[FFmpeg-trac] #3213(avcodec:new): h264 flv segfaults on seek beyond the end of the file

FFmpeg trac at avcodec.org
Tue Dec 10 00:36:08 CET 2013 

#3213: h264 flv segfaults on seek beyond the end of the file
-------------------------------------+-------------------------------------
               Reporter:  cus        |                  Owner:
                   Type:  defect     |                 Status:  new
               Priority:  important  |              Component:  avcodec
                Version:  git-       |               Keywords:  h264 seek
  master                             |  regression
             Blocked By:             |               Blocking:
Reproduced by developer:  0          |  Analyzed by developer:  0
-------------------------------------+-------------------------------------
 Summary of the bug:

 h264 flv segfaults on seek after the end of the file

 How to reproduce:
 Press PgUp after starting ffplay:
 {{{
 % ffplay h264-seek-segfault.flv
 ffplay version N-58942-gb6a8619 Copyright (c) 2003-2013 the FFmpeg
 developers
   built on Dec 10 2013 00:14:47 with gcc 4.8 (SUSE Linux)
   configuration: --disable-vaapi --enable-vdpau --enable-gpl --enable-
 libfreetype --enable-libzvbi --enable-libass --enable-frei0r
   libavutil      52. 58.100 / 52. 58.100
   libavcodec     55. 45.100 / 55. 45.100
   libavformat    55. 22.100 / 55. 22.100
   libavdevice    55.  5.102 / 55.  5.102
   libavfilter     3. 92.100 /  3. 92.100
   libswscale      2.  5.101 /  2.  5.101
   libswresample   0. 17.104 /  0. 17.104
   libpostproc    52.  3.100 / 52.  3.100
 [flv @ 0x313e4c0] Stream discovered after head already parsed=0/0
 Input #0, flv, from 'h264-seek-segfault.flv':
   Metadata:
     starttime       : 0
     totalduration   : 300
     totaldatarate   : 592
     bytelength      : 22252473
     canseekontime   : true
     sourcedata      : B4A7D6CA2HH1309108729288780
     purl            :
     pmsg            :
   Duration: 00:05:00.27, start: 0.000000, bitrate: 592 kb/s
     Stream #0:0: Video: h264 (Main), yuv420p, 480x360 [SAR 1:1 DAR 4:3],
 548 kb/s, 29.97 tbr, 1k tbn, 59.94 tbc
     Stream #0:1: Audio: aac, 44100 Hz, mono, fltp, 49 kb/s
     Stream #0:2: Data: none
 XIO:  fatal IO error 11 (Resource temporarily unavailable) on X server
 ":0"
       after 123 requests (123 known processed) with 1 events remaining.
 }}}

 valgrind output:
 {{{
 ==18023== Invalid read of size 8
 ==18023==    at 0x6E024B: decode_update_thread_context (h264.c:1854)
 ==18023==    by 0x89F45F: ff_thread_decode_frame (pthread_frame.c:229)
 ==18023==    by 0x93ABE2: avcodec_decode_video2 (utils.c:2111)
 ==18023==    by 0x46B2DE: video_thread (ffplay.c:1687)
 ==18023==    by 0x5CC8BF7: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==18023==    by 0x5D08508: ??? (in /usr/lib64/libSDL-1.2.so.0.11.4)
 ==18023==    by 0x5F570DA: start_thread (in /lib64/libpthread-2.18.so)
 ==18023==    by 0x70B990C: clone (in /lib64/libc-2.18.so)
 ==18023==  Address 0x1d0 is not stack'd, malloc'd or (recently) free'd
 ==18023==
 }}}

 Regression since a553c6a347d3d28d7ee44c3df3d5c4ee780dba23.

 I have uploaded the flv to ftp://upload.ffmpeg.org/incoming/h264-seek-
 segfault.flv.

--
Ticket URL: <https://trac.ffmpeg.org/ticket/3213>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list