[Libav-user] "Segmentation fault" When encoding H264 video frame

M N assemblerx86 at yandex.com
Thu Sep 15 16:41:50 EEST 2016 

15.09.2016, 13:25, "Carl Eugen Hoyos" <ceffmpeg at gmail.com>:
> 2016-09-14 21:51 GMT+02:00 M N <assemblerx86 at yandex.com>:
>
>>  Program received signal SIGSEGV, Segmentation fault.
>>  avcodec_encode_video2 (avctx=0x7e0830, avpkt=0x7fffffffdbe0, frame=0x7a3a60,
>>      got_packet_ptr=0x7fffffffdb1c)
>>      at /usr/src/debug/media-video/ffmpeg-2.8.6/ffmpeg-2.8.6/libavcodec/utils.c:2173
>
> Can you reproduce the issue with current FFmpeg git head?
>
> Carl Eugen
> _______________________________________________
> Libav-user mailing list
> Libav-user at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/libav-user

Yes I can reproduce it. This is the Valgrind output with the git head version: (Same as the previous one)
Line numbering might differ since I have tried adding/changing some code lines to try to fix it.

*************************************
==30670== Memcheck, a memory error detector
==30670== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==30670== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==30670== Command: ./out
==30670== 
==30670== Invalid write of size 8
==30670==    at 0x4013C7: main (main.c:36)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid write of size 8
==30670==    at 0x4013EF: main (main.c:37)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
0
==30670== Invalid write of size 8
==30670==    at 0x4014C1: main (main.c:56)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4014DC: main (main.c:58)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid write of size 8
==30670==    at 0x401534: main (main.c:66)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x40154F: main (main.c:68)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401598: main (main.c:70)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4015F1: main (main.c:80)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401617: main (main.c:81)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401632: main (main.c:81)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401659: main (main.c:83)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401674: main (main.c:83)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x40169B: main (main.c:84)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4016B6: main (main.c:84)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4016DD: main (main.c:85)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4016F8: main (main.c:85)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401731: main (main.c:89)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4017B9: main (main.c:94)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4017D4: main (main.c:94)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4019C8: main (main.c:112)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401A08: main (main.c:115)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401A3A: main (main.c:116)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
[libx264 @ 0xce21b90] broken ffmpeg default settings detected
[libx264 @ 0xce21b90] use an encoding preset (e.g. -vpre medium)
[libx264 @ 0xce21b90] preset usage: -vpre <speed> -vpre <profile>
[libx264 @ 0xce21b90] speed presets are listed in x264 --help
[libx264 @ 0xce21b90] profile is optional; x264 defaults to high
1
==30670== Invalid read of size 8
==30670==    at 0x401571: main (main.c:68)
==30670==  Address 0xce17b28 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401802: main (main.c:98)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x40181D: main (main.c:98)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401844: main (main.c:99)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x40185F: main (main.c:99)
==30670==  Address 0xce17b28 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401886: main (main.c:100)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4018A1: main (main.c:100)
==30670==  Address 0xce17b28 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4018CA: main (main.c:101)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x4018E5: main (main.c:101)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401915: main (main.c:103)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401943: main (main.c:104)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x40197C: main (main.c:105)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401997: main (main.c:105)
==30670==  Address 0xce17b78 is 6 bytes after a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
done
[mp4 @ 0xc86e880] Using AVStream.codec to pass codec parameters to muxers is deprecated, use AVStream.codecpar instead.
[mp4 @ 0xc86e880] Using AVStream.codec to pass codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Write header 0: Success
==30670== Invalid read of size 8
==30670==    at 0x401E71: main (main.c:165)
==30670==  Address 0xce17b20 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x401373: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x401EAF: main (main.c:167)
==30670==  Address 0xce17b70 is 0 bytes inside a block of size 2 alloc'd
==30670==    at 0x4C29F40: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30670==    by 0x40138E: main (main.c:31)
==30670== 
==30670== Invalid read of size 8
==30670==    at 0x52E606E: avcodec_encode_video2 (utils.c:1932)
==30670==    by 0x401EC7: main (main.c:167)
==30670==  Address 0xa0 is not stack'd, malloc'd or (recently) free'd
==30670== 
==30670== 
==30670== Process terminating with default action of signal 11 (SIGSEGV)
==30670==  Access not within mapped region at address 0xA0
==30670==    at 0x52E606E: avcodec_encode_video2 (utils.c:1932)
==30670==    by 0x401EC7: main (main.c:167)
==30670==  If you believe this happened as a result of a stack
==30670==  overflow in your program's main thread (unlikely but
==30670==  possible), you can try to increase the size of the
==30670==  main thread stack using the --main-stacksize= flag.
==30670==  The main thread stack size used in this run was 8388608.
==30670== 
==30670== HEAP SUMMARY:
==30670==     in use at exit: 5,520,800 bytes in 343 blocks
==30670==   total heap usage: 924 allocs, 581 frees, 11,485,977 bytes allocated
==30670== 
==30670== LEAK SUMMARY:
==30670==    definitely lost: 4,544 bytes in 4 blocks
==30670==    indirectly lost: 0 bytes in 0 blocks
==30670==      possibly lost: 0 bytes in 0 blocks
==30670==    still reachable: 5,516,256 bytes in 339 blocks
==30670==         suppressed: 0 bytes in 0 blocks
==30670== Rerun with --leak-check=full to see details of leaked memory
==30670== 
==30670== For counts of detected and suppressed errors, rerun with: -v
==30670== ERROR SUMMARY: 49 errors from 38 contexts (suppressed: 0 from 0)
Segmentation fault
*************************************



And here is the GDB output:

*************************************
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
0
[libx264 @ 0x6b04d0] broken ffmpeg default settings detected
[libx264 @ 0x6b04d0] use an encoding preset (e.g. -vpre medium)
[libx264 @ 0x6b04d0] preset usage: -vpre <speed> -vpre <profile>
[libx264 @ 0x6b04d0] speed presets are listed in x264 --help
[libx264 @ 0x6b04d0] profile is optional; x264 defaults to high
1
done
[mp4 @ 0x608190] Using AVStream.codec to pass codec parameters to muxers is deprecated, use AVStream.codecpar instead.
[mp4 @ 0x608190] Using AVStream.codec to pass codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Write header 0: Success

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6f3e06e in avcodec_encode_video2 (avctx=0x6b04d0, 
    avpkt=0x7fffffffdcd0, frame=0x639980, got_packet_ptr=0x7fffffffdc08)
    at src/libavcodec/utils.c:1932
1932	    if (!avctx->codec->encode2) {
(gdb) bt
#0  0x00007ffff6f3e06e in avcodec_encode_video2 (avctx=0x6b04d0, 
    avpkt=0x7fffffffdcd0, frame=0x639980, got_packet_ptr=0x7fffffffdc08)
    at src/libavcodec/utils.c:1932
#1  0x0000000000401ec8 in main () at main.c:167
*************************************

More information about the Libav-user mailing list