Opened 12 years ago
Closed 12 years ago
#1825 closed defect (fixed)
Invalid reads decoding a TiVo sample
| Reported by: | Carl Eugen Hoyos | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | undetermined |
| Version: | git-master | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
I will upload a part of a TiVo sample that triggers invalid reads in samplefmt.c.
$ valgrind ./ffmpeg_g -i invalidreads -vn -f null -
==13459== Memcheck, a memory error detector
==13459== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==13459== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==13459== Command: ./ffmpeg_g -i invalidreads -vn -f null -
==13459==
ffmpeg version N-45613-g711ffb8 Copyright (c) 2000-2012 the FFmpeg developers
built on Oct 17 2012 11:48:39 with gcc 4.7 (SUSE Linux)
configuration: --disable-optimizations --disable-asm --disable-yasm --disable-indev=jack
libavutil 51. 76.100 / 51. 76.100
libavcodec 54. 66.100 / 54. 66.100
libavformat 54. 32.101 / 54. 32.101
libavdevice 54. 3.100 / 54. 3.100
libavfilter 3. 19.103 / 3. 19.103
libswscale 2. 1.101 / 2. 1.101
libswresample 0. 16.100 / 0. 16.100
[mpeg2video @ 0x66d8cf0] mpeg_decode_postinit() failure
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=147057, dts=147058, size=7990
[mpeg2video @ 0x66d8cf0] mpeg_decode_postinit() failure
Last message repeated 5 times
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=156066, dts=156067, size=14679
[mpeg2video @ 0x66d8cf0] mpeg_decode_postinit() failure
Last message repeated 5 times
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=165075, dts=165076, size=6480
[mpeg2video @ 0x66d8cf0] mpeg_decode_postinit() failure
Last message repeated 5 times
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=174084, dts=174085, size=3279
[mpeg2video @ 0x66d8cf0] mpeg_decode_postinit() failure
Last message repeated 2 times
[mpeg2video @ 0x66d8cf0] ignoring pic after 100
[mpeg2video @ 0x66d8cf0] ac-tex damaged at 3 0
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 1
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 2
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 3
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 2 4
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 5
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 6
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 7
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 1 8
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 9
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 10
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 11
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 3 12
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 7 13
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 14
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 15
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 1 16
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 17
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 18
[mpeg2video @ 0x66d8cf0] mb incr damaged
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 20
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 21
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 3 22
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 4 23
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 24
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 2 25
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 1 26
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 27
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 1 28
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 0 29
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 2 30
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 4 31
[mpeg2video @ 0x66d8cf0] ac-tex damaged at 3 32
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 33
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 4 34
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 2 35
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 36
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 2 37
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 2 38
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 39
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 1 40
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 3 41
[mpeg2video @ 0x66d8cf0] invalid mb type in I Frame at 3 42
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 3 43
[mpeg2video @ 0x66d8cf0] skipped MB in I frame at 2 44
[mpeg2video @ 0x66d8cf0] Warning MVs not available
[mpeg2video @ 0x66d8cf0] concealing 3600 DC, 3600 AC, 3600 MV errors in I frame
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=183093, dts=183094, size=9276
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=192102, dts=192103, size=5485
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=201111, dts=201112, size=7199
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=210120, dts=210121, size=6458
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=219129, dts=219130, size=3354
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=228138, dts=228139, size=9285
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=237147, dts=237148, size=7329
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=246156, dts=246157, size=10311
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=255165, dts=255166, size=7127
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=264174, dts=264175, size=4240
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=273183, dts=273184, size=8859
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=282192, dts=282193, size=7628
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=291201, dts=291202, size=13860
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=300210, dts=300211, size=6932
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=309219, dts=309220, size=3232
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=318228, dts=318229, size=13272
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=327237, dts=327238, size=8337
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=336246, dts=336247, size=14330
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=345255, dts=345256, size=7015
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=354264, dts=354265, size=2933
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=363273, dts=363274, size=9550
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=372282, dts=372283, size=7393
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=381291, dts=382043, size=22263
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=391802, dts=392554, size=28771
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=402312, dts=402313, size=3966
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=411321, dts=411322, size=14760
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=420330, dts=420331, size=2244
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=429339, dts=429340, size=8645
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=438348, dts=438349, size=10248
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=447357, dts=447358, size=4597
[mpeg @ 0x66b2220] Invalid timestamps stream=1, pts=456366, dts=456367, size=28760
[mpeg @ 0x66b2220] Stream #0: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #2: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #3: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #4: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #5: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #6: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #7: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #8: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #9: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #10: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #11: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #12: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #13: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Stream #14: not enough frames to estimate rate; consider increasing probesize
[mpeg @ 0x66b2220] Could not find codec parameters for stream 0 (Audio: truehd, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 3 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 4 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 8 (Audio: truehd, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 9 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 10 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 11 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 13 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpeg @ 0x66b2220] Could not find codec parameters for stream 14 (Audio: dts, 0 channels): unspecified sample format
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[NULL @ 0x66d02d0] start time is not set in estimate_timings_from_pts
[NULL @ 0x7410b80] start time is not set in estimate_timings_from_pts
[NULL @ 0x74afcc0] start time is not set in estimate_timings_from_pts
[NULL @ 0x751fc50] start time is not set in estimate_timings_from_pts
[NULL @ 0x78754d0] start time is not set in estimate_timings_from_pts
[NULL @ 0x788e010] start time is not set in estimate_timings_from_pts
[NULL @ 0x7a341c0] start time is not set in estimate_timings_from_pts
[NULL @ 0x7aecc10] start time is not set in estimate_timings_from_pts
[NULL @ 0x7b20070] start time is not set in estimate_timings_from_pts
[NULL @ 0x7b54a20] start time is not set in estimate_timings_from_pts
[NULL @ 0x7c0a2f0] start time is not set in estimate_timings_from_pts
Truncating packet of size 18301 to 17913
Guessed Channel Layout for Input Stream #0.5 : 2.1
Guessed Channel Layout for Input Stream #0.6 : 7.1
Guessed Channel Layout for Input Stream #0.7 : 7.1
Input #0, mpeg, from 'invalidreads':
Duration: 00:00:04.20, start: 1.600600, bitrate: 11691 kb/s
Stream #0:0[0xb3]: Audio: truehd, 0 channels
Stream #0:1[0x1e0]: Video: mpeg2video (Main), yuv420p, 1280x720 [SAR 1:1 DAR 16:9], 20000 kb/s, 59.94 fps, 59.94 tbr, 90k tbn, 119.88 tbc
Stream #0:2[0x28]: Subtitle: dvd_subtitle
Stream #0:3[0x8f]: Audio: dts, 0 channels
Stream #0:4[0x8a]: Audio: dts, 0 channels
Stream #0:5[0xa6]: Audio: pcm_dvd, 48000 Hz, 2.1, s32, 3456 kb/s
Stream #0:6[0xa3]: Audio: pcm_s16be, 44100 Hz, 7.1, s16, 5644 kb/s
Stream #0:7[0xac]: Audio: pcm_s16be, 44100 Hz, 7.1, s16, 5644 kb/s
Stream #0:8[0xb9]: Audio: truehd, 0 channels
Stream #0:9[0x89]: Audio: dts, 0 channels
Stream #0:10[0x9e]: Audio: dts, 0 channels
Stream #0:11[0x88]: Audio: dts, 0 channels
Stream #0:12[0x2d]: Subtitle: dvd_subtitle
Stream #0:13[0x9f]: Audio: dts, 0 channels
Stream #0:14[0x9c]: Audio: dts, 0 channels
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf54.32.101
Stream #0:0: Audio: pcm_s16le, 44100 Hz, 7.1, s16, 5644 kb/s
Stream mapping:
Stream #0:6 -> #0:0 (pcm_s16be -> pcm_s16le)
Press [q] to stop, [?] for help
Multiple frames in a packet from stream 6
[pcm_s16be @ 0x76a6080] Invalid PCM packet, data has size 13 but at least a size of 16 was expected
Error while decoding stream #0:6: Invalid data found when processing input
Input stream #0:6 frame changed from rate:44100 fmt:s16 ch:8 chl:7.1 to rate:96000 fmt:s16 ch:2 chl:2 channels (FL+FR+FC+LFE+BL+BR+SL+SR)
==13459== Invalid read of size 8
==13459== at 0x4C2C56A: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0xC37F26: av_samples_copy (samplefmt.c:217)
==13459== by 0x430970: ff_copy_buffer_ref (buffer.c:226)
==13459== by 0x431010: av_buffersrc_add_ref (buffersrc.c:132)
==13459== by 0x430DFB: av_buffersrc_add_frame (buffersrc.c:90)
==13459== by 0x41624C: decode_audio (ffmpeg.c:1539)
==13459== by 0x417299: output_packet (ffmpeg.c:1761)
==13459== by 0x41B5C0: process_input (ffmpeg.c:2826)
==13459== by 0x41B91A: transcode_step (ffmpeg.c:2922)
==13459== by 0x41BA27: transcode (ffmpeg.c:2974)
==13459== by 0x41BFF5: main (ffmpeg.c:3158)
==13459== Address 0x6741bb8 is 8 bytes before a block of size 4,928 alloc'd
==13459== at 0x4C290FE: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0xC31BC9: av_malloc (mem.c:95)
==13459== by 0xC31D29: av_mallocz (mem.c:199)
==13459== by 0x9DF079: ff_fast_malloc (utils.c:82)
==13459== by 0x9DF13C: av_fast_padded_malloc (utils.c:102)
==13459== by 0x9E1DB4: ff_alloc_packet2 (utils.c:1076)
==13459== by 0x90D95B: pcm_encode_frame (pcm.c:101)
==13459== by 0x9E244C: avcodec_encode_audio2 (utils.c:1215)
==13459== by 0x4126D6: do_audio_out (ffmpeg.c:636)
==13459== by 0x413F6B: reap_filters (ffmpeg.c:1048)
==13459== by 0x41B978: transcode_step (ffmpeg.c:2931)
==13459==
==13459== Invalid read of size 8
==13459== at 0x4C2C558: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0xC37F26: av_samples_copy (samplefmt.c:217)
==13459== by 0x430970: ff_copy_buffer_ref (buffer.c:226)
==13459== by 0x431010: av_buffersrc_add_ref (buffersrc.c:132)
==13459== by 0x430DFB: av_buffersrc_add_frame (buffersrc.c:90)
==13459== by 0x41624C: decode_audio (ffmpeg.c:1539)
==13459== by 0x417299: output_packet (ffmpeg.c:1761)
==13459== by 0x41B5C0: process_input (ffmpeg.c:2826)
==13459== by 0x41B91A: transcode_step (ffmpeg.c:2922)
==13459== by 0x41BA27: transcode (ffmpeg.c:2974)
==13459== by 0x41BFF5: main (ffmpeg.c:3158)
==13459== Address 0x6741bb0 is 16 bytes before a block of size 4,928 alloc'd
==13459== at 0x4C290FE: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==13459== by 0xC31BC9: av_malloc (mem.c:95)
==13459== by 0xC31D29: av_mallocz (mem.c:199)
==13459== by 0x9DF079: ff_fast_malloc (utils.c:82)
==13459== by 0x9DF13C: av_fast_padded_malloc (utils.c:102)
==13459== by 0x9E1DB4: ff_alloc_packet2 (utils.c:1076)
==13459== by 0x90D95B: pcm_encode_frame (pcm.c:101)
==13459== by 0x9E244C: avcodec_encode_audio2 (utils.c:1215)
==13459== by 0x4126D6: do_audio_out (ffmpeg.c:636)
==13459== by 0x413F6B: reap_filters (ffmpeg.c:1048)
==13459== by 0x41B978: transcode_step (ffmpeg.c:2931)
==13459==
[pcm_s16be @ 0x76a6080] Invalid PCM packet, data has size 1 but at least a size of 4 was expected
Error while decoding stream #0:6: Invalid data found when processing input
[mpeg @ 0x66b2220] New audio stream 0:15 at pos:5343735 and DTS:4.92914s
[mpeg @ 0x66b2220] New audio stream 0:16 at pos:5832880 and DTS:5.28114s
size= 0kB time=00:00:03.43 bitrate= 0.0kbits/s
video:0kB audio:10kB subtitle:0 global headers:0kB muxing overhead -100.000000%
==13459==
==13459== HEAP SUMMARY:
==13459== in use at exit: 0 bytes in 0 blocks
==13459== total heap usage: 2,033 allocs, 2,033 frees, 23,744,398 bytes allocated
==13459==
==13459== All heap blocks were freed -- no leaks are possible
==13459==
==13459== For counts of detected and suppressed errors, rerun with: -v
==13459== ERROR SUMMARY: 718 errors from 2 contexts (suppressed: 2 from 2)
Change History (3)
comment:1 by , 12 years ago
comment:3 by , 12 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
I believe that the invalid reads were fixed.
Note:
See TracTickets
for help on using tickets.
Sample uploaded to http://samples.ffmpeg.org/ffmpeg-bugs/trac/ticket1825/