[FFmpeg-trac] #808(FFmpeg:new): zzuf .avi crash FFMPEG memory exceeded
FFmpeg
trac at avcodec.org
Tue Dec 20 23:18:50 CET 2011
#808: zzuf .avi crash FFMPEG memory exceeded
-------------------------------------+-------------------------------------
Reporter: | Type: defect
oanastratulat | Priority: important
Status: new | Version: git-
Component: FFmpeg | master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
==4050== Memcheck, a memory error detector
==4050== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==4050== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for
copyright info
==4050== Command: ffmpeg -i corruptfile -f null -
==4050==
ffmpeg version N-35936-gaf3f2a8, Copyright (c) 2000-2011 the FFmpeg
developers
built on Dec 19 2011 00:07:16 with gcc 4.6.1
configuration:
libavutil 51. 32. 0 / 51. 32. 0
libavcodec 53. 46. 0 / 53. 46. 0
libavformat 53. 26. 0 / 53. 26. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 53. 0 / 2. 53. 0
libswscale 2. 1. 0 / 2. 1. 0
[truemotion1 @ 0x568b900] help! truemotion1 decoder went out of bounds
Input #0, avi, from 'corruptfile':
Duration: 00:00:23.99, start: 0.000000, bitrate: 699 kb/s
Stream #0:0: Video: truemotion1 (DUCK / 0x4B435544), rgb555le, 288x144
[SAR 1:1 DAR 2:1], 19.21 tbr, 19.21 tbn, 19.21 tbc
[buffer @ 0x56c1340] w:288 h:144 pixfmt:rgb555le tb:1/1000000 sar:1/1
sws_param:
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf53.26.0
Stream #0:0: Video: rawvideo (RGB[15] / 0xF424752), rgb555le, 288x144
[SAR 1:1 DAR 2:1], q=2-31, 200 kb/s, 90k tbn, 19.21 tbc
Stream mapping:
Stream #0:0 -> #0:0 (truemotion1 -> rawvideo)
Press [q] to stop, [?] for help
[truemotion1 @ 0x568b900] help! truemotion1 decoder went out of bounds
Last message repeated 2 times
[truemotion1 @ 0x568b900] invalid vector table id (9)
Error while decoding stream #0:0
[truemotion1 @ 0x568b900] invalid compression type (66)
Error while decoding stream #0:0
[truemotion1 @ 0x568b900] help! truemotion1 decoder went out of bounds
[buffer @ 0x56c1340] Buffer video input changed from size:288x144
fmt:rgb555le to size:288x16592 fmt:rgb555le
[buffer @ 0x56c1340] Inserting scaler filter
[buffersink @ 0x56c1860] auto-inserting filter 'Input equalizer' between
the filter 'src' and the filter 'out'
[scale @ 0x6494c60] w:288 h:16592 fmt:rgb555le -> w:288 h:144 fmt:rgb555le
flags:0x2
==4050== Invalid read of size 8
==4050== at 0xA24240: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA2C9C8: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA10DF1: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x4592DB: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x459467: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44E823: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x45B46F: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44D7CA: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x451E73: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x43E200: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==4050== Address 0x59ff8e0 is 205,888 bytes inside a block of size
267,264 free'd
==4050== at 0x4C282E0: free (vg_replace_malloc.c:366)
==4050== by 0xA11F0A: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA13AF0: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA16184: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x458C85: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x45B623: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x45B8BB: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x43E05E: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x52F130C: (below main) (libc-start.c:226)
==4050==
==4050== Invalid read of size 2
==4050== at 0xA2424C: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA2C9C8: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA10DF1: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x4592DB: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x459467: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44E823: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x45B46F: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44D7CA: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x451E73: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x43E200: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==4050== Address 0x7a73c1d000000 is not stack'd, malloc'd or (recently)
free'd
==4050==
==4050==
==4050== Process terminating with default action of signal 11 (SIGSEGV)
==4050== General Protection Fault
==4050== at 0xA2424C: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA2C9C8: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0xA10DF1: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x4592DB: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x459467: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44E823: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x45B46F: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x44D7CA: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x451E73: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x43E200: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==4050== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==4050==
==4050== HEAP SUMMARY:
==4050== in use at exit: 22,596,441 bytes in 1,504 blocks
==4050== total heap usage: 1,664 allocs, 160 frees, 27,393,307 bytes
allocated
==4050==
==4050== LEAK SUMMARY:
==4050== definitely lost: 0 bytes in 0 blocks
==4050== indirectly lost: 0 bytes in 0 blocks
==4050== possibly lost: 0 bytes in 0 blocks
==4050== still reachable: 22,596,441 bytes in 1,504 blocks
==4050== suppressed: 0 bytes in 0 blocks
==4050== Rerun with --leak-check=full to see details of leaked memory
==4050==
==4050== For counts of detected and suppressed errors, rerun with: -v
==4050== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 4 from 4)
--
Ticket URL: <http://ffmpeg.org/trac/ffmpeg/ticket/808>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list