[FFmpeg-trac] #8641(avcodec:new): Data race in pthread_frame.c and h264dec.c
FFmpeg
trac at avcodec.org
Wed Apr 29 11:19:22 EEST 2020
#8641: Data race in pthread_frame.c and h264dec.c
---------------------------------+-------------------------------------
Reporter: Zu-Ming | Type: defect
Status: new | Priority: important
Component: avcodec | Version: 4.2
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
---------------------------------+-------------------------------------
Summary of the bug:
**Execute command: ** `./ffmpeg -y -threads 4 -i small.mp4 output.avi`
**Version:** 4.2
**Thread 1:**
**Race object:** `h1->is_avc`
**Access:** `h->is_avc = h1->is_avc;`
**Line number:** `h264_slice.c; 406`
**Call stack:**
1. `ff_h264_update_thread_context()`
2. `update_context_from_thread()`
3. `submit_packet()`
4. `ff_thread_decode_frame()`
5. `decode_simple_internal()`
6. `decode_simple_receive_frame()`
7. `decode_receive_frame_internal()`
8. `avcodec_send_packet()`
9. `decode()`
10. `decode_video()`
11. `process_input_packet()`
12. `process_input()`
13. `transcode_step()`
14. `transcode()`
15. `main()`
**Lock:** None
**Thread 2:**
**Race object:** `h->is_avc`
**Access:** `h->is_avc = 1;`
**Line number:** `h264dec.c; 622`
**Call stack:**
1. `decode_nal_units()`
2. `h264_decode_frame()`
3. `frame_worker_thread()`
**Lock:** `pthread_mutex_lock(&p->mutex);`
**Impact:** This race cause `h->is_avc` in Thread 1 uncertain, which may
affect the status of ffmpeg.
My data race fuzzer, conzzer, finds that these 2 accesses can be executed
concurrently, and they are protected by different locks, so my fuzzer
report this race.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/8641>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list