[FFmpeg-devel] [PATCH v2] lavc/hevc_ps: fix process failed when SPS before VPS in hvcC

Michael Niedermayer michael at niedermayer.cc
Sat Oct 15 02:00:56 EEST 2022 

On Fri, Oct 14, 2022 at 06:13:14PM +0800, wangyaqiang wrote:
> 
> 
> > 2022年9月27日 04:21,Michael Niedermayer <michael at niedermayer.cc> 写道:
> > 
> > On Mon, Sep 26, 2022 at 05:38:14PM +0800, 1035567130 at qq.com wrote:
> >> From: Wang Yaqiang <wangyaqiang03 at kuaishou.com>
> >> 
> >> In some videos, SPS will be stored before VPS in hvcC box,
> >> parse SPS does not depend on VPS, so the video is expected to be processed normally.
> >> Added "parsed_vps" parameter to indicate whether VPS have been parsed.
> >> Only VPS have been parsed can be verified during SPS parsing.
> >> 
> >> Signed-off-by: Wang Yaqiang <wangyaqiang03 at kuaishou.com>
> >> ---
> >> libavcodec/hevc_ps.c | 3 +--
> >> 1 file changed, 1 insertion(+), 2 deletions(-)
> > 
> > This causes segfaults
> > 
> > ==816== Invalid read of size 8
> > ==816==    at 0xFAF178: hevc_parse (in ffmpeg_g)
> > ==816==    by 0xA7A2A6: av_parser_parse2 (in ffmpeg_g)
> > ==816==    by 0x5FC388: parse_packet (in ffmpeg_g)
> > ==816==    by 0x5FDC5D: read_frame_internal (in ffmpeg_g)
> > ==816==    by 0x5FFA10: avformat_find_stream_info (in ffmpeg_g)
> > ==816==    by 0x2F6054: open_input_file (in ffmpeg_g)
> > ==816==    by 0x2FC6AB: ffmpeg_parse_options (in ffmpeg_g)
> > ==816==    by 0x2E8A34: main (in ffmpeg_g)
> > ==816==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
> > 
> > 
> > [...]
> 
> Excuse me, we have run tests on our own business and have not found this problem, but it is a hidden risk,really hope you can tell me how to reproduce this problem. Thanks

heres a more complete stack trace, i willmail you the input sample privatly

Trailing option(s) found in the command: may be ignored.
[hevc @ 0x16a0ad40] Invalid NAL unit 0, skipping.
[hevc @ 0x16a0ad40] PTL information too short
==24589==    at 0x12A19DF: VALGRIND_PRINTF_BACKTRACE (valgrind.h:6303)
==24589==    by 0x12A259D: av_log_default_callback (log.c:399)
==24589==    by 0x12A2844: av_vlog (log.c:434)
==24589==    by 0x12A26A3: av_log (log.c:413)
==24589==    by 0x10A7216: parse_ptl (hevc_ps.c:342)
==24589==    by 0x10A78B4: ff_hevc_decode_nal_vps (hevc_ps.c:503)
==24589==    by 0x10A579C: parse_nal_units (hevc_parser.c:212)
==24589==    by 0x10A5B46: hevc_parse (hevc_parser.c:331)
==24589==    by 0xB82366: av_parser_parse2 (parser.c:163)
==24589==    by 0x61BD17: parse_packet (demux.c:1140)
==24589==    by 0x61C936: read_frame_internal (demux.c:1334)
==24589==    by 0x6217A7: avformat_find_stream_info (demux.c:2612)
==24589==    by 0x246A51: open_input_file (ffmpeg_opt.c:1315)
==24589==    by 0x255E38: open_files (ffmpeg_opt.c:3703)
==24589==    by 0x255FEC: ffmpeg_parse_options (ffmpeg_opt.c:3742)
==24589==    by 0x26EFEE: main (ffmpeg.c:4236)
[hevc @ 0x16a0ad40] VPS 0 does not exist
==24589== Invalid read of size 8
==24589==    at 0x10A5189: hevc_parse_slice_header (hevc_parser.c:88)
==24589==    by 0x10A584E: parse_nal_units (hevc_parser.c:245)
==24589==    by 0x10A5B46: hevc_parse (hevc_parser.c:331)
==24589==    by 0xB82366: av_parser_parse2 (parser.c:163)
==24589==    by 0x61BD17: parse_packet (demux.c:1140)
==24589==    by 0x61C936: read_frame_internal (demux.c:1334)
==24589==    by 0x6217A7: avformat_find_stream_info (demux.c:2612)
==24589==    by 0x246A51: open_input_file (ffmpeg_opt.c:1315)
==24589==    by 0x255E38: open_files (ffmpeg_opt.c:3703)
==24589==    by 0x255FEC: ffmpeg_parse_options (ffmpeg_opt.c:3742)
==24589==    by 0x26EFEE: main (ffmpeg.c:4236)
==24589==  Address 0x8 is not stack'd, malloc'd or (recently) free'd
==24589== 
==24589== 
==24589== Process terminating with default action of signal 11 (SIGSEGV)
==24589==  Access not within mapped region at address 0x8
==24589==    at 0x10A5189: hevc_parse_slice_header (hevc_parser.c:88)
==24589==    by 0x10A584E: parse_nal_units (hevc_parser.c:245)
==24589==    by 0x10A5B46: hevc_parse (hevc_parser.c:331)
==24589==    by 0xB82366: av_parser_parse2 (parser.c:163)
==24589==    by 0x61BD17: parse_packet (demux.c:1140)
==24589==    by 0x61C936: read_frame_internal (demux.c:1334)
==24589==    by 0x6217A7: avformat_find_stream_info (demux.c:2612)
==24589==    by 0x246A51: open_input_file (ffmpeg_opt.c:1315)
==24589==    by 0x255E38: open_files (ffmpeg_opt.c:3703)
==24589==    by 0x255FEC: ffmpeg_parse_options (ffmpeg_opt.c:3742)
==24589==    by 0x26EFEE: main (ffmpeg.c:4236)

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Concerning the gods, I have no means of knowing whether they exist or not
or of what sort they may be, because of the obscurity of the subject, and
the brevity of human life -- Protagoras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20221015/471c3068/attachment.sig>

More information about the ffmpeg-devel mailing list