Modify

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#7796 closed defect (invalid)

mythtranscode memcpy segmentation fault

Reported by: Andrea Giuliano <sarkiaponius@…> Owned by: ijr
Priority: major Milestone: 0.22
Component: MythTV - Mythtranscode Version: 0.22
Severity: medium Keywords:
Cc: sarkiaponius@… Ticket locked: yes

Description

Mythtranscode always crashes with a segmentation fault when given the option --mpeg2". Compiled with dbg, and run with gdb, it seems to segfaults on line 869 of mpeg2fix.cpp, which is indeed a memcpy inside MPEG2fixup::ProcessVideo? method.

It happens with every recordings.

I'm running Debian Squeeze. The problem never happened with Lenny (mythtv 0.21).

Here is the last part of the output of mythtranscode -v all -l -m -c 5001 -s 20091220092000

2009-12-23 21:31:34.218 Opening /data/mythtv/5001_20091220092000.mpg 2009-12-23 21:31:34.273 Header missing 2009-12-23 21:31:34.274 Header missing 2009-12-23 21:31:34.319 Input #0, mpegts, from '/data/mythtv/5001_20091220092000.mpg': 2009-12-23 21:31:34.319 Duration: 00:33:40.98, start: 2650.354678, bitrate: 8206 kb/s 2009-12-23 21:31:34.319 Stream #0.0[0x200]: Video: mpeg2video, yuv420p, 704x576 [PAR 12:11 DAR 4:3], 10000 kb/s, 25 tbr, 90k tbn, 50 tbc 2009-12-23 21:31:34.319 Stream #0.1[0x240]: Data: 0x0101 2009-12-23 21:31:34.320 Stream #0.2[0x28a]: Audio: mp2, 48000 Hz, 2 channels, s16, 256 kb/s 2009-12-23 21:31:34.320 Stream #0.3[0x28b]: Audio: mp2, 48000 Hz, 2 channels, s16, 256 kb/s 2009-12-23 21:31:34.320 Stream #0.4[0x1036]: Data: 0x0000 2009-12-23 21:31:34.320 Skipping unsupported codec 2 on stream 1 2009-12-23 21:31:34.320 Skipping unsupported codec 2 on stream 4 2009-12-23 21:31:34.346 Warning: partial frame found! Segmentation fault

Sorry, I don't know what else I could provide. Let me know, I will try it.

Attachments (0)

Change History (8)

comment:1 follow-up: Changed 8 years ago by robertm

  • Status changed from new to infoneeded_new

We need the actual backtrace.

comment:2 in reply to: ↑ 1 Changed 8 years ago by Andrea Giuliano <sarkiaponius@…>

Replying to robertm:

We need the actual backtrace.

Here it is, I hope.

#0 MPEG2fixup::ProcessVideo? (this=0x818f528, vf=0x8167c38, dec=0x817a940)

at mpeg2fix.cpp:869

#1 0x0807832e in MPEG2fixup::GetFrame? (this=0x818f528, pkt=0xbfffe364)

at mpeg2fix.cpp:1308

#2 0x0807a6aa in MPEG2fixup::FindStart? (this=0x818f528) at mpeg2fix.cpp:1338 #3 0x08085f45 in MPEG2fixup::Start (this=0x818f528) at mpeg2fix.cpp:1874 #4 0x0805e49e in main (argc=5, argv=0xbffff464) at main.cpp:629

And here is the backtrace for memcpy:

#0 0xb4e5da66 in memcpy () from /lib/i686/cmov/libc.so.6 #1 0x0804f700 in ?? () #2 0x0804f721 in _start ()

comment:3 follow-up: Changed 8 years ago by robertm

We need the *full* backtrace, as described in the manual, the ticket howto, and the debugging page on the wiki, not excerpts.

comment:4 in reply to: ↑ 3 Changed 8 years ago by Andrea Giuliano <sarkiaponius@…>

Replying to robertm:

We need the *full* backtrace, as described in the manual, the ticket howto, and the debugging page on the wiki, not excerpts.

The problem only happens with the packages from Debian Squeeze, not with the sources of the same version. It must be a problem with the distro. I think this ticket can be closed, because I cannot reproduce the problem.

PS Sorry I didn't post all the things needed. I'll do my best with my future tickets.

comment:5 Changed 8 years ago by robertm

  • Resolution set to invalid
  • Status changed from infoneeded_new to closed

Appears to be a package problem.

comment:6 Changed 8 years ago by florian@…

Hi,

same problem here.. Debian sid, mythtv-0.22-fixes SVN Today compiled with debug flag

GDB trace

Nagios:~/mythtv-0-22/mythtv/programs/mythtranscode# gdb -x /root/gdbcommands --args ./mythtranscode -i /mythstorage1/17403_20091230183700.mpg -o /tmp/bla GNU gdb (GDB) 7.0-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /root/mythtv-0-22/mythtv/programs/mythtranscode/mythtranscode...done. Function "qFatal" not defined. Breakpoint 1 (qFatal) pending. [Thread debugging using libthread_db enabled]

2009-12-31 16:47:48.533 Using runtime prefix = /usr 2009-12-31 16:47:48.533 Using configuration directory = /root/.mythtv 2009-12-31 16:47:48.608 Empty LocalHostName?. [New Thread 0xb31aab70 (LWP 13907)] [Thread 0xb31aab70 (LWP 13907) exited] 2009-12-31 16:47:48.844 New DB connection, total: 1 2009-12-31 16:47:49.056 Closing DB connection named 'DBManager0' 2009-12-31 16:47:49.056 Enabled verbose msgs: important 2009-12-31 16:47:49.082 New DB connection, total: 2 2009-12-31 16:47:49.085 New DB connection, total: 3 2009-12-31 16:47:49.514 Using protocol version 50 [New Thread 0xb31aab70 (LWP 13908)] 2009-12-31 16:47:49.956 Transcode: Looking for autodetect profile: Autodetect from 576i 2009-12-31 16:47:50.035 Transcode: Using autodetect profile: MPEG2 2009-12-31 16:47:50.035 Switching to MPEG-2 transcoder. [New Thread 0xb24a9b70 (LWP 13909)]

Program received signal SIGSEGV, Segmentation fault. 0xb4ed0a66 in memcpy () from /lib/i686/cmov/libc.so.6

Thread 4 (Thread 0xb24a9b70 (LWP 13909)): #0 0xb7fe1424 in kernel_vsyscall () No symbol table info available. #1 0xb623c0a5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/i686/cmov/libpthread.so.0 No symbol table info available. #2 0x08072599 in MPEG2replex::Start (this=0xb270a4a0) at mpeg2fix.cpp:545

ext_ok = {0 <repeats 32 times>} video_ok = 0 video_delay = 0 start = 1 mx = {fd_out = 0, otype = 0, startup = 0, finish = 0, video_delay = 0, audio_delay = 0, pack_size = 0, data_size = 0, audio_buffer_size = 0, video_buffer_size = 0, mux_rate = 0, muxr = 0, navpack = 0 '\000', frame_timestamps = 0, VBR = 0, is_ts = 0, reset_clocks = 0, write_end_codes = 0, set_broken_link = 0, vsize = 0, extsize = 0, extra_clock = 0, SCR = 0, oldSCR = 0, SCRinc = 0, viu = {active = 0 '\000', length = 0, start = 0, pts = 0, dts = 0, seq_header = 0 '\000', seq_end = 0 '\000', gop = 0 '\000', end_seq = 0 '\000', frame = 0 '\000', gop_off = 0 '\000', frame_off = 0 '\000', frame_start = 0 '\000', err = 0 '\000', framesize = 0, ptsrate = 0}, vdbuf = {size = 0, fill = 0, time_index = {read_pos = 0, write_pos = 0, size = 0, buffer = 0x0}, data_index = {read_pos = 0, write_pos = 0, size = 0, buffer = 0x0}}, ext = {{iu = {active = 0 '\000', length = 0, start = 0, pts = 0, dts = 0, seq_header = 0 '\000', seq_end = 0 '\000', gop = 0 '\000', end_seq = 0 '\000', frame = 0 '\000', gop_off = 0 '\000', frame_off = 0 '\000', frame_start = 0 '\000', err = 0 '\000', framesize = 0, ptsrate = 0}, pts = 0, pts_off = 0, type = 0, strmnum = 0, frmperpkt = 0, language = "\000\000\000", dbuf = {size = 0, fill = 0, time_index = {read_pos = 0, write_pos = 0, size = 0, buffer = 0x0}, data_index = {read_pos = 0, write_pos = 0, size = 0, buffer = 0x0}}} <repeats 32 times>}, extcnt = 0, extrbuffer = 0x0, index_extrbuffer = 0x0, vrbuffer = 0x0, index_vrbuffer = 0x0, fill_buffers = 0, priv = 0xb270a4a0} audio_delay = 0 fd_out = 14

#3 0x08072493 in MPEG2fixup::ReplexStart? (data=0xb270a4a0) at mpeg2fix.cpp:513

m2f = 0xb270a4a0

#4 0xb6238585 in start_thread () from /lib/i686/cmov/libpthread.so.0 No symbol table info available. #5 0xb4f2a2be in clone () from /lib/i686/cmov/libc.so.6 No symbol table info available.

Thread 3 (Thread 0xb31aab70 (LWP 13908)): #0 0xb7fe1424 in kernel_vsyscall () No symbol table info available. #1 0xb4f235b1 in select () from /lib/i686/cmov/libc.so.6 No symbol table info available. #2 0xb660e37f in MythSocketThread::run() () from /usr/lib/libmythdb-0.22.so.0 No symbol table info available. #3 0xb512c5e2 in ?? () from /usr/lib/libQtCore.so.4 No symbol table info available. #4 0xb6238585 in start_thread () from /lib/i686/cmov/libpthread.so.0 No symbol table info available. #5 0xb4f2a2be in clone () from /lib/i686/cmov/libc.so.6 No symbol table info available.

Thread 1 (Thread 0xb359e930 (LWP 13895)): #0 0xb4ed0a66 in memcpy () from /lib/i686/cmov/libc.so.6 No symbol table info available. #1 0x08051ed0 in ?? () No symbol table info available. #2 0xb4e71b55 in libc_start_main () from /lib/i686/cmov/libc.so.6 No symbol table info available. #3 0x08051ef1 in _start () No symbol table info available.

comment:7 Changed 8 years ago by nas@…

The problem is that the Debian 0.22 package links to /usr/lib/libmpeg2 instead of libmythmpeg2. That is done because of the Debian patch "debian/patches/01_libmythmpeg2.diff" and removing that patch fixes the problem. I will report this to the package maintainer.

In case someone is interesting if figuring out why libmpeg2 doesn't work, here is some debugging information. Note that info->gob is NULL. I don't understand the code well enough to determine why.

(gdb) bt
#0  0x0806fa0f in MPEG2fixup::ProcessVideo (this=0x80fd320, vf=0x8103758, 
    dec=0x810e240) at mpeg2fix.cpp:869
#1  0x0807250a in MPEG2fixup::GetFrame (this=0x80fd320, pkt=0xbfd949c4)
    at mpeg2fix.cpp:1308
#2  0x0807d9d7 in MPEG2fixup::FindStart (this=0x80fd320) at mpeg2fix.cpp:1338
#3  0x08084202 in MPEG2fixup::Start (this=0x80fd320) at mpeg2fix.cpp:1874
#4  0x0805a8ac in main (argc=135018816, argv=0xfffffff7) at main.cpp:629
(gdb) l 869
864	                           sizeof(mpeg2_sequence_t));
865	                    vf->isSequence = 1;
866	                    break;
867	
868	                case STATE_GOP:
869	                    memcpy(&vf->mpeg2_gop, info->gop, sizeof(mpeg2_gop_t));
870	                    vf->isGop = 1;
871	                    vf->gopPos = vf->pkt.data + last_pos;
872	                    //pd->adjustFrameCount=0;
873	                    break;
(gdb) p info->gop
$9 = (const mpeg2_gop_t *) 0x0
(gdb) p dec->info
$10 = {sequence = 0x1e0, gop = 0x0, current_picture = 0x0, 
  current_picture_2nd = 0x3, current_fbuf = 0x7, display_picture = 0x3, 
  display_picture_2nd = 0x0, display_fbuf = 0x0, discard_fbuf = 0x0, 
  user_data = 0x1 <Address 0x1 out of bounds>, user_data_len = 134875264}

comment:8 Changed 8 years ago by stuartm

  • Ticket locked set

In summary, the packager is at fault because he's not distributing mythtv but his own fork.

Add Comment

Modify Ticket

Action
as closed The owner will remain ijr.
The resolution will be deleted. Next status will be 'new'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.