#11456: ffvp9 race
-------------------------------------+-------------------------------------
Reporter: Ronald S. | Type: defect
Bultje |
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
From https://bugzilla.mozilla.org/show_bug.cgi?id=1941137
Reproduced on b9c99baced8f2cfe30b85080e19a39e15511e5ca (Feb 2nd, 2025)
Relevant input file: https://searchfox.org/mozilla-
central/source/dom/media/test/gizmo.webm
Regression found on 252fc2e047297697dea78e63aa908377b47c2136, not present
either on 240fd04db231efa4abad3abbd808140b4112324a or on 0957d62f (unclear
from upstream report).
Compile FFmpeg with thread sanitizer:
{{{
$ while true; do ./ffmpeg -threads 4 -i ~/Downloads/gizmo.webm -an -f md5
-v error -nostats -y /tmp/out.log || break; x=`cat /tmp/out.log`; if [ $x
!= "MD5=a08e3e064e3589e5610bc2ccc2a4ab4c" ]; then break; fi; done
ffmpeg(7971,0x1144a1600) malloc: nano zone abandoned due to inability to
preallocate reserved vm space.
[opus @ 0x7b5c00000700] Error parsing Opus packet header.
[these messages repeat a couple of times]
==================
WARNING: ThreadSanitizer: data race (pid=8053)
Read of size 1 at 0x7bb40003cb88 by thread T4 (mutexes: write M257):
#0 <null> <null>:2 (ffmpeg:x86_64+0x10187043f)
#1 ff_vp9_fill_mv <null>:2 (ffmpeg:x86_64+0x10186bcae)
#2 ff_vp9_decode_block <null>:2 (ffmpeg:x86_64+0x1017ac8b9)
#3 <null> <null>:2 (ffmpeg:x86_64+0x1017a21f9)
#4 <null> <null>:2 (ffmpeg:x86_64+0x10178f210)
#5 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#6 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Previous write of size 1 at 0x7bb40003cb88 by thread T3 (mutexes: write
M255):
#0 ff_vp9_decode_block <null>:2 (ffmpeg:x86_64+0x1017a8305)
#1 <null> <null>:2 (ffmpeg:x86_64+0x1017a21f9)
#2 <null> <null>:2 (ffmpeg:x86_64+0x10178f210)
#3 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#4 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Location is heap block of size 37504 at 0x7bb40003c000 allocated by
thread T1:
#0 posix_memalign <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x53603)
#1 av_malloc <null>:2 (ffmpeg:x86_64+0x101e2173a)
#2 av_refstruct_pool_get <null>:2 (ffmpeg:x86_64+0x101e36ce4)
#3 <null> <null>:2 (ffmpeg:x86_64+0x10178b915)
#4 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#5 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Mutex M257 (0x7b6800000510) created at:
#0 pthread_mutex_init <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2cd05)
#1 ff_pthread_init <null>:2 (ffmpeg:x86_64+0x101f4e4e1)
#2 <null> <null>:2 (ffmpeg:x86_64+0x101f4e7f4)
#3 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#4 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#5 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#6 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#7 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#8 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#9 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#10 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#11 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#13 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#14 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#15 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#16 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Mutex M255 (0x7b6800000398) created at:
#0 pthread_mutex_init <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2cd05)
#1 ff_pthread_init <null>:2 (ffmpeg:x86_64+0x101f4e4e1)
#2 <null> <null>:2 (ffmpeg:x86_64+0x101f4e7f4)
#3 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#4 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#5 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#6 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#7 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#8 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#9 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#10 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#11 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#13 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#14 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#15 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#16 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T4 (tid=7141103, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T3 (tid=7141102, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T1 (tid=7141100, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
SUMMARY: ThreadSanitizer: data race (ffmpeg:x86_64+0x10187043f)
==================
==================
WARNING: ThreadSanitizer: data race (pid=8053)
Read of size 4 at 0x7bb40003cb80 by thread T4 (mutexes: write M257):
#0 <null> <null>:2 (ffmpeg:x86_64+0x1018706d6)
#1 ff_vp9_fill_mv <null>:2 (ffmpeg:x86_64+0x10186bcae)
#2 ff_vp9_decode_block <null>:2 (ffmpeg:x86_64+0x1017ac8b9)
#3 <null> <null>:2 (ffmpeg:x86_64+0x1017a21f9)
#4 <null> <null>:2 (ffmpeg:x86_64+0x10178f210)
#5 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#6 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Previous write of size 4 at 0x7bb40003cb80 by thread T3 (mutexes: write
M255):
#0 ff_vp9_decode_block <null>:2 (ffmpeg:x86_64+0x1017a832a)
#1 <null> <null>:2 (ffmpeg:x86_64+0x1017a21f9)
#2 <null> <null>:2 (ffmpeg:x86_64+0x10178f210)
#3 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#4 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Location is heap block of size 37504 at 0x7bb40003c000 allocated by
thread T1:
#0 posix_memalign <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x53603)
#1 av_malloc <null>:2 (ffmpeg:x86_64+0x101e2173a)
#2 av_refstruct_pool_get <null>:2 (ffmpeg:x86_64+0x101e36ce4)
#3 <null> <null>:2 (ffmpeg:x86_64+0x10178b915)
#4 ff_decode_receive_frame_internal <null>:2
(ffmpeg:x86_64+0x100b75044)
#5 <null> <null>:2 (ffmpeg:x86_64+0x101429909)
Mutex M257 (0x7b6800000510) created at:
#0 pthread_mutex_init <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2cd05)
#1 ff_pthread_init <null>:2 (ffmpeg:x86_64+0x101f4e4e1)
#2 <null> <null>:2 (ffmpeg:x86_64+0x101f4e7f4)
#3 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#4 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#5 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#6 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#7 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#8 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#9 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#10 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#11 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#13 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#14 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#15 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#16 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Mutex M255 (0x7b6800000398) created at:
#0 pthread_mutex_init <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2cd05)
#1 ff_pthread_init <null>:2 (ffmpeg:x86_64+0x101f4e4e1)
#2 <null> <null>:2 (ffmpeg:x86_64+0x101f4e7f4)
#3 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#4 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#5 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#6 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#7 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#8 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#9 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#10 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#11 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#13 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#14 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#15 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#16 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T4 (tid=7141103, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T3 (tid=7141102, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
Thread T1 (tid=7141100, running) created by main thread at:
#0 pthread_create <null>:3
(libclang_rt.tsan_osx_dynamic.dylib:x86_64h+0x2bb6f)
#1 <null> <null>:2 (ffmpeg:x86_64+0x101f4e9d0)
#2 ff_frame_thread_init <null>:2 (ffmpeg:x86_64+0x101428d4b)
#3 ff_thread_init <null>:2 (ffmpeg:x86_64+0x101426b55)
#4 avcodec_open2 <null>:2 (ffmpeg:x86_64+0x1009dcca9)
#5 <null> <null>:2 (ffmpeg:x86_64+0x100002e80)
#6 dec_init <null>:2 (ffmpeg:x86_64+0x100002361)
#7 ist_use <null>:2 (ffmpeg:x86_64+0x1000079f9)
#8 ist_filter_add <null>:2 (ffmpeg:x86_64+0x100007b03)
#9 <null> <null>:2 (ffmpeg:x86_64+0x100014da1)
#10 fg_create_simple <null>:2 (ffmpeg:x86_64+0x100014b77)
#11 <null> <null>:2 (ffmpeg:x86_64+0x100029b96)
#12 <null> <null>:2 (ffmpeg:x86_64+0x100025ed8)
#13 of_open <null>:2 (ffmpeg:x86_64+0x1000200be)
#14 ffmpeg_parse_options <null>:2 (ffmpeg:x86_64+0x10002d451)
#15 main <null>:2 (ffmpeg:x86_64+0x1000463a4)
SUMMARY: ThreadSanitizer: data race (ffmpeg:x86_64+0x1018706d6)
==================
[opus @ 0x7b5c00000700] Error parsing Opus packet header.
ThreadSanitizer: reported 2 warnings
Abort trap: 6
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/11456>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac
To unsubscribe, visit link above, or email
ffmpeg-trac-requ...@ffmpeg.org with subject "unsubscribe".
