[FFmpeg-trac] #2944(undetermined:new): crash with max_alloc
FFmpeg
trac at avcodec.org
Sun Sep 8 20:00:11 CEST 2013
#2944: crash with max_alloc
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: normal | Component:
Version: | undetermined
unspecified | Keywords:
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
{{{
(gdb) r -max_alloc 320000000 -i ./cr.avi
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /media/sdb1/ffmpeg-HEAD-a67dcd7/ffmpeg_g -max_alloc
320000000 -i ./cr.avi
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.0-a67dcd7 Copyright (c) 2000-2013 the FFmpeg developers
built on Sep 5 2013 17:23:55 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 52. 43.100 / 52. 43.100
libavcodec 55. 31.101 / 55. 31.101
libavformat 55. 16.101 / 55. 16.101
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 83.102 / 3. 83.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
Program received signal SIGSEGV, Segmentation fault.
av_freep (arg=0x0) at libavutil/mem.c:217
217 av_free(*ptr);
(gdb) bt
#0 av_freep (arg=0x0) at libavutil/mem.c:217
#1 0x0808391e in decode_init (avctx=0x9100740) at
libavcodec/truemotion2.c:960
#2 0x0867b0e1 in avcodec_open2 (avctx=0x9100740,
codec=codec at entry=0x8afcd40,
options=0x9100fc0) at libavcodec/utils.c:1341
#3 0x0823c60d in avformat_find_stream_info (ic=0x90ffe60,
options=0x9100fc0)
at libavformat/utils.c:2709
#4 0x080a6525 in open_input_file (o=o at entry=0xbffff53c,
filename=<optimized out>) at ffmpeg_opt.c:809
#5 0x080a4d47 in open_files (inout=inout at entry=0x88d82fb "input",
open_file=open_file at entry=0x80a6140 <open_input_file>,
l=<error reading variable: Unhandled dwarf expression opcode 0xfa>,
l=<error reading variable: Unhandled dwarf expression opcode 0xfa>)
at ffmpeg_opt.c:2494
#6 0x080acf59 in ffmpeg_parse_options (argc=argc at entry=5,
argv=argv at entry=0xbffff9c4) at ffmpeg_opt.c:2531
#7 0x080a244a in main (argc=5, argv=0xbffff9c4) at ffmpeg.c:3389
(gdb)
}}}
{{{
knoppix at Microknoppix:/media/sdb1$ valgrind --leak-check=full ffmpeg-HEAD-
a67dcd7/ffmpeg_g -max_alloc 320000000 -i ./cr.avi
==26773== Memcheck, a memory error detector
==26773== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==26773== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
info
==26773== Command: ffmpeg-HEAD-a67dcd7/ffmpeg_g -max_alloc 320000000 -i
./cr.avi
==26773==
ffmpeg version 2.0-a67dcd7 Copyright (c) 2000-2013 the FFmpeg developers
built on Sep 5 2013 17:23:55 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffprobe --disable-ffserver
--enable-gpl
libavutil 52. 43.100 / 52. 43.100
libavcodec 55. 31.101 / 55. 31.101
libavformat 55. 16.101 / 55. 16.101
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 83.102 / 3. 83.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
==26773== Invalid read of size 4
==26773== at 0x886CD58: av_freep (mem.c:210)
==26773== by 0x808391D: decode_init (truemotion2.c:960)
==26773== by 0x867B0E0: avcodec_open2 (utils.c:1341)
==26773== by 0x823C60C: avformat_find_stream_info (utils.c:2709)
==26773== by 0x80A6524: open_input_file (ffmpeg_opt.c:809)
==26773== by 0x80A4D46: open_files.isra.7 (ffmpeg_opt.c:2494)
==26773== by 0x40A5E15: (below main) (libc-start.c:228)
==26773== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==26773==
==26773==
==26773== Process terminating with default action of signal 11 (SIGSEGV)
==26773== Access not within mapped region at address 0x0
==26773== at 0x886CD58: av_freep (mem.c:210)
==26773== by 0x808391D: decode_init (truemotion2.c:960)
==26773== by 0x867B0E0: avcodec_open2 (utils.c:1341)
==26773== by 0x823C60C: avformat_find_stream_info (utils.c:2709)
==26773== by 0x80A6524: open_input_file (ffmpeg_opt.c:809)
==26773== by 0x80A4D46: open_files.isra.7 (ffmpeg_opt.c:2494)
==26773== by 0x40A5E15: (below main) (libc-start.c:228)
==26773== If you believe this happened as a result of a stack
==26773== overflow in your program's main thread (unlikely but
==26773== possible), you can try to increase the size of the
==26773== main thread stack using the --main-stacksize= flag.
==26773== The main thread stack size used in this run was 8388608.
==26773==
==26773== HEAP SUMMARY:
==26773== in use at exit: 524,705,659 bytes in 33 blocks
==26773== total heap usage: 43 allocs, 10 frees, 524,740,651 bytes
allocated
==26773==
==26773== LEAK SUMMARY:
==26773== definitely lost: 0 bytes in 0 blocks
==26773== indirectly lost: 0 bytes in 0 blocks
==26773== possibly lost: 0 bytes in 0 blocks
==26773== still reachable: 524,705,659 bytes in 33 blocks
==26773== suppressed: 0 bytes in 0 blocks
==26773== Reachable blocks (those to which a pointer was found) are not
shown.
==26773== To see them, rerun with: --leak-check=full --show-reachable=yes
==26773==
==26773== For counts of detected and suppressed errors, rerun with: -v
==26773== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 59 from 6)
Segmentation fault
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2944>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list