[FFmpeg-trac] #791(FFmpeg:new): zzufed .dct file crashes ffmpeg
FFmpeg
trac at avcodec.org
Mon Dec 19 00:48:49 CET 2011
#791: zzufed .dct file crashes ffmpeg
-------------------------------------+-------------------------------------
Reporter: | Type: defect
oanastratulat | Priority: important
Status: new | Version: git-
Component: FFmpeg | master
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
==12726== Memcheck, a memory error detector
==12726== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==12726== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for
copyright info
==12726== Command: ffmpeg -i corruptfile -f null -
==12726==
ffmpeg version N-35936-gaf3f2a8, Copyright (c) 2000-2011 the FFmpeg
developers
built on Dec 19 2011 00:07:16 with gcc 4.6.1
configuration:
libavutil 51. 32. 0 / 51. 32. 0
libavcodec 53. 46. 0 / 53. 46. 0
libavformat 53. 26. 0 / 53. 26. 0
libavdevice 53. 4. 0 / 53. 4. 0
libavfilter 2. 53. 0 / 2. 53. 0
libswscale 2. 1. 0 / 2. 1. 0
[ea @ 0x5674820] Estimating duration from bitrate, this may be inaccurate
Input #0, ea, from 'corruptfile':
Duration: 00:03:10.21, start: 0.000000, bitrate: 88 kb/s
Stream #0:0: Video: mdec, yuvj420p, 304x224, 15 fps, 15 tbr, 15 tbn,
15 tbc
Stream #0:1: Audio: adpcm_ea, 22050 Hz, 1 channels, s16, 88 kb/s
[buffer @ 0x56c6f00] w:304 h:224 pixfmt:yuvj420p tb:1/1000000 sar:0/1
sws_param:
Output #0, null, to 'pipe:':
Metadata:
encoder : Lavf53.26.0
Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuvj420p, 304x224,
q=2-31, 200 kb/s, 90k tbn, 15 tbc
Stream #0:1: Audio: pcm_s16le, 22050 Hz, 1 channels, s16, 352 kb/s
Stream mapping:
Stream #0:0 -> #0:0 (mdec -> rawvideo)
Stream #0:1 -> #0:1 (adpcm_ea -> pcm_s16le)
Press [q] to stop, [?] for help
[mdec @ 0x568b8e0] ac-tex damaged at 0 4
Error while decoding stream #0:0
[mdec @ 0x568b8e0] ac-tex damaged at 0 8
Error while decoding stream #0:0
==12726== Invalid write of size 2
==12726== at 0x97E8F1: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x886A5D: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x43CFE8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x52F130C: (below main) (libc-start.c:226)
==12726== Address 0x5767700 is 0 bytes after a block of size 2,976
alloc'd
==12726== at 0x4C2786E: memalign (vg_replace_malloc.c:581)
==12726== by 0x4C278C7: posix_memalign (vg_replace_malloc.c:709)
==12726== by 0xA4EEB1: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0xA53F51: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x88A0CB: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x97BBD0: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x886A5D: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x43CFE8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x52F130C: (below main) (libc-start.c:226)
==12726==
==12726== Invalid write of size 2
==12726== at 0x97E8F5: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x886A5D: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x43CFE8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x52F130C: (below main) (libc-start.c:226)
==12726== Address 0x5767702 is 2 bytes after a block of size 2,976
alloc'd
==12726== at 0x4C2786E: memalign (vg_replace_malloc.c:581)
==12726== by 0x4C278C7: posix_memalign (vg_replace_malloc.c:709)
==12726== by 0xA4EEB1: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0xA53F51: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x88A0CB: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x97BBD0: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x886A5D: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x43CFE8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x52F130C: (below main) (libc-start.c:226)
==12726==
--12726-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV)
- exiting
--12726-- si_code=80; Faulting address: 0x0; sp: 0x403441d70
valgrind: the 'impossible' happened:
Killed by fatal signal
==12726== at 0x38034082: get_bszB_as_is (m_mallocfree.c:245)
==12726== by 0x380357BB: vgPlain_arena_malloc (m_mallocfree.c:256)
==12726== by 0x380366D9: vgPlain_arena_memalign (m_mallocfree.c:1614)
==12726== by 0x3806346D: vgPlain_cli_malloc (replacemalloc_core.c:86)
==12726== by 0x38001D2B: vgMemCheck_new_block
(mc_malloc_wrappers.c:201)
==12726== by 0x3800200D: vgMemCheck_memalign (mc_malloc_wrappers.c:268)
==12726== by 0x3806528E: vgPlain_scheduler (scheduler.c:1402)
==12726== by 0x38074CFF: run_a_thread_NORETURN (syswrap-linux.c:94)
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable
==12726== at 0x4C2786E: memalign (vg_replace_malloc.c:581)
==12726== by 0x4C278C7: posix_memalign (vg_replace_malloc.c:709)
==12726== by 0xA4ED3F: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x884D08: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x43DAE6: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x441230: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x438BB8: ??? (in /usr/local/bin/ffmpeg)
==12726== by 0x52F130C: (below main) (libc-start.c:226)
Note: see also the FAQ in the source distribution.
It contains workarounds to several common problems.
In particular, if Valgrind aborted or crashed after
identifying problems in your program, there's a good chance
that fixing those problems will prevent Valgrind aborting or
crashing, especially if it happened in m_mallocfree.c.
If that doesn't help, please report this bug to: www.valgrind.org
In the bug report, send all the above text, the valgrind
version, and what OS and version you are using. Thanks.
--
Ticket URL: <http://ffmpeg.org/trac/ffmpeg/ticket/791>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list