[FFmpeg-trac] #2728(avcodec:open): smk crash with low mem
FFmpeg
trac at avcodec.org
Sat Jun 29 14:24:22 CEST 2013
#2728: smk crash with low mem
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: open
Priority: important | Component: avcodec
Version: git-master | Resolution:
Keywords: crash | Blocked By:
SIGSEGV smacker | Reproduced by developer: 1
Blocking: |
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Changes (by cehoyos):
* status: new => open
* reproduced: 0 => 1
* component: undetermined => avcodec
* priority: normal => important
* version: unspecified => git-master
* keywords: => crash SIGSEGV smacker
Comment:
Patch sent.
{{{
(gdb) r -max_alloc 80000 -i test.smk
Starting program: ffmpeg_g -max_alloc 80000 -i test.smk
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
ffmpeg version N-54249-gfc736a9 Copyright (c) 2000-2013 the FFmpeg
developers
built on Jun 29 2013 12:22:00 with gcc 4.7 (SUSE Linux)
configuration:
libavutil 52. 37.101 / 52. 37.101
libavcodec 55. 17.100 / 55. 17.100
libavformat 55. 10.100 / 55. 10.100
libavdevice 55. 2.100 / 55. 2.100
libavfilter 3. 77.101 / 3. 77.101
libswscale 2. 3.100 / 2. 3.100
libswresample 0. 17.102 / 0. 17.102
Program received signal SIGSEGV, Segmentation fault.
0x0000000000941a6d in smacker_decode_bigtree (gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:158
158 hc->values[hc->current++] = val;
(gdb) bt
#0 0x0000000000941a6d in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:158
#1 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#2 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#3 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#4 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#5 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#6 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#7 0x0000000000941ab3 in smacker_decode_bigtree
(gb=gb at entry=0x7fffffffcec0,
hc=hc at entry=0x7fffffffcd80, ctx=ctx at entry=0x7fffffffce40) at
libavcodec/smacker.c:164
#8 0x00000000004357fd in smacker_decode_header_tree
(gb=gb at entry=0x7fffffffcec0,
recodes=recodes at entry=0x164b090, last=last at entry=0x164b0b0,
size=<optimized out>,
smk=0x164ae20) at libavcodec/smacker.c:265
#9 0x0000000000435a46 in decode_header_trees (smk=0x164ae20) at
libavcodec/smacker.c:310
#10 decode_init (avctx=<optimized out>) at libavcodec/smacker.c:543
#11 0x000000000099cb12 in avcodec_open2 (avctx=0x16245a0, codec=<optimized
out>,
codec at entry=0x10251a0 <ff_smacker_decoder>,
options=options at entry=0x1623640)
at libavcodec/utils.c:1309
#12 0x000000000058f1d8 in try_decode_frame (st=st at entry=0x1624240,
avpkt=avpkt at entry=0x162b4e0, options=0x1623640) at
libavformat/utils.c:2422
#13 0x0000000000596c90 in avformat_find_stream_info (ic=0x1623060,
options=0x1623640)
at libavformat/utils.c:2880
#14 0x0000000000462289 in open_input_file (o=o at entry=0x7fffffffd750,
filename=<optimized out>)
at ffmpeg_opt.c:814
#15 0x000000000045cd82 in open_files (inout=<optimized out>,
inout at entry=0xc08adf "input",
open_file=open_file at entry=0x461ee0 <open_input_file>, l=<optimized
out>,
l=<optimized out>) at ffmpeg_opt.c:2483
#16 0x0000000000463619 in ffmpeg_parse_options (argc=argc at entry=5,
argv=argv at entry=0x7fffffffdde8) at ffmpeg_opt.c:2520
#17 0x000000000045a8c8 in main (argc=5, argv=0x7fffffffdde8) at
ffmpeg.c:3368
(gdb) print hc->values
$1 = (int *) 0x0
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2728#comment:1>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list