Opened 10 years ago
Closed 10 years ago
#3839 closed defect (fixed)
hevc: invalid write with fuzzed file
| Reported by: | ami_stuff | Owned by: | Christophe |
|---|---|---|---|
| Priority: | important | Component: | avcodec |
| Version: | git-master | Keywords: | hevc crash abort regression |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | yes | |
| Analyzed by developer: | yes |
Description
(gdb) r -i h3f.ts -f null -
Starting program: /media/sdb1/ffmpeg-snapshot/ffmpeg_g -i h3f.ts -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.3.git Copyright (c) 2000-2014 the FFmpeg developers
built on Aug 9 2014 12:01:59 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-ffprobe --disable-ffserver --disable-yasm --enable-gpl
libavutil 52. 98.100 / 52. 98.100
libavcodec 55. 73.101 / 55. 73.101
libavformat 55. 54.100 / 55. 54.100
libavdevice 55. 13.102 / 55. 13.102
libavfilter 4. 11.103 / 4. 11.103
libswscale 2. 6.101 / 2. 6.101
libswresample 0. 19.100 / 0. 19.100
libpostproc 52. 3.100 / 52. 3.100
[mpegts @ 0x93b28a0] PES packet size mismatch
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[mpegts @ 0x93b28a0] Invalid timestamps stream=0, pts=66054, dts=67171318, size=5300
[hevc @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b6480] Error parsing NAL unit #0.
[hevc @ 0x93b6480] Unknown HEVC profile: 0
Last message repeated 1 times
[mpegts @ 0x93b28a0] DTS discontinuity in stream 0: packet 10 with DTS 58545, packet 11 with DTS 67171318
[hevc @ 0x93b6480] Unknown HEVC profile: 0
Last message repeated 1 times
[mpegts @ 0x93b28a0] DTS 69809 < 67171318 out of order
[mpegts @ 0x93b28a0] PES packet size mismatch
Last message repeated 3 times
[mpegts @ 0x93b28a0] nothing to probe for stream 1
[mpegts @ 0x93b28a0] probed stream 1 failed
[mpegts @ 0x93b28a0] probed stream 2 failed
[mpegts @ 0x93b28a0] Could not find codec parameters for stream 1 (Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpegts @ 0x93b28a0] Could not find codec parameters for stream 2 (Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize' options
Input #0, mpegts, from 'h3f.ts':
Duration: 00:00:12.43, start: 0.191589, bitrate: 392 kb/s
Program 1
Stream #0:0[0x12d]: Video: hevc (HEVC / 0x43564548), yuv420p(tv), 320x240, 23.98 tbr, 90k tbn, 90k tbc
No Program
Stream #0:1[0x125]: Unknown: none
Stream #0:2[0x13d]: Unknown: none
[New Thread 0xb7df8b70 (LWP 578)]
[New Thread 0xb75f8b70 (LWP 579)]
[New Thread 0xb6df8b70 (LWP 582)]
[New Thread 0xb65f8b70 (LWP 590)]
[New Thread 0xb5df8b70 (LWP 591)]
[New Thread 0xb55f8b70 (LWP 592)]
[New Thread 0xb4df8b70 (LWP 593)]
[New Thread 0xb45f8b70 (LWP 594)]
[New Thread 0xb3df8b70 (LWP 595)]
[hevc @ 0x93b9aa0] Unknown HEVC profile: 0
[New Thread 0xb35f8b70 (LWP 596)]
[New Thread 0xb2df8b70 (LWP 597)]
[New Thread 0xb25f8b70 (LWP 598)]
[New Thread 0xb1df8b70 (LWP 599)]
[New Thread 0xb15f8b70 (LWP 604)]
[New Thread 0xb0df8b70 (LWP 610)]
[New Thread 0xb05f8b70 (LWP 611)]
[New Thread 0xafdf8b70 (LWP 612)]
[New Thread 0xaf5f8b70 (LWP 613)]
Last message repeated 1 times
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf55.54.100
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240, q=2-31, 200 kb/s, 23.98 fps, 23.98 tbn, 23.98 tbc
Metadata:
encoder : Lavc55.73.101 rawvideo
Stream mapping:
Stream #0:0 -> #0:0 (hevc (native) -> rawvideo (native))
Press [q] to stop, [?] for help
[mpegts @ 0x93b28a0] PES packet size mismatch
[NULL @ 0x93b6480] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x93b9aa0] Could not find ref with POC 0
[hevc @ 0x93b9aa0] Could not find ref with POC 3
[NULL @ 0x93b6480] PPS id out of range: 0
Last message repeated 3 times
[hevc @ 0x93d8240] Could not find ref with POC 9
[NULL @ 0x93b6480] PPS id out of range: 0
Last message repeated 3 times
[mpegts @ 0x93b28a0] Invalid timestamps stream=0, pts=66054, dts=67171318, size=5300
[NULL @ 0x93b6480] PPS id out of range: 0
[NULL @ 0x93b6480] Unknown HEVC profile: 0
Last message repeated 1 times
[null @ 0x9443c80] Encoder did not produce proper pts, making some up.
[hevc @ 0x93aa3e0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x9421ee0] Could not find ref with POC 3
[null @ 0x9443c80] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 11 >= 11
Last message repeated 1 times
[mpegts @ 0x93b28a0] PES packet size mismatch
[hevc @ 0x93f6be0] Invalid NAL unit 1, skipping.
[hevc @ 0x93f6be0] Invalid slice segment address: 30.
[hevc @ 0x93f6be0] Error parsing NAL unit #1.
[hevc @ 0x9406100] Could not find ref with POC 16
[hevc @ 0x93d8240] No start code is found.
[null @ 0x9443c80] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 30 >= 30
[NULL @ 0x93b6480] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x93aa3e0] Unknown HEVC profile: 0
Last message repeated 1 times
Error while decoding stream #0:0: Invalid data found when processing input
[null @ 0x9443c80] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 36 >= 36
Last message repeated 1 times
[hevc @ 0x93b9aa0] No start code is found.
[hevc @ 0x93b0520] Could not find ref with POC 9
[hevc @ 0x93aa3e0] The slice_qp -41 is outside the valid range [0, 51].
[hevc @ 0x93aa3e0] Error parsing NAL unit #0.
[NULL @ 0x93b6480] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x9406100] Unknown HEVC profile: 0
Last message repeated 1 times
Error while decoding stream #0:0: Invalid data found when processing input
[hevc @ 0x93b9aa0] Invalid number of merging MVP candidates: -25.
[hevc @ 0x93b9aa0] Error parsing NAL unit #0.
[hevc @ 0x93aa3e0] Invalid number of merging MVP candidates: -1.
[hevc @ 0x93aa3e0] Error parsing NAL unit #0.
[hevc @ 0x9421ee0] Invalid number of merging MVP candidates: -3.
[hevc @ 0x9421ee0] Error parsing NAL unit #0.
[hevc @ 0x93e76c0] Invalid number of merging MVP candidates: -24.
[hevc @ 0x93e76c0] Error parsing NAL unit #0.
*** glibc detected *** /media/sdb1/ffmpeg-snapshot/ffmpeg_g: corrupted double-linked list: 0x09573830 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x70a8a)[0xb7ea4a8a]
/lib/i386-linux-gnu/libc.so.6(+0x70ebe)[0xb7ea4ebe]
/lib/i386-linux-gnu/libc.so.6(+0x73015)[0xb7ea7015]
/lib/i386-linux-gnu/libc.so.6(+0x74297)[0xb7ea8297]
/lib/i386-linux-gnu/libc.so.6(__libc_memalign+0xa7)[0xb7ea99b7]
/lib/i386-linux-gnu/libc.so.6(posix_memalign+0x49)[0xb7ea9bd9]
/media/sdb1/ffmpeg-snapshot/ffmpeg_g[0x89f0108]
======= Memory map: ========
08048000-08d0e000 r-xp 00000000 08:11 12240 /media/sdb1/ffmpeg-snapshot/ffmpeg_g
08d0e000-08d31000 rw-p 00cc5000 08:11 12240 /media/sdb1/ffmpeg-snapshot/ffmpeg_g
08d31000-09925000 rw-p 00000000 00:00 0 [heap]
41602000-41619000 r-xp 00000000 08:02 10056 /lib/i386-linux-gnu/libz.so.1.2.7
41619000-4161a000 r--p 00016000 08:02 10056 /lib/i386-linux-gnu/libz.so.1.2.7
4161a000-4161b000 rw-p 00017000 08:02 10056 /lib/i386-linux-gnu/libz.so.1.2.7
41628000-41659000 r-xp 00000000 08:02 10014 /lib/i386-linux-gnu/libncursesw.so.5.9
41659000-4165a000 r--p 00030000 08:02 10014 /lib/i386-linux-gnu/libncursesw.so.5.9
4165a000-4165b000 rw-p 00031000 08:02 10014 /lib/i386-linux-gnu/libncursesw.so.5.9
41673000-41676000 r-xp 00000000 08:02 24959 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3
41676000-41677000 r--p 00002000 08:02 24959 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3
41677000-41678000 rw-p 00003000 08:02 24959 /usr/lib/i386-linux-gnu/libpulse-simple.so.0.0.3
4178e000-418c2000 r-xp 00000000 08:02 24566 /usr/lib/i386-linux-gnu/libX11.so.6.3.0
418c2000-418c6000 rw-p 00133000 08:02 24566 /usr/lib/i386-linux-gnu/libX11.so.6.3.0
418c8000-418e9000 r-xp 00000000 08:02 25047 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0
418e9000-418ea000 r--p 00020000 08:02 25047 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0
418ea000-418eb000 rw-p 00021000 08:02 25047 /usr/lib/i386-linux-gnu/libxcb.so.1.1.0
418ed000-418ef000 r-xp 00000000 08:02 24568 /usr/lib/i386-linux-gnu/libXau.so.6.0.0
418ef000-418f0000 rw-p 00001000 08:02 24568 /usr/lib/i386-linux-gnu/libXau.so.6.0.0
418f2000-418f7000 r-xp 00000000 08:02 24574 /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0
418f7000-418f8000 rw-p 00004000 08:02 24574 /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0
41913000-41924000 r-xp 00000000 08:02 24575 /usr/lib/i386-linux-gnu/libXext.so.6.4.0
41924000-41925000 rw-p 00010000 08:02 24575 /usr/lib/i386-linux-gnu/libXext.so.6.4.0
41cd1000-41cd3000 r-xp 00000000 08:02 25013 /usr/lib/i386-linux-gnu/libts-0.0.so.0.1.1
41cd3000-41cd4000 rw-p 00001000 08:02 25013 /usr/lib/i386-linux-gnu/libts-0.0.so.0.1.1
41cd6000-41ce4000 r-xp 00000000 08:02 24578 /usr/lib/i386-linux-gnu/libXi.so.6.1.0
41ce4000-41ce5000 rw-p 0000e000 08:02 24578 /usr/lib/i386-linux-gnu/libXi.so.6.1.0
41f58000-41f6e000 r-xp 00000000 08:02 24654 /usr/lib/i386-linux-gnu/libdirect-1.2.so.9.0.1
41f6e000-41f6f000 rw-p 00016000 08:02 24654 /usr/lib/i386-linux-gnu/libdirect-1.2.so.9.0.1
41f94000-41f98000 r-xp 00000000 08:02 9978 /lib/i386-linux-gnu/libattr.so.1.1.0
41f98000-41f99000 r--p 00003000 08:02 9978 /lib/i386-linux-gnu/libattr.so.1.1.0
41f99000-41f9a000 rw-p 00004000 08:02 9978 /lib/i386-linux-gnu/libattr.so.1.1.0
41f9c000-41fa0000 r-xp 00000000 08:02 9985 /lib/i386-linux-gnu/libcap.so.2.22
41fa0000-41fa1000 rw-p 00003000 08:02 9985 /lib/i386-linux-gnu/libcap.so.2.22
41fa3000-41fab000 r-xp 00000000 08:02 10054 /lib/i386-linux-gnu/libwrap.so.0.7.6
41fab000-41fac000 r--p 00007000 08:02 10054 /lib/i386-linux-gnu/libwrap.so.0.7.6
41fac000-41fad000 rw-p 00008000 08:02 10054 /lib/i386-linux-gnu/libwrap.so.0.7.6
41faf000-41fb4000 r-xp 00000000 08:02 24589 /usr/lib/i386-linux-gnu/libXtst.so.6.1.0
41fb4000-41fb5000 rw-p 00004000 08:02 24589 /usr/lib/i386-linux-gnu/libXtst.so.6.1.0
4244e000-42457000 r-xp 00000000 08:02 24707 /usr/lib/i386-linux-gnu/libfusion-1.2.so.9.0.1
42457000-42458000 rw-p 00008000 08:02 24707 /usr/lib/i386-linux-gnu/libfusion-1.2.so.9.0.1
42489000-42491000 r-xp 00000000 08:02 10005 /lib/i386-linux-gnu/libjson.so.0.1.0
42491000-42492000 r--p 00007000 08:02 10005 /lib/i386-linux-gnu/libjson.so.0.1.0
42492000-42493000 rw-p 00008000 08:02 10005 /lib/i386-linux-gnu/libjson.so.0.1.0
42495000-4249a000 r-xp 00000000 08:02 24603 /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1
4249a000-4249b000 rw-p 00004000 08:02 24603 /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1
424a1000-424a7000 r-xp 00000000 08:02 24920 /usr/lib/i386-linux-gnu/libogg.so.0.8.0
424a7000-424a8000 rw-p 00005000 08:02 24920 /usr/lib/i386-linux-gnu/libogg.so.0.8.0
424aa000-424d4000 r-xp 00000000 08:02 25032 /usr/lib/i386-linux-gnu/libvorbis.so.0.4.5
424d4000-424d5000 r--p 00029000 08:02 25032 /usr/lib/i386-linux-gnu/libvorbis.so.0.4.5
424d5000-424d6000 rw-p 0002a000 08:02 25032 /usr/lib/i386-linux-gnu/libvorbis.so.0.4.5
424d8000-42526000 r-xp 00000000 08:02 24551 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0
42526000-42527000 r--p 0004d000 08:02 24551 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0
42527000-42528000 rw-p 0004e000 08:02 24551 /usr/lib/i386-linux-gnu/libFLAC.so.8.2.0
42530000-42534000 r-xp 00000000 08:02 10053 /lib/i386-linux-gnu/libuuid.so.1.3.0
42534000-42535000 r--p 00003000 08:02 10053 /lib/i386-linux-gnu/libuuid.so.1.3.0
42535000-42536000 rw-p 00004000 08:02 10053 /lib/i386-linux-gnu/libuuid.so.1.3.0
4254b000-4263e000 r-xp 00000000 08:02 24600 /usr/lib/i386-linux-gnu/libasound.so.2.0.0
4263e000-42642000 r--p 000f2000 08:02 24600 /usr/lib/i386-linux-gnu/libasound.so.2.0.0
42642000-42643000 rw-p 000f6000 08:02 24600 /usr/lib/i386-linux-gnu/libasound.so.2.0.0
4266f000-426b8000 r-xp 00000000 08:02 9989 /lib/i386-linux-gnu/libdbus-1.so.3.7.2
426b8000-426b9000 ---p 00049000 08:02 9989 /lib/i386-linux-gnu/libdbus-1.so.3.7.2
426b9000-426ba000 r--p 00049000 08:02 9989 /lib/i386-linux-gnu/libdbus-1.so.3.7.2
426ba000-426bb000 rw-p 0004a000 08:02 9989 /lib/i386-linux-gnu/libdbus-1.so.3.7.2
426e9000-42705000 r-xp 00000000 08:02 9997 /lib/i386-linux-gnu/libgcc_s.so.1
42705000-42706000 rw-p 0001b000 08:02 9997 /lib/i386-linux-gnu/libgcc_s.so.1
427f8000-427ff000 r-xp 00000000 08:02 24562 /usr/lib/i386-linux-gnu/libSM.so.6.0.1
427ff000-42800000 rw-p 00006000 08:02 24562 /usr/lib/i386-linux-gnu/libSM.so.6.0.1
42802000-42818000 r-xp 00000000 08:02 24556 /usr/lib/i386-linux-gnu/libICE.so.6.3.0
42818000-4281a000 rw-p 00015000 08:02 24556 /usr/lib/i386-linux-gnu/libICE.so.6.3.0
4281a000-4281b000 rw-p 00000000 00:00 0
428aa000-428c7000 r-xp 00000000 08:02 10046 /lib/i386-linux-gnu/libtinfo.so.5.9
428c7000-428c9000 r--p 0001c000 08:02 10046 /lib/i386-linux-gnu/libtinfo.so.5.9
428c9000-428ca000 rw-p 0001e000 08:02 10046 /lib/i386-linux-gnu/libtinfo.so.5.9
42af2000-42b75000 r-xp 00000000 08:02 24655 /usr/lib/i386-linux-gnu/libdirectfb-1.2.so.9.0.1
42b75000-42b78000 rw-p 00082000 08:02 24655 /usr/lib/i386-linux-gnu/libdirectfb-1.2.so.9.0.1
42bb9000-42bba000 r-xp 00000000 08:02 24565 /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0
42bba000-42bbb000 rw-p 00000000 08:02 24565 /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0
42bc5000-42c13000 r-xp 00000000 08:02 24960 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2
42c13000-42c14000 r--p 0004d000 08:02 24960 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2
42c14000-42c15000 rw-p 0004e000 08:02 24960 /usr/lib/i386-linux-gnu/libpulse.so.0.14.2
42e38000-42f9e000 r-xp 00000000 08:02 25033 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8
42f9e000-42faf000 r--p 00165000 08:02 25033 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8
42faf000-42fb0000 rw-p 00176000 08:02 25033 /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.8
42fb2000-43018000 r-xp 00000000 08:02 26819 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so
43018000-43019000 r--p 00065000 08:02 26819 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so
43019000-4301a000 rw-p 00066000 08:02 26819 /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-2.0.so
4308c000-430f9000 r-xp 00000000 08:02 24984 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25
430f9000-430fb000 r--p 0006c000 08:02 24984 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25
430fb000-430fc000 rw-p 0006e000 08:02 24984 /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25
430fc000-43100000 rw-p 00000000 00:00 0
43102000-431ea000 r-xp 00000000 08:02 10042 /lib/i386-linux-gnu/libslang.so.2.2.4
431ea000-431ec000 r--p 000e8000 08:02 10042 /lib/i386-linux-gnu/libslang.so.2.2.4
431ec000-431fb000 rw-p 000ea000 08:02 10042 /lib/i386-linux-gnu/libslang.so.2.2.4
431fb000-43235000 rw-p 00000000 00:00 0
44162000-441d4000 r-xp 00000000 08:02 24561 /usr/lib/i386-linux-gnu/libSDL-1.2.so.0.11.4
441d4000-441d5000 r--p 00071000 08:02 24561 /usr/lib/i386-linux-gnu/libSDL-1.2.so.0.11.4
441d5000-441d6000 rw-p 00072000 08:02 24561 /usr/lib/i386-linux-gnu/libSDL-1.2.so.0.11.4
441d6000-44200000 rw-p 00000000 00:00 0
44202000-442c9000 r-xp 00000000 08:02 24627 /usr/lib/i386-linux-gnu/libcaca.so.0.99.18
442c9000-442ca000 rw-p 000c6000 08:02 24627 /usr/lib/i386-linux-gnu/libcaca.so.0.99.18
442ca000-442cf000 rw-p 00000000 00:00 0
aec00000-aecd3000 rw-p 00000000 00:00 0
aecd3000-aed00000 ---p 00000000 00:00 0
aedf9000-aedfa000 ---p 00000000 00:00 0
aedfa000-af5f9000 rw-p 00000000 00:00 0 [stack:613]
af5f9000-af5fa000 ---p 00000000 00:00 0
af5fa000-afdf9000 rw-p 00000000 00:00 0 [stack:612]
afdf9000-afdfa000 ---p 00000000 00:00 0
afdfa000-b05f9000 rw-p 00000000 00:00 0 [stack:611]
b05f9000-b05fa000 ---p 00000000 00:00 0
b05fa000-b0df9000 rw-p 00000000 00:00 0 [stack:610]
b0df9000-b0dfa000 ---p 00000000 00:00 0
b0dfa000-b15f9000 rw-p 00000000 00:00 0 [stack:604]
b15f9000-b15fa000 ---p 00000000 00:00 0
b15fa000-b1df9000 rw-p 00000000 00:00 0 [stack:599]
b1df9000-b1dfa000 ---p 00000000 00:00 0
b1dfa000-b25f9000 rw-p 00000000 00:00 0 [stack:598]
b25f9000-b25fa000 ---p 00000000 00:00 0
b25fa000-b2df9000 rw-p 00000000 00:00 0 [stack:597]
b2df9000-b2dfa000 ---p 00000000 00:00 0
b2dfa000-b35f9000 rw-p 00000000 00:00 0 [stack:596]
b35f9000-b35fa000 ---p 00000000 00:00 0
b35fa000-b3df9000 rw-p 00000000 00:00 0 [stack:595]
b3df9000-b3dfa000 ---p 00000000 00:00 0
b3dfa000-b45f9000 rw-p 00000000 00:00 0 [stack:594]
b45f9000-b45fa000 ---p 00000000 00:00 0
b45fa000-b4df9000 rw-p 00000000 00:00 0 [stack:593]
b4df9000-b4dfa000 ---p 00000000 00:00 0
b4dfa000-b55f9000 rw-p 00000000 00:00 0 [stack:592]
b55f9000-b55fa000 ---p 00000000 00:00 0
b55fa000-b5df9000 rw-p 00000000 00:00 0 [stack:591]
b5df9000-b5dfa000 ---p 00000000 00:00 0
b5dfa000-b65f9000 rw-p 00000000 00:00 0 [stack:590]
b65f9000-b65fa000 ---p 00000000 00:00 0
b65fa000-b6df9000 rw-p 00000000 00:00 0 [stack:582]
b6df9000-b6dfa000 ---p 00000000 00:00 0
b6dfa000-b75f9000 rw-p 00000000 00:00 0 [stack:579]
b75f9000-b75fa000 ---p 00000000 00:00 0
b75fa000-b7dfc000 rw-p 00000000 00:00 0 [stack:578]
b7dfc000-b7e0d000 r-xp 00000000 08:02 29160 /lib/i386-linux-gnu/libresolv-2.13.so
b7e0d000-b7e0e000 r--p 00010000 08:02 29160 /lib/i386-linux-gnu/libresolv-2.13.so
b7e0e000-b7e0f000 rw-p 00011000 08:02 29160 /lib/i386-linux-gnu/libresolv-2.13.so
b7e0f000-b7e12000 rw-p 00000000 00:00 0
b7e12000-b7e25000 r-xp 00000000 08:02 29162 /lib/i386-linux-gnu/libnsl-2.13.so
b7e25000-b7e26000 r--p 00012000 08:02 29162 /lib/i386-linux-gnu/libnsl-2.13.so
b7e26000-b7e27000 rw-p 00013000 08:02 29162 /lib/i386-linux-gnu/libnsl-2.13.so
b7e27000-b7e2f000 rw-p 00000000 00:00 0
b7e2f000-b7e31000 r-xp 00000000 08:02 29151 /lib/i386-linux-gnu/libdl-2.13.so
b7e31000-b7e32000 r--p 00001000 08:02 29151 /lib/i386-linux-gnu/libdl-2.13.so
b7e32000-b7e33000 rw-p 00002000 08:02 29151 /lib/i386-linux-gnu/libdl-2.13.so
b7e33000-b7e34000 rw-p 00000000 00:00 0
b7e34000-b7f7b000 r-xp 00000000 08:02 29158 /lib/i386-linux-gnu/libc-2.13.so
b7f7b000-b7f7c000 ---p 00147000 08:02 29158 /lib/i386-linux-gnu/libc-2.13.so
b7f7c000-b7f7e000 r--p 00147000 08:02 29158 /lib/i386-linux-gnu/libc-2.13.so
b7f7e000-b7f7f000 rw-p 00149000 08:02 29158 /lib/i386-linux-gnu/libc-2.13.so
b7f7f000-b7f82000 rw-p 00000000 00:00 0
b7f82000-b7f97000 r-xp 00000000 08:02 29148 /lib/i386-linux-gnu/libpthread-2.13.so
b7f97000-b7f98000 r--p 00014000 08:02 29148 /lib/i386-linux-gnu/libpthread-2.13.so
b7f98000-b7f99000 rw-p 00015000 08:02 29148 /lib/i386-linux-gnu/libpthread-2.13.so
b7f99000-b7f9b000 rw-p 00000000 00:00 0
b7f9b000-b7fa2000 r-xp 00000000 08:02 29153 /lib/i386-linux-gnu/librt-2.13.so
b7fa2000-b7fa3000 r--p 00006000 08:02 29153 /lib/i386-linux-gnu/librt-2.13.so
b7fa3000-b7fa4000 rw-p 00007000 08:02 29153 /lib/i386-linux-gnu/librt-2.13.so
b7fa4000-b7fc8000 r-xp 00000000 08:02 29155 /lib/i386-linux-gnu/libm-2.13.so
b7fc8000-b7fc9000 r--p 00023000 08:02 29155 /lib/i386-linux-gnu/libm-2.13.so
b7fc9000-b7fca000 rw-p 00024000 08:02 29155 /lib/i386-linux-gnu/libm-2.13.so
b7fca000-b7fcb000 rw-p 00000000 00:00 0
b7fe0000-b7fe2000 rw-p 00000000 00:00 0
b7fe2000-b7ffe000 r-xp 00000000 08:02 29161 /lib/i386-linux-gnu/ld-2.13.so
b7ffe000-b7fff000 r--p 0001b000 08:02 29161 /lib/i386-linux-gnu/ld-2.13.so
b7fff000-b8000000 rw-p 0001c000 08:02 29161 /lib/i386-linux-gnu/ld-2.13.so
bffdf000-c0000000 rw-p 00000000 00:00 0 [stack]
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
Program received signal SIGABRT, Aborted.
0xb7e5e667 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 0xb7e5e667 in *__GI_raise (sig=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0xb7e61a52 in *__GI_abort () at abort.c:92
#2 0xb7e9a98d in __libc_message (do_abort=2,
fmt=0xb7f61330 "*** glibc detected *** %s: %s: 0x%s ***\n")
at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3 0xb7ea4a8a in malloc_printerr (action=<optimized out>,
str=0x6 <Address 0x6 out of bounds>, ptr=0x9573830) at malloc.c:6283
#4 0xb7ea4ebe in malloc_consolidate (av=<optimized out>) at malloc.c:5161
#5 0xb7ea7015 in _int_malloc (av=<optimized out>, bytes=6) at malloc.c:4373
#6 0xb7ea8297 in _int_memalign (av=<optimized out>, alignment=32, bytes=460)
at malloc.c:5492
#7 0xb7ea99b7 in *__GI___libc_memalign (alignment=32, bytes=460)
at malloc.c:3880
#8 0xb7ea9bd9 in __posix_memalign (memptr=memptr@entry=0xbffff26c,
alignment=0, alignment@entry=32, size=539, size@entry=460) at malloc.c:6315
#9 0x089f0108 in av_malloc (size=460) at libavutil/mem.c:95
#10 av_mallocz (size=size@entry=460) at libavutil/mem.c:245
#11 0x089e8b11 in av_frame_alloc () at libavutil/frame.c:127
#12 0x080e3c54 in av_buffersrc_add_frame_internal (ctx=ctx@entry=0x93a52a0,
frame=frame@entry=0x941c7c0, flags=flags@entry=4)
at libavfilter/buffersrc.c:160
#13 0x080e3f25 in av_buffersrc_add_frame_flags (ctx=0x93a52a0,
---Type <return> to continue, or q <return> to quit---
frame=frame@entry=0x941c7c0, flags=flags@entry=4)
at libavfilter/buffersrc.c:106
#14 0x080c992a in decode_video (ist=ist@entry=0x9442220,
pkt=pkt@entry=0xbffff798, got_output=got_output@entry=0xbffff52c)
at ffmpeg.c:1983
#15 0x080cda0b in output_packet (pkt=0xbffff750, ist=0x9442220)
at ffmpeg.c:2117
#16 process_input (file_index=-1073743976) at ffmpeg.c:3524
#17 0x080afba2 in transcode_step () at ffmpeg.c:3618
#18 transcode () at ffmpeg.c:3670
#19 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3846
(gdb)
knoppix@Microknoppix:/media/sdb1$ valgrind --leak-check=full ffmpeg-snapshot/ffmpeg_g -i h3f.ts -f null -
==8546== Memcheck, a memory error detector
==8546== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==8546== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==8546== Command: ffmpeg-snapshot/ffmpeg_g -i h3f.ts -f null -
==8546==
ffmpeg version 2.3.git Copyright (c) 2000-2014 the FFmpeg developers
built on Aug 9 2014 12:01:59 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-ffprobe --disable-ffserver --disable-yasm --enable-gpl
libavutil 52. 98.100 / 52. 98.100
libavcodec 55. 73.101 / 55. 73.101
libavformat 55. 54.100 / 55. 54.100
libavdevice 55. 13.102 / 55. 13.102
libavfilter 4. 11.103 / 4. 11.103
libswscale 2. 6.101 / 2. 6.101
libswresample 0. 19.100 / 0. 19.100
libpostproc 52. 3.100 / 52. 3.100
[mpegts @ 0x422df80] PES packet size mismatch
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[mpegts @ 0x422df80] Invalid timestamps stream=0, pts=66054, dts=67171318, size=5300
[hevc @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x424d0e0] Error parsing NAL unit #0.
[hevc @ 0x424d0e0] Unknown HEVC profile: 0
Last message repeated 1 times
[mpegts @ 0x422df80] DTS discontinuity in stream 0: packet 10 with DTS 58545, packet 11 with DTS 67171318
[hevc @ 0x424d0e0] Unknown HEVC profile: 0
Last message repeated 1 times
[mpegts @ 0x422df80] DTS 69809 < 67171318 out of order
[mpegts @ 0x422df80] PES packet size mismatch
Last message repeated 3 times
[mpegts @ 0x422df80] nothing to probe for stream 1
[mpegts @ 0x422df80] probed stream 1 failed
[mpegts @ 0x422df80] probed stream 2 failed
[mpegts @ 0x422df80] Could not find codec parameters for stream 1 (Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize' options
[mpegts @ 0x422df80] Could not find codec parameters for stream 2 (Unknown: none): unknown codec
Consider increasing the value for the 'analyzeduration' and 'probesize' options
Input #0, mpegts, from 'h3f.ts':
Duration: 00:00:12.43, start: 0.191589, bitrate: 392 kb/s
Program 1
Stream #0:0[0x12d]: Video: hevc (HEVC / 0x43564548), yuv420p(tv), 320x240, 23.98 tbr, 90k tbn, 90k tbc
No Program
Stream #0:1[0x125]: Unknown: none
Stream #0:2[0x13d]: Unknown: none
[hevc @ 0x42572c0] Unknown HEVC profile: 0
Last message repeated 1 times
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf55.54.100
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 320x240, q=2-31, 200 kb/s, 23.98 fps, 23.98 tbn, 23.98 tbc
Metadata:
encoder : Lavc55.73.101 rawvideo
Stream mapping:
Stream #0:0 -> #0:0 (hevc (native) -> rawvideo (native))
Press [q] to stop, [?] for help
[mpegts @ 0x422df80] PES packet size mismatch
[NULL @ 0x424d0e0] PPS id out of range: 0
Last message repeated 1 times
[hevc @ 0x42572c0] Could not find ref with POC 0
[hevc @ 0x42572c0] Could not find ref with POC 3
[NULL @ 0x424d0e0] PPS id out of range: 0
Last message repeated 3 times
[hevc @ 0x45cc560] Could not find ref with POC 9
[NULL @ 0x424d0e0] PPS id out of range: 0
Last message repeated 2 times
[NULL @ 0x424d0e0] PPS id out of range: 00:00:00.00 bitrate=N/A
[mpegts @ 0x422df80] Invalid timestamps stream=0, pts=66054, dts=67171318, size=5300
[NULL @ 0x424d0e0] PPS id out of range: 0
[NULL @ 0x424d0e0] Unknown HEVC profile: 0
Last message repeated 1 times
[null @ 0x4606260] Encoder did not produce proper pts, making some up.
[hevc @ 0x45b2500] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x45be080] Could not find ref with POC 3
[null @ 0x4606260] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 11 >= 11
Last message repeated 1 times
[mpegts @ 0x422df80] PES packet size mismatch:00.50 bitrate=N/A
[hevc @ 0x4a87740] Invalid NAL unit 1, skipping.
[hevc @ 0x4a87740] Invalid slice segment address: 30.
[hevc @ 0x4a87740] Error parsing NAL unit #1.
[hevc @ 0x4a932e0] Could not find ref with POC 16
[hevc @ 0x45cc560] No start code is found.
[null @ 0x4606260] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 30 >= 30
[NULL @ 0x424d0e0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x45b2500] Unknown HEVC profile: 0:00:01.37 bitrate=N/A
Last message repeated 1 times
Error while decoding stream #0:0: Invalid data found when processing input
[null @ 0x4606260] Application provided invalid, non monotonically increasing dts to muxer in stream 0: 36 >= 36
Last message repeated 1 times
[hevc @ 0x42572c0] No start code is found.
[hevc @ 0x45a6960] Could not find ref with POC 9
[hevc @ 0x45b2500] The slice_qp -41 is outside the valid range [0, 51].
[hevc @ 0x45b2500] Error parsing NAL unit #0.
[NULL @ 0x424d0e0] Unknown HEVC profile: 0
Last message repeated 1 times
[hevc @ 0x4a932e0] Unknown HEVC profile: 0
==8546== Thread 18:peated 1 times
==8546== Invalid write of size 1
==8546== at 0x4029E30: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E0F1E: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x457ff40 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F57E0: sao_band_filter_0_8 (hevcdsp_template.c:351)
==8546== by 0x84E0F7A: sao_filter_CTB (hevc_filter.c:261)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x457ff2f is 0 bytes after a block of size 98,351 alloc'd
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89EFE27: av_malloc (mem.c:95)
==8546== by 0x89E1402: av_buffer_allocz (buffer.c:70)
==8546== by 0x89E19E8: av_buffer_pool_get (buffer.c:305)
==8546== by 0x873B119: video_get_buffer (utils.c:675)
==8546== by 0x873D4E8: get_buffer_internal (utils.c:1022)
==8546== by 0x873D873: ff_get_buffer (utils.c:1035)
==8546== by 0x84D2564: set_sps (hevc.c:285)
==8546== by 0x84D86FB: hls_slice_header (hevc.c:407)
==8546== by 0x84DB04B: decode_nal_units (hevc.c:2653)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546==
==8546== Invalid write of size 1
==8546== at 0x4029D03: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E10FE: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e76f is 0 bytes after a block of size 24,623 alloc'd
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89EFE27: av_malloc (mem.c:95)
==8546== by 0x89E1402: av_buffer_allocz (buffer.c:70)
==8546== by 0x89E19E8: av_buffer_pool_get (buffer.c:305)
==8546== by 0x873B145: video_get_buffer (utils.c:675)
==8546== by 0x873D4E8: get_buffer_internal (utils.c:1022)
==8546== by 0x873D873: ff_get_buffer (utils.c:1035)
==8546== by 0x84D2564: set_sps (hevc.c:285)
==8546== by 0x84D86FB: hls_slice_header (hevc.c:407)
==8546== by 0x84DB04B: decode_nal_units (hevc.c:2653)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5913: sao_edge_filter_8 (hevcdsp_template.c:389)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e76f is 0 bytes after a block of size 24,623 alloc'd
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89EFE27: av_malloc (mem.c:95)
==8546== by 0x89E1402: av_buffer_allocz (buffer.c:70)
==8546== by 0x89E19E8: av_buffer_pool_get (buffer.c:305)
==8546== by 0x873B145: video_get_buffer (utils.c:675)
==8546== by 0x873D4E8: get_buffer_internal (utils.c:1022)
==8546== by 0x873D873: ff_get_buffer (utils.c:1035)
==8546== by 0x84D2564: set_sps (hevc.c:285)
==8546== by 0x84D86FB: hls_slice_header (hevc.c:407)
==8546== by 0x84DB04B: decode_nal_units (hevc.c:2653)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F594E: sao_edge_filter_8 (hevcdsp_template.c:388)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e76f is 0 bytes after a block of size 24,623 alloc'd
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89EFE27: av_malloc (mem.c:95)
==8546== by 0x89E1402: av_buffer_allocz (buffer.c:70)
==8546== by 0x89E19E8: av_buffer_pool_get (buffer.c:305)
==8546== by 0x873B145: video_get_buffer (utils.c:675)
==8546== by 0x873D4E8: get_buffer_internal (utils.c:1022)
==8546== by 0x873D873: ff_get_buffer (utils.c:1035)
==8546== by 0x84D2564: set_sps (hevc.c:285)
==8546== by 0x84D86FB: hls_slice_header (hevc.c:407)
==8546== by 0x84DB04B: decode_nal_units (hevc.c:2653)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5953: sao_edge_filter_8 (hevcdsp_template.c:388)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6E56: hls_decode_entry (hevc.c:2293)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e76f is 0 bytes after a block of size 24,623 alloc'd
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89EFE27: av_malloc (mem.c:95)
==8546== by 0x89E1402: av_buffer_allocz (buffer.c:70)
==8546== by 0x89E19E8: av_buffer_pool_get (buffer.c:305)
==8546== by 0x873B145: video_get_buffer (utils.c:675)
==8546== by 0x873D4E8: get_buffer_internal (utils.c:1022)
==8546== by 0x873D873: ff_get_buffer (utils.c:1035)
==8546== by 0x84D2564: set_sps (hevc.c:285)
==8546== by 0x84D86FB: hls_slice_header (hevc.c:407)
==8546== by 0x84DB04B: decode_nal_units (hevc.c:2653)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546==
==8546== Invalid write of size 1
==8546== at 0x4029E30: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E10FE: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x4580001 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5E50: sao_edge_filter_1_8 (hevcdsp_template.c:498)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x457ffc1 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5913: sao_edge_filter_8 (hevcdsp_template.c:389)
==8546== by 0x84F5EB4: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x457ffc1 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid write of size 1
==8546== at 0x4029D03: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E10FE: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E3657: ff_hevc_hls_filter (hevc_filter.c:701)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7a1 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid write of size 1
==8546== at 0x4029E30: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E10FE: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x4580041 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5E50: sao_edge_filter_1_8 (hevcdsp_template.c:498)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x4580001 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5913: sao_edge_filter_8 (hevcdsp_template.c:389)
==8546== by 0x84F5EB4: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x4580001 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid write of size 1
==8546== at 0x4029D03: memcpy (mc_replace_strmem.c:838)
==8546== by 0x84E10FE: sao_filter_CTB (hevc_filter.c:148)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7c1 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5CA8: sao_edge_filter_1_8 (hevcdsp_template.c:481)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7e0 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F594E: sao_edge_filter_8 (hevcdsp_template.c:388)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7c1 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5953: sao_edge_filter_8 (hevcdsp_template.c:388)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7c0 is not stack'd, malloc'd or (recently) free'd
==8546==
==8546== Invalid read of size 1
==8546== at 0x84F5913: sao_edge_filter_8 (hevcdsp_template.c:389)
==8546== by 0x84F5D21: sao_edge_filter_1_8 (hevcdsp_template.c:503)
==8546== by 0x84E1186: sao_filter_CTB (hevc_filter.c:299)
==8546== by 0x84E357D: ff_hevc_hls_filter (hevc_filter.c:708)
==8546== by 0x84D6F1C: hls_decode_entry (hevc.c:2298)
==8546== by 0x873DB68: avcodec_default_execute (utils.c:1108)
==8546== by 0x84DB4C8: decode_nal_units (hevc.c:2311)
==8546== by 0x84DBAFB: hevc_decode_frame (hevc.c:3045)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
==8546== Address 0x431e7c2 is not stack'd, malloc'd or (recently) free'd
==8546==
valgrind: m_mallocfree.c:266 (mk_plain_bszB): Assertion 'bszB != 0' failed.
valgrind: This is probably caused by your program erroneously writing past the
end of a heap block and corrupting heap metadata. If you fix any
invalid writes reported by Memcheck, this assertion failure will
probably go away. Please try that before reporting this as a bug.
==8546== at 0x3803D043: report_and_quit (m_libcassert.c:210)
==8546== by 0x3803D162: vgPlain_assert_fail (m_libcassert.c:284)
==8546== by 0x380007D6: mk_plain_bszB.part.5 (m_mallocfree.c:266)
==8546== by 0x38049BB2: unlinkBlock (m_mallocfree.c:1393)
==8546== by 0x3804A5B7: vgPlain_arena_malloc (m_mallocfree.c:1555)
==8546== by 0x3804B20A: vgPlain_arena_memalign (m_mallocfree.c:1892)
==8546== by 0x380843DB: vgPlain_cli_malloc (replacemalloc_core.c:86)
==8546== by 0x38016112: vgMemCheck_new_block (mc_malloc_wrappers.c:248)
==8546== by 0x38016414: vgMemCheck_memalign (mc_malloc_wrappers.c:315)
==8546== by 0x38086BBC: vgPlain_scheduler (scheduler.c:1469)
==8546== by 0x38098C07: run_a_thread_NORETURN (syswrap-linux.c:98)
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable
==8546== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==8546== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==8546== by 0x89F0107: av_mallocz (mem.c:95)
==8546== by 0x84D2074: set_sps (mem.h:232)
==8546== by 0x84D2B99: hevc_update_thread_context (hevc.c:3277)
==8546== by 0x865E342: update_context_from_thread (pthread_frame.c:246)
==8546== by 0x865E83B: ff_thread_decode_frame (pthread_frame.c:346)
==8546== by 0x873EED1: avcodec_decode_video2 (utils.c:2283)
==8546== by 0x80C9503: decode_video (ffmpeg.c:1883)
==8546== by 0x80CDA0A: process_input (ffmpeg.c:2117)
==8546== by 0x80AFBA1: main (ffmpeg.c:3618)
Thread 2: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 3: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 4: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 5: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 6: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 7: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 8: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 9: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 10: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x80EC549: worker (pthread.c:81)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 11: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 12: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 13: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 14: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 15: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 16: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 17: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 18: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Thread 19: status = VgTs_WaitSys
==8546== at 0x407FEA5: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:153)
==8546== by 0x865E4E3: frame_worker_thread (pthread_frame.c:149)
==8546== by 0x407B953: start_thread (pthread_create.c:304)
==8546== by 0x416395D: clone (clone.S:130)
Note: see also the FAQ in the source distribution.
It contains workarounds to several common problems.
In particular, if Valgrind aborted or crashed after
identifying problems in your program, there's a good chance
that fixing those problems will prevent Valgrind aborting or
crashing, especially if it happened in m_mallocfree.c.
If that doesn't help, please report this bug to: www.valgrind.org
In the bug report, send all the above text, the valgrind
version, and what OS and version you are using. Thanks.
Attachments (1)
Change History (4)
by , 10 years ago
comment:1 by , 10 years ago
| Component: | undetermined → avcodec |
|---|---|
| Keywords: | hevc crash abort regression added |
| Priority: | normal → important |
| Reproduced by developer: | set |
| Status: | new → open |
| Version: | unspecified → git-master |
follow-up: 3 comment:2 by , 10 years ago
| Analyzed by developer: | set |
|---|---|
| Owner: | set to |
This is due to incorrect dimensions being used when allocating (tmp|sao)_image.
I'm somehow not seeing how to attach a file, so I'll submit the patch directly to the mailing list.
comment:3 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | open → closed |
Replying to kurosu:
I'm somehow not seeing how to attach a file, so I'll submit the patch directly to the mailing list.
I am not sure what the problem could have been but please do not attach patches here (except to ask for tests), always post them to the mailing list.
Fixed by Christophe Gisquet in 71175472
Thank you everybody!
Note:
See TracTickets
for help on using tickets.
Regression since d249e682