Opened 12 years ago
Closed 12 years ago
#2489 closed defect (fixed)
'segmentation fault' / 'double free pointer' when concatenating segments with subtitles
| Reported by: | ronny1982 | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avcodec |
| Version: | git-master | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | yes | |
| Analyzed by developer: | yes |
Description
I'm trying to concatenate video segments with subtitles using the demuxer concat. I tried video clips with srt and ass subtitles, with commands to copy, remove and encode subtitles, but all of them failed:
ffmpeg -f concat -i "numbers.concat" -c copy -y "numbers-2x050.mkv" ffmpeg -f concat -i "numbers.concat" -sn -c:v copy -y "numbers-2x050.mkv" ffmpeg -f concat -i "numbers.concat" -c:s ass -c:v copy -y "numbers-2x050.mkv"
tested with ffmpeg snapshot (2013-04-21)
tested with ffmpeg 1.2 (2013-03-15)
output for segmentation fault:
ffmpeg version 1.2 Copyright (c) 2000-2013 the FFmpeg developers
built on Apr 11 2013 01:45:55 with gcc 4.7 (Ubuntu/Linaro 4.7.2-2ubuntu1)
configuration: --disable-shared --enable-static --enable-gpl --enable-nonfree --enable-zlib --enable-bzlib --enable-libfreetype --enable-fontconfig --enable-libass --enable-libfaac --enable-libfdk_aac --enable-libmp3lame --enable-libvorbis --enable-libtheora --enable-libxvid --enable-libx264 --enable-libvpx --enable-libbluray --enable-runtime-cpudetect --disable-debug --extra-libs=' -lxml2 -ldl'
libavutil 52. 18.100 / 52. 18.100
libavcodec 54. 92.100 / 54. 92.100
libavformat 54. 63.104 / 54. 63.104
libavdevice 54. 3.103 / 54. 3.103
libavfilter 3. 42.103 / 3. 42.103
libswscale 2. 2.100 / 2. 2.100
libswresample 0. 17.102 / 0. 17.102
libpostproc 52. 2.100 / 52. 2.100
[concat @ 0x2543fa0] Estimating duration from bitrate, this may be inaccurate
Input #0, concat, from 'numbers.concat':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Video: h264 (Main), yuv420p, 640x360 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 1k tbn, 50 tbc
Stream #0:1: Subtitle: subrip
Output #0, matroska, to 'numbers-2x050.mkv':
Metadata:
encoder : Lavf54.63.104
Stream #0:0: Video: h264 (H264 / 0x34363248), yuv420p, 640x360 [SAR 1:1 DAR 16:9], q=2-31, 25 fps, 1k tbn, 1k tbc
Stream #0:1: Subtitle: subrip
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Stream #0:1 -> #0:1 (copy)
Press [q] to stop, [?] for help
Segmentation fault
output for double free pointer:
ffmpeg version 1.2 Copyright (c) 2000-2013 the FFmpeg developers
built on Apr 11 2013 01:45:55 with gcc 4.7 (Ubuntu/Linaro 4.7.2-2ubuntu1)
configuration: --disable-shared --enable-static --enable-gpl --enable-nonfree --enable-zlib --enable-bzlib --enable-libfreetype --enable-fontconfig --enable-libass --enable-libfaac --enable-libfdk_aac --enable-libmp3lame --enable-libvorbis --enable-libtheora --enable-libxvid --enable-libx264 --enable-libvpx --enable-libbluray --enable-runtime-cpudetect --disable-debug --extra-libs=' -lxml2 -ldl'
libavutil 52. 18.100 / 52. 18.100
libavcodec 54. 92.100 / 54. 92.100
libavformat 54. 63.104 / 54. 63.104
libavdevice 54. 3.103 / 54. 3.103
libavfilter 3. 42.103 / 3. 42.103
libswscale 2. 2.100 / 2. 2.100
libswresample 0. 17.102 / 0. 17.102
libpostproc 52. 2.100 / 52. 2.100
[concat @ 0x23a9fe0] Estimating duration from bitrate, this may be inaccurate
Input #0, concat, from 'numbers.concat':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Video: h264 (Main), yuv420p, 640x360 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 1k tbn, 50 tbc
Stream #0:1: Subtitle: subrip
Output #0, matroska, to 'numbers-2x050.mkv':
Metadata:
encoder : Lavf54.63.104
Stream #0:0: Video: h264 (H264 / 0x34363248), yuv420p, 640x360 [SAR 1:1 DAR 16:9], q=2-31, 25 fps, 1k tbn, 1k tbc
Stream #0:1: Subtitle: ssa
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Stream #0:1 -> #0:1 (subrip -> ass)
Press [q] to stop, [?] for help
*** glibc detected *** /home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac: double free or corruption (out): 0x00000000023b6200 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7eb96)[0x7fa64fc17b96]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0xbd930c]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5bc6fe]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5bc80c]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5bca3d]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x4fd9a8]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5b5394]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5b7285]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x5b8042]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x46ec05]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x45e590]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7fa64fbba76d]
/home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac[0x45ec09]
======= Memory map: ========
00400000-01428000 r-xp 00000000 08:02 27394536 /home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac
01628000-01629000 r--p 01028000 08:02 27394536 /home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac
01629000-01663000 rw-p 01029000 08:02 27394536 /home/ronny/Documents/development/ffmpegyag/dist/linux/bin/ffmpeg-hi10-heaac
01663000-01d22000 rw-p 00000000 00:00 0
02394000-02469000 rw-p 00000000 00:00 0 [heap]
7fa64f658000-7fa64f66d000 r-xp 00000000 08:12 5196 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa64f66d000-7fa64f86c000 ---p 00015000 08:12 5196 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa64f86c000-7fa64f86d000 r--p 00014000 08:12 5196 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa64f86d000-7fa64f86e000 rw-p 00015000 08:12 5196 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa64f86e000-7fa64f96f000 rw-p 00000000 00:00 0
7fa64f96f000-7fa64f996000 r-xp 00000000 08:12 9146 /lib/x86_64-linux-gnu/libexpat.so.1.5.2
7fa64f996000-7fa64fb96000 ---p 00027000 08:12 9146 /lib/x86_64-linux-gnu/libexpat.so.1.5.2
7fa64fb96000-7fa64fb98000 r--p 00027000 08:12 9146 /lib/x86_64-linux-gnu/libexpat.so.1.5.2
7fa64fb98000-7fa64fb99000 rw-p 00029000 08:12 9146 /lib/x86_64-linux-gnu/libexpat.so.1.5.2
7fa64fb99000-7fa64fd4e000 r-xp 00000000 08:12 157 /lib/x86_64-linux-gnu/libc-2.15.so
7fa64fd4e000-7fa64ff4d000 ---p 001b5000 08:12 157 /lib/x86_64-linux-gnu/libc-2.15.so
7fa64ff4d000-7fa64ff51000 r--p 001b4000 08:12 157 /lib/x86_64-linux-gnu/libc-2.15.so
7fa64ff51000-7fa64ff53000 rw-p 001b8000 08:12 157 /lib/x86_64-linux-gnu/libc-2.15.so
7fa64ff53000-7fa64ff58000 rw-p 00000000 00:00 0
7fa64ff58000-7fa64ff70000 r-xp 00000000 08:12 268 /lib/x86_64-linux-gnu/libpthread-2.15.so
7fa64ff70000-7fa65016f000 ---p 00018000 08:12 268 /lib/x86_64-linux-gnu/libpthread-2.15.so
7fa65016f000-7fa650170000 r--p 00017000 08:12 268 /lib/x86_64-linux-gnu/libpthread-2.15.so
7fa650170000-7fa650171000 rw-p 00018000 08:12 268 /lib/x86_64-linux-gnu/libpthread-2.15.so
7fa650171000-7fa650175000 rw-p 00000000 00:00 0
7fa650175000-7fa650177000 r-xp 00000000 08:12 150 /lib/x86_64-linux-gnu/libdl-2.15.so
7fa650177000-7fa650377000 ---p 00002000 08:12 150 /lib/x86_64-linux-gnu/libdl-2.15.so
7fa650377000-7fa650378000 r--p 00002000 08:12 150 /lib/x86_64-linux-gnu/libdl-2.15.so
7fa650378000-7fa650379000 rw-p 00003000 08:12 150 /lib/x86_64-linux-gnu/libdl-2.15.so
7fa650379000-7fa6504ca000 r-xp 00000000 08:12 269022 /usr/lib/x86_64-linux-gnu/libxml2.so.2.7.8
7fa6504ca000-7fa6506c9000 ---p 00151000 08:12 269022 /usr/lib/x86_64-linux-gnu/libxml2.so.2.7.8
7fa6506c9000-7fa6506d1000 r--p 00150000 08:12 269022 /usr/lib/x86_64-linux-gnu/libxml2.so.2.7.8
7fa6506d1000-7fa6506d3000 rw-p 00158000 08:12 269022 /usr/lib/x86_64-linux-gnu/libxml2.so.2.7.8
7fa6506d3000-7fa6506d4000 rw-p 00000000 00:00 0
7fa6506d4000-7fa6506db000 r-xp 00000000 08:12 270 /lib/x86_64-linux-gnu/librt-2.15.so
7fa6506db000-7fa6508da000 ---p 00007000 08:12 270 /lib/x86_64-linux-gnu/librt-2.15.so
7fa6508da000-7fa6508db000 r--p 00006000 08:12 270 /lib/x86_64-linux-gnu/librt-2.15.so
7fa6508db000-7fa6508dc000 rw-p 00007000 08:12 270 /lib/x86_64-linux-gnu/librt-2.15.so
7fa6508dc000-7fa6508f2000 r-xp 00000000 08:12 5286 /lib/x86_64-linux-gnu/libz.so.1.2.3.4
7fa6508f2000-7fa650af1000 ---p 00016000 08:12 5286 /lib/x86_64-linux-gnu/libz.so.1.2.3.4
7fa650af1000-7fa650af2000 r--p 00015000 08:12 5286 /lib/x86_64-linux-gnu/libz.so.1.2.3.4
7fa650af2000-7fa650af3000 rw-p 00016000 08:12 5286 /lib/x86_64-linux-gnu/libz.so.1.2.3.4
7fa650af3000-7fa650b02000 r-xp 00000000 08:12 5174 /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7fa650b02000-7fa650d01000 ---p 0000f000 08:12 5174 /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7fa650d01000-7fa650d02000 r--p 0000e000 08:12 5174 /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7fa650d02000-7fa650d03000 rw-p 0000f000 08:12 5174 /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7fa650d03000-7fa650d18000 r-xp 00000000 08:12 265262 /usr/lib/libfribidi.so.0.3.1
7fa650d18000-7fa650f17000 ---p 00015000 08:12 265262 /usr/lib/libfribidi.so.0.3.1
7fa650f17000-7fa650f18000 r--p 00014000 08:12 265262 /usr/lib/libfribidi.so.0.3.1
7fa650f18000-7fa650f19000 rw-p 00015000 08:12 265262 /usr/lib/libfribidi.so.0.3.1
7fa650f19000-7fa650f4d000 r-xp 00000000 08:12 261571 /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.4.4
7fa650f4d000-7fa65114d000 ---p 00034000 08:12 261571 /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.4.4
7fa65114d000-7fa65114e000 r--p 00034000 08:12 261571 /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.4.4
7fa65114e000-7fa65114f000 rw-p 00035000 08:12 261571 /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.4.4
7fa65114f000-7fa65124a000 r-xp 00000000 08:12 1112 /lib/x86_64-linux-gnu/libm-2.15.so
7fa65124a000-7fa651449000 ---p 000fb000 08:12 1112 /lib/x86_64-linux-gnu/libm-2.15.so
7fa651449000-7fa65144a000 r--p 000fa000 08:12 1112 /lib/x86_64-linux-gnu/libm-2.15.so
7fa65144a000-7fa65144b000 rw-p 000fb000 08:12 1112 /lib/x86_64-linux-gnu/libm-2.15.so
7fa65144b000-7fa6514e1000 r-xp 00000000 08:12 260059 /usr/lib/x86_64-linux-gnu/libfreetype.so.6.8.0
7fa6514e1000-7fa6516e0000 ---p 00096000 08:12 260059 /usr/lib/x86_64-linux-gnu/libfreetype.so.6.8.0
7fa6516e0000-7fa6516e6000 r--p 00095000 08:12 260059 /usr/lib/x86_64-linux-gnu/libfreetype.so.6.8.0
7fa6516e6000-7fa6516e7000 rw-p 0009b000 08:12 260059 /usr/lib/x86_64-linux-gnu/libfreetype.so.6.8.0
7fa6516e7000-7fa651709000 r-xp 00000000 08:12 5006 /lib/x86_64-linux-gnu/ld-2.15.so
7fa6518ea000-7fa6518f1000 rw-p 00000000 00:00 0
7fa651906000-7fa651909000 rw-p 00000000 00:00 0
7fa651909000-7fa65190a000 r--p 00022000 08:12 5006 /lib/x86_64-linux-gnu/ld-2.15.so
7fa65190a000-7fa65190c000 rw-p 00023000 08:12 5006 /lib/x86_64-linux-gnu/ld-2.15.so
7fff59f55000-7fff59f76000 rw-p 00000000 00:00 0 [stack]
7fff59fff000-7fff5a000000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
attachements:
Subtitled Video Clip (39KB)
Concat Script (46B)
Attachments (2)
Change History (5)
by , 12 years ago
| Attachment: | numbers-050.mkv added |
|---|
by , 12 years ago
| Attachment: | numbers.concat added |
|---|
A ffmpeg concatenation script containing 2x the 'numbers-050.mkv' video file
comment:1 by , 12 years ago
| Component: | FFmpeg → avformat |
|---|---|
| Priority: | minor → important |
| Reproduced by developer: | set |
| Status: | new → open |
$ valgrind ffmpeg_g -f concat -i numbers.concat -c copy out.mkv
==31540== Memcheck, a memory error detector
==31540== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==31540== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==31540== Command: ffmpeg_g -f concat -i numbers.concat -c copy out.mkv
==31540==
ffmpeg version N-52364-g4ac2da3 Copyright (c) 2000-2013 the FFmpeg developers
built on Apr 21 2013 22:10:46 with gcc 4.7 (SUSE Linux)
configuration: --enable-gpl --disable-indev=jack
libavutil 52. 27.100 / 52. 27.100
libavcodec 55. 5.100 / 55. 5.100
libavformat 55. 3.100 / 55. 3.100
libavdevice 55. 0.100 / 55. 0.100
libavfilter 3. 60.100 / 3. 60.100
libswscale 2. 2.100 / 2. 2.100
libswresample 0. 17.102 / 0. 17.102
libpostproc 52. 3.100 / 52. 3.100
Input #0, concat, from 'numbers.concat':
Duration: N/A, start: 0.000000, bitrate: N/A
Stream #0:0: Video: h264 (Main), yuv420p, 640x360 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 1k tbn, 50 tbc
Stream #0:1: Subtitle: subrip
Output #0, matroska, to 'out.mkv':
Metadata:
encoder : Lavf55.3.100
Stream #0:0: Video: h264 (H264 / 0x34363248), yuv420p, 640x360 [SAR 1:1 DAR 16:9], q=2-31, 25 fps, 1k tbn, 1k tbc
Stream #0:1: Subtitle: subrip
Stream mapping:
Stream #0:0 -> #0:0 (copy)
Stream #0:1 -> #0:1 (copy)
Press [q] to stop, [?] for help
==31540== Invalid free() / delete / delete[] / realloc()
==31540== at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==31540== by 0xBD74FB: av_freep (mem.c:194)
==31540== by 0x5B1D19: ff_free_stream (utils.c:3282)
==31540== by 0x5B1E1B: avformat_free_context (utils.c:3303)
==31540== by 0x5B204C: avformat_close_input (utils.c:3345)
==31540== by 0x4F36D7: open_file (concatdec.c:133)
==31540== by 0x4F381F: concat_read_packet (concatdec.c:265)
==31540== by 0x5AA901: ff_read_packet (utils.c:793)
==31540== by 0x5AC7EF: read_frame_internal (utils.c:1438)
==31540== by 0x5AD5A5: av_read_frame (utils.c:1539)
==31540== by 0x460D2C: process_input (ffmpeg.c:2825)
==31540== by 0x44FF0F: main (ffmpeg.c:3132)
==31540== Address 0x65fc780 is 0 bytes inside a block of size 390 free'd
==31540== at 0x4C29D4E: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==31540== by 0xBD74FB: av_freep (mem.c:194)
==31540== by 0x9B0ED6: avcodec_open2 (utils.c:1115)
==31540== by 0x5AF782: avformat_find_stream_info (utils.c:2798)
==31540== by 0x4571F8: open_input_file (ffmpeg_opt.c:814)
==31540== by 0x451D81: open_files.isra.7 (ffmpeg_opt.c:2477)
==31540== by 0x458588: ffmpeg_parse_options (ffmpeg_opt.c:2514)
==31540== by 0x44F8D7: main (ffmpeg.c:3339)
==31540==
frame= 100 fps=0.0 q=-1.0 Lsize= 65kB time=00:00:03.92 bitrate= 135.9kbits/s
video:63kB audio:0kB subtitle:0 global headers:0kB muxing overhead 2.442476%
==31540==
==31540== HEAP SUMMARY:
==31540== in use at exit: 0 bytes in 0 blocks
==31540== total heap usage: 1,986 allocs, 1,987 frees, 6,568,332 bytes allocated
==31540==
==31540== All heap blocks were freed -- no leaks are possible
==31540==
==31540== For counts of detected and suppressed errors, rerun with: -v
==31540== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
comment:2 by , 12 years ago
| Analyzed by developer: | set |
|---|---|
| Component: | avformat → avcodec |
It is a bug in avcodec_copy_context(): it does not copy subtitle_header even though it is an allocated resource. Patch on the mailing list:
http://ffmpeg.org/pipermail/ffmpeg-devel/2013-April/142854.html
Note:
See TracTickets
for help on using tickets.
A clip containing numbered frames and a simple .srt subtitle