[MPlayer-dev-eng] [Bug] Analog video capture raises all kind of several glibc+process memory exceptions intermittently
Reimar Döffinger
Reimar.Doeffinger at stud.uni-karlsruhe.de
Thu Dec 13 20:35:39 CET 2007
On Mon, Dec 10, 2007 at 11:30:42PM +0100, thomas schorpp wrote:
> thomas schorpp wrote:
> > thomas schorpp wrote:
> >> thomas schorpp wrote:
> >>> (gdb) bt
> >>> #0 0x00002b0bc616ed3d in _int_free () from /lib/libc.so.6
> >>> #1 0x00002b0bc6172bdc in free () from /lib/libc.so.6
> >>> #2 0x00000000004c9146 in ds_fill_buffer (ds=0xfbda30) at
> >>> demuxer.h:265 <------- REPRODUCIBLE
> >>> #3 0x00000000004c9795 in ds_get_packet (ds=0xfbda30,
> >>> start=0x7fffe7764e60) at demuxer.c:535
> >>> #4 0x00000000005111cd in video_read_frame (sh_video=0xfbe0c0,
> >>> frame_time_ptr=0x7fffe7764e6c, start=0x7fffe7764e60,
> >>> force_fps=0) at video.c:549
> >>> #5 0x000000000043b246 in main (argc=<value optimized out>,
> >>> argv=<value optimized out>) at mencoder.c:1241
> >>
> >>>
> >>> seems the ds_get_next_pts at demuxer.c:595 buffer code is not safe.
> >>> I see no land here and use transcode until this is fixed.
Since you (originally at least) reported a _segfault_, not an abort
in free(), the problem is _not_ there, the problem is that memory used
for memory management is trashed/has been overwritten incorrectly.
valgrind may help, though it is a bit suspicious that there have been no
other reports of that problem.
> > trying extra check (useless if unnulled pointer):
> >
> > static inline void free_demux_packet(demux_packet_t* dp){
> > if (dp->master==NULL){ //dp is a master packet
> > dp->refcount--;
> > if (dp->refcount==0){
> > if (dp->buffer) free(dp->buffer);
> > if (dp) free(dp); // free(dp); schorpp
As reading "man 3 free" will tell this check is actually always
useless...
And this is not the right list for bug reports unless they come with a
fix.
Greetings,
Reimar Döffinger
More information about the MPlayer-dev-eng
mailing list