Opened 20 months ago
Closed 20 months ago
#10306 closed defect (fixed)
Segmentation Violation (cmp_inline in libavcodec/motion_est.c:219)
Reported by: | Youngseok Choi | Owned by: | |
---|---|---|---|
Priority: | important | Component: | avcodec |
Version: | git-master | Keywords: | fuzzing, SIGSEGV |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | yes | |
Analyzed by developer: | yes |
Description
Hello, our fuzzer found a new SEGV bug in FFmpeg.
Command Input
ffmpeg -i poc_file -subcmp 41 .mpG
poc_file is attached.
Command Output
ffmpeg version N-110167-g97c95961f0 Copyright (c) 2000-2023 the FFmpeg developers built with gcc 7 (Ubuntu 7.5.0-3ubuntu1~18.04) configuration: --prefix=/home/youngseok/subjects/latest_asan_install/ffmpeg --extra-cflags='-fsanitize=address -g -O0' --extra-cxxflags='-fsanitize=address -g -O0' --extra-ldflags='-fsanitize=address -g -O0' --disable-optimizations --disable-stripping libavutil 58. 5.100 / 58. 5.100 libavcodec 60. 9.100 / 60. 9.100 libavformat 60. 4.101 / 60. 4.101 libavdevice 60. 2.100 / 60. 2.100 libavfilter 9. 5.100 / 9. 5.100 libswscale 7. 2.100 / 7. 2.100 libswresample 4. 11.100 / 4. 11.100 [h263 @ 0x617000000080] Format h263 detected only with low score of 25, misdetection possible! Input #0, h263, from '/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/ffmpeg/1_id:000014/poc_file': Duration: N/A, bitrate: N/A Stream #0:0: Video: h263, yuv420p, 128x96 [SAR 12:11 DAR 16:11], 29.97 fps, 29.97 tbr, 1200k tbn Stream mapping: Stream #0:0 -> #0:0 (h263 (native) -> mpeg1video (native)) Press [q] to stop, [?] for help [New Thread 0x7ffff1cff700 (LWP 28631)] [h263 @ 0x619000002380] warning: first frame is no keyframe [h263 @ 0x619000002380] run overflow at 4x0 i:0 [h263 @ 0x619000002380] Error at MB: 4 [h263 @ 0x619000002380] concealing 48 DC, 48 AC, 48 MV errors in P frame /home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/ffmpeg/1_id:000014/poc_file: corrupt decoded frame in stream 0 [New Thread 0x7ffff14fe700 (LWP 28632)] [New Thread 0x7ffff0cfd700 (LWP 28633)] [New Thread 0x7ffff04fc700 (LWP 28634)] [New Thread 0x7fffefcfb700 (LWP 28635)] [New Thread 0x7fffef4fa700 (LWP 28636)] [New Thread 0x7fffeecf9700 (LWP 28637)] [New Thread 0x7fffee4f8700 (LWP 28638)] [New Thread 0x7fffedcf7700 (LWP 28639)] [New Thread 0x7fffed4f6700 (LWP 28640)] [New Thread 0x7fffeccf5700 (LWP 28641)] [New Thread 0x7fffec4f4700 (LWP 28642)] [New Thread 0x7fffebcf3700 (LWP 28643)] [New Thread 0x7fffeb4f2700 (LWP 28644)] [New Thread 0x7fffeacf1700 (LWP 28645)] [New Thread 0x7fffea4f0700 (LWP 28646)] [New Thread 0x7fffe9cef700 (LWP 28647)] [New Thread 0x7fffe94ee700 (LWP 28648)] [New Thread 0x7fffe8ced700 (LWP 28649)] [New Thread 0x7fffe84ec700 (LWP 28650)] [New Thread 0x7fffe7ceb700 (LWP 28651)] [New Thread 0x7fffe74ea700 (LWP 28652)] [mpeg1video @ 0x619000003780] too many threads/slices (7), reducing to 6 [mpeg @ 0x617000000b00] VBV buffer size not set, using default size of 230KB If you want the mpeg file to be compliant to some specification Like DVD, VCD or others, make sure you set the correct buffer size Output #0, mpeg, to '.mpG': Metadata: encoder : Lavf60.4.101 Stream #0:0: Video: mpeg1video, yuv420p(progressive), 128x96 [SAR 12:11 DAR 16:11], q=2-31, 200 kb/s, 29.97 fps, 90k tbn Metadata: encoder : Lavc60.9.100 mpeg1video Side data: cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay: N/A [New Thread 0x7fffe6ce9700 (LWP 28653)] [h263 @ 0x619000002380] Reverting picture dimensions change due to header decoding failured=N/A [h263 @ 0x619000002380] header damaged Error while decoding stream #0:0: Invalid data found when processing input [Thread 0x7ffff1cff700 (LWP 28631) exited] [h263 @ 0x619000002380] warning: first frame is no keyframe [h263 @ 0x619000002380] run overflow at 3x0 i:0 [h263 @ 0x619000002380] Error at MB: 3 [h263 @ 0x619000002380] concealing 99 DC, 99 AC, 99 MV errors in P frame /home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/ffmpeg/1_id:000014/poc_file: corrupt decoded frame in stream 0 [Thread 0x7fffec4f4700 (LWP 28642) exited] [Thread 0x7fffea4f0700 (LWP 28646) exited] [Thread 0x7fffeacf1700 (LWP 28645) exited] [Thread 0x7fffeb4f2700 (LWP 28644) exited] [Thread 0x7fffeccf5700 (LWP 28641) exited] [Thread 0x7fffed4f6700 (LWP 28640) exited] [Thread 0x7fffebcf3700 (LWP 28643) exited] [Thread 0x7fffedcf7700 (LWP 28639) exited] [Thread 0x7fffee4f8700 (LWP 28638) exited] [Thread 0x7fffeecf9700 (LWP 28637) exited] [Thread 0x7fffef4fa700 (LWP 28636) exited] [Thread 0x7fffefcfb700 (LWP 28635) exited] [Thread 0x7ffff04fc700 (LWP 28634) exited] [Thread 0x7ffff0cfd700 (LWP 28633) exited] [Thread 0x7ffff14fe700 (LWP 28632) exited] [New Thread 0x7fffea4f0700 (LWP 28654)] [New Thread 0x7fffeacf1700 (LWP 28655)] [New Thread 0x7fffeb4f2700 (LWP 28656)] [New Thread 0x7fffebcf3700 (LWP 28657)] [New Thread 0x7ffff14fe700 (LWP 28658)] [New Thread 0x7ffff0cfd700 (LWP 28659)] [New Thread 0x7ffff04fc700 (LWP 28660)] [New Thread 0x7fffefcfb700 (LWP 28661)] [New Thread 0x7fffef4fa700 (LWP 28662)] [New Thread 0x7fffeecf9700 (LWP 28663)] [New Thread 0x7fffee4f8700 (LWP 28664)] [New Thread 0x7fffedcf7700 (LWP 28665)] [New Thread 0x7fffed4f6700 (LWP 28666)] [New Thread 0x7fffeccf5700 (LWP 28667)] [New Thread 0x7fffec4f4700 (LWP 28668)] [New Thread 0x7fffe64e8700 (LWP 28669)] [New Thread 0x7fffe5ce7700 (LWP 28670)] [New Thread 0x7fffe54e6700 (LWP 28671)] [New Thread 0x7fffe4ce5700 (LWP 28672)] [New Thread 0x7fffe44e4700 (LWP 28673)] [New Thread 0x7fffe3ce3700 (LWP 28674)] [New Thread 0x7fffe34e2700 (LWP 28675)] [New Thread 0x7fffe2ce1700 (LWP 28676)] [New Thread 0x7fffe24e0700 (LWP 28677)] [New Thread 0x7fffe1cdf700 (LWP 28678)] [New Thread 0x7fffe14de700 (LWP 28679)] [New Thread 0x7fffe0cdd700 (LWP 28680)] [New Thread 0x7fffe04dc700 (LWP 28681)] [New Thread 0x7fffdfcdb700 (LWP 28682)] [New Thread 0x7fffdf4da700 (LWP 28683)] internal error in cmp function selection Last message repeated 11 times Thread 1 "ffmpeg_g" received signal SIGSEGV, Segmentation fault. 0x0000000000000000 in ?? ()
Stack Trace
#0 0x0000000000000000 in ?? () #1 0x00005555586b70f1 in cmp_inline (chroma=0, qpel=0, chroma_cmp_func=0x0, cmp_func=0x0, src_index=0, ref_index=0, h=16, size=0, suby=0, subx=0, y=0, x=0, s=0x62500000c900) at libavcodec/motion_est.c:219 #2 cmp_internal (s=0x62500000c900, x=0, y=0, subx=0, suby=0, size=0, h=16, ref_index=0, src_index=0, cmp_func=0x0, chroma_cmp_func=0x0, flags=0) at libavcodec/motion_est.c:255 #3 0x00005555586bc096 in cmp (flags=0, chroma_cmp_func=0x0, cmp_func=0x0, src_index=0, ref_index=0, h=16, size=0, suby=<optimized out>, subx=<optimized out>, y=0, x=0, s=0x62500000c900) at libavcodec/motion_est.c:273 #4 hpel_motion_search (s=0x62500000c900, mx_ptr=0x7fffffffcc70, my_ptr=0x7fffffffccb0, dmin=0, src_index=0, ref_index=0, size=0, h=16) at libavcodec/motion_est_template.c:77 #5 0x00005555586f1c51 in ff_estimate_p_frame_motion (s=0x62500000c900, mb_x=0, mb_y=3) at libavcodec/motion_est.c:1005 #6 0x00005555574a5fe7 in estimate_motion_thread (c=0x619000003780, arg=0x6250000053f0) at libavcodec/mpegvideo_enc.c:2721 #7 0x0000555557629a3d in worker_func (priv=0x619000003780, jobnr=3, threadnr=3, nb_jobs=6, nb_threads=6) at libavcodec/pthread_slice.c:77 #8 0x0000555558d98052 in run_jobs (ctx=0x611000001800) at libavutil/slicethread.c:65 #9 0x0000555558d99142 in avpriv_slicethread_execute (ctx=0x611000001800, nb_jobs=6, execute_main=0) at libavutil/slicethread.c:192 #10 0x0000555557629f40 in thread_execute (avctx=0x619000003780, func=0x5555574a5ac7 <estimate_motion_thread>, arg=0x6250000053d8, ret=0x0, job_count=6, job_size=8) at libavcodec/pthread_slice.c:115 #11 0x00005555574c3382 in encode_picture (s=0x625000005100) at libavcodec/mpegvideo_enc.c:3640 #12 0x0000555557490be9 in ff_mpv_encode_picture (avctx=0x619000003780, pkt=0x610000001d40, pic_arg=0x616000011480, got_packet=0x7fffffffd2e0) at libavcodec/mpegvideo_enc.c:1801 #13 0x0000555556e51a6f in ff_encode_encode_cb (avctx=0x619000003780, avpkt=0x610000001d40, frame=0x616000011480, got_packet=0x7fffffffd2e0) at libavcodec/encode.c:223 #14 0x0000555556e525ec in encode_simple_internal (avctx=0x619000003780, avpkt=0x610000001d40) at libavcodec/encode.c:309 #15 0x0000555556e52735 in encode_simple_receive_packet (avctx=0x619000003780, avpkt=0x610000001d40) at libavcodec/encode.c:323 #16 0x0000555556e52c72 in encode_receive_packet_internal (avctx=0x619000003780, avpkt=0x610000001d40) at libavcodec/encode.c:357 #17 0x0000555556e537e9 in avcodec_send_frame (avctx=0x619000003780, frame=0x616000008d80) at libavcodec/encode.c:506 #18 0x0000555555af7261 in encode_frame (of=0x611000000900, ost=0x618000000080, frame=0x616000008d80) at fftools/ffmpeg.c:904 #19 0x0000555555af871e in submit_encode_frame (of=0x611000000900, ost=0x618000000080, frame=0x616000008d80) at fftools/ffmpeg.c:985 #20 0x0000555555afbd7c in do_video_out (of=0x611000000900, ost=0x618000000080, next_picture=0x616000008d80) at fftools/ffmpeg.c:1345 #21 0x0000555555afc9d7 in reap_filters (flush=0) at fftools/ffmpeg.c:1431 #22 0x0000555555b1887d in transcode_step () at fftools/ffmpeg.c:4007 #23 0x0000555555b18a9f in transcode () at fftools/ffmpeg.c:4044 #24 0x0000555555b196f9 in main (argc=6, argv=0x7fffffffe008) at fftools/ffmpeg.c:4182
Assembler code around pc
gdb didn't produced it. I think PC is located in wrong position.
Dump of assembler code from 0xffffffffffffffe0 to 0x20: End of assembler dump.
Register Info
rax 0x0 0 rbx 0x7fffffffcd70 140737488342384 rcx 0x100 256 rdx 0x62d000018410 108645492818960 rsi 0x62d000022420 108645492859936 rdi 0x62500000c900 108095736957184 rbp 0x7fffffffca00 0x7fffffffca00 rsp 0x7fffffffc8a8 0x7fffffffc8a8 r8 0x10 16 r9 0x62d000018410 108645492818960 r10 0x616000018680 107064944854656 r11 0x246 582 r12 0xffffffff98a 17592186042762 r13 0x7fffffffcc50 140737488342096 r14 0x7fffffffd2c0 140737488343744 r15 0x7fffffffcc50 140737488342096 rip 0x0 0x0 eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 st0 -nan(0xffffffffffff00ff) (raw 0xffffffffffffffff00ff) st1 -nan(0xffffffffffffffff) (raw 0xffffffffffffffffffff) st2 <invalid float value> (raw 0xffff0000000000000000) st3 <invalid float value> (raw 0xffff0000000000000000) st4 <invalid float value> (raw 0xffff00000000000000ff) st5 <invalid float value> (raw 0xffff0000000000000000) st6 <invalid float value> (raw 0xffff0002000200020002) st7 <invalid float value> (raw 0xffff0001000100010001) fctrl 0x37f 895 fstat 0x0 0 ftag 0xffff 65535 fiseg 0x0 0 fioff 0x0 0 foseg 0x0 0 fooff 0x0 0 fop 0x0 0 mxcsr 0x1fa8 [ OE PE IM DM ZM OM UM PM ] ymm0 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm1 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm2 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm3 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm4 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm5 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x10 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x10101010, 0x10101010, 0x10101010, 0x10101010, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x1010101010101010, 0x1010101010101010, 0x0, 0x0}, v2_int128 = {0x10101010101010101010101010101010, 0x0}} ymm6 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x10 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x1010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x10101010, 0x10101010, 0x10101010, 0x10101010, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x1010101010101010, 0x1010101010101010, 0x0, 0x0}, v2_int128 = {0x10101010101010101010101010101010, 0x0}} ymm7 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm8 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm9 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x80, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x80, 0x0 <repeats 19 times>}, v16_int16 = {0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x80, 0x80, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x8000000080, 0x8000000080, 0x0, 0x0}, v2_int128 = { 0x80000000800000008000000080, 0x0}} ymm10 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x80 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x80808080, 0x80808080, 0x80808080, 0x80808080, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x8080808080808080, 0x8080808080808080, 0x0, 0x0}, v2_int128 = {0x80808080808080808080808080808080, 0x0}} ymm11 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0, 0x80, 0x0 <repeats 17 times>}, v16_int16 = {0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x800080, 0x800080, 0x800080, 0x800080, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x80008000800080, 0x80008000800080, 0x0, 0x0}, v2_int128 = {0x800080008000800080008000800080, 0x0}} ymm12 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x80 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x80808080, 0x80808080, 0x80808080, 0x80808080, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x8080808080808080, 0x8080808080808080, 0x0, 0x0}, v2_int128 = {0x80808080808080808080808080808080, 0x0}} ymm13 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x80 <repeats 16 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x80808080, 0x80808080, 0x80808080, 0x80808080, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x8080808080808080, 0x8080808080808080, 0x0, 0x0}, v2_int128 = {0x80808080808080808080808080808080, 0x0}} ymm14 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x0, 0x0}} ymm15 {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0 <repeats 18 times>}, v16_int16 = {0x400, 0x0, 0x400, 0x0, 0x400, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x400, 0x400, 0x400, 0x400, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x40000000400, 0x40000000400, 0x0, 0x0}, v2_int128 = { 0x400000004000000040000000400, 0x0}}
Environment
Built with address sanitizer.
ffmpeg version N-110167-g97c95961f0 Copyright (c) 2000-2023 the FFmpeg developers built with gcc 7 (Ubuntu 7.5.0-3ubuntu1~18.04) configuration: --prefix=/home/youngseok/subjects/latest_asan_install/ffmpeg --extra-cflags='-fsanitize=address -g -O0' --extra-cxxflags='-fsanitize=address -g -O0' --extra-ldflags='-fsanitize=address -g -O0' --disable-optimizations --disable-stripping
Attachments (1)
Change History (2)
by , 20 months ago
comment:1 by , 20 months ago
Analyzed by developer: | set |
---|---|
Component: | undetermined → avcodec |
Priority: | normal → important |
Reproduced by developer: | set |
Resolution: | → fixed |
Status: | new → closed |
Fixed in 7c6e26a18403376987541f1ca801ae225f8ee6d4.
Note:
See TracTickets
for help on using tickets.
the input file used in command