[libav-bugs] [Bug 677] New: XBMC quits playing corrupt stream from PVR backend due to libav

bugzilla at libav.org bugzilla at libav.org
Mon May 5 00:49:08 CEST 2014


https://bugzilla.libav.org/show_bug.cgi?id=677

           Summary: XBMC quits playing corrupt stream from PVR backend due
                    to libav
           Product: Libav
           Version: git HEAD
          Platform: All
               URL: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=7411
                    70
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: Normal
         Component: libavcodec
        AssignedTo: bugzilla at libav.org
        ReportedBy: balint at balintreczey.hu


Description from the Debian bug report:

Hi,

The problem has been originally reported at upstream [1] [2].
XBMC should keep playing the corrupt stream since otherwise errors in
broadcast signals would make watching TV impossible.
Vanilla XBMC using its in embedded FFmpeg plays the file [3] attached
to the upstream bug report.
I'm opening the bug against libav, since mplayer2 2.0-728-g2c378c7-1
also quits playing the file and valgrind avconv -i test.mkv -o
test.avi detects several memory handling errors.

The problem affects earlier libav in unstable, too, and I have not
checked libav in stable.

Thanks,
Balint

[1] http://forum.xbmc.org/showthread.php?tid=188443
[2] http://forum.xbmc.org/showthread.php?tid=177474&pid=1647027#pid1647027
[3] https://mega.co.nz/#!TQF0wTyI!nIfHTbZtgVpyeIsfCkXXzXwX9A8GbQDdeIWF1ahQy5w


Reinhard's observation:
...
I've just tried to reproduce this with latest libav/master using this test
case:

$ valgrind .build_11_alpha1/local/bin/avconv -y -i /tmp/test.mkv -f rawvideo

The provided sample is very broken with many corruptions.
Nevertheless, the only valgrind error I can see is this:

==28236== Syscall param write(buf) points to uninitialised byte(s)
==28236==    at 0x5FBB35D: ??? (syscall-template.S:81)
==28236==    by 0x4A0D52: file_write (file.c:68)
==28236==    by 0x48FB1D: ffurl_write (avio.c:240)
==28236==    by 0x4907EB: avio_write (aviobuf.c:128)
==28236==    by 0x509D33: ff_raw_write_packet (rawenc.c:28)
==28236==    by 0x4EC25C: av_interleaved_write_frame (mux.c:427)
==28236==    by 0x45C152: write_frame (avconv.c:374)
==28236==    by 0x45C9BC: poll_filters (avconv.c:582)
==28236==    by 0x44CA48: main (avconv.c:2425)
==28236==  Address 0x8463ca2 is 21,506 bytes inside a block of size
32,768 alloc'd
==28236==    at 0x4C2D110: memalign (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28236==    by 0x4C2D227: posix_memalign (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28236==    by 0xA2B93D: av_malloc (mem.c:81)
==28236==    by 0x495F98: avio_open2 (aviobuf.c:690)
==28236==    by 0x457C6E: open_output_file (avconv_opt.c:1610)
==28236==    by 0x4599C6: avconv_parse_options (avconv_opt.c:2104)
==28236==    by 0x44C678: main (avconv.c:2566)
==28236==
==28236== Syscall param write(buf) points to uninitialised byte(s)
==28236==    at 0x5FBB35D: ??? (syscall-template.S:81)
==28236==    by 0x4A0D52: file_write (file.c:68)
==28236==    by 0x48FB1D: ffurl_write (avio.c:240)
==28236==    by 0x490888: avio_flush (aviobuf.c:128)
==28236==    by 0x4EC277: av_interleaved_write_frame (mux.c:430)
==28236==    by 0x45C152: write_frame (avconv.c:374)
==28236==    by 0x45C9BC: poll_filters (avconv.c:582)
==28236==    by 0x44CA48: main (avconv.c:2425)
==28236==  Address 0x845e8a2 is 2 bytes inside a block of size 32,768 alloc'd
==28236==    at 0x4C2D110: memalign (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28236==    by 0x4C2D227: posix_memalign (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28236==    by 0xA2B93D: av_malloc (mem.c:81)
==28236==    by 0x495F98: avio_open2 (aviobuf.c:690)
==28236==    by 0x457C6E: open_output_file (avconv_opt.c:1610)
==28236==    by 0x4599C6: avconv_parse_options (avconv_opt.c:2104)
==28236==    by 0x44C678: main (avconv.c:2566)
==28236==

To me, it seems that the decoder produced wrong data (which is bad as
well), but I'm unable to see a crash in libavcodec itself.
...

-- 
Configure bugmail: https://bugzilla.libav.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.


More information about the libav-bugs mailing list