[FFmpeg-trac] #8237(undetermined:reopened): Division by zero at libavfilter/af_adeclick.c

FFmpeg trac at avcodec.org
Fri Oct 11 03:14:26 EEST 2019

#8237: Division by zero at libavfilter/af_adeclick.c
             Reporter:  Suhwan       |                    Owner:
                 Type:  defect       |                   Status:  reopened
             Priority:  normal       |                Component:
                                     |  undetermined
              Version:  git-master   |               Resolution:
             Keywords:  ubsan        |               Blocked By:
             Blocking:               |  Reproduced by developer:  0
Analyzed by developer:  0            |
Changes (by Suhwan):

 * status:  closed => reopened
 * resolution:  invalid =>


 Replying to [comment:1 richardpl]:
 I checked this again and re-uploaded the full gdb-log.
 I compiled ffmpeg with "--toolchain=clang-usan" option to check division
 by zero.

 please confirm.

 How to reproduce:
 $ ffmpeg_g -y -r 49 -i $PoC -filter_complex adeclick -loglevel 99 -c:s:7
 h264_v4l2m2m -disposition:s:3 apng -vframes 35 -ab 267k -ac 0 -strict 1

 ffmpeg version N-95314-g1331e00179 Copyright (c) 2000-2019 the FFmpeg
   built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
   configuration: --cc=clang --cxx=clang++ --ld=clang --enable-debug


 Breakpoint 1, uninit (ctx=0x90e0140) at libavfilter/af_adeclick.c:684
 684                s->nb_samples, 100. * s->detected_errors /
 (gdb) n
 683                s->is_declip ? "clips" : "clicks", s->detected_errors,
 (gdb) n
 684                s->nb_samples, 100. * s->detected_errors /
 (gdb) n
 libavfilter/af_adeclick.c:684:53: runtime error: division by zero
 682         av_log(ctx, AV_LOG_INFO, "Detected %s in %"PRId64" of
 %"PRId64" samples (%g%%).\n",
 (gdb) bt
 #0  uninit (ctx=0x90e0140) at libavfilter/af_adeclick.c:682
 #1  0x00000000005ca3f3 in avfilter_free (filter=0x90e0140) at
 #2  0x00000000005d6218 in avfilter_graph_free (graph=0x7fffffffde50) at
 #3  0x00000000004646ca in init_complex_filtergraph (fg=<optimized out>) at
 #4  0x000000000042db4c in init_complex_filters () at
 #5  ffmpeg_parse_options (argc=<optimized out>, argv=<optimized out>) at
 #6  0x0000000000487b44 in main (argc=23, argv=0x7fffffffe118) at
 (gdb) disass $pc-32,$pc+32
 Dump of assembler code from 0xfeb693 to 0xfeb6d3:
    0x0000000000feb693 <uninit+265>:     pushfq
    0x0000000000feb694 <uninit+266>:     add    $0x66,%al
    0x0000000000feb696 <uninit+268>:     subps  0x49c8d83(%rip),%xmm1
 # 0x59b4420
    0x0000000000feb69d <uninit+275>:     pshufd $0x4e,%xmm1,%xmm2
    0x0000000000feb6a2 <uninit+280>:     addpd  %xmm1,%xmm2
    0x0000000000feb6a6 <uninit+284>:     test   %rax,%rax
    0x0000000000feb6a9 <uninit+287>:     je     0xfebc7b <uninit+1777>
    0x0000000000feb6af <uninit+293>:     divsd  %xmm2,%xmm0
 => 0x0000000000feb6b3 <uninit+297>:     mov    $0x20,%esi
    0x0000000000feb6b8 <uninit+302>:     mov    $0x5a698dc,%edx
    0x0000000000feb6bd <uninit+307>:     mov    $0x1,%al
    0x0000000000feb6bf <uninit+309>:     mov    %r15,%rdi
    0x0000000000feb6c2 <uninit+312>:     mov    %rbx,%rcx
    0x0000000000feb6c5 <uninit+315>:     mov    %r13,%r9
    0x0000000000feb6c8 <uninit+318>:     callq  0x58e7540 <av_log>
    0x0000000000feb6cd <uninit+323>:     mov    0xf(%rsp),%r12b
    0x0000000000feb6d2 <uninit+328>:     test   %r12b,%r12b
 End of assembler dump.


Ticket URL: <https://trac.ffmpeg.org/ticket/8237#comment:2>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list