Opened 16 years ago
Last modified 13 years ago
#1208 new defect
Error in Video Decoding: Invalid Write and Invalid Read
| Reported by: | Owned by: | reimar | |
|---|---|---|---|
| Priority: | normal | Component: | vd |
| Version: | HEAD | Severity: | normal |
| Keywords: | Cc: | catchconv-bugreports@… | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
The following report is for the SUPERB-TRUST 2008, the cyber security project.
#Error found at test case .mp4 file for mplayer version (dev-SVN-r27305-4.1.2)
valgrind report the Invalid Read.
#The test case is "72-innovation.mp4" can be found at the URL
*http://www.eecs.berkeley.edu/~sckhan/72-innovation.mp4
#Reproducible with the following command
*valgrind mplayer
Can also be run as:
*valgrind --log-file=log29 mplayer 72-innovation.mp4
#OS: Debian Etch Linux
#Valgrind output:
==21324== Memcheck, a memory error detector.
==21324== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==21324== Using LibVEX rev 1854, a library for dynamic binary translation.
==21324== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==21324== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==21324== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==21324== For more details, rerun with: -v
==21324==
==21324== My PID = 21324, parent PID = 3261. Prog and args are:
==21324== mplayer
==21324== 72-innovation.mp4
==21324==
==21324== Warning: set address range perms: large range 268435464 (undefined)
==21324== Invalid read of size 1
==21324== Stack hash: 1392381560
==21324== at 0x8434F24: fill_caches (h264.c:221)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4a35b1a is 0 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 1803710756
==21324== at 0x8434F40: fill_caches (h264.c:222)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4a35b1a is 0 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 3106009430
==21324== at 0x8434F5A: fill_caches (h264.c:223)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4a35b1a is 0 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid write of size 4
==21324== Stack hash: 34571318
==21324== at 0x843E4B4: decode_mb_skip (h264.c:4492)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45717fc is 0 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 4089718473
==21324== at 0x843E4C3: decode_mb_skip (h264.c:4493)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a38236 is 0 bytes after a block of size 6 alloc'd
==21324== Stack hash: 1195100994
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341DD3: alloc_picture (mpegvideo.c:211)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 3849898332
==21324== at 0x843E4D2: decode_mb_skip (h264.c:4494)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1b is 1 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 3455090548
==21324== at 0x844B620: hl_decode_mb (h264.c:2732)
==21324== by 0x84550CE: decode_slice (h264.c:6868)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45717fc is 0 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 2235960050
==21324== at 0x8448E1E: hl_motion (h264.c:1875)
==21324== by 0x844C138: hl_decode_mb (h264.c:2608)
==21324== by 0x84550CE: decode_slice (h264.c:6868)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45717fc is 0 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid write of size 4
==21324== Stack hash: 3080996705
==21324== at 0x843E13B: decode_mb_skip (h264.c:4465)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x456f580 is 0 bytes after a block of size 128 alloc'd
==21324== Stack hash: 4143647095
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843A9F4: alloc_tables (h264.c:2102)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid write of size 4
==21324== Stack hash: 408088271
==21324== at 0x843E141: decode_mb_skip (h264.c:4465)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x456f584 is 4 bytes after a block of size 128 alloc'd
==21324== Stack hash: 4143647095
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843A9F4: alloc_tables (h264.c:2102)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid write of size 4
==21324== Stack hash: 3732146042
==21324== at 0x843E148: decode_mb_skip (h264.c:4465)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x456f588 is 8 bytes after a block of size 128 alloc'd
==21324== Stack hash: 4143647095
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843A9F4: alloc_tables (h264.c:2102)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid write of size 4
==21324== Stack hash: 2761236517
==21324== at 0x843E14F: decode_mb_skip (h264.c:4465)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x456f58c is 12 bytes after a block of size 128 alloc'd
==21324== Stack hash: 4143647095
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843A9F4: alloc_tables (h264.c:2102)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 3242631602
==21324== at 0x8434EE6: fill_caches (h264.c:219)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4a35b1a is 0 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 1872021842
==21324== at 0x8434F06: fill_caches (h264.c:220)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4a35b1b is 1 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 946237960
==21324== at 0x84359F4: fill_caches (h264.c:220)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x45717fc is 0 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 454968717
==21324== at 0x84359DD: fill_caches (h264.c:221)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4571800 is 4 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 774728905
==21324== at 0x84359C9: fill_caches (h264.c:222)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4571800 is 4 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 283459662
==21324== at 0x84359B2: fill_caches (h264.c:223)
==21324== by 0x843E190: decode_mb_skip (h264.c:4485)
==21324== by 0x8450411: decode_mb_cavlc (h264.c:4527)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== Address 0x4571800 is 4 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 3162096898
==21324== at 0x8450541: decode_mb_cavlc (h264.c:4572)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1f is 5 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 51897805
==21324== at 0x8434EE6: fill_caches (h264.c:219)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1c is 2 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 85394487
==21324== at 0x8435998: fill_caches (h264.c:219)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45729f0 is 4 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 2976255341
==21324== at 0x8434F06: fill_caches (h264.c:220)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1d is 3 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 2050471459
==21324== at 0x84359F4: fill_caches (h264.c:220)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45729f4 is 8 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 2496615059
==21324== at 0x8434F24: fill_caches (h264.c:221)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1e is 4 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 1559202216
==21324== at 0x84359DD: fill_caches (h264.c:221)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45729f8 is 12 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 2907944255
==21324== at 0x8434F40: fill_caches (h264.c:222)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1e is 4 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 1878962404
==21324== at 0x84359C9: fill_caches (h264.c:222)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45729f8 is 12 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid read of size 1
==21324== Stack hash: 4210242929
==21324== at 0x8434F5A: fill_caches (h264.c:223)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35b1e is 4 bytes after a block of size 10 alloc'd
==21324== Stack hash: 4192036247
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x843AA14: alloc_tables (h264.c:2103)
==21324== by 0x844E17F: decode_slice_header (h264.c:3969)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324==
==21324== Invalid read of size 4
==21324== Stack hash: 1387693161
==21324== at 0x84359B2: fill_caches (h264.c:223)
==21324== by 0x8450826: decode_mb_cavlc (h264.c:4619)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x45729f8 is 12 bytes after a block of size 44 alloc'd
==21324== Stack hash: 2899467712
==21324== at 0x401C882: memalign (vg_replace_malloc.c:460)
==21324== by 0x85490B4: av_malloc (mem.c:61)
==21324== by 0x8549136: av_mallocz (mem.c:134)
==21324== by 0x8341E11: alloc_picture (mpegvideo.c:212)
==21324== by 0x83422B0: MPV_frame_start (mpegvideo.c:868)
==21324== by 0x843ACA8: frame_start (h264.c:2227)
==21324== by 0x844DD67: decode_slice_header (h264.c:4058)
==21324== by 0x84574CC: decode_nal_units (h264.c:7573)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 525688319
==21324== at 0x8452B26: decode_mb_cavlc (h264.c:555)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab0 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 3583291791
==21324== at 0x8452B36: decode_mb_cavlc (h264.c:556)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab1 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 1463286360
==21324== at 0x8452B47: decode_mb_cavlc (h264.c:557)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab2 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 3638248225
==21324== at 0x8452B58: decode_mb_cavlc (h264.c:558)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab3 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 1518242794
==21324== at 0x8452B69: decode_mb_cavlc (h264.c:559)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab4 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 3693204659
==21324== at 0x8452B7A: decode_mb_cavlc (h264.c:560)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab5 is not stack'd, malloc'd or (recently) free'd
==21324==
==21324== Invalid write of size 1
==21324== Stack hash: 1573199228
==21324== at 0x8452B8B: decode_mb_cavlc (h264.c:561)
==21324== by 0x84550BF: decode_slice (h264.c:6866)
==21324== by 0x845551B: execute_decode_slices (h264.c:7455)
==21324== by 0x8457C31: decode_nal_units (h264.c:7641)
==21324== by 0x8458834: decode_frame (h264.c:7772)
==21324== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==21324== by 0x826355C: av_find_stream_info (utils.c:1820)
==21324== by 0x81A2FD5: demux_open_lavf (demux_lavf.c:466)
==21324== by 0x811E11F: demux_open_stream (demuxer.c:811)
==21324== by 0x811E511: demux_open (demuxer.c:991)
==21324== by 0x80779AE: main (mplayer.c:3238)
==21324== Address 0x4a35ab6 is not stack'd, malloc'd or (recently) free'd
==21324== Warning: set address range perms: large range 268435496 (noaccess)
==21324==
==21324== ERROR SUMMARY: 85 errors from 36 contexts (suppressed: 19 from 1)
==21324== malloc/free: in use at exit: 73,692 bytes in 47 blocks.
==21324== malloc/free: 2,574 allocs, 2,527 frees, 287,835,670 bytes allocated.
==21324== For counts of detected errors, rerun with: -v
==21324== searching for pointers to 47 not-freed blocks.
==21324== checked 2,936,740 bytes.
==21324==
==21324== LEAK SUMMARY:
==21324== definitely lost: 30 bytes in 3 blocks.
==21324== possibly lost: 0 bytes in 0 blocks.
==21324== still reachable: 73,662 bytes in 44 blocks.
==21324== suppressed: 0 bytes in 0 blocks.
==21324== Rerun with --leak-check=full to see details of leaked memory.
*This report to inform the error found in Mplayer using the test case:
72-innovation.mp4 with Stack hash: 1573199228 and back-trace
at: decode_mb_cavlc (h264.c:561). The Error is Invalid Write and Invalid Read of different sizes.
#The bug is found in making comparison of the fuzzing tools and is a part of
the metafuzz project.
*URL at: metafuzz.com
