Opened 5 years ago

Closed 5 years ago

#809 closed defect (fixed)

zzuf mpeg2 ts crashes FFMPEG segfault

Reported by: oanastratulat Owned by:
Priority: important Component: avcodec
Version: git-master Keywords: crash SIGSEGV mpeg2video
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

==5082== Memcheck, a memory error detector
==5082== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==5082== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for copyright info
==5082== Command: ffmpeg -i corruptfile -f null -
==5082==
ffmpeg version N-36003-gf27930c, Copyright (c) 2000-2011 the FFmpeg developers

built on Dec 20 2011 23:45:11 with gcc 4.6.1
configuration:
libavutil 51. 32. 0 / 51. 32. 0
libavcodec 53. 46. 1 / 53. 46. 1
libavformat 53. 27. 0 / 53. 27. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 53. 0 / 2. 53. 0
libswscale 2. 1. 0 / 2. 1. 0

[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 10 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 6 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 3 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 3 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 13 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure

Last message repeated 1 times

[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 172 times

[mpeg2video @ 0x58b7280] mpeg_decode_postinit() failure

Last message repeated 11 times

[mpeg2video @ 0x58b7280] ac-tex damaged at 0 0
[mpeg2video @ 0x58b7280] skipped MB in I frame at 2 1
[mpeg2video @ 0x58b7280] skipped MB in I frame at 1 2
[mpeg2video @ 0x58b7280] skipped MB in I frame at 1 3
[mpeg2video @ 0x58b7280] slice mismatch
[mpeg2video @ 0x58b7280] ac-tex damaged at 0 7
[mpeg2video @ 0x58b7280] skipped MB in I frame at 2 9
[mpeg2video @ 0x58b7280] skipped MB in I frame at 2 10
[mpeg2video @ 0x58b7280] slice mismatch
[mpeg2video @ 0x58b7280] invalid mb type in I Frame at 1 12
[mpeg2video @ 0x58b7280] slice mismatch
[mpeg2video @ 0x58b7280] skipped MB in I frame at 3 14
[mpeg2video @ 0x58b7280] ac-tex damaged at 0 15
[mpeg2video @ 0x58b7280] skipped MB in I frame at 1 17
[mpeg2video @ 0x58b7280] Warning MVs not available
[mpeg2video @ 0x58b7280] concealing 1620 DC, 1620 AC, 1620 MV errors
[mp1 @ 0x59659e0] Header missing

Last message repeated 1 times

[mpegts @ 0x588c820] Could not find codec parameters (Audio: aac_latm, 0 channels, s16)

Last message repeated 1 times

[mpegts @ 0x588c820] Could not find codec parameters (Unknown: none)

Last message repeated 1 times

[mpegts @ 0x588c820] Could not find codec parameters (Audio: mp1, 0 channels, s16)
[mpegts @ 0x588c820] Could not find codec parameters (Audio: aac_latm, 0 channels, s16)
[mpegts @ 0x588c820] Could not find codec parameters (Unknown: none)

Last message repeated 2 times

[mpegts @ 0x588c820] Could not find codec parameters (Audio: aac_latm, 0 channels, s16)
[mpegts @ 0x588c820] Could not find codec parameters (Unknown: none)

Last message repeated 1 times

[NULL @ 0x58f7360] start time is not set in estimate_timings_from_pts
[NULL @ 0x5922700] start time is not set in estimate_timings_from_pts
[NULL @ 0x59659e0] start time is not set in estimate_timings_from_pts
[NULL @ 0x59a8920] start time is not set in estimate_timings_from_pts
[NULL @ 0x5a675a0] start time is not set in estimate_timings_from_pts
[NULL @ 0x5a83f20] start time is not set in estimate_timings_from_pts
[NULL @ 0x5af5480] start time is not set in estimate_timings_from_pts
[NULL @ 0x5ba2540] start time is not set in estimate_timings_from_pts
[NULL @ 0x5daf920] start time is not set in estimate_timings_from_pts
[NULL @ 0x5db9a40] start time is not set in estimate_timings_from_pts
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 72 times

Seems stream 0 codec frame rate differs from container frame rate: 50.00 (50/1) -> 25.00 (50/2)
Input #0, mpegts, from 'corruptfile':

Duration: 00:00:01.58, start: 22953.408322, bitrate: 4050 kb/s
Program 1

Stream #0:0[0x1023]: Video: mpeg2video (Simple) ([2][0][0][0] / 0x0002), yuv420p, 720x576 [SAR 16:15 DAR 4:3], 3364 kb/s, 59.68 fps, 25 tbr, 90k tbn, 50 tbc

No Program

Stream #0:1[0x1423]: Audio: aac_latm, 0 channels, s16
Stream #0:2[0x1223]: Audio: aac_latm, 0 channels, s16
Stream #0:3[0x1123]: Unknown: none
Stream #0:4[0x1033]: Unknown: none
Stream #0:5[0x1027]: Audio: mp1, 0 channels, s16
Stream #0:6[0x1003]: Audio: aac_latm, 0 channels, s16
Stream #0:7[0x102b]: Unknown: none
Stream #0:8[0x10a3]: Unknown: none
Stream #0:9[0x1021]: Unknown: none
Stream #0:10[0x1823]: Audio: aac_latm, 0 channels, s16
Stream #0:11[0x1063]: Unknown: none
Stream #0:12[0x1022]: Unknown: none

[buffer @ 0x6084120] w:720 h:576 pixfmt:yuv420p tb:1/1000000 sar:16/15 sws_param:
Output #0, null, to 'pipe:':

Metadata:

encoder : Lavf53.27.0
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 720x576 [SAR 16:15 DAR 4:3], q=2-31, 200 kb/s, 90k tbn, 25 tbc

Stream mapping:

Stream #0:0 -> #0:0 (mpeg2video -> rawvideo)

Press [q] to stop, ? for help
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 10 times

[mpeg2video @ 0x58b7280] ignoring pic cod ext after 101
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 14 times

[mpeg2video @ 0x58b7280] ignoring pic after 100
[mpeg2video @ 0x58b7280] slice below image (71 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 13 times

[mpeg2video @ 0x58b7280] ignoring pic after 100
[mpeg2video @ 0x58b7280] Missing picture start code, guessing missing values
[mpeg2video @ 0x58b7280] slice below image (266 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 10 times

[mpeg2video @ 0x58b7280] slice below image (50 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 7 times

[mpeg2video @ 0x58b7280] Missing picture start code

Last message repeated 16 times

[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 5 times

[mpeg2video @ 0x58b7280] slice below image (82 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 9 times

[mpeg2video @ 0x58b7280] slice below image (51 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 4 times

[mpeg2video @ 0x58b7280] Missing picture start code, guessing missing values
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 4 times

[mpeg2video @ 0x58b7280] slice below image (38 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 2 times

[mpeg2video @ 0x58b7280] slice below image (283 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 4 times

[mpeg2video @ 0x58b7280] matrix damaged
[mpeg2video @ 0x58b7280] slice below image (132 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 5 times

[mpeg2video @ 0x58b7280] slice below image (41 >= 36)
Error while decoding stream #0:0
[mpegts @ 0x588c820] PES packet size mismatch

Last message repeated 5 times

[mpeg2video @ 0x58b7280] ac-tex damaged at 2 0
[mpeg2video @ 0x58b7280] skipped MB in I frame at 13 1
[mpeg2video @ 0x58b7280] ac-tex damaged at 5 2
[mpeg2video @ 0x58b7280] skipped MB in I frame at 7 3
[mpeg2video @ 0x58b7280] skipped MB in I frame at 4 20
[mpeg2video @ 0x58b7280] ac-tex damaged at 1 7
[mpeg2video @ 0x58b7280] invalid mb type in I Frame at 7 9
[mpeg2video @ 0x58b7280] ac-tex damaged at 0 10
[mpeg2video @ 0x58b7280] ac-tex damaged at 4 3
[mpeg2video @ 0x58b7280] skipped MB in I frame at 35 12
[mpeg2video @ 0x58b7280] ac-tex damaged at 2 13
[mpeg2video @ 0x58b7280] ac-tex damaged at 12 14
[mpeg2video @ 0x58b7280] skipped MB in I frame at 3 15
[mpeg2video @ 0x58b7280] skipped MB in I frame at 6 17
[mpegts @ 0x588c820] PES packet size mismatch
==5082== Invalid read of size 8
==5082== at 0x9275F0: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x7C673D: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x7D62F6: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x790B8B: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x795BC7: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x796096: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x88F7A6: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x43DF66: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x4428B0: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x43A231: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x550930C: (below main) (libc-start.c:226)
==5082== Address 0x67d2 is not stack'd, malloc'd or (recently) free'd
==5082==
==5082==
==5082== Process terminating with default action of signal 11 (SIGSEGV)
==5082== Access not within mapped region at address 0x67D2
==5082== at 0x9275F0: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x7C673D: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x7D62F6: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x790B8B: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x795BC7: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x796096: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x88F7A6: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x43DF66: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x4428B0: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x43A231: ??? (in /usr/local/bin/ffmpeg)
==5082== by 0x550930C: (below main) (libc-start.c:226)
==5082== If you believe this happened as a result of a stack
==5082== overflow in your program's main thread (unlikely but
==5082== possible), you can try to increase the size of the
==5082== main thread stack using the --main-stacksize= flag.
==5082== The main thread stack size used in this run was 8388608.
==5082==
==5082== HEAP SUMMARY:
==5082== in use at exit: 4,135,504 bytes in 213 blocks
==5082== total heap usage: 2,331 allocs, 2,118 frees, 15,071,435 bytes allocated
==5082==
==5082== LEAK SUMMARY:
==5082== definitely lost: 92 bytes in 2 blocks
==5082== indirectly lost: 0 bytes in 0 blocks
==5082== possibly lost: 0 bytes in 0 blocks
==5082== still reachable: 4,135,412 bytes in 211 blocks
==5082== suppressed: 0 bytes in 0 blocks
==5082== Rerun with --leak-check=full to see details of leaked memory
==5082==
==5082== For counts of detected and suppressed errors, rerun with: -v
==5082== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)

Attachments (2)

corruptfile (781.2 KB) - added by oanastratulat 5 years ago.
valgrind (10.5 KB) - added by oanastratulat 5 years ago.

Download all attachments as: .zip

Change History (4)

Changed 5 years ago by oanastratulat

Changed 5 years ago by oanastratulat

comment:1 Changed 5 years ago by cehoyos

  • Component changed from FFmpeg to avcodec
  • Keywords crash SIGSEGV mpeg2video added
  • Reproduced by developer set
  • Status changed from new to open
  • Summary changed from zzuf .ts crashes FFMPEG segfault to zzuf mpeg2 ts crashes FFMPEG segfault

comment:2 Changed 5 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed
Note: See TracTickets for help on using tickets.