Opened 13 years ago
Closed 13 years ago
#714 closed defect (worksforme)
ffprobe crash on broken file
Reported by: | Andrey Utkin | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avcodec |
Version: | git-master | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
version N-35487-g15130b9
Media file http://dl.dropbox.com/u/43104344/libav_loop/crash_5.ts
Program terminated with signal 11, Segmentation fault. #0 0xb6c7558b in filter_mb_dir (h=0xb5da9020, mb_x=0, mb_y=0, img_y=0xb5c0af30 "\020\020\020\020\024\027\035!", '\037' <repeats 192 times>..., img_cb=0x92ea498 "\177\177\177\177\177\177\177\177", '~' <repeats 192 times>..., img_cr=0x9301e28 '\177' <repeats 200 times>..., linesize=752, uvlinesize=376, mb_xy=0, mb_type=168430104, mvy_limit=4, first_vertical_edge_done=0, a=48, b=48, chroma=1, dir=0) at h264_loopfilter.c:550 550 qp = (s->current_picture.f.qscale_table[mb_xy] + s->current_picture.f.qscale_table[mbm_xy] + 1) >> 1; (gdb) bt #0 0xb6c7558b in filter_mb_dir (h=0xb5da9020, mb_x=0, mb_y=0, img_y=0xb5c0af30 "\020\020\020\020\024\027\035!", '\037' <repeats 192 times>..., img_cb=0x92ea498 "\177\177\177\177\177\177\177\177", '~' <repeats 192 times>..., img_cr=0x9301e28 '\177' <repeats 200 times>..., linesize=752, uvlinesize=376, mb_xy=0, mb_type=168430104, mvy_limit=4, first_vertical_edge_done=0, a=48, b=48, chroma=1, dir=0) at h264_loopfilter.c:550 #1 0xb6c76ca4 in ff_h264_filter_mb (h=0xb5da9020, mb_x=0, mb_y=0, img_y=0xb5c0af30 "\020\020\020\020\024\027\035!", '\037' <repeats 192 times>..., img_cb=0x92ea498 "\177\177\177\177\177\177\177\177", '~' <repeats 192 times>..., img_cr=0x9301e28 '\177' <repeats 200 times>..., linesize=752, uvlinesize=376) at h264_loopfilter.c:794 #2 0xb6c74993 in ff_h264_filter_mb_fast (h=0xb5da9020, mb_x=0, mb_y=0, img_y=0xb5c0af30 "\020\020\020\020\024\027\035!", '\037' <repeats 192 times>..., img_cb=0x92ea498 "\177\177\177\177\177\177\177\177", '~' <repeats 192 times>..., img_cr=0x9301e28 '\177' <repeats 200 times>..., linesize=752, uvlinesize=376) at h264_loopfilter.c:388 #3 0xb6c56f97 in loop_filter (h=0xb5da9020, start_x=0, end_x=45) at libavcodec/h264.c:3572 #4 0xb6c578c1 in decode_slice (avctx=0x925d8c0, arg=0xbff1e680) at libavcodec/h264.c:3722 #5 0xb6c57be7 in execute_decode_slices (h=0xb5da9020, context_count=1) at libavcodec/h264.c:3779 #6 0xb6c5890d in decode_nal_units (h=0xb5da9020, buf=0x92912d0 "", buf_size=19533) at libavcodec/h264.c:4040 #7 0xb6c58bb9 in decode_frame (avctx=0x925d8c0, data=0xbff1e7f4, data_size=0xbff1e904, avpkt=0xbff1e7b0) at libavcodec/h264.c:4117 #8 0xb6e308a9 in avcodec_decode_video2 (avctx=0x925d8c0, picture=0xbff1e7f4, got_picture_ptr=0xbff1e904, avpkt=0xbff1e7b0) at libavcodec/utils.c:960 #9 0xb7659cc7 in try_decode_frame (st=0x925d6f0, avpkt=0x9286c10, options=0x0) at libavformat/utils.c:2234 #10 0xb765ae4e in avformat_find_stream_info (ic=0x9259b50, options=0x0) at libavformat/utils.c:2537 #11 0x0804d0f4 in open_input_file (fmt_ctx_ptr=0xbff1ec2c, filename=0xbff200d0 "crash_5.ts") ---Type <return> to continue, or q <return> to quit--- at ffprobe.c:1096 #12 0x0804d2e3 in probe_file (filename=0xbff200d0 "crash_5.ts") at ffprobe.c:1154 #13 0x0804d640 in main (argc=2, argv=0xbff1ed34) at ffprobe.c:1265
See bt full in attach.
Attachments (1)
Change History (5)
by , 13 years ago
Attachment: | crash_of_probing.log added |
---|
comment:1 by , 13 years ago
comment:2 by , 13 years ago
I'll be able to do that tomorrow.
Are you sure you used exactly same revision as reported?
comment:4 by , 13 years ago
Resolution: | → worksforme |
---|---|
Status: | new → closed |
I am unable to reproduce a crash (or an invalid memory access) with the sample.
Please test "./configure && make" (and reopen if it still crashes), if this works fine, please try to find the configure option that triggers the crash (and please try to provide a smaller sample, mpegts should allow you to cut the sample considerably).
Note:
See TracTickets
for help on using tickets.
I am unable to reproduce the crash and valgrind reports no invalid memory access.
Can you reproduce the crash with './configure && make'?
Does 'ffmpeg -i crash_5.ts' crash? Or 'ffmpeg -i crash_5.ts -f null'?