[FFmpeg-user] Segmentation fault in bsf h264_mp4toannexb (Was: Re: Minimal ffmpeg build)

Moritz Barsnick barsnick at gmx.net
Sat Aug 15 19:49:30 CEST 2015 

Hi Carl Eugen,

> Moritz Barsnick <barsnick <at> gmx.net> writes:
> 
> > I'm trying to reproduce a segmentation fault in ffmpeg
> 
> Please remember that all crashes are important and that 
> we would really like to know about them!

Of course! I wanted a more lightweight ffmpeg first, and thought I
could achieve that within minutes.

Anyway, taking the "new" Android movie from this mail to the list:
http://ffmpeg.org/pipermail/ffmpeg-user/2015-August/027947.html

The first 8 MB of this 147MB file suffice:
https://www.dropbox.com/sh/vqqhgqjc7k8ia43/AADXEjavHmJ3Z5dDeuP0OF6Za/3350.mp4

I was fiddling around with it, doing meaningless stuff (which you'll
see from the command line below). Yet it crashed. I don't get a
meaningful backtrace, unfortunately:

barsnick at sunshine:/usr/new/tools/video/ffmpeg/ffmpeg-build-2015-08-13 > gdb --args ./ffmpeg_g -i ~/tmp/crash_bsf.mp4 -c copy -bsf h264_mp4toannexb -f mp4 /dev/null -y
GNU gdb (GDB) Fedora (7.3.1-48.fc10.1sunshine)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "pentium4-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/new/tools/video/ffmpeg/ffmpeg-build-2015-08-13/ffmpeg_g...done.
(gdb) r
Starting program: /usr/local/new/tools/video/ffmpeg/ffmpeg-build-2015-08-13/ffmpeg_g -i /home/barsnick/tmp/crash_bsf.mp4 -c copy -bsf h264_mp4toannexb -f mp4 /dev/null -y
[Thread debugging using libthread_db enabled]
ffmpeg version N-74425-g1c10c1a Copyright (c) 2000-2015 the FFmpeg developers
  built with gcc 4.3.2 (GCC) 20081105 (Red Hat 4.3.2-7)
  configuration: --disable-everything --disable-network --disable-vdpau --disable-libxcb --enable-ffmpeg --enable-protocol=file --enable-demuxer=mov --enable-muxer=mp4 --enable-bsf=h264_mp4toannexb
  libavutil      54. 30.100 / 54. 30.100
  libavcodec     56. 57.100 / 56. 57.100
  libavformat    56. 40.101 / 56. 40.101
  libavdevice    56.  4.100 / 56.  4.100
  libavfilter     5. 33.100 /  5. 33.100
  libswscale      3.  1.101 /  3.  1.101
  libswresample   1.  2.101 /  1.  2.101
Guessed Channel Layout for  Input Stream #0.1 : stereo
Input #0, mov,mp4,m4a,3gp,3g2,mj2, from '/home/barsnick/tmp/crash_bsf.mp4':
  Metadata:
    major_brand     : mp42
    minor_version   : 0
    compatible_brands: isommp42
    creation_time   : 2015-08-08 22:22:54
  Duration: 00:01:00.78, start: 0.000000, bitrate: 1104 kb/s
    Stream #0:0(eng): Video: h264 (avc1 / 0x31637661), none, 1920x1080, 19958 kb/s, SAR 1:1 DAR 16:9, 24.22 fps, 24.25 tbr, 90k tbn, 90k tbc (default)
    Metadata:
      creation_time   : 2015-08-08 22:22:54
      handler_name    : VideoHandle
    Stream #0:1(eng): Audio: aac (mp4a / 0x6134706D), 48000 Hz, 2 channels, 192 kb/s (default)
    Metadata:
      creation_time   : 2015-08-08 22:22:54
      handler_name    : SoundHandle
[mp4 @ 0x821ab80] Codec for stream 0 does not use global headers but container format requires global headers
[mp4 @ 0x821ab80] Codec for stream 1 does not use global headers but container format requires global headers
[mp4 @ 0x821ab80] track 1: codec frame size is not set
Output #0, mp4, to '/dev/null':
  Metadata:
    major_brand     : mp42
    minor_version   : 0
    compatible_brands: isommp42
    encoder         : Lavf56.40.101
    Stream #0:0(eng): Video: h264 ([33][0][0][0] / 0x0021), none, 1920x1080 [SAR 1:1 DAR 16:9], q=2-31, 19958 kb/s, 24.22 fps, 24.25 tbr, 90k tbn, 90k tbc (default)
    Metadata:
      creation_time   : 2015-08-08 22:22:54
      handler_name    : VideoHandle
    Stream #0:1(eng): Audio: aac ([64][0][0][0] / 0x0040), 48000 Hz, stereo, 192 kb/s (default)
    Metadata:
      creation_time   : 2015-08-08 22:22:54
      handler_name    : SoundHandle
Stream mapping:
  Stream #0:0 -> #0:0 (copy)
  Stream #0:1 -> #0:1 (copy)
Press [q] to stop, [?] for help

Program received signal SIGSEGV, Segmentation fault.
0x0071e636 in memcpy () from /lib/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.9-3.i686 zlib-1.2.3-22.fc10.1sunshine.pentium4
(gdb) thread apply all bt full

Thread 1 (Thread 0xb7fd66c0 (LWP 21665)):
#0  0x0071e636 in memcpy () from /lib/libc.so.6
No symbol table info available.
#1  0x00000000 in ?? ()
No symbol table info available.
(gdb)


This is on an ancient x32 machine. I can't reproduce it on a newer
machine with modern compilers, libs, OS on x86_64. D'uh.

I don't subscribe to ffmpeg-devel (yet), too much traffic for what I'm
trying to achieve. I would just post a trac ticket, but perhaps this
isn't worth following up?


Moritz

More information about the ffmpeg-user mailing list