gdb/documentation/>.
13For help, type "help".
14Type "apropos word" to search for commands related to "word"...
15Reading symbols from ../ffmpeg/ffmpeg_g...done.
16(gdb) r
17Starting program: ffmpeg/ffmpeg_g -y -i samples/tmp3/tmp-32.png48 -filter_complex deflate -target dvd -loglevel 99 -map 0 -disposition:v:227 webvtt -ar 48000 -ac 20 output/tmp.u16le
18[Thread debugging using libthread_db enabled]
19Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
20ffmpeg version N-95314-g1331e00179 Copyright (c) 2000-2019 the FFmpeg developers
21 built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
22 configuration: --cc=clang --cxx=clang++ --ld=clang --enable-debug --toolchain=clang-asan
23 libavutil 56. 35.100 / 56. 35.100
24 libavcodec 58. 59.102 / 58. 59.102
25 libavformat 58. 33.100 / 58. 33.100
26 libavdevice 58. 9.100 / 58. 9.100
27 libavfilter 7. 62.100 / 7. 62.100
28 libswscale 5. 6.100 / 5. 6.100
29 libswresample 3. 6.100 / 3. 6.100
30Splitting the commandline.
31Reading option '-y' ... matched as option 'y' (overwrite output files) with argument '1'.
32Reading option '-i' ... matched as input url with argument 'samples/tmp3/tmp-32.png48'.
33Reading option '-filter_complex' ... matched as option 'filter_complex' (create a complex filtergraph) with argument 'deflate'.
34Reading option '-target' ... matched as option 'target' (specify target file type ("vcd", "svcd", "dvd", "dv" or "dv50" with optional prefixes "pal-", "ntsc-" or "film-")) with argument 'dvd'.
35Reading option '-loglevel' ... matched as option 'loglevel' (set logging level) with argument '99'.
36Reading option '-map' ... matched as option 'map' (set input stream mapping) with argument '0'.
37Reading option '-disposition:v:227' ... matched as option 'disposition' (disposition) with argument 'webvtt'.
38Reading option '-ar' ... matched as option 'ar' (set audio sampling rate (in Hz)) with argument '48000'.
39Reading option '-ac' ... matched as option 'ac' (set number of audio channels) with argument '20'.
40Reading option 'output/tmp.u16le' ... matched as output url.
41Finished splitting the commandline.
42Parsing a group of options: global .
43Applying option y (overwrite output files) with argument 1.
44Applying option filter_complex (create a complex filtergraph) with argument deflate.
45Applying option loglevel (set logging level) with argument 99.
46Successfully parsed a group of options.
47Parsing a group of options: input url samples/tmp3/tmp-32.png48.
48Successfully parsed a group of options.
49Opening an input file: samples/tmp3/tmp-32.png48.
50[NULL @ 0x61b000000080] Opening 'samples/tmp3/tmp-32.png48' for reading
51[file @ 0x610000000040] Setting default whitelist 'file,crypto'
52Probing mpegts score:2 size:290
53Probing png_pipe score:99 size:290
54[png_pipe @ 0x61b000000080] Format png_pipe probed with size=2048 and score=99
55[png_pipe @ 0x61b000000080] Before avformat_find_stream_info() pos: 0 bytes read:290 seeks:0 nb_streams:1
56[png_pipe @ 0x61b000000080] stream 0: start_time: -368934881474191040.000 duration: -368934881474191040.000
57[png_pipe @ 0x61b000000080] format: start_time: -9223372036854.775 duration: -9223372036854.775 (estimate from bit rate) bitrate=0 kb/s
58[png_pipe @ 0x61b000000080] After avformat_find_stream_info() pos: 290 bytes read:290 seeks:0 frames:1
59Input #0, png_pipe, from 'samples/tmp3/tmp-32.png48':
60 Duration: N/A, bitrate: N/A
61 Stream #0:0, 1, 1/25: Video: png, 1 reference frame, rgba64be(pc), 1x1, 0/1, 25 tbr, 25 tbn, 25 tbc
62Successfully opened the file.
63Parsing a group of options: output url output/tmp.u16le.
64Applying option target (specify target file type ("vcd", "svcd", "dvd", "dv" or "dv50" with optional prefixes "pal-", "ntsc-" or "film-")) with argument dvd.
65Assuming PAL for target.
66Applying option map (set input stream mapping) with argument 0.
67Applying option disposition:v:227 (disposition) with argument webvtt.
68Applying option ar (set audio sampling rate (in Hz)) with argument 48000.
69Applying option ac (set number of audio channels) with argument 20.
70Successfully parsed a group of options.
71Opening an output file: output/tmp.u16le.
72[file @ 0x610000000840] Setting default whitelist 'file,crypto'
73Successfully opened the file.
74detected 48 logical cores
75[New Thread 0x7ffff172d700 (LWP 41596)]
76[New Thread 0x7ffff0f2c700 (LWP 41597)]
77[New Thread 0x7ffff072b700 (LWP 41601)]
78[New Thread 0x7fffeff2a700 (LWP 41604)]
79[New Thread 0x7fffef729700 (LWP 41607)]
80[New Thread 0x7fffeef28700 (LWP 41610)]
81[New Thread 0x7fffee727700 (LWP 41615)]
82[New Thread 0x7fffedf26700 (LWP 41616)]
83[New Thread 0x7fffed725700 (LWP 41618)]
84[New Thread 0x7fffecf24700 (LWP 41619)]
85[New Thread 0x7fffec723700 (LWP 41622)]
86[New Thread 0x7fffebf22700 (LWP 41626)]
87[New Thread 0x7fffeb721700 (LWP 41629)]
88[New Thread 0x7fffeaf20700 (LWP 41631)]
89[New Thread 0x7fffea71f700 (LWP 41639)]
90[New Thread 0x7fffe9f1e700 (LWP 41643)]
91Stream mapping:
92 Stream #0:0 (png) -> deflate
93 deflate -> Stream #0:0 (mpeg2video)
94Press [q] to stop, [?] for help
95cur_dts is invalid st:0 (0) [init:0 i_done:0 finish:0] (this is harmless if it occurs once at the start per stream)
96[New Thread 0x7fffe971d700 (LWP 41645)]
97[New Thread 0x7fffe8f1c700 (LWP 41646)]
98[New Thread 0x7fffe871b700 (LWP 41647)]
99[New Thread 0x7fffe7f1a700 (LWP 41650)]
100[New Thread 0x7fffe7719700 (LWP 41655)]
101[New Thread 0x7fffe6f18700 (LWP 41657)]
102[New Thread 0x7fffe6717700 (LWP 41659)]
103[New Thread 0x7fffe5f16700 (LWP 41665)]
104[New Thread 0x7fffe5715700 (LWP 41671)]
105[New Thread 0x7fffe4f14700 (LWP 41672)]
106[New Thread 0x7fffe4713700 (LWP 41673)]
107[New Thread 0x7fffe3f12700 (LWP 41674)]
108[New Thread 0x7fffe3711700 (LWP 41675)]
109[New Thread 0x7fffe2f08700 (LWP 41678)]
110[New Thread 0x7fffe26f1700 (LWP 41680)]
111[New Thread 0x7fffe1eda700 (LWP 41685)]
112[New Thread 0x7fffe16c3700 (LWP 41691)]
113[New Thread 0x7fffe0eac700 (LWP 41693)]
114[New Thread 0x7fffe0695700 (LWP 41694)]
115[New Thread 0x7fffdfe7e700 (LWP 41695)]
116[New Thread 0x7fffdf667700 (LWP 41696)]
117[New Thread 0x7fffdee50700 (LWP 41697)]
118[New Thread 0x7fffde639700 (LWP 41699)]
119[New Thread 0x7fffdde22700 (LWP 41701)]
120[New Thread 0x7fffdd60b700 (LWP 41703)]
121[New Thread 0x7fffdcdf4700 (LWP 41706)]
122[New Thread 0x7fffdc5dd700 (LWP 41707)]
123[New Thread 0x7fffdbdc6700 (LWP 41709)]
124[New Thread 0x7fffdb5af700 (LWP 41716)]
125[New Thread 0x7fffdad98700 (LWP 41717)]
126[New Thread 0x7fffda581700 (LWP 41720)]
127[New Thread 0x7fffd9d6a700 (LWP 41721)]
128[New Thread 0x7fffd9553700 (LWP 41722)]
129[New Thread 0x7fffd8d3c700 (LWP 41723)]
130[New Thread 0x7fffd8525700 (LWP 41724)]
131[New Thread 0x7fffd7d0e700 (LWP 41725)]
132[New Thread 0x7fffd74f7700 (LWP 41726)]
133[New Thread 0x7fffd6ce0700 (LWP 41729)]
134[New Thread 0x7fffd64c9700 (LWP 41731)]
135[New Thread 0x7fffd5cb2700 (LWP 41733)]
136[New Thread 0x7fffd549b700 (LWP 41737)]
137[New Thread 0x7fffd4c84700 (LWP 41739)]
138[New Thread 0x7fffd446d700 (LWP 41742)]
139[New Thread 0x7fffd3c56700 (LWP 41745)]
140[New Thread 0x7fffd343f700 (LWP 41750)]
141[New Thread 0x7fffd2c28700 (LWP 41751)]
142[New Thread 0x7fffd2411700 (LWP 41754)]
143[New Thread 0x7fffd1bfa700 (LWP 41755)]
144 Last message repeated 1 times
145[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'video_size' to value '1x1'
146[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'pix_fmt' to value '106'
147[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'time_base' to value '1/25'
148[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'pixel_aspect' to value '0/1'
149[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'sws_param' to value 'flags=2'
150[graph 0 input from stream 0:0 @ 0x6110000011c0] Setting 'frame_rate' to value '25/1'
151[graph 0 input from stream 0:0 @ 0x6110000011c0] w:1 h:1 pixfmt:rgba64be tb:1/25 fr:25/1 sar:0/1 sws_param:flags=2
152[scaler_out_0_0 @ 0x611000001440] Setting 'w' to value '720'
153[scaler_out_0_0 @ 0x611000001440] Setting 'h' to value '576'
154[scaler_out_0_0 @ 0x611000001440] Setting 'flags' to value 'bicubic'
155[scaler_out_0_0 @ 0x611000001440] w:720 h:576 flags:'bicubic' interl:0
156[format @ 0x6110000016c0] Setting 'pix_fmts' to value 'yuv420p'
157[auto_scaler_0 @ 0x61100001b700] w:iw h:ih flags:'bilinear' interl:0
158[Parsed_deflate_0 @ 0x611000001080] auto-inserting filter 'auto_scaler_0' between the filter 'graph 0 input from stream 0:0' and the filter 'Parsed_deflate_0'
159[AVFilterGraph @ 0x60e000001280] query_formats: 5 queried, 3 merged, 1 already done, 0 delayed
160[auto_scaler_0 @ 0x61100001b700] picking gbrap16le out of 55 ref:rgba64be alpha:1
161[swscaler @ 0x62f000000400] Forcing full internal H chroma due to odd output size
162[swscaler @ 0x62f000000400] Forcing full internal H chroma due to input having non subsampled chroma
163[auto_scaler_0 @ 0x61100001b700] w:1 h:1 fmt:rgba64be sar:0/1 -> w:1 h:1 fmt:gbrap16le sar:0/1 flags:0x2
164[scaler_out_0_0 @ 0x611000001440] w:1 h:1 fmt:gbrap16le sar:0/1 -> w:720 h:576 fmt:yuv420p sar:0/1 flags:0x4
165=================================================================
166==41359==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000007d7e at pc 0x000001038790 bp 0x7fffffffa190 sp 0x7fffffffa188
167READ of size 2 at 0x619000007d7e thread T0
168 #0 0x103878f in deflate16 ffmpeg/libavfilter/vf_neighbor.c:191:35
169 #1 0x1033f4b in filter_slice ffmpeg/libavfilter/vf_neighbor.c:301:13
170 #2 0x9429d9 in worker_func ffmpeg/libavfilter/pthread.c:50:15
171 #3 0x8658de2 in run_jobs ffmpeg/libavutil/slicethread.c:61:9
172 #4 0x8658484 in avpriv_slicethread_execute ffmpeg/libavutil/slicethread.c:188:19
173 #5 0x942136 in thread_execute ffmpeg/libavfilter/pthread.c:72:5
174 #6 0x102f611 in filter_frame ffmpeg/libavfilter/vf_neighbor.c:328:5
175 #7 0x827289 in ff_filter_activate_default ffmpeg/libavfilter/avfilter.c:1071:11
176 #8 0x827289 in ff_filter_activate ffmpeg/libavfilter/avfilter.c:1430
177 #9 0x870182 in push_frame ffmpeg/libavfilter/buffersrc.c:187:15
178 #10 0x870182 in av_buffersrc_add_frame_internal ffmpeg/libavfilter/buffersrc.c:261
179 #11 0x86ebc2 in av_buffersrc_add_frame_flags ffmpeg/libavfilter/buffersrc.c:170:16
180 #12 0x666867 in ifilter_send_frame ffmpeg/fftools/ffmpeg.c:2196:11
181 #13 0x666867 in send_frame_to_filters ffmpeg/fftools/ffmpeg.c:2270
182 #14 0x6075f7 in decode_video ffmpeg/fftools/ffmpeg.c:2469:11
183 #15 0x6075f7 in process_input_packet ffmpeg/fftools/ffmpeg.c:2623
184 #16 0x6450b8 in process_input ffmpeg/fftools/ffmpeg.c:4313:23
185 #17 0x5e7157 in transcode_step ffmpeg/fftools/ffmpeg.c:4638:11
186 #18 0x5e7157 in transcode ffmpeg/fftools/ffmpeg.c:4692
187 #19 0x5db65b in main ffmpeg/fftools/ffmpeg.c:4894:9
188 #20 0x7ffff5c93b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
189 #21 0x41def9 in _start (ffmpeg/ffmpeg_g+0x41def9)
190
1910x619000007d7e is located 2 bytes to the left of 1055-byte region [0x619000007d80,0x61900000819f)
192allocated by thread T0 here:
193 #0 0x4de9e8 in posix_memalign (ffmpeg/ffmpeg_g+0x4de9e8)
194 #1 0x8564fb1 in av_malloc ffmpeg/libavutil/mem.c:87:9
195 #2 0x84cc231 in av_buffer_alloc ffmpeg/libavutil/buffer.c:72:12
196 #3 0x84cc231 in av_buffer_allocz ffmpeg/libavutil/buffer.c:85
197 #4 0x84d0a56 in pool_alloc_buffer ffmpeg/libavutil/buffer.c:313:26
198 #5 0x84d0a56 in av_buffer_pool_get ffmpeg/libavutil/buffer.c:349
199 #6 0x91af8d in ff_frame_pool_get ffmpeg/libavfilter/framepool.c:222:29
200 #7 0x15a660c in ff_default_get_video_buffer ffmpeg/libavfilter/video.c:90:13
201 #8 0x124c7f9 in scale_frame ffmpeg/libavfilter/vf_scale.c:460:11
202 #9 0x124a8ec in filter_frame ffmpeg/libavfilter/vf_scale.c:549:11
203 #10 0x827289 in ff_filter_activate_default ffmpeg/libavfilter/avfilter.c:1071:11
204 #11 0x827289 in ff_filter_activate ffmpeg/libavfilter/avfilter.c:1430
205 #12 0x870135 in push_frame ffmpeg/libavfilter/buffersrc.c:187:15
206 #13 0x870135 in av_buffersrc_add_frame_internal ffmpeg/libavfilter/buffersrc.c:261
207 #14 0x86ebc2 in av_buffersrc_add_frame_flags ffmpeg/libavfilter/buffersrc.c:170:16
208 #15 0x666867 in ifilter_send_frame ffmpeg/fftools/ffmpeg.c:2196:11
209 #16 0x666867 in send_frame_to_filters ffmpeg/fftools/ffmpeg.c:2270
210 #17 0x6075f7 in decode_video ffmpeg/fftools/ffmpeg.c:2469:11
211 #18 0x6075f7 in process_input_packet ffmpeg/fftools/ffmpeg.c:2623
212 #19 0x6450b8 in process_input ffmpeg/fftools/ffmpeg.c:4313:23
213 #20 0x5e7157 in transcode_step ffmpeg/fftools/ffmpeg.c:4638:11
214 #21 0x5e7157 in transcode ffmpeg/fftools/ffmpeg.c:4692
215 #22 0x5db65b in main ffmpeg/fftools/ffmpeg.c:4894:9
216 #23 0x7ffff5c93b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
217
218SUMMARY: AddressSanitizer: heap-buffer-overflow ffmpeg/libavfilter/vf_neighbor.c:191:35 in deflate16
219Shadow bytes around the buggy address:
220 0x0c327fff8f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
221 0x0c327fff8f60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
222 0x0c327fff8f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
223 0x0c327fff8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
224 0x0c327fff8f90: 00 00 00 00 00 fa fa fa fa fa fa fa fa fa fa fa
225=>0x0c327fff8fa0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa]
226 0x0c327fff8fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
227 0x0c327fff8fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
228 0x0c327fff8fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
229 0x0c327fff8fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
230 0x0c327fff8ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
231Shadow byte legend (one shadow byte represents 8 application bytes):
232 Addressable: 00
233 Partially addressable: 01 02 03 04 05 06 07
234 Heap left redzone: fa
235 Freed heap region: fd
236 Stack left redzone: f1
237 Stack mid redzone: f2
238 Stack right redzone: f3
239 Stack after return: f5
240 Stack use after scope: f8
241 Global redzone: f9
242 Global init order: f6
243 Poisoned by user: f7
244 Container overflow: fc
245 Array cookie: ac
246 Intra object redzone: bb
247 ASan internal: fe
248 Left alloca redzone: ca
249 Right alloca redzone: cb
250==41359==ABORTING
251[Thread 0x7fffd1bfa700 (LWP 41755) exited]
252[Thread 0x7fffd2411700 (LWP 41754) exited]
253[Thread 0x7fffd2c28700 (LWP 41751) exited]
254[Thread 0x7fffd343f700 (LWP 41750) exited]
255[Thread 0x7fffd3c56700 (LWP 41745) exited]
256[Thread 0x7fffd446d700 (LWP 41742) exited]
257[Thread 0x7fffd4c84700 (LWP 41739) exited]
258[Thread 0x7fffd549b700 (LWP 41737) exited]
259[Thread 0x7fffd5cb2700 (LWP 41733) exited]
260[Thread 0x7fffd64c9700 (LWP 41731) exited]
261[Thread 0x7fffd74f7700 (LWP 41726) exited]
262[Thread 0x7fffd7d0e700 (LWP 41725) exited]
263[Thread 0x7fffd8525700 (LWP 41724) exited]
264[Thread 0x7fffd8d3c700 (LWP 41723) exited]
265[Thread 0x7fffd9553700 (LWP 41722) exited]
266[Thread 0x7fffd9d6a700 (LWP 41721) exited]
267[Thread 0x7fffda581700 (LWP 41720) exited]
268[Thread 0x7fffdad98700 (LWP 41717) exited]
269[Thread 0x7fffdb5af700 (LWP 41716) exited]
270[Thread 0x7fffdbdc6700 (LWP 41709) exited]
271[Thread 0x7fffdc5dd700 (LWP 41707) exited]
272[Thread 0x7fffdcdf4700 (LWP 41706) exited]
273[Thread 0x7fffdd60b700 (LWP 41703) exited]
274[Thread 0x7fffdde22700 (LWP 41701) exited]
275[Thread 0x7fffde639700 (LWP 41699) exited]
276[Thread 0x7fffdee50700 (LWP 41697) exited]
277[Thread 0x7fffdf667700 (LWP 41696) exited]
278[Thread 0x7fffdfe7e700 (LWP 41695) exited]
279[Thread 0x7fffe0695700 (LWP 41694) exited]
280[Thread 0x7fffe0eac700 (LWP 41693) exited]
281[Thread 0x7fffe16c3700 (LWP 41691) exited]
282[Thread 0x7fffe1eda700 (LWP 41685) exited]
283[Thread 0x7fffe26f1700 (LWP 41680) exited]
284[Thread 0x7fffe2f08700 (LWP 41678) exited]
285[Thread 0x7fffe3711700 (LWP 41675) exited]
286[Thread 0x7fffe3f12700 (LWP 41674) exited]
287[Thread 0x7fffe4713700 (LWP 41673) exited]
288[Thread 0x7fffe4f14700 (LWP 41672) exited]
289[Thread 0x7fffe5715700 (LWP 41671) exited]
290[Thread 0x7fffe5f16700 (LWP 41665) exited]
291[Thread 0x7fffe6717700 (LWP 41659) exited]
292[Thread 0x7fffe6f18700 (LWP 41657) exited]
293[Thread 0x7fffe7719700 (LWP 41655) exited]
294[Thread 0x7fffe7f1a700 (LWP 41650) exited]
295[Thread 0x7fffe871b700 (LWP 41647) exited]
296[Thread 0x7fffe8f1c700 (LWP 41646) exited]
297[Thread 0x7fffe971d700 (LWP 41645) exited]
298[Thread 0x7fffe9f1e700 (LWP 41643) exited]
299[Thread 0x7fffea71f700 (LWP 41639) exited]
300[Thread 0x7fffeaf20700 (LWP 41631) exited]
301[Thread 0x7fffeb721700 (LWP 41629) exited]
302[Thread 0x7fffebf22700 (LWP 41626) exited]
303[Thread 0x7fffec723700 (LWP 41622) exited]
304[Thread 0x7fffecf24700 (LWP 41619) exited]
305[Thread 0x7fffed725700 (LWP 41618) exited]
306[Thread 0x7fffedf26700 (LWP 41616) exited]
307[Thread 0x7fffee727700 (LWP 41615) exited]
308[Thread 0x7fffeef28700 (LWP 41610) exited]
309[Thread 0x7fffef729700 (LWP 41607) exited]
310[Thread 0x7fffeff2a700 (LWP 41604) exited]
311[Thread 0x7ffff072b700 (LWP 41601) exited]
312[Thread 0x7ffff0f2c700 (LWP 41597) exited]
313[Thread 0x7ffff172d700 (LWP 41596) exited]
314[Thread 0x7ffff7fb6780 (LWP 41359) exited]
315[Inferior 1 (process 41359) exited with code 01]
316