<html>
    <head>
      <base href="https://bugzilla.libav.org/" />
    </head>
    <body><span class="vcard"><a class="email" href="mailto:lu_zero@gentoo.org" title="lu_zero@gentoo.org <lu_zero@gentoo.org>"> <span class="fn">lu_zero@gentoo.org</span></a>
</span> changed
              <a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Null pointer dereference in ff_h264_execute_ref_pic_marking() #2"
   href="https://bugzilla.libav.org/show_bug.cgi?id=1036">bug 1036</a>
          <br>
             <table border="1" cellspacing="0" cellpadding="8">
          <tr>
            <th>What</th>
            <th>Removed</th>
            <th>Added</th>
          </tr>

         <tr>
           <td style="text-align:right;">CC</td>
           <td>
                
           </td>
           <td>lu_zero@gentoo.org
           </td>
         </tr></table>
      <p>
        <div>
            <b><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Null pointer dereference in ff_h264_execute_ref_pic_marking() #2"
   href="https://bugzilla.libav.org/show_bug.cgi?id=1036#c2">Comment # 2</a>
              on <a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Null pointer dereference in ff_h264_execute_ref_pic_marking() #2"
   href="https://bugzilla.libav.org/show_bug.cgi?id=1036">bug 1036</a>
              from <span class="vcard"><a class="email" href="mailto:lu_zero@gentoo.org" title="lu_zero@gentoo.org <lu_zero@gentoo.org>"> <span class="fn">lu_zero@gentoo.org</span></a>
</span></b>
        <pre>The crash is due the sps being unset.

#0  ff_h264_execute_ref_pic_marking (h=h@entry=0x33f3200) at
/usr/src/libav/libavcodec/h264_refs.c:701
#1  0x00000000009db316 in ff_h264_field_end (h=h@entry=0x33f3200, sl=0x33feaa0,
in_setup=in_setup@entry=0)
    at /usr/src/libav/libavcodec/h264_picture.c:157
#2  0x0000000000636ed2 in h264_decode_frame (avctx=0x33e37e0, data=0x33e4f40,
got_frame=0x7ffc22c3630c, avpkt=<optimized out>)
    at /usr/src/libav/libavcodec/h264dec.c:745
#3  0x00000000005b3d85 in decode_simple_internal (frame=0x33e4f40,
avctx=0x33e37e0) at /usr/src/libav/libavcodec/decode.c:335
#4  decode_simple_receive_frame (frame=<optimized out>, avctx=<optimized out>)
at /usr/src/libav/libavcodec/decode.c:386
#5  decode_receive_frame_internal (avctx=0x33e37e0, frame=0x33e4f40) at
/usr/src/libav/libavcodec/decode.c:404
#6  0x00000000005b40d8 in avcodec_send_packet (avctx=avctx@entry=0x33e37e0,
avpkt=avpkt@entry=0x7ffc22c363a0)
    at /usr/src/libav/libavcodec/decode.c:441
#7  0x0000000000547eb7 in try_decode_frame (st=st@entry=0x33e2fe0,
avpkt=avpkt@entry=0x7ffc22c36490, options=0x33e3cc0,
    s=0x33d2060) at /usr/src/libav/libavformat/utils.c:1950
#8  0x000000000054c0d7 in avformat_find_stream_info (ic=0x33d2060,
options=0x33e3cc0) at /usr/src/libav/libavformat/utils.c:2459

It is reset here

#0  0x0000000000633b9f in remove_sps (id=0, s=0x33f99d0) at
/usr/src/libav/libavcodec/h264_ps.c:122
#1  ff_h264_decode_seq_parameter_set (gb=gb@entry=0x33e4718,
avctx=avctx@entry=0x33e37e0, ps=ps@entry=0x33f99d0)
    at /usr/src/libav/libavcodec/h264_ps.c:576
#2  0x0000000000636a32 in decode_nal_units (buf_size=39, buf=<optimized out>,
h=0x33f3200)
    at /usr/src/libav/libavcodec/h264dec.c:610
#3  h264_decode_frame (avctx=0x33e37e0, data=0x33e4f40,
got_frame=0x7ffc22c3630c, avpkt=<optimized out>)
    at /usr/src/libav/libavcodec/h264dec.c:726
#4  0x00000000005b3d85 in decode_simple_internal (frame=0x33e4f40,
avctx=0x33e37e0) at /usr/src/libav/libavcodec/decode.c:335</pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are watching all bug changes.</li>
      </ul>
    </body>
</html>