[Libav-user] av_parser_parse2 crash

wm4 nfxjfg at googlemail.com
Fri Mar 27 09:49:35 CET 2015 

On Fri, 27 Mar 2015 03:26:58 +0000
Brendan Jones <brendan55555 at hotmail.com> wrote:

> Hi,
>  
> I am trying to decode my network dvr h264 socket stream directly using av_parser_parse2 but I get a crash when I try to parse the last portion of the buffer I'm passing to the parser. 
>  
> For example, if I read 80000 bytes from socket I can parse and then decode most of the data but the last piece passed to av_parser_parse2 causes a crash. 
>  
> I have tried different ways to make sure I not trying to pass more than there is in the buffer to the parser.
>  
> I'm not very knowledgeable regarding h264 but I suspect it might be because the parser can't parse the last portion of data  due to it wanting more from the socket.
>  
> Is there something I can do to avoid this crash ?
>  
> Here is my loop just in case it is something I am doing wrong..
>  
> int retval;
> 
>     uint8_t *inbuf = new uint8_t [20000000];
> 
>     int inbuf_start = 0;
> 
>     int inbuf_len = 0; 
> 
> 
>     inbuf_start = 0;
> 
>     inbuf_len = 0;
> 
>     while (socket->waitForReadyRead()) 
> 
> 
>     {
> 
>         if(socket->bytesAvailable() > BUFFER_SIZE*2 ) 
> 
> 
>         {
> 
>         QByteArray   ba = socket->readAll();
> 
>         memcpy(inbuf + inbuf_len, ba.data(), ba.size() );
> 
>         inbuf_len += ba.size(); 
> 
> 
> 
> 
>         qDebug() << "read bytes in buffer "<<ba.size();
> 
>         if (ba.size() == 0) 
> 
> 
>         {
> 
>             cerr << "read 0 bytes data." << endl;
> 
>             continue; 
> 
> 
>         }
> 
> 
> 
>         while (inbuf_len) 
>  
>  
>  
> 
> 
>         {
> 
>             qDebug() << "before parse total to parse = "<<ba.size();
> 
>             qDebug()  << "parsed already "<< inbuf_start;
> 
>             qDebug() << "left to parse "<<inbuf_len;
> 
>             av_init_packet(&packet2);
> 
>             packet2.data = 0;
> 
>             packet2.size = 0;
> 
>             uint8_t *pout;
> 
>             int pout_len;
> 
>                 len = av_parser_parse2(parser, c, &pout, &pout_len, 
> 
> 
>                         inbuf + inbuf_start, inbuf_len,
> 
>                         AV_NOPTS_VALUE, AV_NOPTS_VALUE, 0); 
> 
> 
> 
> 
>             inbuf_start += len;
> 
>             inbuf_len -= len;
> 
>             packet2.data = pout;
> 
>             packet2.size = pout_len;
> 
>             if (len) 
> 
> 
>             {
> 
>                 retval = avcodec_decode_video2(c, picture, &got_picture, &packet2);
> 
>                 if (got_picture && retval > 0) 
> 
> 
>                 {
> 
>                    display_frame(c->pix_fmt, picture, screen_pixz,  screen_contextz,  wind,  stride); 
> 
> 
>                    
> 
>                 }
> 
>             }
> 
> 
> 
>             av_free_packet(&packet2); 
> 
> 
>         }
> 
>         
> 
>     }
> 
>     }
>  
>  
> Thank you.
>  
> Brendan
>  
>  		 	   		  

One thing that immediately comes to mind (though it might not be the
cause) is that you don't align inbuf. Try allocating it with av_malloc.

More information about the Libav-user mailing list