Hi,
I am trying to update our site copy of AreaDetector-ffmpegserver to use the latest versions of avcodec, ffmpeg, etc. The full draft patch I am using to do this is here: https://gist.github.com/daykin/3694c96bd9db8215c47abeec055360f3
When I access the MJPG server using UInt16 data type, everything runs fine. However, when I change the type to UInt8, I get segfaults and corrupted linked lists, caused by this section:
AVPacket pkt;
av_init_packet(&pkt);
pkt.data = "" // packet data will be allocated by the encoder
pkt.size = c->width * c->height;
int sts;
sts = avcodec_send_frame(c,scPicture); ####Fails here after 1-4 frames
char err[64];
if (sts) {
av_strerror(sts, err, 64*sizeof(char));
asynPrint(this->pasynUserSelf, ASYN_TRACE_ERROR,
"%s:%s: Encoding jpeg failed ... %d ... %s\n",
driverName, functionName, sts, err);
}
sts = avcodec_receive_packet(c, &pkt);
if (sts) {
av_strerror(sts, err, 64*sizeof(char));
asynPrint(this->pasynUserSelf, ASYN_TRACE_ERROR,
"%s:%s: Recv packet failed ... %d ... %s\n",
driverName, functionName, sts, err);
}
this->jpeg->dims[0].size = pkt.size;
this->jpeg->pData = pkt.data;
Valgrind output is as follows:
==3304954== Thread 75 arv_gv_stream:
==3304954== Invalid write of size 8
==3304954== at 0x483F7FB: memmove (vg_replace_strmem.c:1270)
==3304954== by 0x531853F: ??? (in /usr/lib/x86_64-linux-gnu/libaravis-0.6.so.0.0.0)
==3304954== by 0x81430BC: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.8)
==3304954== by 0x53B8EA6: start_thread (pthread_create.c:477)
==3304954== by 0x4EEBDEE: clone (clone.S:95)
==3304954== Address 0x2686f868 is 26,904 bytes inside a block of size 26,905 alloc'd
==3304954== at 0x48386AF: malloc (vg_replace_malloc.c:306)
==3304954== by 0x483ADE7: realloc (vg_replace_malloc.c:834)
==3304954== by 0x794E28F: av_buffer_realloc (in /usr/lib/x86_64-linux-gnu/libavutil.so.56.51.100)
==3304954== by 0x64986DE: av_packet_make_refcounted (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659314D: avcodec_encode_video2 (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x6593281: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659340E: avcodec_send_frame (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x4B49233: ffmpegStream::processCallbacks(NDArray*) (ffmpegServer.cpp:590)
==3304954== by 0x49E4F6E: NDPluginDriver::processTask() (NDPluginDriver.cpp:518)
==3304954== by 0x49E67BD: NDPluginDriver::run() (NDPluginDriver.cpp:935)
==3304954== by 0x4D95BA9: epicsThreadCallEntryPoint (epicsThread.cpp:83)
==3304954== by 0x4D9E679: start_routine (osdThread.c:403)
==3304954==
==3304954== Invalid write of size 8
==3304954== at 0x483F803: memmove (vg_replace_strmem.c:1270)
==3304954== by 0x531853F: ??? (in /usr/lib/x86_64-linux-gnu/libaravis-0.6.so.0.0.0)
==3304954== by 0x81430BC: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.8)
==3304954== by 0x53B8EA6: start_thread (pthread_create.c:477)
==3304954== by 0x4EEBDEE: clone (clone.S:95)
==3304954== Address 0x2686f870 is 7 bytes after a block of size 26,905 alloc'd
==3304954== at 0x48386AF: malloc (vg_replace_malloc.c:306)
==3304954== by 0x483ADE7: realloc (vg_replace_malloc.c:834)
==3304954== by 0x794E28F: av_buffer_realloc (in /usr/lib/x86_64-linux-gnu/libavutil.so.56.51.100)
==3304954== by 0x64986DE: av_packet_make_refcounted (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659314D: avcodec_encode_video2 (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x6593281: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659340E: avcodec_send_frame (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x4B49233: ffmpegStream::processCallbacks(NDArray*) (ffmpegServer.cpp:590)
==3304954== by 0x49E4F6E: NDPluginDriver::processTask() (NDPluginDriver.cpp:518)
==3304954== by 0x49E67BD: NDPluginDriver::run() (NDPluginDriver.cpp:935)
==3304954== by 0x4D95BA9: epicsThreadCallEntryPoint (epicsThread.cpp:83)
==3304954== by 0x4D9E679: start_routine (osdThread.c:403)
==3304954==
==3304954== Invalid write of size 8
==3304954== at 0x483F80B: memmove (vg_replace_strmem.c:1270)
==3304954== by 0x531853F: ??? (in /usr/lib/x86_64-linux-gnu/libaravis-0.6.so.0.0.0)
==3304954== by 0x81430BC: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.8)
==3304954== by 0x53B8EA6: start_thread (pthread_create.c:477)
==3304954== by 0x4EEBDEE: clone (clone.S:95)
==3304954== Address 0x2686f878 is 15 bytes after a block of size 26,905 alloc'd
==3304954== at 0x48386AF: malloc (vg_replace_malloc.c:306)
==3304954== by 0x483ADE7: realloc (vg_replace_malloc.c:834)
==3304954== by 0x794E28F: av_buffer_realloc (in /usr/lib/x86_64-linux-gnu/libavutil.so.56.51.100)
==3304954== by 0x64986DE: av_packet_make_refcounted (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659314D: avcodec_encode_video2 (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x6593281: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659340E: avcodec_send_frame (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x4B49233: ffmpegStream::processCallbacks(NDArray*) (ffmpegServer.cpp:590)
==3304954== by 0x49E4F6E: NDPluginDriver::processTask() (NDPluginDriver.cpp:518)
==3304954== by 0x49E67BD: NDPluginDriver::run() (NDPluginDriver.cpp:935)
==3304954== by 0x4D95BA9: epicsThreadCallEntryPoint (epicsThread.cpp:83)
==3304954== by 0x4D9E679: start_routine (osdThread.c:403)
==3304954==
==3304954== Invalid write of size 8
==3304954== at 0x483F7F3: memmove (vg_replace_strmem.c:1270)
==3304954== by 0x531853F: ??? (in /usr/lib/x86_64-linux-gnu/libaravis-0.6.so.0.0.0)
==3304954== by 0x81430BC: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.6600.8)
==3304954== by 0x53B8EA6: start_thread (pthread_create.c:477)
==3304954== by 0x4EEBDEE: clone (clone.S:95)
==3304954== Address 0x2686f880 is 23 bytes after a block of size 26,905 alloc'd
==3304954== at 0x48386AF: malloc (vg_replace_malloc.c:306)
==3304954== by 0x483ADE7: realloc (vg_replace_malloc.c:834)
==3304954== by 0x794E28F: av_buffer_realloc (in /usr/lib/x86_64-linux-gnu/libavutil.so.56.51.100)
==3304954== by 0x64986DE: av_packet_make_refcounted (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659314D: avcodec_encode_video2 (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x6593281: ??? (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x659340E: avcodec_send_frame (in /usr/lib/x86_64-linux-gnu/libavcodec.so.58.91.100)
==3304954== by 0x4B49233: ffmpegStream::processCallbacks(NDArray*) (ffmpegServer.cpp:590)
==3304954== by 0x49E4F6E: NDPluginDriver::processTask() (NDPluginDriver.cpp:518)
==3304954== by 0x49E67BD: NDPluginDriver::run() (NDPluginDriver.cpp:935)
==3304954== by 0x4D95BA9: epicsThreadCallEntryPoint (epicsThread.cpp:83)
==3304954== by 0x4D9E679: start_routine (osdThread.c:403)
==3304954==
valgrind: m_mallocfree.c:303 (get_bszB_as_is): Assertion 'bszB_lo == bszB_hi' failed.
valgrind: Heap block lo/hi size mismatch: lo = 26976, hi = 1952620617163020826.
This is probably caused by your program erroneously writing past the
end of a heap block and corrupting heap metadata. If you fix any
invalid writes reported by Memcheck, this assertion failure will
probably go away. Please try that before reporting this as a bug.
I am not very familiar with libav or ffmpegServer. Is there something obvious (e.g. array dimensions of scPicture) that needs changing?
Evan Daykin
Controls Engineer
Facility for Rare Isotope Beams
Michigan State University
640 South Shaw Lane
East Lansing, MI 48824, USA
Tel. 517-908-7678
Email: daykin at frib.msu.edu
|
![cid:image002.jpg@01D07041.57B6D750](jpgLQnaGnkanZ.jpg)
|