Opened 17 years ago

Closed 17 years ago

#719 closed defect (duplicate)

Crash on playback of a specific AVI file

Reported by: takis@… Owned by: r_togni@…
Priority: normal Component: demuxer
Version: HEAD Severity: normal
Keywords: Cc:
Blocked By: Blocking:
Reproduced by developer: no Analyzed by developer: no

Description

I downloaded the first part of a stream using mencoder:
mencoder -ovc copy -oac pcm http://a1825.phobos.apple.com/r10/Keynotes/MacworldSFKeynote2007.m4v -o bla.avi

The I tried to playback this file, which caused the current SVN version of MPlayer to crash. The bug is easily reproducible on my system, by downloading different sized small parts of that stream (5MB or so), and trying to play it.

takis@issaris:/usr/local/src/mplayer$ gdb ./mplayer
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".

(gdb) r bla.avi
Starting program: /usr/local/src/mplayer/mplayer bla.avi
[Thread debugging using libthread_db enabled]
[New Thread -1231750848 (LWP 29611)]
MPlayer dev-SVN-r21962-4.1.2 (C) 2000-2007 MPlayer Team
CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz (Family: 15, Model: 4, Stepping: 3)
CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 1 SSE2: 1
Compiled for x86 CPU with extensions: MMX MMX2 SSE SSE2

Playing bla.avi.
* glibc detected * /usr/local/src/mplayer/mplayer: double free or corruption (!prev): 0x08a17c20 *
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb75858bd]
/lib/tls/i686/cmov/libc.so.6(libc_free+0x84)[0xb7585a44]
/usr/local/src/mplayer/mplayer(free_demuxer+0x1b8)[0x818e818]
======= Memory map: ========
08048000-088a0000 r-xp 00000000 fd:02 2529325 /usr/local/src/mplayer/mplayer
088a0000-08904000 rwxp 00858000 fd:02 2529325 /usr/local/src/mplayer/mplayer
08904000-08a39000 rwxp 08904000 00:00 0 [heap]
b6600000-b6621000 rwxp b6600000 00:00 0
b6621000-b6700000 ---p b6621000 00:00 0
b67f2000-b68b4000 rwxp b67f2000 00:00 0
b68b4000-b68bb000 r-xs 00000000 fd:11 79575 /usr/lib/gconv/gconv-modules.cache
b68bb000-b68ee000 r-xp 00000000 fd:11 170862 /usr/lib/locale/en_GB.utf8/LC_CTYPE
b68ee000-b6952000 rwxp b68ee000 00:00 0
b6952000-b6955000 r-xp 00000000 fd:11 80389 /usr/lib/libgpg-error.so.0.2.0
b6955000-b6956000 rwxp 00002000 fd:11 80389 /usr/lib/libgpg-error.so.0.2.0
b6956000-b69a2000 r-xp 00000000 fd:11 80336 /usr/lib/libgcrypt.so.11.2.1
b69a2000-b69a4000 rwxp 0004b000 fd:11 80336 /usr/lib/libgcrypt.so.11.2.1
b69a4000-b69a5000 rwxp b69a4000 00:00 0
b69a5000-b69b7000 r-xp 00000000 fd:11 80442 /usr/lib/libtasn1.so.3.0.5
b69b7000-b69b8000 rwxp 00011000 fd:11 80442 /usr/lib/libtasn1.so.3.0.5
b69b8000-b6a21000 r-xp 00000000 fd:11 80385 /usr/lib/libgnutls.so.13.0.5
b6a21000-b6a27000 rwxp 00068000 fd:11 80385 /usr/lib/libgnutls.so.13.0.5
b6a27000-b6a3b000 r-xp 00000000 fd:11 80410 /usr/lib/libsasl2.so.2.0.19
b6a3b000-b6a3c000 rwxp 00014000 fd:11 80410 /usr/lib/libsasl2.so.2.0.19
b6a3c000-b6a58000 r-xp 00000000 fd:11 80632 /usr/lib/libexpat.so.1.0.0
b6a58000-b6a5a000 rwxp 0001c000 fd:11 80632 /usr/lib/libexpat.so.1.0.0
b6a5a000-b6a5b000 rwxp b6a5a000 00:00 0
b6a5b000-b6a66000 r-xp 00000000 fd:11 80391 /usr/lib/liblber.so.2.0.130
b6a66000-b6a67000 rwxp 0000b000 fd:11 80391 /usr/lib/liblber.so.2.0.130
b6a67000-b6a9b000 r-xp 00000000 fd:11 80392 /usr/lib/libldap_r.so.2.0.130
b6a9b000-b6a9c000 rwxp 00034000 fd:11 80392 /usr/lib/libldap_r.so.2.0.130
b6a9c000-b6a9e000 r-xp 00000000 08:03 32903 /lib/libcom_err.so.2.1
b6a9e000-b6a9f000 rwxp 00001000 08:03 32903 /lib/libcom_err.so.2.1
b6a9f000-b6aa3000 r-xp 00000000 fd:11 80476 /usr/lib/libkrb5support.so.0.0
b6aa3000-b6aa4000 rwxp 00003000 fd:11 80476 /usr/lib/libkrb5support.so.0.0
b6aa4000-b6ac8000 r-xp 00000000 fd:11 80473 /usr/lib/libk5crypto.so.3.0
b6ac8000-b6ac9000 rwxp 00023000 fd:11 80473 /usr/lib/libk5crypto.so.3.0
b6ac9000-b6aca000 rwxp b6ac9000 00:00 0
b6aca000-b6b44000 r-xp 00000000 fd:11 80475 /usr/lib/libkrb5.so.3.2
b6b44000-b6b46000 rwxp 0007a000 fd:11 80475 /usr/lib/libkrb5.so.3.2
b6b46000-b6b61000 r-xp 00000000 fd:11 80472 /usr/lib/libgssapi_krb5.so.2.2
b6b61000-b6b62000 rwxp 0001b000 fd:11 80472 /usr/lib/libgssapi_krb5.so.2.2
b6b62000-b6b74000 r-xp 00000000 08:03 50365 /lib/tls/i686/cmov/libnsl-2.4.so
b6b74000-b6b76000 rwxp 00011000 08:03 50365 /lib/tls/i686/cmov/libnsl-2.4.so
b6b76000-b6b78000 rwxp b6b76000 00:00 0
b6b78000-b6b87000 r-xp 00000000 08:03 50375 /lib/tls/i686/cmov/libresolv-2.4.so
b6b87000-b6b89000 rwxp 0000f000 08:03 50375 /lib/tls/i686/cmov/libresolv-2.4.so
b6b89000-b6b8b000 rwxp b6b89000 00:00 0
b6b8b000-b6b90000 r-xp 00000000 08:03 50361 /lib/tls/i686/cmov/libcrypt-2.4.so
b6b90000-b6b92000 rwxp 00004000 08:03 50361 /lib/tls/i686/cmov/libcrypt-2.4.so
b6b92000-b6bb9000 rwxp b6b92000 00:00 0
b6bb9000-b6c51000 r-xp 00000000 fd:11 181297 /usr/lib/libmp4v2.so.0.0.0
b6c51000-b6c55000 rwxp 00098000 fd:11 181297 /usr/lib/libmp4v2.so.0.0.0
b6c55000-b6c57000 rwxp b6c55000 00:00 0
b6c57000-b6c5e000 r-xp 00000000 08:03 50376 /lib/tls/i686/cmov/librt-2.4.so
b6c5e000-b6c60000 rwxp 00006000 08:03 50376 /lib/tls/i686/cmov/librt-2.4.so
b6c60000-b6c75000 r-xp 00000000 fd:11 100539 /usr/lib/libICE.so.6.3.0
b6c75000-b6c76000 rwxp 00014000 fd:11 100539 /usr/lib/libICE.so.6.3.0
b6c76000-b6c78000 rwxp b6c76000 00:00 0
b6c78000-b6c80000 r-xp 00000000 fd:11 100544 /usr/lib/libSM.so.6.0.0
b6c80000-b6c81000 rwxp 00007000 fd:11 100544 /usr/lib/libSM.so.6.0.0
b6c81000-b6c85000 r-xp 00000000 fd:11 80533 /usr/lib/libgpm.so.1.19.6
b6c85000-b6c86000 rwxp 00004000 fd:11 80533 /usr/lib/libgpm.so.1.19.6
b6c86000-b6d0f000 r-xp 00000000 08:03 32981 /lib/libslang.so.2.0.6
b6d0f000-b6d1e000 rwxp 00088000 08:03 32981 /lib/libslang.so.2.0.6
b6d1e000-b6d3f000 rwxp b6d1e000 00:00 0
b6d3f000-b6d40000 r-xp 00000000 fd:11 179800 /usr/lib/tls/libnvidia-tls.so.1.0.8774
b6d40000-b6d41000 rwxp 00000000 fd:11 179800 /usr/lib/tls/libnvidia-tls.so.1.0.8774
b6d41000-b74d0000 r-xp 00000000 fd:11 179805 /usr/lib/libGLcore.so.1.0.8774
b74d0000-b7500000 rwxp 0078f000 fd:11 179805 /usr/lib/libGLcore.so.1.0.8774
b7500000-b7504000 rwxp b7500000 00:00 0
b7504000-b7508000 r-xp 00000000 fd:11 80626 /usr/lib/libXdmcp.so.6.0.0
b7508000-b7509000 rwxp 00003000 fd:11 80626 /usr/lib/libXdmcp.so.6.0.0
b7509000-b750b000 r-xp 00000000 fd:11 80620 /usr/lib/libXau.so.6.0.0
b750b000-b750c000 rwxp 00001000 fd:11 80620 /usr/lib/libXau.so.6.0.0
b750c000-b7510000 r-xp 00000000 fd:11 115067 /usr/lib/libfusion-0.9.so.24.0.0
b7510000-b7511000 rwxp 00003000 fd:11 115067 /usr/lib/libfusion-0.9.so.24.0.0
b7511000-b7512000 rwxp b7511000 00:00 0
b7512000-b751e000 r-xp 00000000 fd:11 115065 /usr/lib/libdirect-0.9.so.24.0.0
b751e000-b751f000 rwxp 0000c000 fd:11 115065 /usr/lib/libdirect-0.9.so.24.0.0
b751f000-b764c000 r-xp 00000000 08:03 50359 /lib/tls/i686/cmov/libc-2.4.so
b764c000-b764e000 r-xp 0012c000 08:03 50359 /lib/tls/i686/cmov/libc-2.4.so
b764e000-b7650000 rwxp 0012e000 08:03 50359 /lib/tls/i686/cmov/libc-2.4.so
b7650000-b7653000 rwxp b7650000 00:00 0
b7653000-b765d000 r-xp 00000000 08:03 32923 /lib/libgcc_s.so.1
b765d000-b765e000 rwxp 00009000 08:03 32923 /lib/libgcc_s.so.1
b765e000-b7732000 r-xp 00000000 fd:11 80441 /usr/lib/libstdc++.so.6.0.8
b7732000-b7735000 r-xp 000d4000 fd:11 80441 /usr/lib/libstdc++.so.6.0.8
b7735000-b7737000 rwxp 000d7000 fd:11 80441 /usr/lib/libstdc++.so.6.0.8
b7737000-b773d000 rwxp b7737000 00:00 0
b773d000-b7741000 r-xp 00000000 fd:11 132882 /usr/lib/libogg.so.0.5.3
b7741000-b7742000 rwxp 00003000 fd:11 132882 /usr/lib/libogg.so.0.5.3
b7742000-b7779000 r-xp 00000000 fd:11 132905 /usr/lib/libtheora.so.0.2.0
b7779000-b777a000 rwxp 00037000 fd:11 132905 /usr/lib/libtheora.so.0.2.0
b777a000-b777b000 rwxp b777a000 00:00 0
b777b000-b7799000 r-xp 00000000 fd:11 115149 /usr/lib/libspeex.so.1.2.0
b7799000-b779a000 rwxp 0001e000 fd:11 115149 /usr/lib/libspeex.so.1.2.0
b779a000-b77b0000 r-xp 00000000 fd:11 160884 /usr/lib/libmad.so.0.2.1
b77b0000-b77b1000 rwxp 00015000 fd:11 160884 /usr/lib/libmad.so.0.2.1
b77b1000-b77cf000 r-xp 00000000 fd:11 80397 /usr/lib/liblzo.so.1.0.0
b77cf000-b77d0000 rwxp 0001e000 fd:11 80397 /usr/lib/liblzo.so.1.0.0
b77d0000-b77f9000 r-xp 00000000 fd:11 100488 /usr/lib/libfontconfig.so.1.0.4
b77f9000-b77fe000 rwxp 00028000 fd:11 100488 /usr/lib/libfontconfig.so.1.0.4
b77fe000-b77ff000 rwxp b77fe000 00:00 0
b77ff000-b7866000 r-xp 00000000 fd:11 100278 /usr/lib/libfreetype.so.6.3.10
b7866000-b7869000 rwxp 00067000 fd:11 100278 /usr/lib/libfreetype.so.6.3.10
b7869000-b791c000 r-xp 00000000 fd:11 80332 /usr/lib/libasound.so.2.0.0
b791c000-b7921000 rwxp 000b2000 fd:11 80332 /usr/lib/libasound.so.2.0.0
b7921000-b7922000 rwxp b7921000 00:00 0
b7922000-b7928000 r-xp 00000000 fd:11 181565 /usr/lib/libungif.so.4.1.4
b7928000-b7929000 rwxp 00006000 fd:11 181565 /usr/lib/libungif.so.4.1.4
b7929000-b7947000 r-xp 00000000 fd:11 100089 /usr/lib/libjpeg.so.62.0.0
b7947000-b7948000 rwxp 0001d000 fd:11 100089 /usr/lib/libjpeg.so.62.0.0
b7948000-b795b000 r-xp 00000000 fd:11 80262 /usr/lib/libz.so.1.2.3
b795b000-b795c000 rwxp 00012000 fd:11 80262 /usr/lib/libz.so.1.2.3
b795c000-b797e000 r-xp 00000000 fd:11 100105 /usr/lib/libpng12.so.0.1.2.8
b797e000-b797f000 rwxp 00021000 fd:11 100105 /usr/lib/libpng12.so.0.1.2.8
b797f000-b7b1a000 r-xp 00000000 fd:11 133063 /usr/lib/libsmbclient.so.0.1
b7b1a000-b7b24000 rwxp 0019a000 fd:11 133063 /usr/lib/libsmbclient.so.0.1
b7b24000-b7b35000 rwxp b7b24000 00:00 0
b7b35000-b7b6c000 r-xp 00000000 08:03 32898 /lib/libncurses.so.5.5
b7b6c000-b7b74000 rwxp 00037000 08:03 32898 /lib/libncurses.so.5.5
b7b74000-b7b76000 rwxp b7b74000 00:00 0
b7b76000-b7b84000 r-xp 00000000 fd:11 181305 /usr/lib/libfaac.so.0.0.0
b7b84000-b7b87000 rwxp 0000d000 fd:11 181305 /usr/lib/libfaac.so.0.0.0
b7b87000-b7bc1000 r-xp 00000000 fd:11 231267 /usr/lib/libopenal.so.0.0.0
b7bc1000-b7bc2000 rwxp 00039000 fd:11 231267 /usr/lib/libopenal.so.0.0.0
b7bc2000-b7bc7000 rwxp b7bc2000 00:00 0
b7bc7000-b7beb000 r-xp 00000000 08:03 50363 /lib/tls/i686/cmov/libm-2.4.so
b7beb000-b7bed000 rwxp 00023000 08:03 50363 /lib/tls/i686/cmov/libm-2.4.so
b7bed000-b7c0b000 r-xp 00000000 fd:11 108887 /usr/lib/libaudiofile.so.0.0.2
b7c0b000-b7c0d000 rwxp 0001e000 fd:11 108887 /usr/lib/libaudiofile.so.0.0.2
b7c0d000-b7c16000 r-xp 00000000 fd:11 108910 /usr/lib/libesd.so.0.2.36
b7c16000-b7c17000 rwxp 00008000 fd:11 108910 /usr/lib/libesd.so.0.2.36
b7c17000-b7ca8000 r-xp 00000000 fd:11 103318 /usr/lib/libglib-2.0.so.0.1200.4
b7ca8000-b7ca9000 rwxp 00091000 fd:11 103318 /usr/lib/libglib-2.0.so.0.1200.4
b7ca9000-b7caa000 rwxp b7ca9000 00:00 0
b7caa000-b7cae000 r-xp 00000000 fd:11 103321 /usr/lib/libgthread-2.0.so.0.1200.4
b7cae000-b7caf000 rwxp 00003000 fd:11 103321 /usr/lib/libgthread-2.0.so.0.1200.4
b7caf000-b7cb2000 r-xp 00000000 fd:11 103320 /usr/lib/libgmodule-2.0.so.0.1200.4
b7cb2000-b7cb3000 rwxp 00002000 fd:11 103320 /usr/lib/libgmodule-2.0.so.0.1200.4
b7cb3000-b7cb8000 r-xp 00000000 fd:11 165327 /usr/lib/libartsc.so.0.0.0
b7cb8000-b7cb9000 rwxp 00004000 fd:11 165327 /usr/lib/libartsc.so.0.0.0
b7cb9000-b7d03000 r-xp 00000000 fd:11 100554 /usr/lib/libXt.so.6.0.0
b7d03000-b7d07000 rwxp 00049000 fd:11 100554 /usr/lib/libXt.so.6.0.0
b7d07000-b7d1c000 r-xp 00000000 fd:11 103156 /usr/lib/libaudio.so.2.4
b7d1c000-b7d1d000 rwxp 00014000 fd:11 103156 /usr/lib/libaudio.so.2.4
b7d1d000-b7d81000 r-xp 00000000 fd:11 115130 /usr/lib/libSDL-1.2.so.0.7.3
b7d81000-b7d83000 rwxp 00064000 fd:11 115130 /usr/lib/libSDL-1.2.so.0.7.3
b7d83000-b7dac000 rwxp b7d83000 00:00 0
b7dac000-b7dc3000 r-xp 00000000 fd:11 127891 /usr/lib/libaa.so.1.0.4
b7dc3000-b7dc5000 rwxp 00017000 fd:11 127891 /usr/lib/libaa.so.1.0.4
b7dc5000-b7dc6000 rwxp b7dc5000 00:00 0
b7dc6000-b7dc8000 r-xp 00000000 08:03 50362 /lib/tls/i686/cmov/libdl-2.4.so
b7dc8000-b7dca000 rwxp 00001000 08:03 50362 /lib/tls/i686/cmov/libdl-2.4.so
b7dca000-b7e35000 r-xp 00000000 fd:11 179804 /usr/lib/libGL.so.1.0.8774
b7e35000-b7e4e000 rwxp 0006b000 fd:11 179804 /usr/lib/libGL.so.1.0.8774
b7e4e000-b7e4f000 rwxp b7e4e000 00:00 0
b7e4f000-b7e51000 r-xp 00000000 fd:11 103471 /usr/lib/libXinerama.so.1.0.0
b7e51000-b7e52000 rwxp 00001000 fd:11 103471 /usr/lib/libXinerama.so.1.0.0
b7e52000-b7e56000 r-xp 00000000 fd:11 107654 /usr/lib/libXv.so.1.0.0
b7e56000-b7e57000 rwxp 00003000 fd:11 107654 /usr/lib/libXv.so.1.0.0
b7e57000-b7e66000 r-xp 00000000 08:03 50374 /lib/tls/i686/cmov/libpthread-2.4.so
b7e66000-b7e68000 rwxp 0000f000 08:03 50374 /lib/tls/i686/cmov/libpthread-2.4.so
b7e68000-b7e6b000 rwxp b7e68000 00:00 0
b7e6b000-b7f31000 r-xp 00000000 fd:11 80630 /usr/lib/libX11.so.6.2.0
b7f31000-b7f34000 rwxp 000c5000 fd:11 80630 /usr/lib/libX11.so.6.2.0
b7f34000-b7f40000 r-xp 00000000 fd:11 100549 /usr/lib/libXext.so.6.4.0
b7f40000-b7f41000 rwxp 0000c000 fd:11 100549 /usr/lib/libXext.so.6.4.0
b7f41000-b7f8d000 r-xp 00000000 fd:11 115066 /usr/lib/libdirectfb-0.9.so.24.0.0
b7f8d000-b7f8f000 rwxp 0004b000 fd:11 115066 /usr/lib/libdirectfb-0.9.so.24.0.0
b7f9f000-b7fa1000 rwxp 00000000 00:0d 1431 /dev/zero
b7fa1000-b7fa3000 rwxp b7fa1000 00:00 0
b7fa3000-b7fbc000 r-xp 00000000 08:03 33362 /lib/ld-2.4.so
b7fbc000-b7fbe000 rwxp 00018000 08:03 33362 /lib/ld-2.4.so
bfd1d000-bfd32000 rwxp bfd1d000 00:00 0 [stack]
ffffe000-fffff000 -
Program received signal SIGABRT, Aborted.
[Switching to Thread -1231750848 (LWP 29611)]
0xffffe410 in
kernel_vsyscall ()
(gdb) bt
#0 0xffffe410 in kernel_vsyscall ()
#1 0xb7548770 in raise () from /lib/tls/i686/cmov/libc.so.6
#2 0xb7549ef3 in abort () from /lib/tls/i686/cmov/libc.so.6
#3 0xb757dd0b in
fsetlocking () from /lib/tls/i686/cmov/libc.so.6
#4 0xb75858bd in mallopt () from /lib/tls/i686/cmov/libc.so.6
#5 0xb7585a44 in free () from /lib/tls/i686/cmov/libc.so.6
#6 0x0818e818 in free_demuxer ()
#7 0x08a18630 in ?? ()
#8 0x088d61a0 in vivo_param_vformat ()
#9 0x00000000 in ?? ()
(gdb)
(gdb) info registers
eax 0x0 0
ecx 0x73ab 29611
edx 0x6 6
ebx 0x73ab 29611
esp 0xbfd2f094 0xbfd2f094
ebp 0xbfd2f0ac 0xbfd2f0ac
esi 0xbfd2f14c -1076694708
edi 0xb764eff4 -1218121740
eip 0xffffe410 0xffffe410 <kernel_vsyscall+16>
eflags 0x202 [ IF ]
cs 0x73 115
ss 0x7b 123
ds 0x7b 123
es 0x7b 123
fs 0x0 0
gs 0x33 51

Change History (1)

comment:1 by compn, 17 years ago

Resolution: duplicate
Status: newclosed

* This bug has been marked as a duplicate of bug 718 *

Note: See TracTickets for help on using tickets.