I've got crashes in VirtualDub with xvid (I think since beta 3) with captured avis, no matter which settings I use. Scrolling over some keyframes or jumping one frame forward or backward results in a crash. Nearly in every captured avi.

It happened in every new VirtDub-Version: original, fcchandler or ~Mod. Happens mostly when I want to cut commercials ;)

I kept the avi, maybe I can send a mail to any interested devs.

Thanks a lot for your fantastic work

Olnima

P.S.:
"crash details" from the message:

An out-of-bounds memory access (access violation) occurred in module 'xvidcore'...
...while decompressing video frame 2968 with "XviD MPEG-4 Codec" [biCompression=44495658] (VideoSource.cpp:1567)...
...while running thread "Processing" (thread.cpp:120).



Here is the crash report:

VirtualDub crash report -- build 18160 (release)
--------------------------------------

Disassembly:
00f1c9a0: 6870e7f600 push 00f6e770
00f1c9a5: 57 push edi
00f1c9a6: e8aef70300 call 00f5c159
00f1c9ab: 83c414 add esp, 14
00f1c9ae: 83f802 cmp eax, 02
00f1c9b1: 7d2e jge 00f1c9e1
00f1c9b3: 8dbd74fdffff lea edi, [ebp-28c]
00f1c9b9: 8d9d80feffff lea ebx, [ebp-180]
00f1c9bf: 8d8d7cfeffff lea ecx, [ebp-184]
00f1c9c5: 8d9578feffff lea edx, [ebp-188]
00f1c9cb: 52 push edx
00f1c9cc: 51 push ecx
00f1c9cd: 53 push ebx
00f1c9ce: 6864e7f600 push 00f6e764
00f1c9d3: 57 push edi
00f1c9d4: e880f70300 call 00f5c159
00f1c9d9: 83c414 add esp, 14
00f1c9dc: 83f802 cmp eax, 02
00f1c9df: 7c21 jl 00f1ca02
00f1c9e1: 83f803 cmp eax, 03
00f1c9e4: 0f8435030000 jz 00f1cd1f
00f1c9ea: 8b55d8 mov edx, [ebp-28]
00f1c9ed: c7822845010000 mov dword ptr [edx+14528], 00000000
000000
00f1c9f7: 8b460c mov eax, [esi+0c]
00f1c9fa: 8b5e10 mov ebx, [esi+10]
00f1c9fd: e9c2020000 jmp 00f1ccc4
00f1ca02: 8b460c mov eax, [esi+0c]
00f1ca05: 8b5e10 mov ebx, [esi+10]
00f1ca08: e9b7020000 jmp 00f1ccc4
00f1ca0d: 83c008 add eax, 08
00f1ca10: 83f820 cmp eax, 20
00f1ca13: 89460c mov [esi+0c], eax
00f1ca16: 723f jc 00f1ca57
00f1ca18: 8b5604 mov edx, [esi+04]
00f1ca1b: 8b4e10 mov ecx, [esi+10]
00f1ca1e: 8916 mov [esi], edx
00f1ca20: 8b5908 mov ebx, [ecx+08] <-- FAULT
00f1ca23: 899d6cfdffff mov [ebp-294], ebx
00f1ca29: 8b856cfdffff mov eax, [ebp-294]
00f1ca2f: 0fc8 bswap eax
00f1ca31: 89856cfdffff mov [ebp-294], eax
00f1ca37: 8b956cfdffff mov edx, [ebp-294]
00f1ca3d: 8b5e10 mov ebx, [esi+10]
00f1ca40: 83c304 add ebx, 04
00f1ca43: 895604 mov [esi+04], edx
00f1ca46: 8b460c mov eax, [esi+0c]
00f1ca49: 83c0e0 add eax, e0
00f1ca4c: 895e10 mov [esi+10], ebx
00f1ca4f: 89460c mov [esi+0c], eax
00f1ca52: e96d020000 jmp 00f1ccc4
00f1ca57: 8b5e10 mov ebx, [esi+10]
00f1ca5a: e965020000 jmp 00f1ccc4
00f1ca5f: 83c020 add eax, 20
00f1ca62: 83f820 cmp eax, 20
00f1ca65: 89460c mov [esi+0c], eax
00f1ca68: 723a jc 00f1caa4
00f1ca6a: 8b5604 mov edx, [esi+04]
00f1ca6d: 8b4e10 mov ecx, [esi+10]
00f1ca70: 8916 mov [esi], edx
00f1ca72: 8b5908 mov ebx, [ecx+08]
00f1ca75: 899dbcfeffff mov [ebp-144], ebx
00f1ca7b: 8b85bcfeffff mov eax, [ebp-144]
00f1ca81: 0fc8 bswap eax
00f1ca83: 8985bcfeffff mov [ebp-144], eax
00f1ca89: 8b95bcfeffff mov edx, [ebp-144]
00f1ca8f: 8b4e10 mov ecx, [esi+10]
00f1ca92: 83c104 add ecx, 04
00f1ca95: 895604 mov [esi+04], edx
00f1ca98: 8b5e0c mov ebx, [esi+0c]
00f1ca9b: 83c3e0 add ebx, e0
00f1ca9e: 89 db 89
00f1ca9f: 4e dec esi

Windows 5.1 (Windows XP build 2600) [Service Pack 1]

EAX = 00000020
EBX = 00000000
ECX = 01013ff8
EDX = 00000000
EBP = 01b6eab8
DS:ESI = 0023:01b6eb4c
ES:EDI = 0023:00000000
SS:ESP = 0023:01b6e824
CS:EIP = 001b:00f1ca20
FS = 0038
GS = 0000
EFLAGS = 00010246
FPUCW = ffff027f
FPUTW = ffffaaaa

MM0 = 7f7f7f7f7f7f7f7f
MM1 = 8181818181818181
MM2 = 8383838383838383
MM3 = 8585858585858585
MM4 = 8585858585858585
MM5 = 8383838383838383
MM6 = 8181818181818181
MM7 = 7f7f7f7f7f7f7f7f

Crash reason: Access Violation

Crash context:
An out-of-bounds memory access (access violation) occurred in module 'xvidcore'...

...while decompressing video frame 2968 with "XviD MPEG-4 Codec" [biCompression=44495658] (VideoSource.cpp:1567)...

...while running thread "Processing" (thread.cpp:120).

Thread traces:

Thread 00000ea4 (Main thread)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1768)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1786)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\FilterSystem.cpp(569)
Thread 00000df4 (AsyncBlitter)
Thread 00000fa4 (Processing)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1598)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(1946)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2093)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2095)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2103)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2143)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(1941)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1563)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1598)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(1946)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2093)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2095)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2103)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(2143)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\Dub.cpp(1941)
C:\VC\VirtualDub-1_5_10_mod\VirtualDub\source\VideoSource.cpp(1563)
Thread 00000f38 (Dub-I/O)

Thread call stack:00f1ca20: xvidcore!xvid_decore [00ed0000+4671c+6304]
00f22c26: xvidcore!xvid_decore [00ed0000+4671c+c50a]
00f278f2: xvidcore!xvid_decore [00ed0000+4671c+111d6]
00f16974: xvidcore!xvid_decore [00ed0000+4671c+258]
00f16751: xvidcore!xvid_decore [00ed0000+4671c+35]
011e6c1c: xvidvfw!DriverProc [011e0000+6008+c14]
011e624c: xvidvfw!DriverProc [011e0000+6008+244]
77f41566: ntdll!RtlRestoreLastWin32Error [77f40000+150c+5a]
77f41566: ntdll!RtlRestoreLastWin32Error [77f40000+150c+5a]
77e5b063: kernel32!GetModuleFileNameA [77e40000+1ada9+2ba]
77e5b085: kernel32!GetModuleFileNameA [77e40000+1ada9+2dc]
77e5aeb7: kernel32!GetModuleFileNameA [77e40000+1ada9+10e]
77f45d34: ntdll!LdrUnloadDll [77f40000+57f8+53c]
77f45e3f: ntdll!RtlQueryInformationActivationContext [77f40000+5d4f+f0]
77f45e5a: ntdll!RtlQueryInformationActivationContext [77f40000+5d4f+10b]
77f662f3: ntdll!NtRequestWaitReplyPort [77f40000+262e7+c]
77f461a5: ntdll!CsrClientCallServer [77f40000+611f+86]
77e5bdd7: kernel32!CreateRemoteThread [77e40000+1bc9f+138]
77f6634d: ntdll!NtResumeThread [77f40000+26341+c]
77e5be17: kernel32!CreateRemoteThread [77e40000+1bc9f+178]
77e5be2b: kernel32!CreateRemoteThread [77e40000+1bc9f+18c]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f41778: ntdll!RtlAllocateHeap [77f40000+16a1+d7]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f41778: ntdll!RtlAllocateHeap [77f40000+16a1+d7]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f41778: ntdll!RtlAllocateHeap [77f40000+16a1+d7]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f41778: ntdll!RtlAllocateHeap [77f40000+16a1+d7]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f4248c: ntdll!_strcmpi [77f40000+20c0+3cc]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f417e6: ntdll!RtlAllocateHeap [77f40000+16a1+145]
77f4248c: ntdll!_strcmpi [77f40000+20c0+3cc]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f50bf4: ntdll!CsrCaptureMessageString [77f40000+10a8b+169]
77f6583e: ntdll!NtAllocateVirtualMemory [77f40000+25832+c]
77f46887: ntdll!RtlTimeFieldsToTime [77f40000+64ff+388]
77f4676e: ntdll!RtlTimeFieldsToTime [77f40000+64ff+26f]
77f42438: ntdll!_strcmpi [77f40000+20c0+378]
77f4248c: ntdll!_strcmpi [77f40000+20c0+3cc]
77f4248c: ntdll!_strcmpi [77f40000+20c0+3cc]
77f417b2: ntdll!RtlAllocateHeap [77f40000+16a1+111]
77f66410: ntdll!NtSetEvent [77f40000+26404+c]
77e55e43: kernel32!SetEvent [77e40000+15e37+c]
72c814e4: msacm32!wodMessage [72c80000+122a+2ba]
72c81670: msacm32!wodMessage [72c80000+122a+446]
77f4119a: ntdll!RtlNtStatusToDosError [77f40000+116b+2f]
77f4119f: ntdll!RtlNtStatusToDosError [77f40000+116b+34]
77e555d6: kernel32!DeviceIoControl [77e40000+15577+5f]
77e5a479: kernel32!ReleaseMutex [77e40000+1a44c+2d]
77e4fde1: kernel32!WinExec [77e40000+fd35+ac]
77e55615: kernel32!DeviceIoControl [77e40000+15577+9e]
77e53b1e: kernel32!lstrcpyW [77e40000+13af7+27]
73b4181d: MSVFW32!ICSendMessage [73b40000+17f4+29]
73b447c6: MSVFW32!ICDecompress [73b40000+478b+3b]
004a28a2: VideoSourceAVI::streamGetFrame()
76af2821: WINMM!waveOutWrite [76af0000+27c6+5b]
77e5a65f: kernel32!WaitForSingleObjectEx [77e40000+1a5a2+bd]
77e5a652: kernel32!WaitForSingleObjectEx [77e40000+1a5a2+b0]
77e5a652: kernel32!WaitForSingleObjectEx [77e40000+1a5a2+b0]
77e5ac21: kernel32!WaitForSingleObject [77e40000+1ac12+f]
00465613: Dubber::WriteVideoFrame()
0045d44e: AVIPipe::getReadBuffer()
00465ec1: Dubber::ThreadRun()
77f6641f: ntdll!NtSetEventBoostPriority [77f40000+26413+c]
77f41c1c: ntdll!RtlpUnWaitCriticalSection [77f40000+1bfe+1e]
77e53887: kernel32!RaiseException [77e40000+13837+50]
77f65b3b: ntdll!NtDuplicateObject [77f40000+25b2f+c]
77e5f01b: kernel32!DuplicateHandle [77e40000+1efb6+65]
004b756e: VDThread::StaticThreadStart()
004c69cc: _threadstartex@4()
77e5d33b: kernel32!RegisterWaitForInputIdle [77e40000+1d2f8+43]

-- End of report

Huh, that's a tough one. It took me some time to trace and it *looks* like decoder trying to read more bitstream data than there is available. I'm not sure though, inlined functions are difficult and I'm not good at debugging anyway.

Do you think you could send me a short scene where it happens? As I understand this is something not easy to reproduce reliably, but maybe you can find some good example? Thanks.

Radek

Hi syskin,
I have an example (1,8 MB) where the error occurs only when playing back in virtdub, NOT when I'm going frame by frame ?! at frame 40.
How can I send it to You?

Thanks for Your help

Greetz
Olnima

@olnima: if you email it to nic@nic.dnsalias.com, ill make it available to all off my site, and that may help debugging...

-Nic

...just send it to nic@nic.dnsalias.com. Hard work with a 56k modem ;)

Thanks
Olnima

P.S.: if it doesn't make an error please post here. I try to get another crash-avi.

And: use vdub(mod) 1.5.4(.1) - the versions after that are highly unstable. If you can reproduce the crashes with that vdub(mod) build, this is a real issue, else it's just the unstable virtualdub status.

Regards
Koepi

I just send a second (shorter, not zipped) one to nic that crashes in different versions (1.4xx - 1.5xx) in any case (play or jump frame by frame) allways at frame 6. My XVid-capture settings are in that mail.

Good luck ;-)

Olnima

P.S.: @Koepi:
I've just sent the same avi-mail to You.

koepi AT roeder dot here dot there...

Confirmed, that sample is definatly broken :)

(well - a :) for sysKin who will have something "real" to play around with ;) - a :( for our decoder as it has no "error checks" in sense of senity of the bitstream data given).

Thanks for your efforts, they're worth it I hop :)

Regards
Koepi

Now please make up your mind who of you three (lol) sends it to me :D

Something to play with - indeed ;)

Radek

You would never, EVER guess who makes bugs like this. No sane person ever creates bugs like this. It's not even possible to create bugs like this. If we had narrativum in our universe (like all proper universes do) it wouldn't even allow for bugs like this (see: "Science of Discworld" by Terry Pratchett, Ian Stewart & Jack Cohen)

Proundly Inventing New Bugs,
Radek,

Just to be clear - fixed and commited

http://nic.dnsalias.com/error_at_frame_40_while_playback_in_virtdub.zip
http://nic.dnsalias.com/error_2.avi

There they are for the interested parties... :)

-Nic

@syskin: just looking for new bugs but you're a little too fast for me... :-)
nice to hear that you've fixed it, thanks.

Olnima