Opened 6 years ago

Closed 6 years ago

#3098 closed defect (fixed)

thp: deadlock with fuzzed file

Reported by: ami_stuff Owned by:
Priority: important Component: undetermined
Version: git-master Keywords: thp deadlock
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

http://www1.datafilehost.com/d/20e9852c

(gdb) r -threads 1 -i ./fuzz.thp -f null -
The program being debugged has been started already.
Start it from the beginning? (y or n) y

Starting program: /media/sdb1/ffmpeg-HEAD-da30d0c/ffmpeg_g -threads 1 -i ./fuzz.thp -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.0-da30d0c Copyright (c) 2000-2013 the FFmpeg developers
  built on Oct 22 2013 14:57:21 with gcc 4.7 (Debian 4.7.2-5)
  configuration: --disable-yasm --disable-ffprobe --disable-ffserver --enable-gpl
  libavutil      52. 47.101 / 52. 47.101
  libavcodec     55. 37.102 / 55. 37.102
  libavformat    55. 19.103 / 55. 19.103
  libavdevice    55.  4.100 / 55.  4.100
  libavfilter     3. 89.100 /  3. 89.100
  libswscale      2.  5.101 /  2.  5.101
  libswresample   0. 17.104 /  0. 17.104
  libpostproc    52.  3.100 / 52.  3.100
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b66a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=29 x=31
[thp @ 0x91b4dc0] DTS discontinuity in stream 1: packet 15 with DTS 9223090561878081195, packet 16 with DTS 9223090562951824083
Guessed Channel Layout for  Input Stream #0.1 : stereo
Input #0, thp, from './fuzz.thp':
  Duration: 00:00:12.78, bitrate: 6254 kb/s
    Stream #0:0: Video: thp, yuvj420p(pc), 640x480, 29.97 fps, 29.97 tbr, 29.97 tbn, 29.97 tbc
    Stream #0:1: Audio: adpcm_thp, 32000 Hz, stereo, s16p
[New Thread 0xb7df8b70 (LWP 20816)]
[New Thread 0xb75f8b70 (LWP 20826)]
[New Thread 0xb6df8b70 (LWP 20827)]
[New Thread 0xb65f8b70 (LWP 20828)]
[New Thread 0xb5df8b70 (LWP 20831)]
[New Thread 0xb55f8b70 (LWP 20851)]
[New Thread 0xb4df8b70 (LWP 20886)]
[New Thread 0xb45f8b70 (LWP 20887)]
[New Thread 0xb3df8b70 (LWP 20888)]
[New Thread 0xb35f8b70 (LWP 20889)]
[New Thread 0xb2df8b70 (LWP 20891)]
[New Thread 0xb25f8b70 (LWP 20892)]
[New Thread 0xb1df8b70 (LWP 20894)]
[New Thread 0xb15f8b70 (LWP 20934)]
[New Thread 0xb0df8b70 (LWP 20945)]
[New Thread 0xb05f8b70 (LWP 20946)]
[New Thread 0xafdf8b70 (LWP 20947)]
[New Thread 0xaf5f8b70 (LWP 20985)]
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf55.19.103
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuvj420p, 640x480, q=2-31, 200 kb/s, 90k tbn, 29.97 tbc
    Stream #0:1: Audio: pcm_s16le, 32000 Hz, stereo, s16, 1024 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (thp -> rawvideo)
  Stream #0:1 -> #0:1 (adpcm_thp -> pcm_s16le)
Press [q] to stop, [?] for help
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=29 x=31
[null @ 0x91c6120] Encoder did not produce proper pts, making some up.
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=29 x=34
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=29 x=27
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=28 x=35
[thp @ 0x91b56a0] overread 8
[thp @ 0x91b56a0] EOI missing, emulating
[thp @ 0x91b56a0] overread 8
[thp @ 0x91b56a0] EOI missing, emulating
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=29 x=31
[thp @ 0x91b56a0] huffman table decode error
[...]
[thp @ 0x91b56a0] overread 8
[thp @ 0x91b56a0] EOI missing, emulating
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=21 x=16
[thp @ 0x91b56a0] overread 8
[thp @ 0x91b56a0] EOI missing, emulating
[thp @ 0x91b56a0] mjpeg_decode_dc: bad vlc: 0:0 (0x91b75a8)
[thp @ 0x91b56a0] error dc
[thp @ 0x91b56a0] error y=23 x=18
[thp @ 0x91b56a0] overread 8
[thp @ 0x91b56a0] EOI missing, emulating
frame=  365 fps=365 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps=243 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps=182 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps=146 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps=122 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps=104 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps= 91 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps= 81 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
frame=  365 fps= 73 q=0.0 size=N/A time=18:47:25.37 bitrate=N/A dup=67 drop=0
Program received signal SIGINT, Interrupt.
0xb7ec4951 in gettimeofday () at ../sysdeps/unix/syscall-template.S:82
82	../sysdeps/unix/syscall-template.S: No such file or directory.
(gdb) bt
#0  0xb7ec4951 in gettimeofday () at ../sysdeps/unix/syscall-template.S:82
#1  0x0891a4e8 in av_gettime () at libavutil/time.c:43
#2  0x080a5392 in transcode () at ffmpeg.c:3239
#3  main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3430
(gdb) 

Change History (2)

comment:1 Changed 6 years ago by cehoyos

  • Keywords thp deadlock added
  • Priority changed from normal to important
  • Reproduced by developer set
  • Status changed from new to open
  • Version changed from unspecified to git-master

EOF-related.

comment:2 Changed 6 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed
Note: See TracTickets for help on using tickets.