#2903: png: invalid write
-------------------------------------+-------------------------------------
Reporter: ami_stuff | Owner:
Type: defect | Status: new
Priority: normal | Component:
Version: | undetermined
unspecified | Keywords:
Blocked By: | Blocking:
Reproduced by developer: 0 | Analyzed by developer: 0
-------------------------------------+-------------------------------------
http://www.datafilehost.com/d/6985a553
{{{
knoppix@Microknoppix:/media/sdb1$ valgrind --leak-check=full ffmpeg-HEAD-
edf6fb6/ffmpeg_g -i ./png_fuzz.mov -f null -
==29921== Memcheck, a memory error detector
==29921== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==29921== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright
info
==29921== Command: ffmpeg-HEAD-edf6fb6/ffmpeg_g -i ./png_fuzz.mov -f null
-
==29921==
ffmpeg version 2.0-edf6fb6 Copyright (c) 2000-2013 the FFmpeg developers
built on Aug 24 2013 11:50:43 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffserver --disable-ffprobe
--enable-gpl
libavutil 52. 42.100 / 52. 42.100
libavcodec 55. 29.100 / 55. 29.100
libavformat 55. 14.102 / 55. 14.102
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 82.102 / 3. 82.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
Input #0, mov,mp4,m4a,3gp,3g2,mj2, from './png_fuzz.mov':
Metadata:
major_brand : qt
minor_version : 537199360
compatible_brands: qt
creation_time : 2012-03-24 20:33:27
Duration: 00:00:05.96, start: 0.000000, bitrate: 7021 kb/s
Stream #0:0(eng): Video: png (png / 0x20676E70), rgba, 189x127 [SAR
2834:2834 DAR 189:127], 7019 kb/s, 24 fps, 24 tbr, 1000k tbn, 1000k tbc
(default)
Metadata:
creation_time : 2012-03-24 20:33:27
handler_name : Procedura obs�ugi skr�t�w danych Apple
Output #0, null, to 'pipe:':
Metadata:
major_brand : qt
minor_version : 537199360
compatible_brands: qt
encoder : Lavf55.14.102
Stream #0:0(eng): Video: rawvideo (RGBA / 0x41424752), rgba, 189x127
[SAR 1:1 DAR 189:127], q=2-31, 200 kb/s, 90k tbn, 24 tbc (default)
Metadata:
creation_time : 2012-03-24 20:33:27
handler_name : Procedura obs�ugi skr�t�w danych Apple
Stream mapping:
Stream #0:0 -> #0:0 (png -> rawvideo)
Press [q] to stop, [?] for help
[png @ 0x4346de0] inflate returned error -3
[png @ 0x4347f00] chunk too big
[png @ 0x434a120] inflate returned error -3
[null @ 0x42747e0] Encoder did not produce proper pts, making some up.
[png @ 0x4349000] inflate returned error -3
[png @ 0x4346480] inflate returned error -3
Error while decoding stream #0:0: Invalid data found when processing input
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x4346de0] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x4347f00] Missing png signature
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x434a120] chunk too big
[png @ 0x4349000] inflate returned error -3
Error while decoding stream #0:0: Invalid data found when processing input
Last message repeated 1 times
[png @ 0x4346480] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x4346de0] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
==29921== Thread 7:peated 3 times
==29921== Invalid write of size 4
==29921== at 0x402ABFD: memset (mc_replace_strmem.c:966)
==29921== by 0x85BF16A: decode_frame (pngdec.c:672)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921== Address 0x4436c54 is 564 bytes inside a block of size 567
alloc'd
==29921== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==29921== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==29921== by 0x886D047: av_malloc (mem.c:93)
==29921== by 0x85C0014: decode_frame (pngdec.c:677)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921==
==29921== Invalid read of size 1
==29921== at 0x85C064C: ff_add_png_paeth_prediction (pngdec.c:170)
==29921== by 0x85BE25A: png_filter_row (pngdec.c:260)
==29921== by 0x85BF905: decode_frame (pngdec.c:297)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921== Address 0x4436c57 is 0 bytes after a block of size 567 alloc'd
==29921== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==29921== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==29921== by 0x886D047: av_malloc (mem.c:93)
==29921== by 0x85C0014: decode_frame (pngdec.c:677)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921==
==29921== Invalid read of size 1
==29921== at 0x85C0660: ff_add_png_paeth_prediction (pngdec.c:171)
==29921== by 0x85BE25A: png_filter_row (pngdec.c:260)
==29921== by 0x85BF905: decode_frame (pngdec.c:297)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921== Address 0x4436c57 is 0 bytes after a block of size 567 alloc'd
==29921== at 0x40268A4: memalign (vg_replace_malloc.c:694)
==29921== by 0x402695E: posix_memalign (vg_replace_malloc.c:835)
==29921== by 0x886D047: av_malloc (mem.c:93)
==29921== by 0x85C0014: decode_frame (pngdec.c:677)
==29921== by 0x85CC6DD: frame_worker_thread (pthread.c:339)
==29921== by 0x407B953: start_thread (pthread_create.c:304)
==29921== by 0x416395D: clone (clone.S:130)
==29921==
Last message repeated 3 times
frame= 34 fps=0.0 q=0.0 size=N/A time=00:00:01.41 bitrate=N/A dup=11
drop=0 frame= 66 fps= 65 q=0.0 size=N/A time=00:00:02.75 bitrate=N/A
dup=11 drop=0 frame= 97 fps= 64 q=0.0 size=N/A time=00:00:04.04
bitrate=N/A dup=11 drop=0 frame= 128 fps= 63 q=0.0 size=N/A
time=00:00:05.33 bitrate=N/A dup=11 drop=0 frame= 143 fps= 63 q=0.0
Lsize=N/A time=00:00:05.95 bitrate=N/A dup=11 drop=0
video:9kB audio:0kB subtitle:0 global headers:0kB muxing overhead
-100.240385%
==29921==
==29921== HEAP SUMMARY:
==29921== in use at exit: 0 bytes in 0 blocks
==29921== total heap usage: 5,828 allocs, 5,828 frees, 13,536,240 bytes
allocated
==29921==
==29921== All heap blocks were freed -- no leaks are possible
==29921==
==29921== For counts of detected and suppressed errors, rerun with: -v
==29921== ERROR SUMMARY: 11076 errors from 3 contexts (suppressed: 59 from
6
}}}
{{{
(gdb) r -i ./png_fuzz.mov -f null -
Starting program: /media/sdb1/ffmpeg-HEAD-edf6fb6/ffmpeg_g -i
./png_fuzz.mov -f null -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
ffmpeg version 2.0-edf6fb6 Copyright (c) 2000-2013 the FFmpeg developers
built on Aug 24 2013 11:50:43 with gcc 4.7 (Debian 4.7.2-5)
configuration: --disable-yasm --disable-ffserver --disable-ffprobe
--enable-gpl
libavutil 52. 42.100 / 52. 42.100
libavcodec 55. 29.100 / 55. 29.100
libavformat 55. 14.102 / 55. 14.102
libavdevice 55. 3.100 / 55. 3.100
libavfilter 3. 82.102 / 3. 82.102
libswscale 2. 5.100 / 2. 5.100
libswresample 0. 17.103 / 0. 17.103
libpostproc 52. 3.100 / 52. 3.100
Input #0, mov,mp4,m4a,3gp,3g2,mj2, from './png_fuzz.mov':
Metadata:
major_brand : qt
minor_version : 537199360
compatible_brands: qt
creation_time : 2012-03-24 20:33:27
Duration: 00:00:05.96, start: 0.000000, bitrate: 7021 kb/s
Stream #0:0(eng): Video: png (png / 0x20676E70), rgba, 189x127 [SAR
2834:2834 DAR 189:127], 7019 kb/s, 24 fps, 24 tbr, 1000k tbn, 1000k tbc
(default)
Metadata:
creation_time : 2012-03-24 20:33:27
handler_name : Procedura obs�ugi skr�t�w danych Apple
[New Thread 0xb7df8b70 (LWP 29911)]
[New Thread 0xb75f8b70 (LWP 29912)]
[New Thread 0xb6df8b70 (LWP 29913)]
[New Thread 0xb65f8b70 (LWP 29914)]
[New Thread 0xb5df8b70 (LWP 29915)]
[New Thread 0xb55f8b70 (LWP 29916)]
[New Thread 0xb4df8b70 (LWP 29917)]
[New Thread 0xb45f8b70 (LWP 29918)]
[New Thread 0xb3df8b70 (LWP 29919)]
[New Thread 0xb35f8b70 (LWP 29920)]
Output #0, null, to 'pipe:':
Metadata:
major_brand : qt
minor_version : 537199360
compatible_brands: qt
encoder : Lavf55.14.102
Stream #0:0(eng): Video: rawvideo (RGBA / 0x41424752), rgba, 189x127
[SAR 1:1 DAR 189:127], q=2-31, 200 kb/s, 90k tbn, 24 tbc (default)
Metadata:
creation_time : 2012-03-24 20:33:27
handler_name : Procedura obs�ugi skr�t�w danych Apple
Stream mapping:
Stream #0:0 -> #0:0 (png -> rawvideo)
Press [q] to stop, [?] for help
[png @ 0x910cac0] inflate returned error -3
[png @ 0x910da20] chunk too big
[null @ 0x9108520] Encoder did not produce proper pts, making some up.
[png @ 0x90f46c0] inflate returned error -3
[png @ 0x90f5600] inflate returned error -3
[png @ 0x910ad40] inflate returned error -3
Error while decoding stream #0:0: Invalid data found when processing input
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x910cac0] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x910da20] Missing png signature
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x90f46c0] inflate returned error -3
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x90f5600] chunk too big
[png @ 0x910ad40] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
Error while decoding stream #0:0: Invalid data found when processing input
[png @ 0x910cac0] chunk too big
Error while decoding stream #0:0: Invalid data found when processing input
*** glibc detected *** /media/sdb1/ffmpeg-HEAD-edf6fb6/ffmpeg_g: free():
invalid pointer: 0x09148650 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x70a8a)[0xb7ea4a8a]
/lib/i386-linux-gnu/libc.so.6(+0x722e8)[0xb7ea62e8]
/lib/i386-linux-gnu/libc.so.6(cfree+0x6d)[0xb7ea93ed]
/media/sdb1/ffmpeg-HEAD-edf6fb6/ffmpeg_g[0x885fb43]
======= Memory map: ========
08048000-08ae4000 r-xp 00000000 08:11 7358 /media/sdb1/ffmpeg-HEAD-
edf6fb6/ffmpeg_g
08ae4000-08b03000 rw-p 00a9b000 08:11 7358 /media/sdb1/ffmpeg-HEAD-
edf6fb6/ffmpeg_g
08b03000-0926b000 rw-p 00000000 00:00 0 [heap]
41602000-41619000 r-xp 00000000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
41619000-4161a000 r--p 00016000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
4161a000-4161b000 rw-p 00017000 08:02 10056 /lib/i386-linux-
gnu/libz.so.1.2.7
41628000-41659000 r-xp 00000000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
41659000-4165a000 r--p 00030000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
4165a000-4165b000 rw-p 00031000 08:02 10014 /lib/i386-linux-
gnu/libncursesw.so.5.9
41673000-41676000 r-xp 00000000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
41676000-41677000 r--p 00002000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
41677000-41678000 rw-p 00003000 08:02 24959 /usr/lib/i386-linux-gnu
/libpulse-simple.so.0.0.3
4178e000-418c2000 r-xp 00000000 08:02 24566 /usr/lib/i386-linux-
gnu/libX11.so.6.3.0
418c2000-418c6000 rw-p 00133000 08:02 24566 /usr/lib/i386-linux-
gnu/libX11.so.6.3.0
418c8000-418e9000 r-xp 00000000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418e9000-418ea000 r--p 00020000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418ea000-418eb000 rw-p 00021000 08:02 25047 /usr/lib/i386-linux-
gnu/libxcb.so.1.1.0
418ed000-418ef000 r-xp 00000000 08:02 24568 /usr/lib/i386-linux-
gnu/libXau.so.6.0.0
418ef000-418f0000 rw-p 00001000 08:02 24568 /usr/lib/i386-linux-
gnu/libXau.so.6.0.0
418f2000-418f7000 r-xp 00000000 08:02 24574 /usr/lib/i386-linux-
gnu/libXdmcp.so.6.0.0
418f7000-418f8000 rw-p 00004000 08:02 24574 /usr/lib/i386-linux-
gnu/libXdmcp.so.6.0.0
41913000-41924000 r-xp 00000000 08:02 24575 /usr/lib/i386-linux-
gnu/libXext.so.6.4.0
41924000-41925000 rw-p 00010000 08:02 24575 /usr/lib/i386-linux-
gnu/libXext.so.6.4.0
41cd1000-41cd3000 r-xp 00000000 08:02 25013 /usr/lib/i386-linux-
gnu/libts-0.0.so.0.1.1
41cd3000-41cd4000 rw-p 00001000 08:02 25013 /usr/lib/i386-linux-
gnu/libts-0.0.so.0.1.1
41cd6000-41ce4000 r-xp 00000000 08:02 24578 /usr/lib/i386-linux-
gnu/libXi.so.6.1.0
41ce4000-41ce5000 rw-p 0000e000 08:02 24578 /usr/lib/i386-linux-
gnu/libXi.so.6.1.0
41f58000-41f6e000 r-xp 00000000 08:02 24654 /usr/lib/i386-linux-
gnu/libdirect-1.2.so.9.0.1
41f6e000-41f6f000 rw-p 00016000 08:02 24654 /usr/lib/i386-linux-
gnu/libdirect-1.2.so.9.0.1
41f94000-41f98000 r-xp 00000000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f98000-41f99000 r--p 00003000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f99000-41f9a000 rw-p 00004000 08:02 9978 /lib/i386-linux-
gnu/libattr.so.1.1.0
41f9c000-41fa0000 r-xp 00000000 08:02 9985 /lib/i386-linux-
gnu/libcap.so.2.22
41fa0000-41fa1000 rw-p 00003000 08:02 9985 /lib/i386-linux-
gnu/libcap.so.2.22
41fa3000-41fab000 r-xp 00000000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41fab000-41fac000 r--p 00007000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41fac000-41fad000 rw-p 00008000 08:02 10054 /lib/i386-linux-
gnu/libwrap.so.0.7.6
41faf000-41fb4000 r-xp 00000000 08:02 24589 /usr/lib/i386-linux-
gnu/libXtst.so.6.1.0
41fb4000-41fb5000 rw-p 00004000 08:02 24589 /usr/lib/i386-linux-
gnu/libXtst.so.6.1.0
4244e000-42457000 r-xp 00000000 08:02 24707 /usr/lib/i386-linux-
gnu/libfusion-1.2.so.9.0.1
42457000-42458000 rw-p 00008000 08:02 24707 /usr/lib/i386-linux-
gnu/libfusion-1.2.so.9.0.1
42489000-42491000 r-xp 00000000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42491000-42492000 r--p 00007000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42492000-42493000 rw-p 00008000 08:02 10005 /lib/i386-linux-
gnu/libjson.so.0.1.0
42495000-4249a000 r-xp 00000000 08:02 24603 /usr/lib/i386-linux-
gnu/libasyncns.so.0.3.1
4249a000-4249b000 rw-p 00004000 08:02 24603 /usr/lib/i386-linux-
gnu/libasyncns.so.0.3.1
424a1000-424a7000 r-xp 00000000 08:02 24920 /usr/lib/i386-linux-
gnu/libogg.so.0.8.0
424a7000-424a8000 rw-p 00005000 08:02 24920 /usr/lib/i386-linux-
gnu/libogg.so.0.8.0
424aa000-424d4000 r-xp 00000000 08:02 25032 /usr/lib/i386-linux-
gnu/libvorbis.so.0.4.5
424d4000-424d5000 r--p 00029000 08:02 25032 /usr/lib/i386-linux-
gnu/libvorbis.so.0.4.5
424d5000-424d6000 rw-p 0002a000 08:02 25032 /usr/lib/i386-linux-
gnu/libvorbis.so.0.4.5
424d8000-42526000 r-xp 00000000 08:02 24551 /usr/lib/i386-linux-
gnu/libFLAC.so.8.2.0
42526000-42527000 r--p 0004d000 08:02 24551 /usr/lib/i386-linux-
gnu/libFLAC.so.8.2.0
42527000-42528000 rw-p 0004e000 08:02 24551 /usr/lib/i386-linux-
gnu/libFLAC.so.8.2.0
42530000-42534000 r-xp 00000000 08:02 10053 /lib/i386-linux-
gnu/libuuid.so.1.3.0
42534000-42535000 r--p 00003000 08:02 10053 /lib/i386-linux-
gnu/libuuid.so.1.3.0
42535000-42536000 rw-p 00004000 08:02 10053 /lib/i386-linux-
gnu/libuuid.so.1.3.0
4254b000-4263e000 r-xp 00000000 08:02 24600 /usr/lib/i386-linux-
gnu/libasound.so.2.0.0
4263e000-42642000 r--p 000f2000 08:02 24600 /usr/lib/i386-linux-
gnu/libasound.so.2.0.0
42642000-42643000 rw-p 000f6000 08:02 24600 /usr/lib/i386-linux-
gnu/libasound.so.2.0.0
4266f000-426b8000 r-xp 00000000 08:02 9989 /lib/i386-linux-
gnu/libdbus-1.so.3.7.2
426b8000-426b9000 ---p 00049000 08:02 9989 /lib/i386-linux-
gnu/libdbus-1.so.3.7.2
426b9000-426ba000 r--p 00049000 08:02 9989 /lib/i386-linux-
gnu/libdbus-1.so.3.7.2
426ba000-426bb000 rw-p 0004a000 08:02 9989 /lib/i386-linux-
gnu/libdbus-1.so.3.7.2
426e9000-42705000 r-xp 00000000 08:02 9997 /lib/i386-linux-
gnu/libgcc_s.so.1
42705000-42706000 rw-p 0001b000 08:02 9997 /lib/i386-linux-
gnu/libgcc_s.so.1
427f8000-427ff000 r-xp 00000000 08:02 24562 /usr/lib/i386-linux-
gnu/libSM.so.6.0.1
427ff000-42800000 rw-p 00006000 08:02 24562 /usr/lib/i386-linux-
gnu/libSM.so.6.0.1
42802000-42818000 r-xp 00000000 08:02 24556 /usr/lib/i386-linux-
gnu/libICE.so.6.3.0
42818000-4281a000 rw-p 00015000 08:02 24556 /usr/lib/i386-linux-
gnu/libICE.so.6.3.0
4281a000-4281b000 rw-p 00000000 00:00 0
428aa000-428c7000 r-xp 00000000 08:02 10046 /lib/i386-linux-
gnu/libtinfo.so.5.9
428c7000-428c9000 r--p 0001c000 08:02 10046 /lib/i386-linux-
gnu/libtinfo.so.5.9
428c9000-428ca000 rw-p 0001e000 08:02 10046 /lib/i386-linux-
gnu/libtinfo.so.5.9
42af2000-42b75000 r-xp 00000000 08:02 24655 /usr/lib/i386-linux-
gnu/libdirectfb-1.2.so.9.0.1
42b75000-42b78000 rw-p 00082000 08:02 24655 /usr/lib/i386-linux-
gnu/libdirectfb-1.2.so.9.0.1
42bb9000-42bba000 r-xp 00000000 08:02 24565 /usr/lib/i386-linux-
gnu/libX11-xcb.so.1.0.0
42bba000-42bbb000 rw-p 00000000 08:02 24565 /usr/lib/i386-linux-
gnu/libX11-xcb.so.1.0.0
42bc5000-42c13000 r-xp 00000000 08:02 24960 /usr/lib/i386-linux-
gnu/libpulse.so.0.14.2
42c13000-42c14000 r--p 0004d000 08:02 24960 /usr/lib/i386-linux-
gnu/libpulse.so.0.14.2
42c14000-42c15000 rw-p 0004e000 08:02 24960 /usr/lib/i386-linux-
gnu/libpulse.so.0.14.2
42e38000-42f9e000 r-xp 00000000 08:02 25033 /usr/lib/i386-linux-
gnu/libvorbisenc.so.2.0.8
42f9e000-42faf000 r--p 00165000 08:02 25033 /usr/lib/i386-linux-
gnu/libvorbisenc.so.2.0.8
42faf000-42fb0000 rw-p 00176000 08:02 25033 /usr/lib/i386-linux-
gnu/libvorbisenc.so.2.0.8
42fb2000-43018000 r-xp 00000000 08:02 26819 /usr/lib/i386-linux-
gnu/pulseaudio/libpulsecommon-2.0.so
43018000-43019000 r--p 00065000 08:02 26819 /usr/lib/i386-linux-
gnu/pulseaudio/libpulsecommon-2.0.so
43019000-4301a000 rw-p 00066000 08:02 26819 /usr/lib/i386-linux-
gnu/pulseaudio/libpulsecommon-2.0.so
4308c000-430f9000 r-xp 00000000 08:02 24984 /usr/lib/i386-linux-
gnu/libsndfile.so.1.0.25
430f9000-430fb000 r--p 0006c000 08:02 24984 /usr/lib/i386-linux-
gnu/libsndfile.so.1.0.25
430fb000-430fc000 rw-p 0006e000 08:02 24984 /usr/lib/i386-linux-
gnu/libsndfile.so.1.0.25
430fc000-43100000 rw-p 00000000 00:00 0
43102000-431ea000 r-xp 00000000 08:02 10042 /lib/i386-linux-
gnu/libslang.so.2.2.4
431ea000-431ec000 r--p 000e8000 08:02 10042 /lib/i386-linux-
gnu/libslang.so.2.2.4
431ec000-431fb000 rw-p 000ea000 08:02 10042 /lib/i386-linux-
gnu/libslang.so.2.2.4
431fb000-43235000 rw-p 00000000 00:00 0
44162000-441d4000 r-xp 00000000 08:02 24561 /usr/lib/i386-linux-
gnu/libSDL-1.2.so.0.11.4
441d4000-441d5000 r--p 00071000 08:02 24561 /usr/lib/i386-linux-
gnu/libSDL-1.2.so.0.11.4
441d5000-441d6000 rw-p 00072000 08:02 24561 /usr/lib/i386-linux-
gnu/libSDL-1.2.so.0.11.4
441d6000-44200000 rw-p 00000000 00:00 0
44202000-442c9000 r-xp 00000000 08:02 24627 /usr/lib/i386-linux-
gnu/libcaca.so.0.99.18
442c9000-442ca000 rw-p 000c6000 08:02 24627 /usr/lib/i386-linux-
gnu/libcaca.so.0.99.18
442ca000-442cf000 rw-p 00000000 00:00 0
b2c00000-b2c21000 rw-p 00000000 00:00 0
b2c21000-b2d00000 ---p 00000000 00:00 0
b2df9000-b2dfa000 ---p 00000000 00:00 0
b2dfa000-b35f9000 rw-p 00000000 00:00 0 [stack:29920]
b35f9000-b35fa000 ---p 00000000 00:00 0
b35fa000-b3df9000 rw-p 00000000 00:00 0 [stack:29919]
b3df9000-b3dfa000 ---p 00000000 00:00 0
b3dfa000-b45f9000 rw-p 00000000 00:00 0 [stack:29918]
b45f9000-b45fa000 ---p 00000000 00:00 0
b45fa000-b4df9000 rw-p 00000000 00:00 0 [stack:29917]
b4df9000-b4dfa000 ---p 00000000 00:00 0
b4dfa000-b55f9000 rw-p 00000000 00:00 0 [stack:29916]
b55f9000-b55fa000 ---p 00000000 00:00 0
b55fa000-b5df9000 rw-p 00000000 00:00 0 [stack:29915]
b5df9000-b5dfa000 ---p 00000000 00:00 0
b5dfa000-b65f9000 rw-p 00000000 00:00 0 [stack:29914]
b65f9000-b65fa000 ---p 00000000 00:00 0
b65fa000-b6df9000 rw-p 00000000 00:00 0 [stack:29913]
b6df9000-b6dfa000 ---p 00000000 00:00 0
b6dfa000-b75f9000 rw-p 00000000 00:00 0 [stack:29912]
b75f9000-b75fa000 ---p 00000000 00:00 0
b75fa000-b7dfc000 rw-p 00000000 00:00 0 [stack:29911]
b7dfc000-b7e0d000 r-xp 00000000 08:02 29160 /lib/i386-linux-
gnu/libresolv-2.13.so
b7e0d000-b7e0e000 r--p 00010000 08:02 29160 /lib/i386-linux-
gnu/libresolv-2.13.so
b7e0e000-b7e0f000 rw-p 00011000 08:02 29160 /lib/i386-linux-
gnu/libresolv-2.13.so
b7e0f000-b7e12000 rw-p 00000000 00:00 0
b7e12000-b7e25000 r-xp 00000000 08:02 29162 /lib/i386-linux-
gnu/libnsl-2.13.so
b7e25000-b7e26000 r--p 00012000 08:02 29162 /lib/i386-linux-
gnu/libnsl-2.13.so
b7e26000-b7e27000 rw-p 00013000 08:02 29162 /lib/i386-linux-
gnu/libnsl-2.13.so
b7e27000-b7e2f000 rw-p 00000000 00:00 0
b7e2f000-b7e31000 r-xp 00000000 08:02 29151 /lib/i386-linux-
gnu/libdl-2.13.so
b7e31000-b7e32000 r--p 00001000 08:02 29151 /lib/i386-linux-
gnu/libdl-2.13.so
b7e32000-b7e33000 rw-p 00002000 08:02 29151 /lib/i386-linux-
gnu/libdl-2.13.so
b7e33000-b7e34000 rw-p 00000000 00:00 0
b7e34000-b7f7b000 r-xp 00000000 08:02 29158 /lib/i386-linux-
gnu/libc-2.13.so
b7f7b000-b7f7c000 ---p 00147000 08:02 29158 /lib/i386-linux-
gnu/libc-2.13.so
b7f7c000-b7f7e000 r--p 00147000 08:02 29158 /lib/i386-linux-
gnu/libc-2.13.so
b7f7e000-b7f7f000 rw-p 00149000 08:02 29158 /lib/i386-linux-
gnu/libc-2.13.so
b7f7f000-b7f82000 rw-p 00000000 00:00 0
b7f82000-b7f97000 r-xp 00000000 08:02 29148 /lib/i386-linux-
gnu/libpthread-2.13.so
b7f97000-b7f98000 r--p 00014000 08:02 29148 /lib/i386-linux-
gnu/libpthread-2.13.so
b7f98000-b7f99000 rw-p 00015000 08:02 29148 /lib/i386-linux-
gnu/libpthread-2.13.so
b7f99000-b7f9b000 rw-p 00000000 00:00 0
b7f9b000-b7fa2000 r-xp 00000000 08:02 29153 /lib/i386-linux-
gnu/librt-2.13.so
b7fa2000-b7fa3000 r--p 00006000 08:02 29153 /lib/i386-linux-
gnu/librt-2.13.so
b7fa3000-b7fa4000 rw-p 00007000 08:02 29153 /lib/i386-linux-
gnu/librt-2.13.so
b7fa4000-b7fc8000 r-xp 00000000 08:02 29155 /lib/i386-linux-
gnu/libm-2.13.so
b7fc8000-b7fc9000 r--p 00023000 08:02 29155 /lib/i386-linux-
gnu/libm-2.13.so
b7fc9000-b7fca000 rw-p 00024000 08:02 29155 /lib/i386-linux-
gnu/libm-2.13.so
b7fca000-b7fcb000 rw-p 00000000 00:00 0
b7fe0000-b7fe2000 rw-p 00000000 00:00 0
b7fe2000-b7ffe000 r-xp 00000000 08:02 29161 /lib/i386-linux-
gnu/ld-2.13.so
b7ffe000-b7fff000 r--p 0001b000 08:02 29161 /lib/i386-linux-
gnu/ld-2.13.so
b7fff000-b8000000 rw-p 0001c000 08:02 29161 /lib/i386-linux-
gnu/ld-2.13.so
bffdf000-c0000000 rw-p 00000000 00:00 0 [stack]
Program received signal SIGABRT, Aborted.
0xb7e5e667 in *__GI_raise (sig=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or
directory.
(gdb) bt
#0 0xb7e5e667 in *__GI_raise (sig=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0xb7e61a52 in *__GI_abort () at abort.c:92
#2 0xb7e9a98d in __libc_message (do_abort=2,
fmt=0xb7f61330 "*** glibc detected *** %s: %s: 0x%s ***\n")
at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3 0xb7ea4a8a in malloc_printerr (action=<optimized out>,
str=0x6 <Address 0x6 out of bounds>, ptr=0x9148650) at malloc.c:6283
#4 0xb7ea62e8 in _int_free (av=<optimized out>, p=<optimized out>)
at malloc.c:4795
#5 0xb7ea93ed in *__GI___libc_free (mem=0x9148650) at malloc.c:3738
#6 0x0885fb43 in av_buffer_unref (buf=buf@entry=0x910c5c0)
at libavutil/buffer.c:115
#7 0x085cd0be in submit_packet (avpkt=0xbffff2a8, p=0x910c4f0)
at libavcodec/pthread.c:526
#8 ff_thread_decode_frame (avctx=avctx@entry=0x91068e0,
picture=picture@entry=0x90f65e0,
got_picture_ptr=got_picture_ptr@entry=0xbffff504,
avpkt=avpkt@entry=0xbffff2a8) at libavcodec/pthread.c:602
#9 0x086778c4 in avcodec_decode_video2 (avctx=0x91068e0,
picture=picture@entry=0x90f65e0,
got_picture_ptr=got_picture_ptr@entry=0xbffff504,
avpkt=avpkt@entry=0xbffff750) at libavcodec/utils.c:1979
---Type <return> to continue, or q <return> to quit---
#10 0x080b34ed in decode_video (ist=ist@entry=0x9108c80,
pkt=pkt@entry=0xbffff750, got_output=got_output@entry=0xbffff504)
at ffmpeg.c:1668
#11 0x080b740a in output_packet (pkt=0xbffff6e8, ist=0x9108c80)
at ffmpeg.c:1866
#12 process_input (file_index=1) at ffmpeg.c:3085
#13 0x080a2cb3 in transcode_step () at ffmpeg.c:3181
#14 transcode () at ffmpeg.c:3233
#15 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:3411
(gdb)
}}}
--
Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/2903>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
http://avcodec.org/mailman/listinfo/ffmpeg-trac
