Opened 7 years ago
Closed 7 years ago
#7038 closed defect (fixed)
Use of uninitialized values in libavformat's hvcc code
| Reported by: | James | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avformat |
| Version: | git-master | Keywords: | hevc |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description (last modified by )
[jamrial@ArchVM build]$ valgrind --track-origins=yes --leak-check=full ./ffmpeg -i /var/tmp/samples/hevc-conformance/WPP_A_ericsson_MAIN10_2.bit -c:v copy out.mov
==27390== Memcheck, a memory error detector
==27390== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==27390== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==27390== Command: ./ffmpeg -i /var/tmp/samples/hevc-conformance/WPP_A_ericsson_MAIN10_2.bit -c:v copy out.mov
==27390==
ffmpeg version N-90141-gaedbb3c72c Copyright (c) 2000-2018 the FFmpeg developers
built with gcc 7.3.0 (GCC)
configuration: --enable-gpl --valgrind=valgrind --disable-optimizations --disable-stripping --prefix=/usr
libavutil 56. 7.101 / 56. 7.101
libavcodec 58. 12.102 / 58. 12.102
libavformat 58. 9.100 / 58. 9.100
libavdevice 58. 2.100 / 58. 2.100
libavfilter 7. 12.100 / 7. 12.100
libswscale 5. 0.101 / 5. 0.101
libswresample 3. 0.101 / 3. 0.101
libpostproc 55. 0.100 / 55. 0.100
[hevc @ 0x6c01c00] missing picture in access unit
==27390== at 0x1569AAE: VALGRIND_PRINTF_BACKTRACE (valgrind.h:6303)
==27390== by 0x156A697: av_log_default_callback (log.c:351)
==27390== by 0x156A861: av_vlog (log.c:377)
==27390== by 0x156A809: av_log (log.c:369)
==27390== by 0x1212F8E: parse_nal_units (hevc_parser.c:242)
==27390== by 0x1213211: hevc_parse (hevc_parser.c:316)
==27390== by 0xA5A7A2: av_parser_parse2 (parser.c:250)
==27390== by 0x68CB76: parse_packet (utils.c:1451)
==27390== by 0x68D20A: read_frame_internal (utils.c:1562)
==27390== by 0x694E76: avformat_find_stream_info (utils.c:3733)
==27390== by 0x1E9691: open_input_file (ffmpeg_opt.c:1091)
==27390== by 0x1F31AA: open_files (ffmpeg_opt.c:3202)
Input #0, hevc, from '/var/tmp/samples/hevc-conformance/WPP_A_ericsson_MAIN10_2.bit':
Duration: N/A, bitrate: N/A
Stream #0:0: Video: hevc (Main 10), yuv420p10le(tv), 416x240, 25 fps, 25 tbr, 1200k tbn, 25 tbc
[mov @ 0x6d26f80] WARNING codec timebase is very high. If duration is too long,
file may not be playable by quicktime. Specify a shorter timebase
or choose different container.
Output #0, mov, to 'out.mov':
Metadata:
encoder : Lavf58.9.100
Stream #0:0: Video: hevc (Main 10) (hev1 / 0x31766568), yuv420p10le(tv), 416x240, q=2-31, 25 fps, 25 tbr, 1200k tbn, 1200k tbc
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Press [q] to stop, [?] for help
[mov @ 0x6d26f80] Timestamps are unset in a packet for stream 0. This is deprecated and will stop working in the future. Fix your code to set the timestamps properly
[mov @ 0x6d26f80] pts has no value
Last message repeated 47 times
==27390== at 0x1569AAE: VALGRIND_PRINTF_BACKTRACE (valgrind.h:6303)
==27390== by 0x156A697: av_log_default_callback (log.c:351)
==27390== by 0x156A861: av_vlog (log.c:377)
==27390== by 0x156A809: av_log (log.c:369)
==27390== by 0x20060D: term_exit (ffmpeg.c:323)
==27390== by 0x2122EA: transcode (ffmpeg.c:4662)
==27390== by 0x212AC0: main (ffmpeg.c:4843)
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA7B1: av_clip_c (common.h:132)
==27390== by 0x6CA7B1: skip_bits_long (get_bits.h:209)
==27390== by 0x6CAD66: get_ue_golomb_long (golomb.h:91)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA7BE: av_clip_c (common.h:133)
==27390== by 0x6CA7BE: skip_bits_long (get_bits.h:209)
==27390== by 0x6CAD66: get_ue_golomb_long (golomb.h:91)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA9EE: get_bits_long (get_bits.h:349)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Conditional jump or move depends on uninitialised value(s)
==27390== at 0x6CA9FB: get_bits_long (get_bits.h:351)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Use of uninitialised value of size 8
==27390== at 0x6CA80A: get_bits (get_bits.h:266)
==27390== by 0x6CAA0D: get_bits_long (get_bits.h:352)
==27390== by 0x6CAD7C: get_ue_golomb_long (golomb.h:93)
==27390== by 0x6CB358: hvcc_parse_vui (hevc.c:315)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
==27390==
==27390== Use of uninitialised value of size 8
==27390== at 0x6CA80A: get_bits (get_bits.h:266)
==27390== by 0x6CAA20: get_bits_long (get_bits.h:358)
==27390== by 0x6CAB16: show_bits_long (get_bits.h:403)
==27390== by 0x6CAD43: get_ue_golomb_long (golomb.h:89)
==27390== by 0x6CB364: hvcc_parse_vui (hevc.c:316)
==27390== by 0x6CBBFC: hvcc_parse_sps (hevc.c:583)
==27390== by 0x6CC22A: hvcc_add_nal_unit (hevc.c:784)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== Uninitialised value was created by a heap allocation
==27390== at 0x4C2F246: memalign (vg_replace_malloc.c:857)
==27390== by 0x4C2F361: posix_memalign (vg_replace_malloc.c:1020)
==27390== by 0x156D1A1: av_malloc (mem.c:87)
==27390== by 0x6CBD50: nal_unit_extract_rbsp (hevc.c:652)
==27390== by 0x6CC156: hvcc_add_nal_unit (hevc.c:754)
==27390== by 0x6CD0E7: ff_isom_write_hvcc (hevc.c:1136)
==27390== by 0x5BB313: mov_write_hvcc_tag (movenc.c:1174)
==27390== by 0x5BEACF: mov_write_video_tag (movenc.c:1972)
==27390== by 0x5BF902: mov_write_stsd_tag (movenc.c:2165)
==27390== by 0x5C0744: mov_write_stbl_tag (movenc.c:2382)
==27390== by 0x5C1ABD: mov_write_minf_tag (movenc.c:2643)
==27390== by 0x5C1E55: mov_write_mdia_tag (movenc.c:2697)
Attachments (1)
Change History (5)
comment:1 by , 7 years ago
comment:2 by , 7 years ago
Because I gave you a command line to reproduce the issue with a publicly available sample instead of cluttering the ticket with several valgrind errors, several lines long each, for absolutely no gain.
But if you think it's really that important for the ticket, I'll attach a dump in a moment, and update the ticket description with a cut down version.
comment:3 by , 7 years ago
| Description: | modified (diff) |
|---|
comment:4 by , 7 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Replying to jamrial:
Is there a reason why you don't want to share the errors with us?