Opened 12 years ago
Closed 12 years ago
#1498 closed defect (fixed)
h264 crash 2
Reported by: | ami_stuff | Owned by: | |
---|---|---|---|
Priority: | important | Component: | avcodec |
Version: | git-master | Keywords: | h264 |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | yes | |
Analyzed by developer: | no |
Description
http://www.datafilehost.com/download-6f8f3112.html
(gdb) r -vcodec h264 -i 1.mpg -an -f null - Starting program: d:\mingw\msys\1.0\ffmpeg\ffmpeg_g.exe -vcodec h264 -i 1.mpg -a n -f null - [New Thread 1572.0x8c] ffmpeg version 0.10.2.git Copyright (c) 2000-2012 the FFmpeg developers built on Jun 28 2012 19:36:59 with gcc 4.6.1 configuration: --disable-ffprobe --disable-ffplay --disable-asm libavutil 51. 63.100 / 51. 63.100 libavcodec 54. 29.101 / 54. 29.101 libavformat 54. 11.100 / 54. 11.100 libavdevice 54. 0.100 / 54. 0.100 libavfilter 3. 0.100 / 3. 0.100 libswscale 2. 1.100 / 2. 1.100 libswresample 0. 15.100 / 0. 15.100 [mpeg @ 03992338] max_analyze_duration 5000000 reached at 5000000 Input #0, mpeg, from '1.mpg': Duration: 00:02:15.29, start: 0.642422, bitrate: 601 kb/s Stream #0:0[0x1e0]: Video: h264, yuv420p, 352x240 [SAR 200:219 DAR 880:657], 480 kb/s, 24 fps, 24 tbr, 90k tbn, 24 tbc Stream #0:1[0x1c0]: Audio: mp2, 44100 Hz, stereo, s16, 96 kb/s [graph 0 input from stream 0:0 @ 039bfd70] w:352 h:240 pixfmt:yuv420p tb:1/90000 fr:24/1 sar:200/219 sws_param:flags=2 [output stream 0:0 @ 039bf1b0] No opaque field provided Output #0, null, to 'pipe:': Metadata: encoder : Lavf54.11.100 Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 352x240 [SAR 200: 219 DAR 880:657], q=2-31, 200 kb/s, 90k tbn, 24 tbc Stream mapping: Stream #0:0 -> #0:0 (h264 -> rawvideo) Press [q] to stop, [?] for help [h264 @ 03ef5b50] non-existing PPS referenced [h264 @ 03ef5b50] non-existing PPS 0 referenced [h264 @ 03ef5b50] decode_slice_header error [h264 @ 03ef5b50] no frame! Error while decoding stream #0:0: Error number -1 occurred [cut] [h264 @ 03ef5b50] FMO not supported [h264 @ 03ef5b50] reference overflow (pps) [h264 @ 03ef5b50] Missing reference picture Last message repeated 2 times [h264 @ 03ef5b50] concealing 726 DC, 726 AC, 726 MV errors Program received signal SIGSEGV, Segmentation fault. 0x008c0a82 in guess_mv (s=0x40046e0) at libavcodec/error_resilience.c:441 441 s->current_picture.f.motion_val[0][mot_index][0]= s->last_pi cture.f.motion_val[0][mot_index][0]; (gdb) bt #0 0x008c0a82 in guess_mv (s=0x40046e0) at libavcodec/error_resilience.c:441 #1 ff_er_frame_end (s=0x40046e0) at libavcodec/error_resilience.c:1200 #2 0x006f0134 in field_end (h=0x40046e0, in_setup=<optimized out>) at libavcodec/h264.c:2787 #3 0x007a1d66 in decode_frame (avctx=0x3ef5b50, data=0x39a1df0, data_size=0x22eedc, avpkt=0x22ebd8) at libavcodec/h264.c:4602 #4 0x00513a6b in avcodec_decode_video2 (avctx=0x3ef5b50, picture=0x39a1df0, got_picture_ptr=0x22eedc, avpkt=0x22ee10) at libavcodec/utils.c:1485 #5 0x00407bc4 in decode_video (got_output=<optimized out>, pkt=<optimized out>, ist=<optimized out>) at ffmpeg.c:2456 #6 output_packet (ist=0x39bf440, pkt=0x22fbd0) at ffmpeg.c:2630 #7 0x0040d44b in transcode () at ffmpeg.c:3647 #8 0x00a3b587 in main (argc=9, argv=0x39a0dc0) at ffmpeg.c:5934 (gdb)
Attachments (1)
Change History (5)
comment:1 by , 12 years ago
Component: | undetermined → avcodec |
---|---|
Keywords: | h264 added |
Priority: | normal → important |
Reproduced by developer: | set |
Status: | new → open |
Version: | unspecified → git-master |
by , 12 years ago
Attachment: | valgrind.log added |
---|
comment:3 by , 12 years ago
I attached the 32bit valgrind output, the sample cannot be cut significantly.
==12409== Invalid read of size 2 ==12409== at 0x871DE6E: ff_er_frame_end (error_resilience.c:441) ==12409== Address 0x7CF8330 is 16 bytes inside a block of size 6,400 free'd ==12409== at 0x402243F: free (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==12409== by 0x8812DE1: av_freep (mem.c:180) ==12409== ==12409== Invalid read of size 2 ==12409== at 0x871DE7D: ff_er_frame_end (error_resilience.c:442) ==12409== Address 0x7CF8332 is 18 bytes inside a block of size 6,400 free'd ==12409== at 0x402243F: free (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==12409== by 0x8812DE1: av_freep (mem.c:180) ==12409== ==12409== Invalid read of size 1 ==12409== at 0x871DE9A: ff_er_frame_end (error_resilience.c:443) ==12409== Address 0x4A04140 is 0 bytes inside a block of size 420 free'd ==12409== at 0x402243F: free (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==12409== by 0x8812DE1: av_freep (mem.c:180) ==12409== ==12409== Invalid read of size 8 ==12409== at 0x8697C4A: ??? (h264_chromamc.asm:441) ==12409== Address 0x5736CE0 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x8697C35: ??? (h264_chromamc.asm:441) ==12409== Address 0x5736D20 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x8697C38: ??? (h264_chromamc.asm:441) ==12409== Address 0x5736D60 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x8697C47: ??? (h264_chromamc.asm:441) ==12409== Address 0x5736DA0 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x86745BC: put_h264_qpel16_mc00_sse2 (dsputil_mmx.c:464) ==12409== Address 0x5736CC0 is 0 bytes after a block of size 86,944 alloc'd ==12409== at 0x4021A50: memalign (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==12409== by 0x4021AAA: posix_memalign (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so) ==12409== by 0x8812FAF: av_malloc (mem.c:95) ==12409== ==12409== Invalid read of size 8 ==12409== at 0x86745AE: put_h264_qpel16_mc00_sse2 (dsputil_mmx.c:464) ==12409== Address 0x5736D40 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x86745B2: put_h264_qpel16_mc00_sse2 (dsputil_mmx.c:464) ==12409== Address 0x5736DC0 is not stack'd, malloc'd or (recently) free'd ==12409== ==12409== Invalid read of size 8 ==12409== at 0x86745B7: put_h264_qpel16_mc00_sse2 (dsputil_mmx.c:464) ==12409== Address 0x5736E40 is not stack'd, malloc'd or (recently) free'd
Note:
See TracTickets
for help on using tickets.
Shows invalid reads with valgrind.