[FFmpeg-trac] #9927(undetermined:new): Segfault with ffmpeg launched from yt-dlp
FFmpeg
trac at avcodec.org
Sun Sep 18 13:18:07 EEST 2022
#9927: Segfault with ffmpeg launched from yt-dlp
-------------------------------------+-------------------------------------
Reporter: Poulpatine | Type: defect
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
Summary of the bug:
Hi,
I encounter from time to times some segfaults from ffmpeg.
I can't find the media from the moment but I'll search deeper.
I've been able to get a stacktrace, here is the gdb output :
{{{
GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /opt/ffmpeg-linux64-nonfree-debug/bin/ffmpeg...
[New LWP 4165416]
[New LWP 4165436]
[New LWP 4165438]
[New LWP 4165442]
[New LWP 4165441]
[New LWP 4165444]
[New LWP 4165439]
[New LWP 4165448]
[New LWP 4165446]
[New LWP 4165443]
[New LWP 4165447]
[New LWP 4165437]
[New LWP 4165445]
[New LWP 4165440]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `ffmpeg -i - -f mp3 -ab 192k -vn -'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7fbfe8a688c0 (LWP 4165416))]
(gdb) bt
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007fbfe8abe537 in __GI_abort () at abort.c:79
#2 0x00007fbfe8abe40f in __assert_fail_base (fmt=0x7fbfe8c27128
"%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x563bda8a6542
"thr[b] >= 0", file=0x563bda8a652c "psymodel.c", line=1135,
function=<optimized out>) at assert.c:92
#3 0x00007fbfe8acd662 in __GI___assert_fail (assertion=0x563bda8a6542
"thr[b] >= 0", file=0x563bda8a652c "psymodel.c", line=1135,
function=0x563bda8a69e0 <__PRETTY_FUNCTION__.10>
"vbrpsy_compute_masking_s") at assert.c:101
#4 0x0000563bd7e74a97 in L3psycho_anal_vbr ()
#5 0x0000563bd7e825f9 in lame_encode_mp3_frame ()
#6 0x0000563bd7e6c390 in lame_encode_buffer_template ()
#7 0x0000563bd7e6d3b5 in lame_encode_buffer_float ()
#8 0x0000563bd5670833 in mp3lame_encode_frame (avctx=0x563bdcbaca40,
avpkt=0x563bdcc61040, frame=0x563bdcc613c0, got_packet_ptr=0x7ffe8c24b444)
at libavcodec/libmp3lame.c:218
#9 0x0000563bd55909d6 in ff_encode_encode_cb
(avctx=avctx at entry=0x563bdcbaca40, avpkt=avpkt at entry=0x563bdcc61040,
frame=frame at entry=0x563bdcc613c0,
got_packet=got_packet at entry=0x7ffe8c24b444) at libavcodec/encode.c:198
#10 0x0000563bd5590caa in encode_simple_internal
(avctx=avctx at entry=0x563bdcbaca40, avpkt=avpkt at entry=0x563bdcc61040) at
libavcodec/encode.c:273
#11 0x0000563bd5590d03 in encode_simple_receive_packet
(avctx=avctx at entry=0x563bdcbaca40, avpkt=avpkt at entry=0x563bdcc61040) at
libavcodec/encode.c:291
#12 0x0000563bd5590e4a in encode_receive_packet_internal
(avctx=avctx at entry=0x563bdcbaca40, avpkt=0x563bdcc61040) at
libavcodec/encode.c:325
#13 0x0000563bd5590f33 in avcodec_send_frame
(avctx=avctx at entry=0x563bdcbaca40, frame=frame at entry=0x563bdcbacf40) at
libavcodec/encode.c:466
#14 0x0000563bd50f0174 in encode_frame (of=0x563bdcbb2040,
ost=0x563bdcbabe40, frame=0x563bdcbacf40) at fftools/ffmpeg.c:933
#15 0x0000563bd50f0719 in submit_encode_frame (of=of at entry=0x563bdcbb2040,
ost=ost at entry=0x563bdcbabe40, frame=frame at entry=0x563bdcbacf40) at
fftools/ffmpeg.c:1001
#16 0x0000563bd50f07ff in do_audio_out (of=of at entry=0x563bdcbb2040,
ost=ost at entry=0x563bdcbabe40, frame=frame at entry=0x563bdcbacf40) at
fftools/ffmpeg.c:1055
#17 0x0000563bd50f4865 in reap_filters (flush=flush at entry=0) at
fftools/ffmpeg.c:1431
#18 0x0000563bd50f492b in transcode_from_filter (graph=0x563bdcbad640,
best_ist=best_ist at entry=0x7ffe8c24b760) at fftools/ffmpeg.c:3913
#19 0x0000563bd50f624d in transcode_step () at fftools/ffmpeg.c:4001
#20 0x0000563bd50f66b0 in transcode () at fftools/ffmpeg.c:4074
#21 0x0000563bd50f6aef in main (argc=9, argv=0x7ffe8c24b958) at
fftools/ffmpeg.c:4245
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7fbfe8ad4cc1 to 0x7fbfe8ad4d01:
0x00007fbfe8ad4cc1 <__GI_raise+289>: add %dh,%al
0x00007fbfe8ad4cc3 <__GI_raise+291>: (bad)
0x00007fbfe8ad4cc4 <__GI_raise+292>: push 0x39(%rdi)
0x00007fbfe8ad4cc7 <__GI_raise+295>: mov %eax,%r8d
0x00007fbfe8ad4cca <__GI_raise+298>: mov $0x8,%r10d
0x00007fbfe8ad4cd0 <__GI_raise+304>: xor %edx,%edx
0x00007fbfe8ad4cd2 <__GI_raise+306>: mov %r9,%rsi
0x00007fbfe8ad4cd5 <__GI_raise+309>: mov $0x2,%edi
0x00007fbfe8ad4cda <__GI_raise+314>: mov $0xe,%eax
0x00007fbfe8ad4cdf <__GI_raise+319>: syscall
=> 0x00007fbfe8ad4ce1 <__GI_raise+321>: mov 0x108(%rsp),%rax
0x00007fbfe8ad4ce9 <__GI_raise+329>: sub %fs:0x28,%rax
0x00007fbfe8ad4cf2 <__GI_raise+338>: jne 0x7fbfe8ad4d14
<__GI_raise+372>
0x00007fbfe8ad4cf4 <__GI_raise+340>: mov %r8d,%eax
0x00007fbfe8ad4cf7 <__GI_raise+343>: add $0x118,%rsp
0x00007fbfe8ad4cfe <__GI_raise+350>: ret
0x00007fbfe8ad4cff <__GI_raise+351>: nop
0x00007fbfe8ad4d00 <__GI_raise+352>: mov 0x182169(%rip),%rdx
# 0x7fbfe8c56e70
End of assembler dump.
(gdb) info all-registers
rax 0x0 0
rbx 0x7fbfe8a688c0 140462218709184
rcx 0x7fbfe8ad4ce1 140462219152609
rdx 0x0 0
rsi 0x7ffe8c241720 140731249596192
rdi 0x2 2
rbp 0x7fbfe8c27128 0x7fbfe8c27128
rsp 0x7ffe8c241720 0x7ffe8c241720
r8 0x0 0
r9 0x7ffe8c241720 140731249596192
r10 0x8 8
r11 0x246 582
r12 0x563bda8a652c 94815069562156
r13 0x46f 1135
r14 0x563bda8a6542 94815069562178
r15 0x0 0
rip 0x7fbfe8ad4ce1 0x7fbfe8ad4ce1 <__GI_raise+321>
eflags 0x246 [ PF ZF IF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0 (raw 0x00000000000000000000)
st7 0 (raw 0x00000000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fbb [ IE DE OE UE PE IM DM ZM OM UM PM ]
bndcfgu {raw = 0x0, config = {base = 0x0, reserved = 0x0, preserved
= 0x0, enabled = 0x0}} {raw = 0x0, config = {base = 0, reserved = 0,
preserved = 0, enabled = 0}}
bndstatus {raw = 0x0, status = {bde = 0x0, error = 0x0}} {raw = 0x0,
status = {bde = 0, error = 0}}
ymm0 {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm1 {v16_bfloat16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0x0, 0xffffffff,
0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x7fffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0}, v32_int8 = {0x0, 0x0,
0x0, 0xff <repeats 13 times>, 0x0 <repeats 16 times>}, v16_int16 = {0x0,
0xff00, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xff000000, 0xffffffff, 0xffffffff,
0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xffffffffff000000,
0xffffffffffffffff, 0x0, 0x0}, v2_int128 =
{0xffffffffffffffffffffffffff000000, 0x0}}
ymm2 {v16_bfloat16 = {0x0, 0xa, 0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0xa,
0xffffffff, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x7fffffffffffffff, 0x7fffffffffffffff, 0x0, 0x0}, v32_int8 = {0x73,
0x3a, 0x20, 0x41, 0x73, 0x73, 0x65, 0x72, 0x74, 0x69, 0x6f, 0x6e, 0x20,
0x60, 0x74, 0x68, 0x0 <repeats 16 times>}, v16_int16 = {0x3a73, 0x4120,
0x7373, 0x7265, 0x6974, 0x6e6f, 0x6020, 0x6874, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0}, v8_int32 = {0x41203a73, 0x72657373, 0x6e6f6974,
0x68746020, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7265737341203a73,
0x687460206e6f6974, 0x0, 0x0}, v2_int128 =
{0x687460206e6f69747265737341203a73, 0x0}}
ymm3 {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
0x0, 0x0, 0x0}, v32_int8 = {0x64, 0x2e, 0xa, 0x0 <repeats 29 times>},
v16_int16 = {0x2e64, 0xa, 0x0 <repeats 14 times>}, v8_int32 = {0xa2e64,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xa2e64, 0x0, 0x0, 0x0},
v2_int128 = {0xa2e64, 0x0}}
ymm4 {v16_bfloat16 = {0x0, 0xffff, 0x0 <repeats 14 times>},
v8_float = {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x7f, 0x0 <repeats 28
times>}, v16_int16 = {0x0, 0x7f80, 0x0 <repeats 14 times>}, v8_int32 =
{0x7f800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x7f800000,
0x0, 0x0, 0x0}, v2_int128 = {0x7f800000, 0x0}}
ymm5 {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x3f, 0x0 <repeats 28 times>},
v16_int16 = {0x0, 0x3f80, 0x0 <repeats 14 times>}, v8_int32 = {0x3f800000,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3f800000, 0x0, 0x0,
0x0}, v2_int128 = {0x3f800000, 0x0}}
ymm6 {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm7 {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x80, 0x3f, 0x0 <repeats 28 times>},
v16_int16 = {0x0, 0x3f80, 0x0 <repeats 14 times>}, v8_int32 = {0x3f800000,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3f800000, 0x0, 0x0,
0x0}, v2_int128 = {0x3f800000, 0x0}}
ymm8 {v16_bfloat16 = {0xffff, 0xffff, 0x0, 0xffff, 0xffff, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_float = {0xffffffff,
0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x7fffffffffffffff, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x68, 0x65, 0x6c,
0x70, 0x0, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3a, 0x0, 0x25, 0x73, 0x20, 0x0
<repeats 16 times>}, v16_int16 = {0x6800, 0x6c65, 0x70, 0x7355, 0x6761,
0x3a65, 0x2500, 0x2073, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32
= {0x6c656800, 0x73550070, 0x3a656761, 0x20732500, 0x0, 0x0, 0x0, 0x0},
v4_int64 = {0x735500706c656800, 0x207325003a656761, 0x0, 0x0}, v2_int128 =
{0x207325003a656761735500706c656800, 0x0}}
ymm9 {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm10 {v16_bfloat16 = {0x0, 0x1, 0x0 <repeats 14 times>},
v8_float = {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
0x0, 0x0, 0x0}, v32_int8 = {0x71, 0x3d, 0xca, 0x3f, 0x0 <repeats 28
times>}, v16_int16 = {0x3d71, 0x3fca, 0x0 <repeats 14 times>}, v8_int32 =
{0x3fca3d71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3fca3d71,
0x0, 0x0, 0x0}, v2_int128 = {0x3fca3d71, 0x0}}
ymm11 {v16_bfloat16 = {0x0, 0x2, 0x0 <repeats 14 times>},
v8_float = {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0,
0x0, 0x0, 0x0}, v32_int8 = {0x52, 0xb8, 0x3e, 0x40, 0x0 <repeats 28
times>}, v16_int16 = {0xb852, 0x403e, 0x0 <repeats 14 times>}, v8_int32 =
{0x403eb852, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x403eb852,
0x0, 0x0, 0x0}, v2_int128 = {0x403eb852, 0x0}}
ymm12 {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
v8_float = {0xde000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xf0, 0xf6, 0x92, 0x55, 0x0 <repeats 28
times>}, v16_int16 = {0xf6f0, 0x5592, 0x0 <repeats 14 times>}, v8_int32 =
{0x5592f6f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5592f6f0,
0x0, 0x0, 0x0}, v2_int128 = {0x5592f6f0, 0x0}}
ymm13 {v16_bfloat16 = {0x0, 0x0, 0x0 <repeats 14 times>},
v8_float = {0x6f000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double =
{0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xf0, 0xf6, 0x12, 0x55, 0x0 <repeats 28
times>}, v16_int16 = {0xf6f0, 0x5512, 0x0 <repeats 14 times>}, v8_int32 =
{0x5512f6f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x5512f6f0,
0x0, 0x0, 0x0}, v2_int128 = {0x5512f6f0, 0x0}}
ymm14 {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
0x0, 0x0}, v2_int128 = {0x0, 0x0}}
ymm15 {v16_bfloat16 = {0x0 <repeats 16 times>}, v8_float = {0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0},
v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>},
v8_int32 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0,
0x0, 0x0}, v2_int128 = {0x0, 0x0}}
bnd0 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
{lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
{lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd2 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
{lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd3 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
{lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/9927>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list