[FFmpeg-trac] #3277(undetermined:new): Segfault with sample.
FFmpeg
trac at avcodec.org
Tue Jan 7 02:02:21 CET 2014
#3277: Segfault with sample.
-------------------------------------+-------------------------------------
Reporter: | Owner:
SevereOverfl0w | Status: new
Type: defect | Component:
Priority: normal | undetermined
Version: unspecified | Resolution:
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Comment (by cehoyos):
{{{$ valgrind --track-origins=yes vlc out.avi --noaudio}}}
{{{
==4398== Conditional jump or move depends on uninitialised value(s)
==4398== at 0x23CE8309: mpeg4_decode_mb (mpeg4videodec.c:125)
==4398== by 0x23AA0D53: decode_slice (h263dec.c:235)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== Uninitialised value was created by a heap allocation
==4398== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x24971269: av_malloc (in
/usr/lib64/libavutil.so.52.48.101)
==4398== by 0x23E10F7B: av_fast_malloc (utils.c:146)
==4398== by 0x23AA22DD: ff_h263_decode_frame (h263dec.c:758)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398==
[0x1e88d9c8] main input error: ES_OUT_SET_(GROUP_)PCR is called too late
(pts_delay increased to 694 ms)
[0x1e88d9c8] main input error: ES_OUT_RESET_PCR called
[0x6818848] main vout display error: Failed to resize display
[mpeg4 @ 0x6657da0] warning: first frame is no keyframe
==4398== Conditional jump or move depends on uninitialised value(s)
==4398== at 0x23CE8C02: mpeg4_decode_mb (mpeg4videodec.c:140)
==4398== by 0x23AA0D53: decode_slice (h263dec.c:235)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== Uninitialised value was created by a heap allocation
==4398== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x24971269: av_malloc (in
/usr/lib64/libavutil.so.52.48.101)
==4398== by 0x23E10F7B: av_fast_malloc (utils.c:146)
==4398== by 0x23AA22DD: ff_h263_decode_frame (h263dec.c:758)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398==
==4398== Use of uninitialised value of size 8
==4398== at 0x23C61B29: ff_h263_decode_motion (get_bits.h:558)
==4398== by 0x23CE9A26: mpeg4_decode_mb (mpeg4videodec.c:1401)
==4398== by 0x23AA0D53: decode_slice (h263dec.c:235)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== Uninitialised value was created by a heap allocation
==4398== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x24971269: av_malloc (in
/usr/lib64/libavutil.so.52.48.101)
==4398== by 0x23E10F7B: av_fast_malloc (utils.c:146)
==4398== by 0x23AA22DD: ff_h263_decode_frame (h263dec.c:758)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398==
==4398== Use of uninitialised value of size 8
==4398== at 0x23C61B29: ff_h263_decode_motion (get_bits.h:558)
==4398== by 0x23CE9A3F: mpeg4_decode_mb (mpeg4videodec.c:1402)
==4398== by 0x23AA0D53: decode_slice (h263dec.c:235)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== Uninitialised value was created by a heap allocation
==4398== at 0x4C290FE: memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x4C291A7: posix_memalign (in /usr/lib64/valgrind
/vgpreload_memcheck-amd64-linux.so)
==4398== by 0x24971269: av_malloc (in
/usr/lib64/libavutil.so.52.48.101)
==4398== by 0x23E10F7B: av_fast_malloc (utils.c:146)
==4398== by 0x23AA22DD: ff_h263_decode_frame (h263dec.c:758)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398==
==4398== Invalid read of size 4
==4398== at 0x23F5FC8B: ??? (videodsp.asm:333)
==4398== by 0x23F6066B: emulated_edge_mc_sse2 (videodsp_init.c:175)
==4398== by 0x23D27662: mpeg_motion (mpegvideo_motion.c:333)
==4398== by 0x23D28146: ff_MPV_motion (mpegvideo_motion.c:958)
==4398== by 0x23D100F2: ff_MPV_decode_mb (mpegvideo.c:2796)
==4398== by 0x23AA1036: decode_slice (h263dec.c:243)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== Address 0x29e1fffd is not stack'd, malloc'd or (recently) free'd
==4398==
==4398==
==4398== Process terminating with default action of signal 11 (SIGSEGV)
==4398== Access not within mapped region at address 0x29E20000
==4398== at 0x23F5FC8B: ??? (videodsp.asm:333)
==4398== by 0x23F6066B: emulated_edge_mc_sse2 (videodsp_init.c:175)
==4398== by 0x23D27662: mpeg_motion (mpegvideo_motion.c:333)
==4398== by 0x23D28146: ff_MPV_motion (mpegvideo_motion.c:958)
==4398== by 0x23D100F2: ff_MPV_decode_mb (mpegvideo.c:2796)
==4398== by 0x23AA1036: decode_slice (h263dec.c:243)
==4398== by 0x23AA1DA2: ff_h263_decode_frame (h263dec.c:701)
==4398== by 0x23E14021: avcodec_decode_video2 (utils.c:2062)
==4398== by 0x2368C218: ??? (in
/usr/lib64/vlc/plugins/codec/libavcodec_plugin.so)
==4398== by 0x584C61F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x584DA3F: ??? (in /usr/lib64/libvlccore.so.7.0.0)
==4398== by 0x5054E0D: start_thread (in /lib64/libpthread-2.15.so)
==4398== If you believe this happened as a result of a stack
==4398== overflow in your program's main thread (unlikely but
==4398== possible), you can try to increase the size of the
==4398== main thread stack using the --main-stacksize= flag.
==4398== The main thread stack size used in this run was 8388608.
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/3277#comment:6>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list