[Ffmpeg-devel] segfault in ff_mpeg1_find_frame_end()

Stefan Lucke stefan
Sun Apr 10 21:38:49 CEST 2005 

On Sonntag, 10. April 2005 20:37, M?ns Rullg?rd wrote:
> Stefan Lucke <stefan at lucke.in-berlin.de> writes:
> 
> > Hi,
> >
> > We are developing a plugin for vdr named softdevice. Plugins homepage
> > is at http://softdevice.berlios.de .
> >
> > I get a segfault in function mentioned in subject. The segfault happens
> > when there is a transition in aspect ratio from 16:9 to 4:3. It happens not
> > when the stream is played the first time but when its played the 3rd time.
> > But this may vary (segfault may happen at the first time too).
> 
> That makes me suspect a problem in your code.  Could you be
> accidentally using a freed buffer?  Maybe a race between threads.

That was one of my initial thoughts too. But I think it is related to the thread:
"bug in aspect ratio change detection" from 2005-04-02.  For
a test, I backed out Ivan Kalvachev's change (mpeg12.c from
rev 1.227 to 1.228). So I got no segfaults any more, but aspect ratio
change is not detected correct. Then I used my rejected patch and
so I've no segfaults and aspect ratio is detected correct ;-) .

> 
> > To ensure that it has nothing to with PADDING bytes I added extra
> > code that mallocs and copies data before decoding and zeros
> > from "data+size" FF_INPUT_BUFFER_PADDING_SIZE bytes.
> >
> > I'm using ffmpeg cvs version from today.
> >
> > What could be done to track down the cause of segfault?
> 
> Can the crash be reproduced using the "ffmpeg" command?

No, at least not with ffmep -i in_file_name xx.m2v. Are there other
usfull parameters ?

> 
> > Program received signal SIGSEGV, Segmentation fault.
> > [Switching to Thread 655401 (LWP 4847)]
> > 0x4046d1d1 in ff_mpeg1_find_frame_end () from /usr/local/lib/libavcodec.so
> > (gdb) bt
> > #0  0x4046d1d1 in ff_mpeg1_find_frame_end () from /usr/local/lib/libavcodec.so
> 
> The stack trace isn't very useful without line numbers.
> 
> > and the following at the first try when using  statically linked ffmpegs libs:
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > [Switching to Thread 245776 (LWP 5433)]
> > mpeg1_decode_picture (avctx=0x8368fc8, buf=0x86dc258 <Address 0x86dc258 out of bounds>, buf_size=18921) at bswap.h:30
> > 30      {
> > (gdb) bt
> > #0  mpeg1_decode_picture (avctx=0x8368fc8, buf=0x86dc258 <Address 0x86dc258 out of bounds>, buf_size=18921) at bswap.h:30
> > #1  0x4045a799 in mpeg_decode_frame (avctx=0x8368fc8, data=0x8451340, data_size=0x489dfe54, buf=0x86dc190 <Address 0x86dc190 out of bounds>,
> >     buf_size=19121) at mpeg12.c:3023
> > #2  0x40364fc4 in avcodec_decode_video (avctx=0x8368fc8, picture=0x8451340, got_picture_ptr=0x489dfe54, buf=0x8432180 "", buf_size=2039) at utils.c:593
> > #3  0x4035f199 in cVideoStreamDecoder::DecodePacket(AVPacket*) (this=0x8440b48, pkt=0x8444d4c) at mpeg2decoder.c:497
> 
> This looks like an unrelated crash.

But it happens at the same place when aspect ratio changes from 16:9 to 4:3.

-- 
Stefan Lucke

More information about the ffmpeg-devel mailing list