[FFmpeg-devel] [PATCH] libavdevice/v4l2: fix of crash caused by assert

Dmitry Volyntsev xe-lion at yandex.ru
Wed Aug 13 17:04:01 CEST 2014


From: Dmitry Volyntsev <xeioexception at gmail.com>

s->buffers_queued constantly decremented and not incremented
in case of (s->frame_size > 0 && buf.bytesused != s->frame_size)
condition (caught on long run capture of Logitech C310)
---
 libavdevice/v4l2.c |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/libavdevice/v4l2.c b/libavdevice/v4l2.c
index 64df0c7..25be95e 100644
--- a/libavdevice/v4l2.c
+++ b/libavdevice/v4l2.c
@@ -510,9 +510,6 @@ static int mmap_read_frame(AVFormatContext *ctx, AVPacket *pkt)
         av_log(ctx, AV_LOG_ERROR, "Invalid buffer index received.\n");
         return AVERROR(EINVAL);
     }
-    avpriv_atomic_int_add_and_fetch(&s->buffers_queued, -1);
-    // always keep at least one buffer queued
-    av_assert0(avpriv_atomic_int_get(&s->buffers_queued) >= 1);
 
     /* CPIA is a compressed format and we don't know the exact number of bytes
      * used by a frame, so set it here as the driver announces it.
@@ -527,6 +524,10 @@ static int mmap_read_frame(AVFormatContext *ctx, AVPacket *pkt)
         return AVERROR_INVALIDDATA;
     }
 
+    avpriv_atomic_int_add_and_fetch(&s->buffers_queued, -1);
+    // always keep at least one buffer queued
+    av_assert0(avpriv_atomic_int_get(&s->buffers_queued) >= 1);
+
     /* Image is at s->buff_start[buf.index] */
     if (avpriv_atomic_int_get(&s->buffers_queued) == FFMAX(s->buffers / 8, 1)) {
         /* when we start getting low on queued buffers, fall back on copying data */
-- 
1.7.10.4



More information about the ffmpeg-devel mailing list