Opened 7 years ago

Closed 7 years ago

#1633 closed defect (fixed)

sp5x crash

Reported by: ami_stuff Owned by:
Priority: important Component: avcodec
Version: git-master Keywords: sp5x
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

http://samples.mplayerhq.hu/V-codecs/HuffYUV/rgb_predleft.avi

(gdb) r -vcodec sp5x -i rgb_predleft.avi -f null -
Starting program: d:\mingw\msys\1.0\ffmpeg\ffmpeg_g.exe -vcodec sp5x -i rgb_pred
left.avi -f null -
[New Thread 484.0x2e4]
ffmpeg version 0.10.2.git Copyright (c) 2000-2012 the FFmpeg developers
  built on Jun 28 2012 19:36:59 with gcc 4.6.1
  configuration: --disable-ffprobe --disable-ffplay --disable-asm
  libavutil      51. 63.100 / 51. 63.100
  libavcodec     54. 29.101 / 54. 29.101
  libavformat    54. 11.100 / 54. 11.100
  libavdevice    54.  0.100 / 54.  0.100
  libavfilter     3.  0.100 /  3.  0.100
  libswscale      2.  1.100 /  2.  1.100
  libswresample   0. 15.100 /  0. 15.100
[sp5x @ 03a3db40] mjpeg_decode_dc: bad vlc: 0:0 (03b214d8)
[sp5x @ 03a3db40] error dc
[sp5x @ 03a3db40] error y=0 x=0
Input #0, avi, from 'rgb_predleft.avi':
  Duration: 00:00:07.00, start: 0.000000, bitrate: 1512 kb/s
    Stream #0:0: Video: sp5x (HFYU / 0x55594648), yuvj420p, 200x150, 6 tbr, 6 tb
n, 6 tbc
[graph 0 input from stream 0:0 @ 03b24b00] w:200 h:150 pixfmt:yuvj420p tb:1/6 fr
:6/1 sar:0/1 sws_param:flags=2
[output stream 0:0 @ 03b24d00] No opaque field provided
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf54.11.100
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuvj420p, 200x150, q=2-31,
 200 kb/s, 90k tbn, 6 tbc
Stream mapping:
  Stream #0:0 -> #0:0 (sp5x -> rawvideo)
Press [q] to stop, [?] for help
[sp5x @ 03a3db40] mjpeg_decode_dc: bad vlc: 0:0 (03b4ecb0)
[sp5x @ 03a3db40] error dc
[sp5x @ 03a3db40] error y=0 x=0
[null @ 03b18130] Encoder did not produce proper pts, making some up.
[sp5x @ 03a3db40] error count: 268435457
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 268435472
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 268435458
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 268435460
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 66
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 268435466
[sp5x @ 03a3db40] error y=0 x=0
[sp5x @ 03a3db40] error count: 268435456
[sp5x @ 03a3db40] error y=0 x=0
warning: HEAP[ffmpeg_g.exe]:
warning: Heap block at 03B686B8 modified at 03B71748 past requested size of 9088



Program received signal SIGTRAP, Trace/breakpoint trap.
0x7c90120f in ntdll!DbgUiConnectToDbg () from C:\WINDOWS\system32\ntdll.dll
(gdb) bt
#0  0x7c90120f in ntdll!DbgUiConnectToDbg ()
   from C:\WINDOWS\system32\ntdll.dll
#1  0x7c96ee31 in ntdll!RtlpNtMakeTemporaryKey ()
   from C:\WINDOWS\system32\ntdll.dll
#2  0x7c95f8f4 in ntdll!RtlZeroHeap () from C:\WINDOWS\system32\ntdll.dll
#3  0x03b686b8 in ?? ()
#4  0x7c96f1ff in ntdll!RtlpNtMakeTemporaryKey ()
   from C:\WINDOWS\system32\ntdll.dll
#5  0x7c970456 in ntdll!RtlpNtMakeTemporaryKey ()
   from C:\WINDOWS\system32\ntdll.dll
#6  0x7c94bafc in ntdll!LdrFindEntryForAddress ()
   from C:\WINDOWS\system32\ntdll.dll
#7  0x03a30000 in ?? ()
#8  0x7c91a1ba in ntdll!RtlpUnWaitCriticalSection ()
   from C:\WINDOWS\system32\ntdll.dll
#9  0x77c1c2de in msvcrt!free () from C:\WINDOWS\system32\msvcrt.dll
#10 0x03a30000 in ?? ()
#11 0x006c96f9 in sp5x_decode_frame (avctx=0x3a3db40, data=0x3b4fcf0,
    data_size=0x22eedc, avpkt=0x22ebd8) at libavcodec/sp5xdec.c:91
#12 0x00513e77 in avcodec_decode_video2 (avctx=0x3a3db40, picture=0x3b4fcf0,
    got_picture_ptr=0x22eedc, avpkt=0x22ee10) at libavcodec/utils.c:1485
#13 0x00407bc4 in decode_video (got_output=<optimized out>,
    pkt=<optimized out>, ist=<optimized out>) at ffmpeg.c:2456
#14 output_packet (ist=0x3b18008, pkt=0x22fbd0) at ffmpeg.c:2630
#15 0x0040d44b in transcode () at ffmpeg.c:3647
#16 0x00a3bd7b in main (argc=8, argv=0x3a32850) at ffmpeg.c:5934
(gdb)

Change History (3)

comment:1 Changed 7 years ago by cehoyos

  • Component changed from undetermined to avcodec
  • Keywords sp5x added
  • Priority changed from normal to important
  • Reproduced by developer set
  • Status changed from new to open
  • Version changed from unspecified to git-master

comment:2 Changed 7 years ago by cehoyos

$ valgrind ffmpeg_g -vcodec sp5x -i rgb_predleft.avi -f null -
==19451== Memcheck, a memory error detector
==19451== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==19451== Using Valgrind-3.5.0 and LibVEX; rerun with -h for copyright info
==19451== Command: ffmpeg_g -vcodec sp5x -i rgb_predleft.avi -f null -
==19451==
ffmpeg version N-43451-g48d20b9 Copyright (c) 2000-2012 the FFmpeg developers
  built on Aug 11 2012 14:43:15 with gcc 4.6.1 (GCC)
  configuration: --cc='/usr/local/gcc-4.6.1/bin/gcc -m32' --disable-optimizations
  libavutil      51. 67.100 / 51. 67.100
  libavcodec     54. 51.100 / 54. 51.100
  libavformat    54. 23.100 / 54. 23.100
  libavdevice    54.  2.100 / 54.  2.100
  libavfilter     3.  7.100 /  3.  7.100
  libswscale      2.  1.101 /  2.  1.101
  libswresample   0. 15.100 /  0. 15.100
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x507e728)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
Input #0, avi, from 'rgb_predleft.avi':
  Duration: 00:00:07.00, start: 0.000000, bitrate: 1512 kb/s
    Stream #0:0: Video: sp5x (HFYU / 0x55594648), yuvj420p, 200x150, 6 tbr, 6 tbn, 6 tbc
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf54.23.100
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuvj420p, 200x150, q=2-31, 200 kb/s, 90k tbn, 6 tbc
Stream mapping:
  Stream #0:0 -> #0:0 (sp5x -> rawvideo)
Press [q] to stop, [?] for help
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[null @ 0x50cc460] Encoder did not produce proper pts, making some up.
[sp5x @ 0x507b620] error count: 268435457
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435472
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435458
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435460
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 66
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435466
[sp5x @ 0x507b620] error y=0 x=0
==19451== Invalid write of size 1
==19451==    at 0x8533309: sp5x_decode_frame (sp5xdec.c:84)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==  Address 0x52a6668 is 0 bytes after a block of size 37,000 alloc'd
==19451==    at 0x4CA8E9E: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x4CA8EFB: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x87F2830: av_malloc (mem.c:95)
==19451==    by 0x87F294A: av_mallocz (mem.c:199)
==19451==    by 0x8532F5C: sp5x_decode_frame (sp5xdec.c:47)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==
==19451== Invalid read of size 1
==19451==    at 0x8420A7B: ff_mjpeg_find_marker (mjpegdec.c:1528)
==19451==    by 0x8420D12: ff_mjpeg_decode_frame (mjpegdec.c:1606)
==19451==    by 0x8533346: sp5x_decode_frame (sp5xdec.c:89)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==  Address 0x52a6668 is 0 bytes after a block of size 37,000 alloc'd
==19451==    at 0x4CA8E9E: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x4CA8EFB: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x87F2830: av_malloc (mem.c:95)
==19451==    by 0x87F294A: av_mallocz (mem.c:199)
==19451==    by 0x8532F5C: sp5x_decode_frame (sp5xdec.c:47)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==
[sp5x @ 0x507b620] error count: 268435456
[sp5x @ 0x507b620] error y=0 x=0
==19451== Invalid read of size 1
==19451==    at 0x842095F: find_marker (mjpegdec.c:1490)
==19451==    by 0x84209D5: ff_mjpeg_find_marker (mjpegdec.c:1510)
==19451==    by 0x8420D12: ff_mjpeg_decode_frame (mjpegdec.c:1606)
==19451==    by 0x8533346: sp5x_decode_frame (sp5xdec.c:89)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==  Address 0x52a6668 is 0 bytes after a block of size 37,000 alloc'd
==19451==    at 0x4CA8E9E: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x4CA8EFB: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x87F2830: av_malloc (mem.c:95)
==19451==    by 0x87F294A: av_mallocz (mem.c:199)
==19451==    by 0x8532F5C: sp5x_decode_frame (sp5xdec.c:47)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==
==19451== Invalid read of size 1
==19451==    at 0x842098E: find_marker (mjpegdec.c:1492)
==19451==    by 0x84209D5: ff_mjpeg_find_marker (mjpegdec.c:1510)
==19451==    by 0x8420D12: ff_mjpeg_decode_frame (mjpegdec.c:1606)
==19451==    by 0x8533346: sp5x_decode_frame (sp5xdec.c:89)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==  Address 0x52a6668 is 0 bytes after a block of size 37,000 alloc'd
==19451==    at 0x4CA8E9E: memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x4CA8EFB: posix_memalign (in /usr/lib64/valgrind/vgpreload_memcheck-x86-linux.so)
==19451==    by 0x87F2830: av_malloc (mem.c:95)
==19451==    by 0x87F294A: av_mallocz (mem.c:199)
==19451==    by 0x8532F5C: sp5x_decode_frame (sp5xdec.c:47)
==19451==    by 0x856836B: avcodec_decode_video2 (utils.c:1509)
==19451==    by 0x805B33A: decode_video (ffmpeg.c:1549)
==19451==    by 0x805C04A: output_packet (ffmpeg.c:1734)
==19451==    by 0x8060554: process_input (ffmpeg.c:2858)
==19451==    by 0x80606D6: transcode (ffmpeg.c:2916)
==19451==    by 0x8060C38: main (ffmpeg.c:3098)
==19451==
[sp5x @ 0x507b620] error count: 268435492
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435495
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435461
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 65
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 68
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 68
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 67
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 68
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
frame=   30 fps=0.0 q=0.0 size=       0kB time=00:00:05.00 bitrate=   0.0kbits/s
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] error count: 268435465
[sp5x @ 0x507b620] error y=0 x=0
[sp5x @ 0x507b620] mjpeg_decode_dc: bad vlc: 0:0 (0x51a3108)
[sp5x @ 0x507b620] error dc
[sp5x @ 0x507b620] error y=0 x=0
frame=   42 fps=0.0 q=0.0 Lsize=       0kB time=00:00:07.00 bitrate=   0.0kbits/s
video:3kB audio:0kB subtitle:0 global headers:0kB muxing overhead -100.000000%
==19451==
==19451== HEAP SUMMARY:
==19451==     in use at exit: 0 bytes in 0 blocks
==19451==   total heap usage: 2,744 allocs, 2,744 frees, 6,054,742 bytes allocated
==19451==
==19451== All heap blocks were freed -- no leaks are possible
==19451==
==19451== For counts of detected and suppressed errors, rerun with: -v
==19451== ERROR SUMMARY: 72 errors from 4 contexts (suppressed: 3 from 3)}}}

comment:3 Changed 7 years ago by michael

  • Resolution set to fixed
  • Status changed from open to closed
Note: See TracTickets for help on using tickets.