Opened 10 years ago
Closed 9 years ago
Last modified 9 years ago
#12228 closed Bug Report - Crash (fixed)
mythtranscode lossless mpeg seg faults in v0.28-pre-2014-gcc58fb0
Reported by: | Owned by: | JYA | |
---|---|---|---|
Priority: | minor | Milestone: | 0.28 |
Component: | MythTV - Mythtranscode | Version: | Master Head |
Severity: | medium | Keywords: | mythtranscode |
Cc: | Ticket locked: | no |
Description
mythtranscode lossless mpeg seg faults in v0.28-pre-2014-gcc58fb0. In mpeg2fix.h, set_pkt it is using private code to copy the AVPacket which doesnt copy everything so later it segfaults on av_free_packet. Replace the code for the copy with av_copy_packet.
Patch Attached.
Attachments (2)
Change History (11)
Changed 10 years ago by
Attachment: | mpeg2segfault.patch added |
---|
comment:1 Changed 10 years ago by
comment:2 Changed 10 years ago by
Status: | new → infoneeded_new |
---|
The latest from master is v0.28-pre-2009-ge97f4f5, you're five commits ahead? What patches are you using?
comment:3 Changed 10 years ago by
Sorry about the version, it was taken from my patched copy. Got a clean copy from git this morning compiled and ran, problem is there and the version is v0.28-pre-2017-gccde729.
comment:4 follow-up: 5 Changed 10 years ago by
"using av_copy_packet as you did will leak as the data contained in the destination packet is never freed." The destination is "pkt", created with av_new_packet in the constructor, and freed with av_free_packet in the destructor of the class MPEG2frame, which is called from the destructor of MPEG2fixup. We might be losing the source packet though.
Im working on the backtrace.
comment:5 Changed 10 years ago by
Replying to steve_g@…:
"using av_copy_packet as you did will leak as the data contained in the destination packet is never freed." The destination is "pkt", created with av_new_packet in the constructor, and freed with av_free_packet in the destructor of the class MPEG2frame, which is called from the destructor of MPEG2fixup. We might be losing the source packet though.
Im working on the backtrace.
This is not the issue.
In the current version, the content of the new packet (data) is copied into the old packet data. There's no new memory allocation.
av_packet_copy replaces the old packet data member with the new one. The old packet data now dangling. The code isn't equivalent. You must free the old packet before calling copy. Which means that now for every copy you need to free the packet, then copy (which will allocate a new one and perform the copy.
This is inefficient and not the way to do things
comment:6 Changed 9 years ago by
Status: | infoneeded_new → new |
---|
comment:7 Changed 9 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Please provide backtrace of the crash.
using av_copy_packet as you did will leak as the data contained in the destination packet is never freed.