[FFmpeg-trac] #9927(undetermined:new): Segfault with ffmpeg launched from yt-dlp

FFmpeg Sun, 18 Sep 2022 03:18:17 -0700

#9927: Segfault with ffmpeg launched from yt-dlp
-------------------------------------+-------------------------------------
             Reporter:  Poulpatine   |                     Type:  defect
               Status:  new          |                 Priority:  normal
            Component:               |                  Version:
  undetermined                       |  unspecified
             Keywords:               |               Blocked By:
             Blocking:               |  Reproduced by developer:  0
Analyzed by developer:  0            |
-------------------------------------+-------------------------------------
 Summary of the bug:


 Hi,

 I encounter from time to times some segfaults from ffmpeg.
 I can't find the media from the moment but I'll search deeper.

 I've been able to get a stacktrace, here is the gdb output :



 {{{
 GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git
 Copyright (C) 2021 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.
 Type "show copying" and "show warranty" for details.
 This GDB was configured as "x86_64-linux-gnu".
 Type "show configuration" for configuration details.
 For bug reporting instructions, please see:
 <https://www.gnu.org/software/gdb/bugs/>.
 Find the GDB manual and other documentation resources online at:
     <http://www.gnu.org/software/gdb/documentation/>.

 For help, type "help".
 Type "apropos word" to search for commands related to "word"...
 Reading symbols from /opt/ffmpeg-linux64-nonfree-debug/bin/ffmpeg...
 [New LWP 4165416]
 [New LWP 4165436]
 [New LWP 4165438]
 [New LWP 4165442]
 [New LWP 4165441]
 [New LWP 4165444]
 [New LWP 4165439]
 [New LWP 4165448]
 [New LWP 4165446]
 [New LWP 4165443]
 [New LWP 4165447]
 [New LWP 4165437]
 [New LWP 4165445]
 [New LWP 4165440]
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
 Core was generated by `ffmpeg -i - -f mp3 -ab 192k -vn -'.
 Program terminated with signal SIGABRT, Aborted.
 #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 50      ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
 [Current thread is 1 (Thread 0x7fbfe8a688c0 (LWP 4165416))]



 (gdb) bt
 #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 #1  0x00007fbfe8abe537 in __GI_abort () at abort.c:79
 #2  0x00007fbfe8abe40f in __assert_fail_base (fmt=0x7fbfe8c27128
 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x563bda8a6542
 "thr[b] >= 0", file=0x563bda8a652c "psymodel.c", line=1135,
 function=<optimized out>) at assert.c:92
 #3  0x00007fbfe8acd662 in __GI___assert_fail (assertion=0x563bda8a6542
 "thr[b] >= 0", file=0x563bda8a652c "psymodel.c", line=1135,
 function=0x563bda8a69e0 <__PRETTY_FUNCTION__.10>
 "vbrpsy_compute_masking_s") at assert.c:101
 #4  0x0000563bd7e74a97 in L3psycho_anal_vbr ()
 #5  0x0000563bd7e825f9 in lame_encode_mp3_frame ()
 #6  0x0000563bd7e6c390 in lame_encode_buffer_template ()
 #7  0x0000563bd7e6d3b5 in lame_encode_buffer_float ()
 #8  0x0000563bd5670833 in mp3lame_encode_frame (avctx=0x563bdcbaca40,
 avpkt=0x563bdcc61040, frame=0x563bdcc613c0, got_packet_ptr=0x7ffe8c24b444)
 at libavcodec/libmp3lame.c:218
 #9  0x0000563bd55909d6 in ff_encode_encode_cb
 (avctx=avctx@entry=0x563bdcbaca40, avpkt=avpkt@entry=0x563bdcc61040,
 frame=frame@entry=0x563bdcc613c0,
 got_packet=got_packet@entry=0x7ffe8c24b444) at libavcodec/encode.c:198
 #10 0x0000563bd5590caa in encode_simple_internal
 (avctx=avctx@entry=0x563bdcbaca40, avpkt=avpkt@entry=0x563bdcc61040) at
 libavcodec/encode.c:273
 #11 0x0000563bd5590d03 in encode_simple_receive_packet
 (avctx=avctx@entry=0x563bdcbaca40, avpkt=avpkt@entry=0x563bdcc61040) at
 libavcodec/encode.c:291
 #12 0x0000563bd5590e4a in encode_receive_packet_internal
 (avctx=avctx@entry=0x563bdcbaca40, avpkt=0x563bdcc61040) at
 libavcodec/encode.c:325
 #13 0x0000563bd5590f33 in avcodec_send_frame
 (avctx=avctx@entry=0x563bdcbaca40, frame=frame@entry=0x563bdcbacf40) at
 libavcodec/encode.c:466
 #14 0x0000563bd50f0174 in encode_frame (of=0x563bdcbb2040,
 ost=0x563bdcbabe40, frame=0x563bdcbacf40) at fftools/ffmpeg.c:933
 #15 0x0000563bd50f0719 in submit_encode_frame (of=of@entry=0x563bdcbb2040,
 ost=ost@entry=0x563bdcbabe40, frame=frame@entry=0x563bdcbacf40) at
 fftools/ffmpeg.c:1001
 #16 0x0000563bd50f07ff in do_audio_out (of=of@entry=0x563bdcbb2040,
 ost=ost@entry=0x563bdcbabe40, frame=frame@entry=0x563bdcbacf40) at
 fftools/ffmpeg.c:1055
 #17 0x0000563bd50f4865 in reap_filters (flush=flush@entry=0) at
 fftools/ffmpeg.c:1431
 #18 0x0000563bd50f492b in transcode_from_filter (graph=0x563bdcbad640,
 best_ist=best_ist@entry=0x7ffe8c24b760) at fftools/ffmpeg.c:3913
 #19 0x0000563bd50f624d in transcode_step () at fftools/ffmpeg.c:4001
 #20 0x0000563bd50f66b0 in transcode () at fftools/ffmpeg.c:4074
 #21 0x0000563bd50f6aef in main (argc=9, argv=0x7ffe8c24b958) at
 fftools/ffmpeg.c:4245



 (gdb) disass $pc-32,$pc+32
 Dump of assembler code from 0x7fbfe8ad4cc1 to 0x7fbfe8ad4d01:
    0x00007fbfe8ad4cc1 <__GI_raise+289>: add    %dh,%al
    0x00007fbfe8ad4cc3 <__GI_raise+291>: (bad)
    0x00007fbfe8ad4cc4 <__GI_raise+292>: push   0x39(%rdi)
    0x00007fbfe8ad4cc7 <__GI_raise+295>: mov    %eax,%r8d
    0x00007fbfe8ad4cca <__GI_raise+298>: mov    $0x8,%r10d
    0x00007fbfe8ad4cd0 <__GI_raise+304>: xor    %edx,%edx
    0x00007fbfe8ad4cd2 <__GI_raise+306>: mov    %r9,%rsi
    0x00007fbfe8ad4cd5 <__GI_raise+309>: mov    $0x2,%edi
    0x00007fbfe8ad4cda <__GI_raise+314>: mov    $0xe,%eax
    0x00007fbfe8ad4cdf <__GI_raise+319>: syscall
 => 0x00007fbfe8ad4ce1 <__GI_raise+321>: mov    0x108(%rsp),%rax
    0x00007fbfe8ad4ce9 <__GI_raise+329>: sub    %fs:0x28,%rax
    0x00007fbfe8ad4cf2 <__GI_raise+338>: jne    0x7fbfe8ad4d14
 <__GI_raise+372>
    0x00007fbfe8ad4cf4 <__GI_raise+340>: mov    %r8d,%eax
    0x00007fbfe8ad4cf7 <__GI_raise+343>: add    $0x118,%rsp
    0x00007fbfe8ad4cfe <__GI_raise+350>: ret
    0x00007fbfe8ad4cff <__GI_raise+351>: nop
    0x00007fbfe8ad4d00 <__GI_raise+352>: mov    0x182169(%rip),%rdx
 # 0x7fbfe8c56e70
 End of assembler dump.



 (gdb) info all-registers
 rax            0x0                 0
 rbx            0x7fbfe8a688c0      140462218709184
 rcx            0x7fbfe8ad4ce1      140462219152609
 rdx            0x0                 0
 rsi            0x7ffe8c241720      140731249596192
 rdi            0x2                 2
 rbp            0x7fbfe8c27128      0x7fbfe8c27128
 rsp            0x7ffe8c241720      0x7ffe8c241720
 r8             0x0                 0
 r9             0x7ffe8c241720      140731249596192
 r10            0x8                 8
 r11            0x246               582
 r12            0x563bda8a652c      94815069562156
 r13            0x46f               1135
 r14            0x563bda8a6542      94815069562178
 r15            0x0                 0
 rip            0x7fbfe8ad4ce1      0x7fbfe8ad4ce1 <__GI_raise+321>
 eflags         0x246               [ PF ZF IF ]
 cs             0x33                51
 ss             0x2b                43
 ds             0x0                 0
 es             0x0                 0
 fs             0x0                 0
 gs             0x0                 0
 st0            0                   (raw 0x00000000000000000000)
 st1            0                   (raw 0x00000000000000000000)
 st2            0                   (raw 0x00000000000000000000)
 st3            0                   (raw 0x00000000000000000000)
 st4            0                   (raw 0x00000000000000000000)
 st5            0                   (raw 0x00000000000000000000)
 st6            0                   (raw 0x00000000000000000000)
 st7            0                   (raw 0x00000000000000000000)
 fctrl          0x37f               895
 fstat          0x0                 0
 ftag           0xffff              65535
 fiseg          0x0                 0
 fioff          0x0                 0
 foseg          0x0                 0
 fooff          0x0                 0
 fop            0x0                 0
 mxcsr          0x1fbb              [ IE DE OE UE PE IM DM ZM OM UM PM ]
 bndcfgu        {raw = 0x0, config = {base = 0x0, reserved = 0x0, preserved
 = 0x0, enabled = 0x0}} {raw = 0x0, config = {base = 0, reserved = 0,
 preserved = 0, enabled = 0}}
 bndstatus      {raw = 0x0, status = {bde = 0x0, error = 0x0}} {raw = 0x0,
 status = {bde = 0, error = 0}}
 ymm0           {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
 v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
 v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
 ymm1           {v16_bfloat16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0x0, 0xffffffff,
 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x7fffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0}, v32_int8 = {0x0, 0x0,
 0x0, 0xff <repeats 13 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x0,
 0xff00, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xff000000, 0xffffffff, 0xffffffff,
 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xffffffffff000000,
 0xffffffffffffffff, 0x0, 0x0}, v2_int128 =
 {0xffffffffffffffffffffffffff000000, 0x0}}
 ymm2           {v16_bfloat16 = {0x0, 0xa, 0xffff, 0xffff, 0xffff, 0xffff,
 0xffff, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0xa,
 0xffffffff, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x7fffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0}, v32_int8 = {0x73,
 0x3a, 0x20, 0x41, 0x73, 0x73, 0x65, 0x72, 0x74, 0x69, 0x6f, 0x6e, 0x20,
 0x60, 0x74, 0x68, 0x0 <repeats 16 times>}, v16_int16 = {0x3a73, 0x4120,
 0x7373, 0x7265, 0x6974, 0x6e6f, 0x6020, 0x6874, 0x0, 0x0, 0x0, 0x0, 0x0,
 0x0, 0x0, 0x0}, v8_int32 = {0x41203a73, 0x72657373, 0x6e6f6974,
 0x68746020, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7265737341203a73,
 0x687460206e6f6974, 0x0, 0x0}, v2_int128 =
 {0x687460206e6f69747265737341203a73, 0x0}}
 ymm3           {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
 v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
 0x0, 0x0, 0x0}, v32_int8 = {0x64, 0x2e, 0xa, 0x0 <repeats 29 times>},
 v16_int16 = {0x2e64, 0xa, 0x0 <repeats 14 times>}, v8_int32 = {0xa2e64,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xa2e64, 0x0, 0x0, 0x0},
 v2_int128 = {0xa2e64, 0x0}}
 ymm4           {v16_bfloat16 = {0x0, 0xffff, 0x0 <repeats 14 times>},
 v8_float = {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x7f, 0x0 <repeats 28
 times>}, v16_int16 = {0x0, 0x7f80, 0x0 <repeats 14 times>}, v8_int32 =
 {0x7f800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7f800000,
 0x0, 0x0, 0x0}, v2_int128 = {0x7f800000, 0x0}}
 ymm5           {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
 v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x3f, 0x0 <repeats 28 times>},
 v16_int16 = {0x0, 0x3f80, 0x0 <repeats 14 times>}, v8_int32 = {0x3f800000,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3f800000, 0x0, 0x0,
 0x0}, v2_int128 = {0x3f800000, 0x0}}
 ymm6           {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
 v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
 v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
 ymm7           {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
 v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x3f, 0x0 <repeats 28 times>},
 v16_int16 = {0x0, 0x3f80, 0x0 <repeats 14 times>}, v8_int32 = {0x3f800000,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3f800000, 0x0, 0x0,
 0x0}, v2_int128 = {0x3f800000, 0x0}}
 ymm8           {v16_bfloat16 = {0xffff, 0xffff, 0x0, 0xffff, 0xffff, 0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0xffffffff,
 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x7fffffffffffffff, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x68, 0x65, 0x6c,
 0x70, 0x0, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3a, 0x0, 0x25, 0x73, 0x20, 0x0
 <repeats 16 times>}, v16_int16 = {0x6800, 0x6c65, 0x70, 0x7355, 0x6761,
 0x3a65, 0x2500, 0x2073, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32
 = {0x6c656800, 0x73550070, 0x3a656761, 0x20732500, 0x0, 0x0, 0x0, 0x0},
 v4_int64 = {0x735500706c656800, 0x207325003a656761, 0x0, 0x0}, v2_int128 =
 {0x207325003a656761735500706c656800, 0x0}}
 ymm9           {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
 v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
 v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
 ymm10          {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
 v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
 0x0, 0x0, 0x0}, v32_int8 = {0x71, 0x3d, 0xca, 0x3f, 0x0 <repeats 28
 times>}, v16_int16 = {0x3d71, 0x3fca, 0x0 <repeats 14 times>}, v8_int32 =
 {0x3fca3d71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3fca3d71,
 0x0, 0x0, 0x0}, v2_int128 = {0x3fca3d71, 0x0}}
 ymm11          {v16_bfloat16 = {0x0, 0x2, 0x0 <repeats 14 times>},
 v8_float = {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
 0x0, 0x0, 0x0}, v32_int8 = {0x52, 0xb8, 0x3e, 0x40, 0x0 <repeats 28
 times>}, v16_int16 = {0xb852, 0x403e, 0x0 <repeats 14 times>}, v8_int32 =
 {0x403eb852, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x403eb852,
 0x0, 0x0, 0x0}, v2_int128 = {0x403eb852, 0x0}}
 ymm12          {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
 v8_float = {0xde000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xf0, 0xf6, 0x92, 0x55, 0x0 <repeats 28
 times>}, v16_int16 = {0xf6f0, 0x5592, 0x0 <repeats 14 times>}, v8_int32 =
 {0x5592f6f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5592f6f0,
 0x0, 0x0, 0x0}, v2_int128 = {0x5592f6f0, 0x0}}
 ymm13          {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
 v8_float = {0x6f000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
 {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xf0, 0xf6, 0x12, 0x55, 0x0 <repeats 28
 times>}, v16_int16 = {0xf6f0, 0x5512, 0x0 <repeats 14 times>}, v8_int32 =
 {0x5512f6f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5512f6f0,
 0x0, 0x0, 0x0}, v2_int128 = {0x5512f6f0, 0x0}}
 ymm14          {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
 v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
 v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
 ymm15          {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
 v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
 v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
 0x0, 0x0}, v2_int128 = {0x0, 0x0}}
 bnd0           {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 bnd1           {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 bnd2           {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 bnd3           {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
 }}}
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/9927>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

_______________________________________________
FFmpeg-trac mailing list
[email protected]
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac

To unsubscribe, visit link above, or email
[email protected] with subject "unsubscribe".

[FFmpeg-trac] #9927(undetermined:new): Segfault with ffmpeg launched from yt-dlp

Reply via email to