[FFmpeg-devel] h264 crash in decode_residual

Benjamin Larsson banan
Wed Jan 2 08:45:51 CET 2008


Hi,

Gadi Bergman wrote:
> Hello Michael, team members and readers,
> I am decoding streams generated by an h264 proprietary encoder using FFMPEG h264 decoder from MPlayer 1.0rc1.
> I get often a crash in function decode_residual:
> static int decode_residual(H264Context *h, GetBitContext *gb, DCTELEM *block, int n, const uint8_t *scantable, const uint32_t *qmul, int max_coeff){
> MpegEncContext * const s = &h->s;
> static const int coeff_token_table_index[17]= {0, 0, 1, 1, 2, 2, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3};
> int level[16];
> int zeros_left, coeff_num, coeff_token, total_coeff, i, j, trailing_ones, run_before;
> if(n == CHROMA_DC_BLOCK_INDEX){
> coeff_token= get_vlc2(gb, chroma_dc_coeff_token_vlc.table, CHROMA_DC_COEFF_TOKEN_VLC_BITS, 1);
> total_coeff= coeff_token>>2;
> }else{
> if(n == LUMA_DC_BLOCK_INDEX){
> total_coeff= pred_non_zero_count(h, 0);
> coeff_token= get_vlc2(gb, coeff_token_vlc[ coeff_token_table_index[total_coeff] ].table, COEFF_TOKEN_VLC_BITS, 2);
> total_coeff= coeff_token>>2;
> }else{
> total_coeff= pred_non_zero_count(h, n);
>
> /* here I get total_coeff == 31 */
> /* coeff_token_table_index[total_coeff] is not not defined for this index */
> /* I get a crash in the next line */
>
> coeff_token= get_vlc2(gb, coeff_token_vlc[ coeff_token_table_index[total_coeff] ].table, COEFF_TOKEN_VLC_BITS, 2);
> total_coeff= coeff_token>>2;
> h->non_zero_count_cache[ scan8[n] ]= total_coeff;
> }
> }
> Any recommendations?
> Should I extend coeff_token_table_index with more 3's for a size of 32 ?
> Thanks,
> Gadi
>   
please provide a sample so we can reproduce this crash with current FFmpeg.

MvH
Benjamin Larsson






More information about the ffmpeg-devel mailing list