Opened 16 years ago
Closed 13 years ago
#1159 closed defect (fixed)
Error in Video Decoding: Invalid Read
| Reported by: | Owned by: | reimar | |
|---|---|---|---|
| Priority: | normal | Component: | vd |
| Version: | HEAD | Severity: | normal |
| Keywords: | Cc: | catchconv-bugreports@… | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
The following report is for the SUPERB-TRUST 2008, the cyber security project.
#Error found at test case .mqv file for mplayer version (dev-SVN-r27249-4.1.2)
valgrind report the Invalid Read.
#The test case is "110-nosound_lavf_works.mqv" can be found at the URL
*http://www.cs.berkeley.edu/~sckhan/110-nosound_lavf_works.mqv
#Reproducible with the following command
*valgrind mplayer 110-nosound_lavf_works.mqv
Can also be run as:
*valgrind --log-file=log4 mplayer 110-nosound_lavf_works.mqv
#OS: Debian Etch Linux
#Valgrind output:
==29531== Memcheck, a memory error detector.
==29531== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==29531== Using LibVEX rev 1854, a library for dynamic binary translation.
==29531== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==29531== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==29531== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==29531== For more details, rerun with: -v
==29531==
==29531== My PID = 29531, parent PID = 26719. Prog and args are:
==29531== mplayer
==29531== 110-nosound_lavf_works.mqv
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 1896900590
==29531== at 0x82B5F35: ff_emulated_edge_mc (dsputil.c:501)
==29531== by 0x834D43B: MPV_motion (mpegvideo_common.h:320)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452bdfd is 0 bytes after a block of size 77 alloc'd
==29531== Stack hash: 93707782
==29531== at 0x401C882: memalign (vg_replace_malloc.c:460)
==29531== by 0x8548F24: av_malloc (mem.c:61)
==29531== by 0x8548FA6: av_mallocz (mem.c:134)
==29531== by 0x8341F63: alloc_picture (mpegvideo.c:211)
==29531== by 0x8342440: MPV_frame_start (mpegvideo.c:868)
==29531== by 0x84125F3: ff_h263_decode_frame (h263dec.c:615)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 4042483093
==29531== at 0x82B5F35: ff_emulated_edge_mc (dsputil.c:501)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfa0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 3960043440
==29531== at 0x82B5FB0: ff_emulated_edge_mc (dsputil.c:508)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfa0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 4236039701
==29531== at 0x82B5FB5: ff_emulated_edge_mc (dsputil.c:508)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b750 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 217068666
==29531== at 0x82B5FBA: ff_emulated_edge_mc (dsputil.c:507)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfa2 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 3582085749
==29531== at 0x82B5F35: ff_emulated_edge_mc (dsputil.c:501)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfb0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 3499646096
==29531== at 0x82B5FB0: ff_emulated_edge_mc (dsputil.c:508)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfb0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 3775642357
==29531== at 0x82B5FB5: ff_emulated_edge_mc (dsputil.c:508)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b760 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 4051638618
==29531== at 0x82B5FBA: ff_emulated_edge_mc (dsputil.c:507)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfb2 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2177442907
==29531== at 0x82F12A8: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x82F15F4: put_no_rnd_pixels16_y2_mmx2 (dsputil_mmx_avg.h:833)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3474984559
==29531== at 0x82F12AC: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x82F15F4: put_no_rnd_pixels16_y2_mmx2 (dsputil_mmx_avg.h:833)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2345914466
==29531== at 0x82F12C3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x82F15F4: put_no_rnd_pixels16_y2_mmx2 (dsputil_mmx_avg.h:833)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4530070 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3643456118
==29531== at 0x82F12C7: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x82F15F4: put_no_rnd_pixels16_y2_mmx2 (dsputil_mmx_avg.h:833)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531110 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1247486722
==29531== at 0x82F12C3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452bdf8 is 72 bytes inside a block of size 77 alloc'd
==29531== Stack hash: 93707782
==29531== at 0x401C882: memalign (vg_replace_malloc.c:460)
==29531== by 0x8548F24: av_malloc (mem.c:61)
==29531== by 0x8548FA6: av_mallocz (mem.c:134)
==29531== by 0x8341F63: alloc_picture (mpegvideo.c:211)
==29531== by 0x8342440: MPV_frame_start (mpegvideo.c:868)
==29531== by 0x84125F3: ff_h263_decode_frame (h263dec.c:615)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1475093831
==29531== at 0x82F12A8: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df38 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2554884299
==29531== at 0x82F12AC: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd8 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2327277190
==29531== at 0x82F12C7: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531118 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 788300105
==29531== at 0x82F12A3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b750 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1064296366
==29531== at 0x82F12A8: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfa0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2144086834
==29531== at 0x82F12AC: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453c7f0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 836689257
==29531== at 0x82F12C3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453d040 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1916479725
==29531== at 0x82F12C7: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453d890 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1034068119
==29531== at 0x82F12A3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x8348062: MPV_motion (mpegvideo_common.h:359)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b760 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1310064380
==29531== at 0x82F12A8: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x8348062: MPV_motion (mpegvideo_common.h:359)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfb0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2389854848
==29531== at 0x82F12AC: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x8348062: MPV_motion (mpegvideo_common.h:359)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453c800 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1082457271
==29531== at 0x82F12C3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x8348062: MPV_motion (mpegvideo_common.h:359)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453d8a0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 3386467869
==29531== at 0x82B5F35: ff_emulated_edge_mc (dsputil.c:501)
==29531== by 0x8348566: MPV_motion (mpegvideo_common.h:228)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1634449793
==29531== at 0x82F12A8: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2714240261
==29531== at 0x82F12AC: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1406842684
==29531== at 0x82F12C3: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4530070 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2486633152
==29531== at 0x82F12C7: put_no_rnd_pixels8_y2_mmx2 (dsputil_mmx_avg.h:627)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531110 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 500159180
==29531== at 0x82B60C4: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x8348566: MPV_motion (mpegvideo_common.h:228)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df37 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 1579949648
==29531== at 0x82B60C8: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x8348566: MPV_motion (mpegvideo_common.h:228)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df38 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 3305559197
==29531== at 0x82B60C4: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D43B: MPV_motion (mpegvideo_common.h:320)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452bdfe is 1 bytes after a block of size 77 alloc'd
==29531== Stack hash: 93707782
==29531== at 0x401C882: memalign (vg_replace_malloc.c:460)
==29531== by 0x8548F24: av_malloc (mem.c:61)
==29531== by 0x8548FA6: av_mallocz (mem.c:134)
==29531== by 0x8341F63: alloc_picture (mpegvideo.c:211)
==29531== by 0x8342440: MPV_frame_start (mpegvideo.c:868)
==29531== by 0x84125F3: ff_h263_decode_frame (h263dec.c:615)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 90382369
==29531== at 0x82B60C8: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D43B: MPV_motion (mpegvideo_common.h:320)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452bdff is 2 bytes after a block of size 77 alloc'd
==29531== Stack hash: 93707782
==29531== at 0x401C882: memalign (vg_replace_malloc.c:460)
==29531== by 0x8548F24: av_malloc (mem.c:61)
==29531== by 0x8548FA6: av_mallocz (mem.c:134)
==29531== by 0x8341F63: alloc_picture (mpegvideo.c:211)
==29531== by 0x8342440: MPV_frame_start (mpegvideo.c:868)
==29531== by 0x84125F3: ff_h263_decode_frame (h263dec.c:615)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 1156174404
==29531== at 0x82B60C4: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b757 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 2235964872
==29531== at 0x82B60C8: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D4BE: MPV_motion (mpegvideo_common.h:327)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b758 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 695777060
==29531== at 0x82B60C4: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b767 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid write of size 1
==29531== Stack hash: 1775567528
==29531== at 0x82B60C8: ff_emulated_edge_mc (dsputil.c:527)
==29531== by 0x834D51E: MPV_motion (mpegvideo_common.h:332)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b768 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3433964014
==29531== at 0x82F1B2F: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452bdf8 is 72 bytes inside a block of size 77 alloc'd
==29531== Stack hash: 93707782
==29531== at 0x401C882: memalign (vg_replace_malloc.c:460)
==29531== by 0x8548F24: av_malloc (mem.c:61)
==29531== by 0x8548FA6: av_mallocz (mem.c:134)
==29531== by 0x8341F63: alloc_picture (mpegvideo.c:211)
==29531== by 0x8342440: MPV_frame_start (mpegvideo.c:868)
==29531== by 0x84125F3: ff_h263_decode_frame (h263dec.c:615)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1225993926
==29531== at 0x82F1B07: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2305784394
==29531== at 0x82F1B0B: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df38 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3685765699
==29531== at 0x82F1B24: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1274383078
==29531== at 0x82F1B27: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd8 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2354173546
==29531== at 0x82F1B2B: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4530070 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2557586079
==29531== at 0x82F1B00: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531110 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 146203458
==29531== at 0x82F1B03: put_pixels16_mmx (dsputil_mmx.c:385)
==29531== by 0x834CB19: MPV_motion (mpegvideo_common.h:354)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531118 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 401186889
==29531== at 0x82F11A3: put_no_rnd_pixels8_x2_mmx2 (dsputil_mmx_avg.h:559)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b750 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2284771564
==29531== at 0x82F11A6: put_no_rnd_pixels8_x2_mmx2 (dsputil_mmx_avg.h:559)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453bfa0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3364562032
==29531== at 0x82F11AA: put_no_rnd_pixels8_x2_mmx2 (dsputil_mmx_avg.h:559)
==29531== by 0x834CB5C: MPV_motion (mpegvideo_common.h:357)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453b751 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1440893185
==29531== at 0x82F124D: put_pixels8_y2_mmx2 (dsputil_mmx_avg.h:595)
==29531== by 0x8348062: MPV_motion (mpegvideo_common.h:359)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x453d8a0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2796679914
==29531== at 0x82F1231: put_pixels8_y2_mmx2 (dsputil_mmx_avg.h:595)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is 656 bytes inside a block of size 816 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 3876470382
==29531== at 0x82F1235: put_pixels8_y2_mmx2 (dsputil_mmx_avg.h:595)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd0 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 685488130
==29531== at 0x82F1249: put_pixels8_y2_mmx2 (dsputil_mmx_avg.h:595)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4530070 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1765278598
==29531== at 0x82F124D: put_pixels8_y2_mmx2 (dsputil_mmx_avg.h:595)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x4531110 is not stack'd, malloc'd or (recently) free'd
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 196162689
==29531== at 0x82EEDA8: put_no_rnd_pixels8_xy2_mmx (dsputil_mmx_rnd.h:242)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is 656 bytes inside a block of size 816 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1275953157
==29531== at 0x82EEDAC: put_no_rnd_pixels8_xy2_mmx (dsputil_mmx_rnd.h:242)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df31 is 657 bytes inside a block of size 816 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 1900529407
==29531== at 0x82EEDE6: put_no_rnd_pixels8_xy2_mmx (dsputil_mmx_rnd.h:242)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd0 is 552 bytes inside a block of size 1,795 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 8
==29531== Stack hash: 2980319875
==29531== at 0x82EEDEA: put_no_rnd_pixels8_xy2_mmx (dsputil_mmx_rnd.h:242)
==29531== by 0x83485BB: MPV_motion (mpegvideo_common.h:236)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452efd1 is 553 bytes inside a block of size 1,795 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 3304028216
==29531== at 0x82B5FB0: ff_emulated_edge_mc (dsputil.c:508)
==29531== by 0x8348566: MPV_motion (mpegvideo_common.h:228)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df30 is 656 bytes inside a block of size 816 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== Invalid read of size 1
==29531== Stack hash: 3856020738
==29531== at 0x82B5FBA: ff_emulated_edge_mc (dsputil.c:507)
==29531== by 0x8348566: MPV_motion (mpegvideo_common.h:228)
==29531== by 0x834FCAA: MPV_decode_mb (mpegvideo.c:1838)
==29531== by 0x84114F4: decode_slice (h263dec.c:243)
==29531== by 0x8412630: ff_h263_decode_frame (h263dec.c:636)
==29531== by 0x82ED5EF: avcodec_decode_video (utils.c:897)
==29531== by 0x8199209: decode (vd_ffmpeg.c:781)
==29531== by 0x80DB7AA: decode_video (dec_video.c:369)
==29531== by 0x80786A6: main (mplayer.c:1761)
==29531== Address 0x452df32 is 658 bytes inside a block of size 816 free'd
==29531== Stack hash: 945276342
==29531== at 0x401D43C: free (vg_replace_malloc.c:323)
==29531== by 0x811EB0F: ds_fill_buffer (demuxer.h:286)
==29531== by 0x811F117: ds_get_packet_pts (demuxer.c:619)
==29531== by 0x8078660: main (mplayer.c:1751)
==29531==
==29531== ERROR SUMMARY: 31877 errors from 222 contexts (suppressed: 19 from 1)
==29531== malloc/free: in use at exit: 32,926 bytes in 14 blocks.
==29531== malloc/free: 4,685 allocs, 4,671 frees, 25,436,394 bytes allocated.
==29531== For counts of detected errors, rerun with: -v
==29531== searching for pointers to 14 not-freed blocks.
==29531== checked 2,861,924 bytes.
==29531==
==29531== LEAK SUMMARY:
==29531== definitely lost: 0 bytes in 0 blocks.
==29531== possibly lost: 0 bytes in 0 blocks.
==29531== still reachable: 32,926 bytes in 14 blocks.
==29531== suppressed: 0 bytes in 0 blocks.
==29531== Rerun with --leak-check=full to see details of leaked memory.
#The above valgrind output is saved as a log file(log4) and can be found at
URL:
*http://www.eecs.berkeley.edu/~sckhan/log4
#One of the bugs my colleague reported is inrelation to: Stack hash: 945276342
at 0x401D43C: free (vg_replace_malloc.c:323), however, there are some other errors which have not been reported or fixed as yet. Errors locateed in: Stack hash: 3856020738 at 0x82B5FBA: ff_emulated_edge_mc (dsputil.c:507) and the steps in back tracks errors should be considered to fix in future mplayer version. The main reason for the crash in this report is because of the error in vedio decoder in terms of Invalid Read (Invalid Read of different sizes).
The previous report for the error in Stack hash: 945276342
at 0x401D43C: free (vg_replace_malloc.c:323) and the current report used different test cases.
#The bug is found in making comparison of the fuzzing tools and is a part of the
metafuzz project.
*URL at: metafuzz.com
Change History (2)
comment:1 by , 13 years ago
| Owner: | changed from to |
|---|
comment:2 by , 13 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
No more issues in current version.
Tested with sample at
http://www.metafuzz.com/testcases/178672-110-3696058086-InvalidRead.tgz