Bug 210766 - FC5: speexenc gives an segmentation fault on x86-64
FC5: speexenc gives an segmentation fault on x86-64
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: speex (Show other bugs)
5
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Bastien Nocera
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-10-14 10:44 EDT by Gert Vervoort
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-16 13:44:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gert Vervoort 2006-10-14 10:44:20 EDT
Description of problem:

speexenc gives an segmentation fault on x86-64.


Version-Release number of selected component (if applicable):

speex.x86_64                             1.0.5-1.2.1  


How reproducible:

Try to encode a wav-file with speexenc

Steps to Reproduce:
1. Generate some wav-files for testing:
  
    [gert@apollo tmp]$ dd if=/dev/zero count=5 bs=`echo "32000*1*2" | bc -l` |
sox -t raw -r 32000 -c 1 -s -w - -t wav silence.wav
    5+0 records in
    5+0 records out
    320000 bytes (320 kB) copied, 0.004058 seconds, 78.9 MB/s
    [gert@apollo tmp]$ sox silence.wav sine.wav synth 0 sine create 400   
    [gert@apollo tmp]$


2.  Encode the wav-files using speex:

    [gert@apollo tmp]$ speexenc silence.wav silence.spx
    Encoding 32000 Hz audio using ultra-wideband (sub-band CELP) mode (mono)
    Segmentation fault
    [gert@apollo tmp]$ speexenc sine.wav sine.spx
    Encoding 32000 Hz audio using ultra-wideband (sub-band CELP) mode (mono)
    Segmentation fault
    [gert@apollo tmp]$

  
Actual results:

  Segmentation fault

Expected results:

  a spx-file with speex encoded version of the input file. 

Additional info:
Comment 1 Bastien Nocera 2007-04-17 09:30:57 EDT
Could you please attach a backtrace of the crash? Do you still see this in more
recent versions of speex?
Comment 2 Gert Vervoort 2007-04-17 12:48:39 EDT
Backtrace
=========

[gert@apollo tmp]$ dd if=/dev/zero count=5 bs=`echo "32000*1*2" | bc -l` | sox -
t raw -r 32000 -c 1 -s -w - -t wav silence.wav
5+0 records in
5+0 records out
320000 bytes (320 kB) copied, 0.261284 seconds, 1.2 MB/s
[gert@apollo tmp]$ sox silence.wav sine.wav synth 0 sine create 400
[gert@apollo tmp]$ ulimit -c 8192
[gert@apollo tmp]$ speexenc silence.wav silence.spx
Encoding 32000 Hz audio using ultra-wideband (sub-band CELP) mode (mono)
Segmentation fault (core dumped)
[gert@apollo tmp]$ gdb /usr/bin/speexenc -c core.4044
GNU gdb Red Hat Linux (6.3.0.0-1.134.fc5rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib64/libthread_db.so.1".

Core was generated by `speexenc silence.wav silence.spx'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib64/libspeex.so.1...(no debugging symbols found)...d
one.
Loaded symbols for /usr/lib64/libspeex.so.1
Reading symbols from /usr/lib64/libogg.so.0...(no debugging symbols found)...don e.
Loaded symbols for /usr/lib64/libogg.so.0
Reading symbols from /lib64/libm.so.6...
(no debugging symbols found)...done.
Loaded symbols for /lib64/libm.so.6
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...
(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
#0  0x00000039c5f756a4 in memcpy ()
   from /lib64/libc.so.6
(gdb) bt
#0  0x00000039c5f756a4 in memcpy () from /lib64/libc.so.6
#1  0x00000039c7402435 in ogg_stream_packetin () from /usr/lib64/libogg.so.0
#2  0x0000000000402354 in ?? ()
#3  0x00000039c5f1c784 in __libc_start_main () from /lib64/libc.so.6
#4  0x00000000004015c9 in ?? ()
#5  0x00007fff16b822c8 in ?? ()
#6  0x0000000000000000 in ?? ()
(gdb)

version
=======

[gert@apollo tmp]$ yum list | grep speex
speex.x86_64                             1.0.5-1.2.1            installed
speex.i386                               1.0.5-1.2.1            core
speex-devel.x86_64                       1.0.5-1.2.1            core
xmms-speex.x86_64                        0.9.1-7.fc5            extras
[gert@apollo tmp]$
Comment 3 Bastien Nocera 2007-04-19 05:29:39 EDT
(In reply to comment #2)
> Backtrace
> =========
> 
> [gert@apollo tmp]$ dd if=/dev/zero count=5 bs=`echo "32000*1*2" | bc -l` | sox -
> t raw -r 32000 -c 1 -s -w - -t wav silence.wav
> 5+0 records in
> 5+0 records out
> 320000 bytes (320 kB) copied, 0.261284 seconds, 1.2 MB/s
> [gert@apollo tmp]$ sox silence.wav sine.wav synth 0 sine create 400
> [gert@apollo tmp]$ ulimit -c 8192
> [gert@apollo tmp]$ speexenc silence.wav silence.spx
> Encoding 32000 Hz audio using ultra-wideband (sub-band CELP) mode (mono)
> Segmentation fault (core dumped)
> [gert@apollo tmp]$ gdb /usr/bin/speexenc -c core.4044
<snip>
> #0  0x00000039c5f756a4 in memcpy () from /lib64/libc.so.6
> #1  0x00000039c7402435 in ogg_stream_packetin () from /usr/lib64/libogg.so.0
> #2  0x0000000000402354 in ?? ()
> #3  0x00000039c5f1c784 in __libc_start_main () from /lib64/libc.so.6
> #4  0x00000000004015c9 in ?? ()
> #5  0x00007fff16b822c8 in ?? ()
> #6  0x0000000000000000 in ?? ()
> (gdb)

Could you get the backtrace of the crash with the glibc, speex and libogg
debuginfo packages?

Looks like a bug in libogg to me, but I can't be sure.

> speex.x86_64                             1.0.5-1.2.1            installed
> speex.i386                               1.0.5-1.2.1            core
> speex-devel.x86_64                       1.0.5-1.2.1            core
> xmms-speex.x86_64                        0.9.1-7.fc5            extras
> [gert@apollo tmp]$

Note that it works fine and doesn't crash in FC6 on x86-64.
Comment 4 Gert Vervoort 2007-04-19 12:18:32 EDT
When I check the avaible package, there seem to be no package available
containing debuginfo: 

[gert@apollo tmp]$ yum list | grep glibc
glibc.i686                               2.4-11                 installed
glibc.x86_64                             2.4-11                 installed
glibc-common.x86_64                      2.4-11                 installed
glibc-devel.x86_64                       2.4-11                 installed
glibc-devel.i386                         2.4-11                 installed
glibc-headers.x86_64                     2.4-11                 installed
glibc-kernheaders.x86_64                 3.0-5.2                installed
glibc.i386                               2.4-11                 updates
glibc-utils.x86_64                       2.4-11                 updates
[gert@apollo tmp]$ yum list | grep libogg
libogg.x86_64                            2:1.1.3-1.2            installed
libogg-devel.x86_64                      2:1.1.3-1.2            installed
libogg.i386                              2:1.1.3-1.2            core
liboggz.x86_64                           0.9.4-1.fc5            extras
liboggz-devel.x86_64                     0.9.4-1.fc5            extras
[gert@apollo tmp]$ yum list | grep speex
speex.x86_64                             1.0.5-1.2.1            installed
speex.i386                               1.0.5-1.2.1            core
speex-devel.x86_64                       1.0.5-1.2.1            core
xmms-speex.x86_64                        0.9.1-7.fc5            extras
[gert@apollo tmp]$


Comment 5 Bastien Nocera 2007-04-19 12:45:12 EDT
They're in the -debuginfo repository. This command should do the trick:
yum --enablerepo=updates-debuginfo --enablerepo=core-debuginfo install
glibc-debuginfo libogg-debuginfo speex-debuginfo
Comment 6 Gert Vervoort 2007-04-19 15:54:16 EDT
[gert@apollo tmp]$ gdb /usr/bin/speexenc
GNU gdb Red Hat Linux (6.3.0.0-1.134.fc5rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread_db
library "/lib64/libthread_db.so.1".

(gdb) set args silence.wav silence.spx
(gdb) r
Starting program: /usr/bin/speexenc silence.wav silence.spx
Encoding 32000 Hz audio using ultra-wideband (sub-band CELP) mode (mono)

Program received signal SIGSEGV, Segmentation fault.
0x00000039c5f756a4 in ?? () from /lib64/libc.so.6
(gdb) bt
#0  0x00000039c5f756a4 in ?? () from /lib64/libc.so.6
#1  0x00000039c7402435 in ogg_stream_packetin (os=0x7fff9712c570,
op=0x7fff9712bcd0) at /usr/include/bits/string3.h:51
#2  0x0000000000402354 in main (argc=Variable "argc" is not available.
) at speexenc.c:610
#3  0x00000039c5f1c784 in __libc_start_main (main=0x401da0 <main>, argc=3,
ubp_av=0x7fff9712c898, init=Variable "init" is not available.
) at libc-start.c:231
#4  0x00000000004015c9 in _start ()
#5  0x00007fff9712c888 in ?? ()
#6  0x0000000000000000 in ?? ()
(gdb)
Comment 7 Bastien Nocera 2007-05-16 07:05:28 EDT
Gert, I don't really have the time to investigate this crash, and I don't have
instant access to an FC5 installation either. If you don't mind, I'll close this
as working in FC6, unless somebody wants to step up to see what's needed to
correct this problem.
Comment 8 Gert Vervoort 2007-05-16 13:08:19 EDT
Ok that's fine, it is about time that I upgrade to FC6 anyway.
Comment 9 Bastien Nocera 2007-05-16 13:44:56 EDT
Thanks Gert, much appreciated.

Note You need to log in before you can comment on or make changes to this bug.