[FFmpeg-trac] #9123(avformat:open): segmentation fault when extracting frames from the video

FFmpeg trac at avcodec.org
Thu Feb 25 00:09:27 EET 2021 

#9123: segmentation fault when extracting frames from the video
------------------------------------+------------------------------------
             Reporter:  bird        |                    Owner:
                 Type:  defect      |                   Status:  open
             Priority:  important   |                Component:  avformat
              Version:  git-master  |               Resolution:
             Keywords:  dss crash   |               Blocked By:
             Blocking:              |  Reproduced by developer:  1
Analyzed by developer:  0           |
------------------------------------+------------------------------------
Changes (by cehoyos):

 * keywords:   => dss crash
 * priority:  normal => important
 * status:  new => open
 * component:  ffmpeg => avformat
 * reproduced:  0 => 1


Comment:

 {{{
 $ valgrind ffmpeg_g -ss 0 -i ./4
 ==24733== Memcheck, a memory error detector
 ==24733== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
 ==24733== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright
 info
 ==24733== Command: ffmpeg_g -ss 0 -i ./4
 ==24733==
 ffmpeg version N-101291-gd3d99a0a06 Copyright (c) 2000-2021 the FFmpeg
 developers
   built with gcc 10 (SUSE Linux)
   configuration: --enable-gpl
   libavutil      56. 66.100 / 56. 66.100
   libavcodec     58.125.100 / 58.125.100
   libavformat    58. 68.100 / 58. 68.100
   libavdevice    58. 12.100 / 58. 12.100
   libavfilter     7.107.100 /  7.107.100
   libswscale      5.  8.100 /  5.  8.100
   libswresample   3.  8.100 /  3.  8.100
   libpostproc    55.  8.100 / 55.  8.100
 [dss @ 0x5082540] Estimating duration from bitrate, this may be inaccurate
 ==24733== Invalid write of size 1
 ==24733==    at 0x483DEF3: memcpy at GLIBC_2.2.5 (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==24733==    by 0x720723: avio_read (aviobuf.c:673)
 ==24733==    by 0x7367EB: dss_723_1_read_packet (dss.c:308)
 ==24733==    by 0x7367EB: dss_read_packet (dss.c:323)
 ==24733==    by 0x833BE9: ff_read_packet (utils.c:823)
 ==24733==    by 0x834D7A: read_frame_internal (utils.c:1526)
 ==24733==    by 0x835C27: av_read_frame (utils.c:1730)
 ==24733==    by 0x83780C: seek_frame_generic (utils.c:2388)
 ==24733==    by 0x83780C: seek_frame_internal (utils.c:2461)
 ==24733==    by 0x83780C: av_seek_frame (utils.c:2481)
 ==24733==    by 0x8373F9: avformat_seek_file (utils.c:2533)
 ==24733==    by 0x49C7A0: open_input_file (ffmpeg_opt.c:1252)
 ==24733==    by 0x4A0117: open_files (ffmpeg_opt.c:3335)
 ==24733==    by 0x4A0117: ffmpeg_parse_options (ffmpeg_opt.c:3375)
 ==24733==    by 0x494C97: main (ffmpeg.c:4964)
 ==24733==  Address 0xffffffff9398d422 is not stack'd, malloc'd or
 (recently) free'd
 ==24733==
 ==24733==
 ==24733== Process terminating with default action of signal 11 (SIGSEGV):
 dumping core
 ==24733==  Access not within mapped region at address 0xFFFFFFFF9398D422
 ==24733==    at 0x483DEF3: memcpy at GLIBC_2.2.5 (in /usr/lib64/valgrind
 /vgpreload_memcheck-amd64-linux.so)
 ==24733==    by 0x720723: avio_read (aviobuf.c:673)
 ==24733==    by 0x7367EB: dss_723_1_read_packet (dss.c:308)
 ==24733==    by 0x7367EB: dss_read_packet (dss.c:323)
 ==24733==    by 0x833BE9: ff_read_packet (utils.c:823)
 ==24733==    by 0x834D7A: read_frame_internal (utils.c:1526)
 ==24733==    by 0x835C27: av_read_frame (utils.c:1730)
 ==24733==    by 0x83780C: seek_frame_generic (utils.c:2388)
 ==24733==    by 0x83780C: seek_frame_internal (utils.c:2461)
 ==24733==    by 0x83780C: av_seek_frame (utils.c:2481)
 ==24733==    by 0x8373F9: avformat_seek_file (utils.c:2533)
 ==24733==    by 0x49C7A0: open_input_file (ffmpeg_opt.c:1252)
 ==24733==    by 0x4A0117: open_files (ffmpeg_opt.c:3335)
 ==24733==    by 0x4A0117: ffmpeg_parse_options (ffmpeg_opt.c:3375)
 ==24733==    by 0x494C97: main (ffmpeg.c:4964)
 ==24733==  If you believe this happened as a result of a stack
 ==24733==  overflow in your program's main thread (unlikely but
 ==24733==  possible), you can try to increase the size of the
 ==24733==  main thread stack using the --main-stacksize= flag.
 ==24733==  The main thread stack size used in this run was 8388608.
 ==24733==
 ==24733== HEAP SUMMARY:
 ==24733==     in use at exit: 38,836 bytes in 40 blocks
 ==24733==   total heap usage: 257 allocs, 217 frees, 103,484 bytes
 allocated
 ==24733==
 ==24733== LEAK SUMMARY:
 ==24733==    definitely lost: 0 bytes in 0 blocks
 ==24733==    indirectly lost: 0 bytes in 0 blocks
 ==24733==      possibly lost: 0 bytes in 0 blocks
 ==24733==    still reachable: 38,836 bytes in 40 blocks
 ==24733==         suppressed: 0 bytes in 0 blocks
 ==24733== Rerun with --leak-check=full to see details of leaked memory
 ==24733==
 ==24733== For lists of detected and suppressed errors, rerun with: -s
 ==24733== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
 Segmentation fault (core dumped)
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/9123#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list