Bug#677035: libavcodec52: SEGV when encoding video
This issue was fixed five years ago in FFmpeg, please close this bug.
Bug#677035: libavcodec52: SEGV when encoding video
Package: libavcodec52 Version: 4:0.5.8-1 Severity: normal When transcoding an MP4 stream (h264 + aac), to avi (mpeg4 + mp3lame), I get a SEGV in sad16_sse2(). Please note that I have rebuilt ffmpeg-0.5.8-1 (via dpkg-buildpackage) in order to include libmp3lame. Here is the command line: /usr/bin/ffmpeg -i abc.mp4 -acodec libmp3lame -ab 128k -vcodec mpeg4 \ -g 250 -bf 2 -qmin 1 -b 800k -s 626x360 abc.avi Here are stdout and stderr: [...] Seems stream 0 codec frame rate differs from container frame rate: 50.00 (50/1) - 25.00 (25/1) Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'abc.mp4': Duration: 01:39:38.28, start: 0.00, bitrate: 564 kb/s Stream #0.0(und): Video: h264, yuv420p, 626x360, 25 tbr, 25 tbn, 50 tbc Stream #0.1(und): Audio: aac, 44100 Hz, stereo, s16 File 'abc.avi' already exists. Overwrite ? [y/N] y Output #0, avi, to 'abc.avi': Stream #0.0(und): Video: mpeg4, yuv420p, 626x360, q=1-31, 800 kb/s, 90k tbn, 25 tbc Stream #0.1(und): Audio: libmp3lame, 44100 Hz, stereo, s16, 128 kb/s Stream mapping: Stream #0.0 - #0.0 Stream #0.1 - #0.1 Press [q] to stop encoding Segmentation fault Here is information from gdb: (gdb) run [...] Program received signal SIGSEGV, Segmentation fault. 0xb7a4f0e9 in sad16_sse2 (v=0x0, blk2=0xb5d08ca2 '\020' repeats 200 times..., blk1=0xb5d8cca2 '\020' repeats 46 times, '\021' repeats 20 times, '\020' repeats 134 times..., stride=672, h=16) at /tmp/f/ffmpeg-0.5.8/libavcodec/x86/motion_est_mmx.c:95 95 __asm__ volatile( (gdb) bt #0 0xb7a4f0e9 in sad16_sse2 (v=0x0, blk2=0xb5d08ca2 '\020' repeats 200 times..., blk1=0xb5d8cca2 '\020' repeats 46 times, '\021' repeats 20 times, '\020' repeats 134 times..., stride=672, h=16) at /tmp/f/ffmpeg-0.5.8/libavcodec/x86/motion_est_mmx.c:95 #1 0xb787b786 in mpeg4_encode_mb (s=0x808d4e0, block=0x80e0e10, motion_x=0, motion_y=0) at /tmp/f/ffmpeg-0.5.8/libavcodec/h263.c:1075 #2 0xb77800b9 in encode_mb_internal (c=0x8083fc0, arg=0x808d5b4) at /tmp/f/ffmpeg-0.5.8/libavcodec/mpegvideo_enc.c:1695 #3 encode_mb (c=0x8083fc0, arg=0x808d5b4) at /tmp/f/ffmpeg-0.5.8/libavcodec/mpegvideo_enc.c:1732 #4 encode_thread (c=0x8083fc0, arg=0x808d5b4) at /tmp/f/ffmpeg-0.5.8/libavcodec/mpegvideo_enc.c:2554 #5 0xb770496e in avcodec_default_execute (c=0x8083fc0, func=0xb777d930 encode_thread, arg=0x10, ret=0xb5d8cca2, count=1, size=4) at /tmp/f/ffmpeg-0.5.8/libavcodec/utils.c:392 #6 0xb776c387 in encode_picture (avctx=0x8083fc0, buf=0xb688b020 , buf_size=1352360, data=0xbfffe4dc) at /tmp/f/ffmpeg-0.5.8/libavcodec/mpegvideo_enc.c:2912 #7 MPV_encode_picture (avctx=0x8083fc0, buf=0xb688b020 , buf_size=1352360, data=0xbfffe4dc) at /tmp/f/ffmpeg-0.5.8/libavcodec/mpegvideo_enc.c:1214 #8 0xb7706203 in avcodec_encode_video (avctx=0x8083fc0, buf=0xb688b020 , buf_size=1352360, pict=0xbfffe4dc) at /tmp/f/ffmpeg-0.5.8/libavcodec/utils.c:508 #9 0x0804e166 in do_video_out (s=value optimized out, ost=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece. ) at /tmp/f/ffmpeg-0.5.8/ffmpeg.c:974 #10 0x080507e0 in output_packet (ist=0x8082db0, ist_index=value optimized out, ost_table=value optimized out, nb_ostreams=2, pkt=0xb408) at /tmp/f/ffmpeg-0.5.8/ffmpeg.c:1358 #11 0x08054902 in av_encode (nb_output_files=value optimized out, nb_input_files=value optimized out, nb_stream_maps=value optimized out, stream_maps=value optimized out, input_files=value optimized out, output_files=value optimized out) at /tmp/f/ffmpeg-0.5.8/ffmpeg.c:2153 #12 0x08054dd4 in main (argc=20, argv=0xb5d4) at /tmp/f/ffmpeg-0.5.8/ffmpeg.c:3928 -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages libavcodec52 depends on: ii libavu 4:0.5.8-1 ffmpeg utility library ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libdir 1.0.2-3 open and royalty free high quality ii libfaa 2.7-6 freeware Advanced Audio Decoder - ii libgsm 1.0.13-3 Shared libraries for GSM speech co ii libmp3 3.98.4+repack2-3~bpo60+1 MP3 encoding library ii libope 0.1.2-1 Adaptive Multi Rate speech codec - ii libope 0.1.2-1 Adaptive Multi-Rate - Wideband spe ii libope 1.3+dfsg-4JPEG 2000 image compression/decomp ii libsch 1.0.9-2 library for encoding/decoding of D ii libspe 1.2~rc1-1 The Speex codec runtime library ii libthe 1.1.1+dfsg.1-3The Theora Video Compression Codec ii libvor 1.3.1-1+squeeze1 The Vorbis General Audio Compressi ii libvor
Bug#677035: libavcodec52: SEGV when encoding video
On Mon, Jun 11, 2012 at 11:40 AM, giuseppe bonacci g.bona...@libero.it wrote: Package: libavcodec52 Version: 4:0.5.8-1 Severity: normal When transcoding an MP4 stream (h264 + aac), to avi (mpeg4 + mp3lame), I get a SEGV in sad16_sse2(). Please note that I have rebuilt ffmpeg-0.5.8-1 (via dpkg-buildpackage) in order to include libmp3lame. In order to check if that bug has already been fixed upstream, could you please install the libavcodec-extra-53 package from backports.org and check if the segmentation fault still occurs? -- regards, Reinhard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#677035: libavcodec52: SEGV when encoding video
On Mon, Jun 11, 2012 at 12:05:05PM +0200, Reinhard Tartler wrote: In order to check if that bug has already been fixed upstream, could you please install the libavcodec-extra-53 package from backports.org and check if the segmentation fault still occurs? I've just tried libav-tools 4:0.8-2~bpo60+1 and libavcodec53 segfaults too, so perhaps the problem is present upstream. After my submission, I've noticed that it crashes with horizontal sizes 626, 632, and 852, but not with sizes 624 and 640. Coupled with the name of the top-of-stack function (sad16_sse2), that suggests a workaround: use horizontal sizes that are multiples of 16. Although I've had no time to examine the code (and I'm no expert in assembly) I guess that the problem might be caused by a wrongly aligned or sized buffer. Regards, g -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#677035: libavcodec52: SEGV when encoding video
tag 677035 upstream stop On Mon, Jun 11, 2012 at 3:04 PM, g.bona...@libero.it wrote: On Mon, Jun 11, 2012 at 12:05:05PM +0200, Reinhard Tartler wrote: In order to check if that bug has already been fixed upstream, could you please install the libavcodec-extra-53 package from backports.org and check if the segmentation fault still occurs? I've just tried libav-tools 4:0.8-2~bpo60+1 and libavcodec53 segfaults too, so perhaps the problem is present upstream. After my submission, I've noticed that it crashes with horizontal sizes 626, 632, and 852, but not with sizes 624 and 640. Coupled with the name of the top-of-stack function (sad16_sse2), that suggests a workaround: use horizontal sizes that are multiples of 16. Although I've had no time to examine the code (and I'm no expert in assembly) I guess that the problem might be caused by a wrongly aligned or sized buffer. That's an interesting observation. This bug needs to be forwarded upstream. http://bugzilla.libav.org -- regards, Reinhard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#677035: libavcodec52: SEGV when encoding video
On Mon, Jun 11, 2012 at 4:27 PM, Reinhard Tartler siret...@gmail.com wrote: tag 677035 upstream stop On Mon, Jun 11, 2012 at 3:04 PM, g.bona...@libero.it wrote: On Mon, Jun 11, 2012 at 12:05:05PM +0200, Reinhard Tartler wrote: In order to check if that bug has already been fixed upstream, could you please install the libavcodec-extra-53 package from backports.org and check if the segmentation fault still occurs? I've just tried libav-tools 4:0.8-2~bpo60+1 and libavcodec53 segfaults too, so perhaps the problem is present upstream. After my submission, I've noticed that it crashes with horizontal sizes 626, 632, and 852, but not with sizes 624 and 640. Coupled with the name of the top-of-stack function (sad16_sse2), that suggests a workaround: use horizontal sizes that are multiples of 16. Although I've had no time to examine the code (and I'm no expert in assembly) I guess that the problem might be caused by a wrongly aligned or sized buffer. That's an interesting observation. This bug needs to be forwarded upstream. http://bugzilla.libav.org For comepleteness, Johan Andersson provided on #libav-devel the following additional information: 16:27 siretart can someone reproduce the segfault in the mpeg4 encoder described in http://bugs.debian.org/677035? 16:35 spaam siretart: yes 16:35 spaam i got it on my machine 16:36 siretart spaam: thanks 16:36 spaam siretart: http://eead3b13c12480ac.paste.se/ backtrace :) The backtrace for 0.5.8 therefore looks like this: (gdb) run Starting program: /home/johan/dev/libav/ffmpeg_g -i ../../big_buck_bunny_1080p_h264.mov -an -vcodec mpeg4 -vcodec mpeg4 -g 250 -bf 2 -qmin 1 -b 800k -s 626x360 abc.avi [Thread debugging using libthread_db enabled] Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1. FFmpeg version 0.5.8, Copyright (c) 2000-2009 Fabrice Bellard, et al. configuration: libavutil 49.15. 0 / 49.15. 0 libavcodec52.20. 1 / 52.20. 1 libavformat 52.31. 0 / 52.31. 0 libavdevice 52. 1. 0 / 52. 1. 0 built on Jun 11 2012 16:34:04, gcc: 4.6.3 Seems stream 0 codec frame rate differs from container frame rate: 48.00 (48/1) - 24.00 (24/1) Input #0, mov,mp4,m4a,3gp,3g2,mj2, from '../../big_buck_bunny_1080p_h264.mov': Stream #0.0(eng): Video: mpeg4, yuv420p, 626x360, q=1-31, 800 kb/s, 90k tbn, 24 tbc Stream mapping: Stream #0.0 - #0.0 Press [q] to stop encoding frame= 52 fps= 0 q=2.0 size= 293kB time=2.04 bitrate=1177.4kbits/s Program received signal SIGSEGV, Segmentation fault. 0x00856c89 in sad16_sse2 (v=0x0, blk2=0x75a30492 \351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\304\304\304\304\304\304\304\304\304\304\304\304\304\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\306\307\307\307\307\307\307\307\307\311\311\311\311\311\311\311\311\311\311\311\311\311\311\311\311\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\313\314\314\314\314\314\314\314\314\315\315\314\314\314\314\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\315\314\314\314\314\314\314\314\314\316\316\316\316\316\316\316\316\316, incomplete sequence \316..., blk1=0x77ec4492 \351\351\351\351\351\351\351\351\350\351\350\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\351\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\305\304\305\304\305\305\305\304\304\304\304\304\304\304\304\303\302\303\303\304\304\304\304\304\305\305\305\305\305\305\305\304\305\304\305\305\305\305\305\305\305\305\305\305\305\305\305\306\305\306\306\307\307\307\307\307\307\307\310\310\310\307\310\310\310\310\310\310\310\310\310\310\310\310\310\311\311\310\312\312\312\313\313\313\313\313\313\313\313\313\312\313\312\313\313\313\313\313\313\313\313\313\313\314\314\313\314\313\314\314\314\314\314\314\315\315\315\315\315\315\314\315\314\315\315\314\314\314\314\314\314, incomplete sequence \314..., stride=672, h=16) at libavcodec/x86/motion_est_mmx.c:95 95 __asm__ volatile( (gdb) bt #0 0x00856c89 in sad16_sse2 (v=0x0, blk2=0x75a30492