VP8 decode BAD ACCESS with XCode 5.1 / libvpx 1.3.0 for iOS

[GoogleCodeExporter]

It seems the new Clang compilation chokes on the VP8 assembly.
It used to work ok on the previous Xcode 5.0.1 delivery.

Here's a backtrace of the problem, occurring 100% of the time:

Thread 22, Queue : (null)
#0  0x00437920 in vp8_sad16x16_neon at 
/Users/guillaume/Dev/linphone-iphone/submodules/build-armv7-apple-darwin/externa
ls/libvpx/vp8/common/arm/neon/sad16_neon.asm.s:38
#1  0x0041eef6 in vp8_diamond_search_sad_c ()
#2  0x00425fbe in vp8_pick_inter_mode ()
#3  0x00419d02 in vp8cx_encode_inter_macroblock ()
#4  0x00419706 in encode_mb_row ()
#5  0x00418a4a in vp8_encode_frame ()
#6  0x00423474 in encode_frame_to_data_rate ()
#7  0x0042233c in vp8_get_compressed_data ()
#8  0x00415afa in vp8e_encode ()
#9  0x00410b26 in vpx_codec_encode ()
#10 0x00395006 in enc_process at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/videofilters/vp8.c:242
#11 0x00375fe6 in ms_filter_process at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msfilter.c:319
#12 0x00376efa in call_process [inlined] at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:228
#13 0x00376ece in run_graph at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:242
#14 0x00376ec2 in run_graph at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:247
#15 0x00376ec2 in run_graph at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:247
#16 0x00376ec2 in run_graph at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:247
#17 0x00376ec2 in run_graph at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:247
#18 0x00376de4 in run_graphs at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:261
#19 0x00376c90 in ms_ticker_run at 
/Users/guillaume/Dev/linphone-iphone/submodules/build/..//linphone/mediastreamer
2/src/base/msticker.c:440
#20 0x3a800958 in _pthread_body ()
#21 0x3a8008ca in _pthread_start ()

Some information: 

$ clang --version
Apple LLVM version 5.1 (clang-503.0.38) (based on LLVM 3.4svn)
Target: x86_64-apple-darwin13.1.0
Thread model: posix

I'm aware of the bug 603 about corruption, which we dodge by compiling libvpx 
with the following options:

    --enable-static --target=armv7-darwin-gcc --disable-shared --enable-error-concealment --disable-examples --enable-realtime-only --enable-spatial-resampling --enable-vp8 --enable-multithread --extra-cflags="-O1 -fno-strict-aliasing"

Any idea what's going on here?

Original issue reported on code.google.com by gbi.linp...@gmail.com on 19 Mar 2014 at 11:18

[GoogleCodeExporter]

Note: the crash occurs here:

_vp8_sad16x16_neon:
    vp8_sad16x16_neon: @
 @ @
    vld1.8          {q0}, [r0], r1
    vld1.8          {q4}, [r2], r3  ## BAD ACCESS 

    vld1.8          {q1}, [r0], r1
    vld1.8          {q5}, [r2], r3

Original comment by gbi.linp...@gmail.com on 19 Mar 2014 at 11:19

[GoogleCodeExporter]

I tried on the head of today, and the bug is present as well. 
Also, compiling with "-O0 -fno-strict-aliasing" will result in a very slow but 
working codec.

Original comment by gbi.linp...@gmail.com on 21 Mar 2014 at 3:38

[GoogleCodeExporter]

This is a dup of https://code.google.com/p/webrtc/issues/detail?id=3038 (see 
comment #23 there for a workaround).

Original comment by fischman@chromium.org on 31 Mar 2014 at 5:52

[GoogleCodeExporter]

Original comment by renganat...@google.com on 3 Apr 2014 at 10:21

• Changed state: Assigned
• Added labels: Type-Bug, Pri-2

[GoogleCodeExporter]

I tried the workaround, and it seems to fix it for a simple usage pattern, with 
"-O1 -fno-strinct-aliasing" in extra CFLAGS.
But in my experience, it will still fail when we rotate the video within our 
app (Linphone).
Internally, I believe we start a new instance of the encoder, but I'll have to 
verify.
In any case, the crash seems to occur at the same place.

Original comment by gbi.linp...@gmail.com on 4 Apr 2014 at 6:49

[GoogleCodeExporter]

Here is the fix:
http://git.chromium.org/gitweb/?p=webm/libvpx.git;a=commit;h=33df6d1fc1d268b4901
b74b4141f83594266f041

Original comment by yunqingw...@google.com on 29 Apr 2014 at 10:05

[GoogleCodeExporter]

Original comment by yunqingw...@google.com on 2 May 2014 at 1:06

• Changed state: Fixed