Ubuntu
gst-plugins-bad0.10 package

totem crashed with SIGSEGV in free()

Bug #408647 reported by Alex Mauer on 2009-08-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	GStreamer	Fix Released	Critical	gnome-bugs #589609
	gst-plugins-bad0.10 (Ubuntu)	Fix Released	Medium	Ubuntu Desktop Bugs

Bug Description

Binary package hint: totem

playing an mkv movie with vobsub subtitles.

ProblemType: Crash
Architecture: i386
Date: Mon Aug 3 18:14:30 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/totem
Package: totem 2.27.2-0ubuntu1
ProcCmdline: totem /media/4922-1DE3/tv/Noir/Noir\ 18.mkv
ProcEnviron:
SHELL=/bin/bash
LANG=en_US.UTF-8
LANGUAGE=en_US.UTF-8
ProcVersionSignature: Ubuntu 2.6.31-4.23-generic
SegvAnalysis:
Segfault happened at: 0x8172686: cmp 0xc(%edx),%ecx
PC (0x08172686) ok
source "0xc(%edx)" (0x0000000c) not located in a known VMA region (needed readable region)!
destination "%ecx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: totem
StacktraceTop:
?? () from /lib/tls/i686/cmov/libc.so.6
free () from /lib/tls/i686/cmov/libc.so.6
g_free () from /usr/lib/libglib-2.0.so.0
?? () from /usr/lib/libgstreamer-0.10.so.0
gst_mini_object_unref ()
Tags: ubuntu-unr
Title: totem crashed with SIGSEGV in free()
Uname: Linux 2.6.31-4-generic i686
UserGroups: adm admin cdrom dialout lpadmin src video

Tags:

Revision history for this message

Alex Mauer (hawke) wrote on 2009-08-04:

Dependencies.txt Edit (5.3 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (500 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (53.1 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (1.0 KiB, text/plain; charset="utf-8")
Registers.txt Edit (463 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (1.1 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (12.5 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2009-08-04: Stacktrace.txt (retraced)

Stacktrace.txt (retraced) Edit (3.4 KiB, text/plain)

StacktraceTop:_int_free (av=<value optimized out>, p=0xa5347f8)
*__GI___libc_free (mem=0xa534800) at malloc.c:3716
IA__g_free (mem=0xa534800)
gst_buffer_finalize (buffer=0xa4bc330) at gstbuffer.c:164
gst_mini_object_unref (mini_object=0xa4bc330)

Revision history for this message

Apport retracing service (apport) wrote on 2009-08-04: ThreadStacktrace.txt (retraced)

ThreadStacktrace.txt (retraced) Edit (45.6 KiB, text/plain)

Changed in totem (Ubuntu):
importance:	Undecided → Medium
tags:	removed: need-i386-retrace

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2009-08-04:

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please try to obtain a valgrind log following the instructions at https://wiki.ubuntu.com/Valgrind and attach the file to the bug report. This will greatly help us in tracking down your problem.

Changed in totem (Ubuntu):
assignee:	nobody → Ubuntu Desktop Bugs (desktop-bugs)
status:	New → Incomplete

Pedro Villavicencio (pedro) on 2009-08-04

visibility:

private → public

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2009-09-02:

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to New. Thanks again!.

Changed in totem (Ubuntu):
status:	Incomplete → Invalid

Revision history for this message

Alex Mauer (hawke) wrote on 2009-09-02:

Attached please find the valgrind output for totem on this file.

I'm not sure that it's the same crash, of course...

Changed in totem (Ubuntu):
status:	Invalid → New

Revision history for this message

Sebastien Bacher (seb128) wrote on 2009-09-03:

could you install libgstreamer0.10-0-dbg and libglib2.0-0-dbg and get a new log?

Changed in totem (Ubuntu):
status:	New → Incomplete

Revision history for this message

Alex Mauer (hawke) wrote on 2009-09-03:

valgrind log with additional dbg packages Edit (454.6 KiB, text/plain)

Attached.

Revision history for this message

Sebastien Bacher (seb128) wrote on 2009-09-03:

the new log doesn't have the error which was in the previous one

Changed in totem (Ubuntu):
status:	Incomplete → New

Revision history for this message

Alex Mauer (hawke) wrote on 2009-09-03:

#10

another valgrind log Edit (452.4 KiB, text/plain)

Trying again...

Revision history for this message

Sebastien Bacher (seb128) wrote on 2009-09-03:

#11

the log does have the error, the previous comment was an overlook

Revision history for this message

Alex Mauer (hawke) wrote on 2009-09-03:

#12

test file Edit (527.2 KiB, application/octet-stream)

Attached please find a test file which exhibits this problem.

Revision history for this message

Sebastien Bacher (seb128) wrote on 2009-09-03:

#13

The issue is a gstreamer one, could be similar to http://bugzilla.gnome.org/show_bug.cgi?id=583880

affects:

totem (Ubuntu) → gstreamer0.10 (Ubuntu)

Revision history for this message

Robert Ancell (robert-ancell) wrote on 2009-09-04:

#14

Crash is in dvdspu plugin:
==11275== Thread 7:
==11275== Invalid write of size 1
==11275== at 0x402962C: memset (mc_replace_strmem.c:493)
==11275== by 0x7F83005: gstspu_clear_comp_buffers (string3.h:85)
==11275== by 0x7F85056: gstspu_vobsub_render (gstspu-vobsub-render.c:352)
==11275== by 0x7F7F043: gstspu_render (gstdvdspu.c:660)
==11275== by 0x7F81665: dvdspu_handle_vid_buffer (gstdvdspu.c:625)
==11275== by 0x7F82468: gst_dvd_spu_video_chain (gstdvdspu.c:550)

affects:

gstreamer0.10 (Ubuntu) → gst-plugins-bad0.10 (Ubuntu)

Revision history for this message

Robert Ancell (robert-ancell) wrote on 2009-09-04:

#15

Trying the patch in GNOME bug 589609 stops the crash but subtitles aren't displayed for me

Changed in gstreamer:
importance:	Undecided → Unknown
status:	New → Unknown
Changed in gst-plugins-bad0.10 (Ubuntu):
status:	New → Triaged

Bug Watch Updater (bug-watch-updater) on 2009-09-04

Changed in gstreamer:
status:	Unknown → In Progress

Robert Ancell (robert-ancell) on 2009-09-04

Changed in gst-plugins-bad0.10 (Ubuntu):
status:	Triaged → Fix Committed

Revision history for this message

Robert Ancell (robert-ancell) wrote on 2009-09-07:

#16

Upstream responds regarding why the subtitles aren't displayed in this case:
"I've tested that file, and the subtitles are very large images, including large
amounts of blank space, so when clipped you just see part of the image, which
happens to be within the transparent border.
A fix could be to look inside the subtitles, trim transparent borders, and
center the rest, but it really should be fixed encoding side, and this goes
into diminishing returns."

Didier Roche-Tolomelli (didrocks) on 2010-03-11

Changed in gst-plugins-bad0.10 (Ubuntu):
status:	Fix Committed → Fix Released

Bug Watch Updater (bug-watch-updater) on 2010-09-15

Changed in gstreamer:
importance:	Unknown → Critical
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

gnome-bugs #583880
[RESOLVED INCOMPLETE] Edit
gnome-bugs #589609
[RESOLVED FIXED] Edit

Bug watches keep track of this bug in other bug trackers.

Ubuntugst-plugins-bad0.10 package

totem crashed with SIGSEGV in free()

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
gst-plugins-bad0.10 package