Opened 8 years ago
Closed 8 years ago
#5215 closed defect (fixed)
cfhd: crash with fuzzed file 5
| Reported by: | ami_stuff | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avcodec |
| Version: | git-master | Keywords: | cfhd crash SIGSEGV |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | yes | |
| Analyzed by developer: | no |
Description (last modified by )
http://www.megafileupload.com/aelI/3_fuzz5.avi
aaa@aaa-VirtualBox /media/sdb1 $ valgrind --leak-check=full ffmpeg/ffmpeg -threads 1 -i 3_fuzz5.avi -f null -
==2226== Memcheck, a memory error detector
==2226== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==2226== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==2226== Command: ffmpeg/ffmpeg -threads 1 -i 3_fuzz5.avi -f null -
==2226==
ffmpeg version 2.8.git Copyright (c) 2000-2016 the FFmpeg developers
built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04)
configuration: --disable-ffplay --disable-ffprobe --disable-ffserver --enable-gpl
libavutil 55. 17.100 / 55. 17.100
libavcodec 57. 24.101 / 57. 24.101
libavformat 57. 24.100 / 57. 24.100
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 28.100 / 6. 28.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
[cfhd @ 0x4272560] Escape codeword not found, probably corrupt data
Input #0, avi, from '3_fuzz5.avi':
Metadata:
date : 2016-01-"3T13:45:31+01:00
encoder : Adobe Premiere Pro CC 2015 (Windows)
Duration: 00:00:04.97, start: 0.000000, bitrate: 17221 kb/s
Stream #0:0: Video: cfhd (CFHD / 0x44484643), gbrp12le(10 bpc), 720x480, 17182 kb/s, 29.97 fps, 29.97 tbr, 29.97 tbn, 29.97 tbc
Output #0, null, to 'pipe:':
Metadata:
date : 2016-01-"3T13:45:31+01:00
encoder : Lavf57.24.100
Stream #0:0: Video: wrapped_avframe, gbrp12le(10 bpc), 720x480, q=2-31, 200 kb/s, 29.97 fps, 29.97 tbn, 29.97 tbc
Metadata:
encoder : Lavc57.24.101 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (cfhd (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid highpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Subband Count of 11 is unsupported
[cfhd @ 0x490eb20] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Channel Count of 1027 is unsupported
[cfhd @ 0x490eb20] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number actual
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x838143E: av_clip_uintp2_c (common.h:231)
==2226== by 0x838143E: filter (cfhd.c:113)
==2226== by 0x838143E: horiz_filter_clip (cfhd.c:130)
==2226== by 0x838143E: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x838147D: av_clip_uintp2_c (common.h:231)
==2226== by 0x838147D: filter (cfhd.c:118)
==2226== by 0x838147D: horiz_filter_clip (cfhd.c:130)
==2226== by 0x838147D: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x8381E09: av_clip_uintp2_c (common.h:231)
==2226== by 0x8381E09: filter (cfhd.c:103)
==2226== by 0x8381E09: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381E09: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x8381E56: av_clip_uintp2_c (common.h:231)
==2226== by 0x8381E56: filter (cfhd.c:108)
==2226== by 0x8381E56: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381E56: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x8381EA3: av_clip_uintp2_c (common.h:231)
==2226== by 0x8381EA3: filter (cfhd.c:93)
==2226== by 0x8381EA3: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381EA3: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
==2226== Conditional jump or move depends on uninitialised value(s)
==2226== at 0x8381EE4: av_clip_uintp2_c (common.h:231)
==2226== by 0x8381EE4: filter (cfhd.c:98)
==2226== by 0x8381EE4: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381EE4: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226==
[cfhd @ 0x490eb20] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Subband Count of 16394 is unsupported
[cfhd @ 0x490eb20] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Channel Count of 16387 is unsupported
[cfhd @ 0x490eb20] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Subband Count of 36 is unsupported
[cfhd @ 0x490eb20] Invalid dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt dataed= 0x
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x490eb20] Invalid dimensions
Error while decoding stream #0:0: Invalid argument
==2226== Invalid write of size 2
==2226== at 0x8381488: filter (cfhd.c:118)
==2226== by 0x8381488: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381488: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226== Address 0x7973bae is 353,326 bytes inside a block of size 353,327 alloc'd
==2226== at 0x402C580: memalign (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2226== by 0x402C6AE: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2226== by 0x8B5E727: av_malloc (mem.c:97)
==2226== by 0x8B4D349: av_buffer_alloc (buffer.c:71)
==2226== by 0x8B4D349: av_buffer_allocz (buffer.c:84)
==2226== by 0x8B4DA25: pool_alloc_buffer (buffer.c:329)
==2226== by 0x8B4DA25: av_buffer_pool_get (buffer.c:393)
==2226== by 0x8716645: video_get_buffer (utils.c:670)
==2226== by 0x8716645: avcodec_default_get_buffer2 (utils.c:725)
==2226== by 0x8717080: get_buffer_internal (utils.c:879)
==2226== by 0x8717080: ff_get_buffer (utils.c:892)
==2226== by 0x86642B6: thread_get_buffer_internal (pthread_frame.c:769)
==2226== by 0x86642B6: ff_thread_get_buffer (pthread_frame.c:845)
==2226== by 0x8380257: cfhd_decode (cfhd.c:424)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226==
==2226== Invalid write of size 2
==2226== at 0x8381449: filter (cfhd.c:113)
==2226== by 0x8381449: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381449: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
==2226== Address 0x7973bb0 is 1 bytes after a block of size 353,327 alloc'd
==2226== at 0x402C580: memalign (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2226== by 0x402C6AE: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==2226== by 0x8B5E727: av_malloc (mem.c:97)
==2226== by 0x8B4D349: av_buffer_alloc (buffer.c:71)
==2226== by 0x8B4D349: av_buffer_allocz (buffer.c:84)
==2226== by 0x8B4DA25: pool_alloc_buffer (buffer.c:329)
==2226== by 0x8B4DA25: av_buffer_pool_get (buffer.c:393)
==2226== by 0x8716645: video_get_buffer (utils.c:670)
==2226== by 0x8716645: avcodec_default_get_buffer2 (utils.c:725)
==2226== by 0x8717080: get_buffer_internal (utils.c:879)
==2226== by 0x8717080: ff_get_buffer (utils.c:892)
==2226== by 0x86642B6: thread_get_buffer_internal (pthread_frame.c:769)
==2226== by 0x86642B6: ff_thread_get_buffer (pthread_frame.c:845)
==2226== by 0x8380257: cfhd_decode (cfhd.c:424)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226==
valgrind: m_mallocfree.c:304 (get_bszB_as_is): Assertion 'bszB_lo == bszB_hi' failed.
valgrind: Heap block lo/hi size mismatch: lo = 353400, hi = 0.
This is probably caused by your program erroneously writing past the
end of a heap block and corrupting heap metadata. If you fix any
invalid writes reported by Memcheck, this assertion failure will
probably go away. Please try that before reporting this as a bug.
host stacktrace:
==2226== at 0x3805A504: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x3805A656: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x3805A7B9: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x38068EF2: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x380533A6: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x380502DF: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x38051CD7: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x38056101: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x38050F4D: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x380002C3: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x38033227: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==2226== by 0x64755006: ???
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable
==2226== at 0x8381DFE: filter (cfhd.c:101)
==2226== by 0x8381DFE: horiz_filter_clip (cfhd.c:130)
==2226== by 0x8381DFE: cfhd_decode (cfhd.c:715)
==2226== by 0x8718A35: avcodec_decode_video2 (utils.c:2125)
==2226== by 0x80D8E0E: decode_video (ffmpeg.c:2075)
==2226== by 0x80E1635: process_input_packet (ffmpeg.c:2324)
==2226== by 0x80E1635: process_input (ffmpeg.c:3986)
==2226== by 0x80E41CF: transcode_step (ffmpeg.c:4074)
==2226== by 0x80E41CF: transcode (ffmpeg.c:4128)
==2226== by 0x80C17E4: main (ffmpeg.c:4319)
Thread 2: status = VgTs_WaitSys
==2226== at 0x409FD4B: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.S:188)
==2226== by 0x810D029: worker (pthread.c:74)
==2226== by 0x409BF6F: start_thread (pthread_create.c:312)
==2226== by 0x419CBED: clone (clone.S:129)
Thread 3: status = VgTs_WaitSys
==2226== at 0x409FD4B: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.S:188)
==2226== by 0x810D029: worker (pthread.c:74)
==2226== by 0x409BF6F: start_thread (pthread_create.c:312)
==2226== by 0x419CBED: clone (clone.S:129)
Thread 4: status = VgTs_WaitSys
==2226== at 0x409FD4B: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.S:188)
==2226== by 0x810D029: worker (pthread.c:74)
==2226== by 0x409BF6F: start_thread (pthread_create.c:312)
==2226== by 0x419CBED: clone (clone.S:129)
Thread 5: status = VgTs_WaitSys
==2226== at 0x409FD4B: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.S:188)
==2226== by 0x810D029: worker (pthread.c:74)
==2226== by 0x409BF6F: start_thread (pthread_create.c:312)
==2226== by 0x419CBED: clone (clone.S:129)
Thread 6: status = VgTs_WaitSys
==2226== at 0x409FD4B: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.S:188)
==2226== by 0x810D029: worker (pthread.c:74)
==2226== by 0x409BF6F: start_thread (pthread_create.c:312)
==2226== by 0x419CBED: clone (clone.S:129)
Note: see also the FAQ in the source distribution.
It contains workarounds to several common problems.
In particular, if Valgrind aborted or crashed after
identifying problems in your program, there's a good chance
that fixing those problems will prevent Valgrind aborting or
crashing, especially if it happened in m_mallocfree.c.
If that doesn't help, please report this bug to: www.valgrind.org
In the bug report, send all the above text, the valgrind
version, and what OS and version you are using. Thanks.
(gdb) r -threads 1 -i 3_fuzz5.avi -f null -
Starting program: /media/sdb1/ffmpeg/ffmpeg_g -threads 1 -i 3_fuzz5.avi -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.8.git Copyright (c) 2000-2016 the FFmpeg developers
built with gcc 4.8 (Ubuntu 4.8.4-2ubuntu1~14.04)
configuration: --disable-ffplay --disable-ffprobe --disable-ffserver --enable-gpl
libavutil 55. 17.100 / 55. 17.100
libavcodec 57. 24.101 / 57. 24.101
libavformat 57. 24.100 / 57. 24.100
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 28.100 / 6. 28.100
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100
[cfhd @ 0x9657de0] Escape codeword not found, probably corrupt data
Input #0, avi, from '3_fuzz5.avi':
Metadata:
date : 2016-01-"3T13:45:31+01:00
encoder : Adobe Premiere Pro CC 2015 (Windows)
Duration: 00:00:04.97, start: 0.000000, bitrate: 17221 kb/s
Stream #0:0: Video: cfhd (CFHD / 0x44484643), gbrp12le(10 bpc), 720x480, 17182 kb/s, 29.97 fps, 29.97 tbr, 29.97 tbn, 29.97 tbc
[New Thread 0xb7daeb40 (LWP 9380)]
[New Thread 0xb75adb40 (LWP 9381)]
[New Thread 0xb6dacb40 (LWP 9382)]
[New Thread 0xb65abb40 (LWP 9383)]
[New Thread 0xb5daab40 (LWP 9384)]
Output #0, null, to 'pipe:':
Metadata:
date : 2016-01-"3T13:45:31+01:00
encoder : Lavf57.24.100
Stream #0:0: Video: wrapped_avframe, gbrp12le(10 bpc), 720x480, q=2-31, 200 kb/s, 29.97 fps, 29.97 tbn, 29.97 tbc
Metadata:
encoder : Lavc57.24.101 wrapped_avframe
Stream mapping:
Stream #0:0 -> #0:0 (cfhd (native) -> wrapped_avframe (native))
Press [q] to stop, [?] for help
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid highpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Subband Count of 11 is unsupported
[cfhd @ 0x9659920] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Channel Count of 1027 is unsupported
[cfhd @ 0x9659920] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number actual
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid lowpass width
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Too many lowpass coefficients
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Subband Count of 16394 is unsupported
[cfhd @ 0x9659920] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Too many highpass coefficents
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Channel Count of 16387 is unsupported
[cfhd @ 0x9659920] No end of header tag found
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Subband Count of 36 is unsupported
[cfhd @ 0x9659920] Invalid dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid subband number
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Escape codeword not found, probably corrupt data
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid dimensions
Error while decoding stream #0:0: Invalid argument
[cfhd @ 0x9659920] Invalid plane dimensions
Error while decoding stream #0:0: Invalid argument
Program received signal SIGSEGV, Segmentation fault.
0xb7e23480 in malloc_consolidate (av=0xb7f5a420 <main_arena>) at malloc.c:4165
4165 malloc.c: No such file or directory.
(gdb) bt
#0 0xb7e23480 in malloc_consolidate (av=0xb7f5a420 <main_arena>)
at malloc.c:4165
#1 0xb7e23f5b in _int_free (av=0xb7f5a420 <main_arena>, p=<optimized out>,
have_lock=0) at malloc.c:4057
#2 0x08b4d473 in buffer_replace (src=0x0, dst=0xbfffe334)
at libavutil/buffer.c:119
#3 av_buffer_unref (buf=buf@entry=0xbfffe334) at libavutil/buffer.c:129
#4 0x0836b90a in av_packet_unref (pkt=pkt@entry=0xbfffe334)
at libavcodec/avpacket.c:548
#5 0x080e1373 in process_input (file_index=<optimized out>) at ffmpeg.c:3989
#6 0x080e41d0 in transcode_step () at ffmpeg.c:4074
#7 transcode () at ffmpeg.c:4128
#8 0x080c17e5 in main (argc=<optimized out>, argv=<optimized out>)
at ffmpeg.c:4319
(gdb)
Change History (6)
comment:1 by , 8 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 8 years ago
| Component: | undetermined → avcodec |
|---|---|
| Keywords: | cfhd crash SIGSEGV added |
| Priority: | normal → important |
| Reproduced by developer: | set |
| Status: | new → open |
| Version: | unspecified → git-master |
follow-up: 4 comment:3 by , 8 years ago
comment:4 by , 8 years ago
Replying to michael:
URL is "File has been removed due to inactivity."
https://samples.ffmpeg.org/ffmpeg-bugs/trac/ticket5215/3_fuzz5.avi
comment:6 by , 8 years ago
| Resolution: | → fixed |
|---|---|
| Status: | open → closed |
Note:
See TracTickets
for help on using tickets.
URL is "File has been removed due to inactivity."