vp4 crash

[ami_stuff]

​http://samples.mplayerhq.hu/V-codecs/VP4/ot171_vp40.avi

valgrind --leak-check=full ./ffmpeg_g -i ot171_vp40.avi -f null -
==19766== Memcheck, a memory error detector
==19766== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==19766== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==19766== Command: ./ffmpeg_g -i ot171_vp40.avi -f null -
==19766== 
ffmpeg version N-109064-gc124981b79 Copyright (c) 2000-2022 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: 
  libavutil      57. 42.100 / 57. 42.100
  libavcodec     59. 52.101 / 59. 52.101
  libavformat    59. 34.101 / 59. 34.101
  libavdevice    59.  8.101 / 59.  8.101
  libavfilter     8. 50.100 /  8. 50.100
  libswscale      6.  8.112 /  6.  8.112
  libswresample   4.  9.100 /  4.  9.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
  Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn
  Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, 1 channels, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> wrapped_avframe (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> pcm_s16le (native))
Press [q] to stop, [?] for help
==19766== Thread 3 av:vp4:df1:
==19766== Use of uninitialised value of size 8
==19766==    at 0x9F5D86: frame_worker_thread (pthread_frame.c:241)
==19766==    by 0x4FBC608: start_thread (pthread_create.c:477)
==19766==    by 0x50F6132: clone (clone.S:95)
==19766== 
==19766== Use of uninitialised value of size 8
==19766==    at 0x9F5D90: frame_worker_thread (pthread_frame.c:243)
==19766==    by 0x4FBC608: start_thread (pthread_create.c:477)
==19766==    by 0x50F6132: clone (clone.S:95)
==19766== 
==19766== Use of uninitialised value of size 8
==19766==    at 0x9F5DC0: frame_worker_thread (pthread_frame.c:249)
==19766==    by 0x4FBC608: start_thread (pthread_create.c:477)
==19766==    by 0x50F6132: clone (clone.S:95)
==19766== 
==19766== Invalid read of size 8
==19766==    at 0x9F5DCA: frame_worker_thread (pthread_frame.c:260)
==19766==    by 0x4FBC608: start_thread (pthread_create.c:477)
==19766==    by 0x50F6132: clone (clone.S:95)
==19766==  Address 0x106064e58 is not stack'd, malloc'd or (recently) free'd
==19766== 
==19766== 
==19766== Process terminating with default action of signal 11 (SIGSEGV)
==19766==  Access not within mapped region at address 0x106064E58
==19766==    at 0x9F5DCA: frame_worker_thread (pthread_frame.c:260)
==19766==    by 0x4FBC608: start_thread (pthread_create.c:477)
==19766==    by 0x50F6132: clone (clone.S:95)
==19766==  If you believe this happened as a result of a stack
==19766==  overflow in your program's main thread (unlikely but
==19766==  possible), you can try to increase the size of the
==19766==  main thread stack using the --main-stacksize= flag.
==19766==  The main thread stack size used in this run was 8388608.
==19766== 
==19766== HEAP SUMMARY:
==19766==     in use at exit: 12,612,355 bytes in 1,344 blocks
==19766==   total heap usage: 2,977 allocs, 1,633 frees, 20,264,076 bytes allocated
==19766== 
==19766== Thread 1:
==19766== 304 bytes in 1 blocks are possibly lost in loss record 152 of 240
==19766==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==19766==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==19766==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==19766==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==19766==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==19766==    by 0x2A199A: thread_start (ffmpeg_demux.c:397)
==19766==    by 0x2A199A: ifile_get_packet (ffmpeg_demux.c:417)
==19766==    by 0x2C6142: process_input (ffmpeg.c:3637)
==19766==    by 0x2C6142: transcode_step (ffmpeg.c:3858)
==19766==    by 0x2C6142: transcode (ffmpeg.c:3905)
==19766==    by 0x29DC8A: main (ffmpeg.c:4052)
==19766== 
==19766== 2,432 bytes in 8 blocks are possibly lost in loss record 209 of 240
==19766==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==19766==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==19766==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==19766==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==19766==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==19766==    by 0x1083EE1: avpriv_slicethread_create (slicethread.c:151)
==19766==    by 0x303389: thread_init_internal (pthread.c:77)
==19766==    by 0x303389: ff_graph_thread_init (pthread.c:96)
==19766==    by 0x2EFC44: avfilter_graph_alloc_filter (avfiltergraph.c:175)
==19766==    by 0x30192E: create_filter (graphparser.c:132)
==19766==    by 0x30192E: parse_filter (graphparser.c:201)
==19766==    by 0x3024D7: avfilter_graph_parse2 (graphparser.c:438)
==19766==    by 0x2A35DC: configure_filtergraph (ffmpeg_filter.c:1014)
==19766==    by 0x2C3B8B: ifilter_send_frame (ffmpeg.c:1945)
==19766==    by 0x2C3B8B: send_frame_to_filters.isra.0 (ffmpeg.c:2021)
==19766==    by 0x2C3F5F: decode_audio (ffmpeg.c:2087)
==19766==    by 0x2C6D34: process_input_packet (ffmpeg.c:2357)
==19766==    by 0x2C6D34: process_input (ffmpeg.c:3723)
==19766==    by 0x2C6D34: transcode_step (ffmpeg.c:3858)
==19766==    by 0x2C6D34: transcode (ffmpeg.c:3905)
==19766== 
==19766== 2,736 bytes in 9 blocks are possibly lost in loss record 210 of 240
==19766==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==19766==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==19766==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==19766==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==19766==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==19766==    by 0x256F4D: init_thread (pthread_frame.c:871)
==19766==    by 0x256F4D: ff_frame_thread_init.cold (pthread_frame.c:927)
==19766==    by 0x6EDE06: avcodec_open2 (avcodec.c:304)
==19766==    by 0x2C4F3F: init_input_stream (ffmpeg.c:2593)
==19766==    by 0x2C4F3F: transcode_init (ffmpeg.c:3197)
==19766==    by 0x2C5848: transcode (ffmpeg.c:3881)
==19766==    by 0x29DC8A: main (ffmpeg.c:4052)
==19766== 
==19766== LEAK SUMMARY:
==19766==    definitely lost: 0 bytes in 0 blocks
==19766==    indirectly lost: 0 bytes in 0 blocks
==19766==      possibly lost: 5,472 bytes in 18 blocks
==19766==    still reachable: 12,606,883 bytes in 1,326 blocks
==19766==         suppressed: 0 bytes in 0 blocks
==19766== Reachable blocks (those to which a pointer was found) are not shown.
==19766== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==19766== 
==19766== Use --track-origins=yes to see where uninitialised values come from
==19766== For lists of detected and suppressed errors, rerun with: -s
==19766== ERROR SUMMARY: 7 errors from 7 contexts (suppressed: 0 from 0)

[Carl Eugen Hoyos]

I cannot reproduce with every configuration.

[ami_stuff]

I also get the crash here (always) with this autobuild, but it's a bit outdated:

​https://johnvansickle.com/ffmpeg/builds/ffmpeg-git-amd64-static.tar.xz

[ami_stuff]

this has something to do with mmxext

valgrind --leak-check=full ./ffmpeg_g -i ot171_vp40.avi -f null -
==15147== Memcheck, a memory error detector
==15147== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==15147== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==15147== Command: ./ffmpeg_g -i ot171_vp40.avi -f null -
==15147== 
ffmpeg version N-109227-g1a7efafd33 Copyright (c) 2000-2022 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: --enable-libopenjpeg
  libavutil      57. 43.100 / 57. 43.100
  libavcodec     59. 54.100 / 59. 54.100
  libavformat    59. 34.102 / 59. 34.102
  libavdevice    59.  8.101 / 59.  8.101
  libavfilter     8. 50.101 /  8. 50.101
  libswscale      6.  8.112 /  6.  8.112
  libswresample   4.  9.100 /  4.  9.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
  Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn
  Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, 1 channels, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> wrapped_avframe (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> pcm_s16le (native))
Press [q] to stop, [?] for help
==15147== Thread 3 av:vp4:df1:
==15147== Use of uninitialised value of size 8
==15147==    at 0x9F92A6: frame_worker_thread (pthread_frame.c:241)
==15147==    by 0x502A608: start_thread (pthread_create.c:477)
==15147==    by 0x5166132: clone (clone.S:95)
==15147== 
==15147== Use of uninitialised value of size 8
==15147==    at 0x9F92B0: frame_worker_thread (pthread_frame.c:243)
==15147==    by 0x502A608: start_thread (pthread_create.c:477)
==15147==    by 0x5166132: clone (clone.S:95)
==15147== 
==15147== Use of uninitialised value of size 8
==15147==    at 0x9F92E0: frame_worker_thread (pthread_frame.c:249)
==15147==    by 0x502A608: start_thread (pthread_create.c:477)
==15147==    by 0x5166132: clone (clone.S:95)
==15147== 
==15147== Invalid read of size 8
==15147==    at 0x9F92EA: frame_worker_thread (pthread_frame.c:260)
==15147==    by 0x502A608: start_thread (pthread_create.c:477)
==15147==    by 0x5166132: clone (clone.S:95)
==15147==  Address 0x1060d5ed8 is not stack'd, malloc'd or (recently) free'd
==15147== 
==15147== 
==15147== Process terminating with default action of signal 11 (SIGSEGV)
==15147==  Access not within mapped region at address 0x1060D5ED8
==15147==    at 0x9F92EA: frame_worker_thread (pthread_frame.c:260)
==15147==    by 0x502A608: start_thread (pthread_create.c:477)
==15147==    by 0x5166132: clone (clone.S:95)
==15147==  If you believe this happened as a result of a stack
==15147==  overflow in your program's main thread (unlikely but
==15147==  possible), you can try to increase the size of the
==15147==  main thread stack using the --main-stacksize= flag.
==15147==  The main thread stack size used in this run was 8388608.
==15147== 
==15147== HEAP SUMMARY:
==15147==     in use at exit: 12,613,711 bytes in 1,348 blocks
==15147==   total heap usage: 2,982 allocs, 1,634 frees, 20,265,448 bytes allocated
==15147== 
==15147== Thread 1:
==15147== 304 bytes in 1 blocks are possibly lost in loss record 152 of 240
==15147==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==15147==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==15147==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==15147==    by 0x502B322: allocate_stack (allocatestack.c:622)
==15147==    by 0x502B322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==15147==    by 0x2A51C9: thread_start (ffmpeg_demux.c:398)
==15147==    by 0x2A51C9: ifile_get_packet (ffmpeg_demux.c:418)
==15147==    by 0x2C9621: process_input (ffmpeg.c:3597)
==15147==    by 0x2C9621: transcode_step (ffmpeg.c:3818)
==15147==    by 0x2C9621: transcode (ffmpeg.c:3865)
==15147==    by 0x2A14AA: main (ffmpeg.c:4010)
==15147== 
==15147== 2,432 bytes in 8 blocks are possibly lost in loss record 208 of 240
==15147==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==15147==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==15147==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==15147==    by 0x502B322: allocate_stack (allocatestack.c:622)
==15147==    by 0x502B322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==15147==    by 0x10882C1: avpriv_slicethread_create (slicethread.c:151)
==15147==    by 0x306829: thread_init_internal (pthread.c:77)
==15147==    by 0x306829: ff_graph_thread_init (pthread.c:96)
==15147==    by 0x2F30E4: avfilter_graph_alloc_filter (avfiltergraph.c:175)
==15147==    by 0x304DCE: create_filter (graphparser.c:132)
==15147==    by 0x304DCE: parse_filter (graphparser.c:201)
==15147==    by 0x305977: avfilter_graph_parse2 (graphparser.c:438)
==15147==    by 0x2A6E3C: configure_filtergraph (ffmpeg_filter.c:1013)
==15147==    by 0x2C732B: ifilter_send_frame (ffmpeg.c:1930)
==15147==    by 0x2C732B: send_frame_to_filters.isra.0 (ffmpeg.c:2006)
==15147==    by 0x2C76FF: decode_audio (ffmpeg.c:2072)
==15147==    by 0x2CA114: process_input_packet (ffmpeg.c:2342)
==15147==    by 0x2CA114: process_input (ffmpeg.c:3683)
==15147==    by 0x2CA114: transcode_step (ffmpeg.c:3818)
==15147==    by 0x2CA114: transcode (ffmpeg.c:3865)
==15147== 
==15147== 2,736 bytes in 9 blocks are possibly lost in loss record 209 of 240
==15147==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==15147==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==15147==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==15147==    by 0x502B322: allocate_stack (allocatestack.c:622)
==15147==    by 0x502B322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==15147==    by 0x25926D: init_thread (pthread_frame.c:871)
==15147==    by 0x25926D: ff_frame_thread_init.cold (pthread_frame.c:927)
==15147==    by 0x6EEFC6: avcodec_open2 (avcodec.c:304)
==15147==    by 0x2C85EA: init_input_stream (ffmpeg.c:2577)
==15147==    by 0x2C85EA: transcode_init (ffmpeg.c:3156)
==15147==    by 0x2C8EA8: transcode (ffmpeg.c:3841)
==15147==    by 0x2A14AA: main (ffmpeg.c:4010)
==15147== 
==15147== LEAK SUMMARY:
==15147==    definitely lost: 0 bytes in 0 blocks
==15147==    indirectly lost: 0 bytes in 0 blocks
==15147==      possibly lost: 5,472 bytes in 18 blocks
==15147==    still reachable: 12,608,239 bytes in 1,330 blocks
==15147==         suppressed: 0 bytes in 0 blocks
==15147== Reachable blocks (those to which a pointer was found) are not shown.
==15147== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==15147== 
==15147== Use --track-origins=yes to see where uninitialised values come from
==15147== For lists of detected and suppressed errors, rerun with: -s
==15147== ERROR SUMMARY: 7 errors from 7 contexts (suppressed: 0 from 0)

valgrind --leak-check=full ./ffmpeg_g -cpuflags -mmxext -i ot171_vp40.avi -f null -
==15199== Memcheck, a memory error detector
==15199== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==15199== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==15199== Command: ./ffmpeg_g -cpuflags -mmxext -i ot171_vp40.avi -f null -
==15199== 
ffmpeg version N-109227-g1a7efafd33 Copyright (c) 2000-2022 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: --enable-libopenjpeg
  libavutil      57. 43.100 / 57. 43.100
  libavcodec     59. 54.100 / 59. 54.100
  libavformat    59. 34.102 / 59. 34.102
  libavdevice    59.  8.101 / 59.  8.101
  libavfilter     8. 50.101 /  8. 50.101
  libswscale      6.  8.112 /  6.  8.112
  libswresample   4.  9.100 /  4.  9.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
  Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn
  Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, 1 channels, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> wrapped_avframe (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> pcm_s16le (native))
Press [q] to stop, [?] for help
Output #0, null, to 'pipe:':
  Metadata:
    encoder         : Lavf59.34.102
  Stream #0:0: Video: wrapped_avframe, yuv420p(progressive), 160x112, q=2-31, 200 kb/s, 15 fps, 15 tbn
    Metadata:
      encoder         : Lavc59.54.100 wrapped_avframe
  Stream #0:1: Audio: pcm_s16le, 11025 Hz, mono, s16, 176 kb/s
    Metadata:
      encoder         : Lavc59.54.100 pcm_s16le
frame=  364 fps=139 q=-0.0 Lsize=N/A time=00:00:24.23 bitrate=N/A speed=9.27x    
video:171kB audio:523kB subtitle:0kB other streams:0kB global headers:0kB muxing overhead: unknown
==15199== 
==15199== HEAP SUMMARY:
==15199==     in use at exit: 0 bytes in 0 blocks
==15199==   total heap usage: 27,801 allocs, 27,801 frees, 23,578,463 bytes allocated
==15199== 
==15199== All heap blocks were freed -- no leaks are possible
==15199== 
==15199== For lists of detected and suppressed errors, rerun with: -s
==15199== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

[ami_stuff]

with -threads 1 I get this:

Thread 1 "ffmpeg_g" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50	../sysdeps/unix/sysv/linux/raise.c
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff75fe859 in __GI_abort () at abort.c:79
#2  0x00007ffff766926e in __libc_message (action=action@entry=do_abort, 
    fmt=fmt@entry=0x7ffff779308f "*** %s ***: terminated\n")
    at ../sysdeps/posix/libc_fatal.c:155
#3  0x00007ffff770baba in __GI___fortify_fail (
    msg=msg@entry=0x7ffff7793077 "stack smashing detected")
    at fortify_fail.c:26
#4  0x00007ffff770ba86 in __stack_chk_fail () at stack_chk_fail.c:24
#5  0x0000555555f87916 in vp3_decode_frame (avctx=<optimized out>, 
    frame=<optimized out>, got_frame=<optimized out>, avpkt=<optimized out>)
    at libavcodec/vp3.c:2641
#6  0x0000555555b93302 in decode_simple_internal (
    discarded_samples=<synthetic pointer>, frame=0x55555717de30, 
    avctx=0x5555570247f0) at libavcodec/decode.c:307
#7  decode_simple_receive_frame (frame=<optimized out>, avctx=<optimized out>)
    at libavcodec/decode.c:563
#8  decode_receive_frame_internal (avctx=avctx@entry=0x5555570247f0, 
    frame=0x55555717de30) at libavcodec/decode.c:584
#9  0x0000555555b93eb0 in avcodec_send_packet (avctx=0x5555570247f0, 
    avpkt=0x555557021dd0) at libavcodec/decode.c:665
#10 0x000055555570808f in decode (pkt=0x555557021dd0, 
    got_frame=0x7fffffffdc60, frame=0x55555717c030, avctx=0x5555570247f0)
--Type <RET> for more, q to quit, c to continue without paging--
    at fftools/ffmpeg.c:1984
#11 decode_video (ist=0x5555570313d0, pkt=0x555557021dd0, 
    got_output=0x7fffffffdc60, duration_pts=0x7fffffffdc70, eof=0, 
    decode_failed=0x7fffffffdc64) at fftools/ffmpeg.c:2109
#12 0x000055555570ac7a in process_input_packet (no_eof=0, pkt=<optimized out>, 
    ist=0x5555570313d0) at fftools/ffmpeg.c:3558
#13 process_input (file_index=<optimized out>) at fftools/ffmpeg.c:3683
#14 transcode_step () at fftools/ffmpeg.c:3818
#15 transcode () at fftools/ffmpeg.c:3865
#16 0x00005555556e1c3b in main (argc=8, argv=0x7fffffffdf38)
    at fftools/ffmpeg.c:4010

==34043== Invalid read of size 8
==34043==    at 0x747318: decode_simple_internal (decode.c:311)
==34043==    by 0x747318: decode_simple_receive_frame (decode.c:563)
==34043==    by 0x747318: decode_receive_frame_internal (decode.c:584)
==34043==    by 0x747EAF: avcodec_send_packet (decode.c:665)
==34043==    by 0x2BC08E: decode (ffmpeg.c:1984)
==34043==    by 0x2BC08E: decode_video (ffmpeg.c:2109)
==34043==    by 0x2BEC79: process_input_packet (ffmpeg.c:2347)
==34043==    by 0x2BEC79: process_input (ffmpeg.c:3683)
==34043==    by 0x2BEC79: transcode_step (ffmpeg.c:3818)
==34043==    by 0x2BEC79: transcode (ffmpeg.c:3865)
==34043==    by 0x295C3A: main (ffmpeg.c:4010)
==34043==  Address 0x105ede780 is not stack'd, malloc'd or (recently) free'd
==34043== 
==34043== 
==34043== Process terminating with default action of signal 11 (SIGSEGV)
==34043==  Access not within mapped region at address 0x105EDE780
==34043==    at 0x747318: decode_simple_internal (decode.c:311)
==34043==    by 0x747318: decode_simple_receive_frame (decode.c:563)
==34043==    by 0x747318: decode_receive_frame_internal (decode.c:584)
==34043==    by 0x747EAF: avcodec_send_packet (decode.c:665)
==34043==    by 0x2BC08E: decode (ffmpeg.c:1984)
==34043==    by 0x2BC08E: decode_video (ffmpeg.c:2109)
==34043==    by 0x2BEC79: process_input_packet (ffmpeg.c:2347)
==34043==    by 0x2BEC79: process_input (ffmpeg.c:3683)
==34043==    by 0x2BEC79: transcode_step (ffmpeg.c:3818)
==34043==    by 0x2BEC79: transcode (ffmpeg.c:3865)
==34043==    by 0x295C3A: main (ffmpeg.c:4010)
==34043==  If you believe this happened as a result of a stack
==34043==  overflow in your program's main thread (unlikely but
==34043==  possible), you can try to increase the size of the
==34043==  main thread stack using the --main-stacksize= flag.
==34043==  The main thread stack size used in this run was 8388608.

[ami_stuff]

it's a regression since fd172185580c1ccdcfb90bbfdb59fa806fad3117

valgrind --leak-check=full ./ffmpeg_g -threads 1 -i ot171_vp40.avi -y out.avi
==36339== Memcheck, a memory error detector
==36339== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==36339== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==36339== Command: ./ffmpeg_g -threads 1 -i ot171_vp40.avi -y out.avi
==36339== 
ffmpeg version N-95589-gd3dee676b8 Copyright (c) 2000-2019 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: 
  libavutil      56. 35.101 / 56. 35.101
  libavcodec     58. 60.100 / 58. 60.100
  libavformat    58. 33.100 / 58. 33.100
  libavdevice    58.  9.100 / 58.  9.100
  libavfilter     7. 66.100 /  7. 66.100
  libswscale      5.  6.100 /  5.  6.100
  libswresample   3.  6.100 /  3.  6.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
    Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn, 15 tbc
    Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, mono, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> mpeg4 (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> ac3 (native))
Press [q] to stop, [?] for help
[mpeg4 @ 0x5e92a00] too many threads/slices (8), reducing to 7
Output #0, avi, to 'out.avi':
  Metadata:
    ISFT            : Lavf58.33.100
    Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 160x112, q=2-31, 200 kb/s, 15 fps, 15 tbn, 15 tbc
    Metadata:
      encoder         : Lavc58.60.100 mpeg4
    Side data:
      cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay: N/A
    Stream #0:1: Audio: ac3 ([0] [0][0] / 0x2000), 11025 Hz, mono, fltp, 96 kb/s
    Metadata:
      encoder         : Lavc58.60.100 ac3
frame=    1 fps=0.9 q=2.5 size=      10kB time=00:00:00.55 bitrate= 142.2kbits/sframe=   42 fps= 25 q=2.0 size=      10kB time=00:00:03.20 bitrate=  24.7kbits/sframe=   99 fps= 46 q=2.0 size=      10kB time=00:00:06.96 bitrate=  11.4kbits/sframe=  152 fps= 57 q=2.0 size=     266kB time=00:00:10.58 bitrate= 205.5kbits/sframe=  207 fps= 65 q=2.0 size=     266kB time=00:00:14.21 bitrate= 153.2kbits/sframe=  265 fps= 72 q=1.6 size=     522kB time=00:00:18.11 bitrate= 236.0kbits/sframe=  320 fps= 76 q=2.0 size=     522kB time=00:00:21.73 bitrate= 196.6kbits/sframe=  364 fps= 79 q=2.0 Lsize=     846kB time=00:00:24.38 bitrate= 284.4kbits/s speed=5.28x    
video:538kB audio:286kB subtitle:0kB other streams:0kB global headers:0kB muxing overhead: 2.729511%
==36339== 
==36339== HEAP SUMMARY:
==36339==     in use at exit: 0 bytes in 0 blocks
==36339==   total heap usage: 56,717 allocs, 56,717 frees, 12,828,653 bytes allocated
==36339== 
==36339== All heap blocks were freed -- no leaks are possible
==36339== 
==36339== For lists of detected and suppressed errors, rerun with: -s
==36339== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

valgrind --leak-check=full ./ffmpeg_g -threads 1 -i ot171_vp40.avi -y out.avi
==42690== Memcheck, a memory error detector
==42690== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==42690== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==42690== Command: ./ffmpeg_g -threads 1 -i ot171_vp40.avi -y out.avi
==42690== 
ffmpeg version N-95590-gfd17218558 Copyright (c) 2000-2019 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: 
  libavutil      56. 35.101 / 56. 35.101
  libavcodec     58. 60.100 / 58. 60.100
  libavformat    58. 33.100 / 58. 33.100
  libavdevice    58.  9.100 / 58.  9.100
  libavfilter     7. 66.100 /  7. 66.100
  libswscale      5.  6.100 /  5.  6.100
  libswresample   3.  6.100 /  3.  6.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
    Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn, 15 tbc
    Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, mono, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> mpeg4 (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> ac3 (native))
Press [q] to stop, [?] for help
[mpeg4 @ 0x5e92a40] too many threads/slices (8), reducing to 7
Output #0, avi, to 'out.avi':
  Metadata:
    ISFT            : Lavf58.33.100
    Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 160x112, q=2-31, 200 kb/s, 15 fps, 15 tbn, 15 tbc
    Metadata:
      encoder         : Lavc58.60.100 mpeg4
    Side data:
      cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay: N/A
    Stream #0:1: Audio: ac3 ([0] [0][0] / 0x2000), 11025 Hz, mono, fltp, 96 kb/s
    Metadata:
      encoder         : Lavc58.60.100 ac3
frame=    1 fps=0.9 q=2.5 size=      10kB time=00:00:00.55 bitrate= 142.2kbits/s==42690==
Invalid read of size 8
==42690==    at 0x62CC83: decode_simple_internal (decode.c:434)
==42690==    by 0x62CC83: decode_simple_receive_frame (decode.c:628)
==42690==    by 0x62CC83: decode_receive_frame_internal (decode.c:646)
==42690==    by 0x62D96F: avcodec_send_packet (decode.c:704)
==42690==    by 0x2954F9: decode (ffmpeg.c:2231)
==42690==    by 0x2954F9: decode_video (ffmpeg.c:2373)
==42690==    by 0x2954F9: process_input_packet (ffmpeg.c:2614)
==42690==    by 0x298AA7: process_input (ffmpeg.c:4509)
==42690==    by 0x298AA7: transcode_step (ffmpeg.c:4629)
==42690==    by 0x298AA7: transcode (ffmpeg.c:4683)
==42690==    by 0x2774AD: main (ffmpeg.c:4885)
==42690==  Address 0x105e81310 is not stack'd, malloc'd or (recently) free'd
==42690== 
==42690== 
==42690== Process terminating with default action of signal 11 (SIGSEGV)
==42690==  Access not within mapped region at address 0x105E81310
==42690==    at 0x62CC83: decode_simple_internal (decode.c:434)
==42690==    by 0x62CC83: decode_simple_receive_frame (decode.c:628)
==42690==    by 0x62CC83: decode_receive_frame_internal (decode.c:646)
==42690==    by 0x62D96F: avcodec_send_packet (decode.c:704)
==42690==    by 0x2954F9: decode (ffmpeg.c:2231)
==42690==    by 0x2954F9: decode_video (ffmpeg.c:2373)
==42690==    by 0x2954F9: process_input_packet (ffmpeg.c:2614)
==42690==    by 0x298AA7: process_input (ffmpeg.c:4509)
==42690==    by 0x298AA7: transcode_step (ffmpeg.c:4629)
==42690==    by 0x298AA7: transcode (ffmpeg.c:4683)
==42690==    by 0x2774AD: main (ffmpeg.c:4885)
==42690==  If you believe this happened as a result of a stack
==42690==  overflow in your program's main thread (unlikely but
==42690==  possible), you can try to increase the size of the
==42690==  main thread stack using the --main-stacksize= flag.
==42690==  The main thread stack size used in this run was 8388608.
==42690== 
==42690== HEAP SUMMARY:
==42690==     in use at exit: 3,896,480 bytes in 801 blocks
==42690==   total heap usage: 3,105 allocs, 2,304 frees, 7,238,496 bytes allocated
==42690== 
==42690== 2,128 bytes in 7 blocks are possibly lost in loss record 395 of 445
==42690==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==42690==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==42690==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==42690==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==42690==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==42690==    by 0xF67F71: avpriv_slicethread_create (slicethread.c:147)
==42690==    by 0x88C482: ff_slice_thread_init (pthread_slice.c:159)
==42690==    by 0x98182E: avcodec_open2 (utils.c:754)
==42690==    by 0x29299A: init_output_stream.constprop.0 (ffmpeg.c:3508)
==42690==    by 0x294CF0: reap_filters (ffmpeg.c:1443)
==42690==    by 0x298AB8: transcode_step (ffmpeg.c:4639)
==42690==    by 0x298AB8: transcode (ffmpeg.c:4683)
==42690==    by 0x2774AD: main (ffmpeg.c:4885)
==42690== 
==42690== 2,432 bytes in 8 blocks are possibly lost in loss record 398 of 445
==42690==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==42690==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==42690==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==42690==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==42690==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==42690==    by 0xF67F71: avpriv_slicethread_create (slicethread.c:147)
==42690==    by 0x2D0659: thread_init_internal (pthread.c:78)
==42690==    by 0x2D0659: ff_graph_thread_init (pthread.c:97)
==42690==    by 0x2BE6B9: avfilter_graph_alloc_filter (avfiltergraph.c:180)
==42690==    by 0x2CEBD8: create_filter (graphparser.c:130)
==42690==    by 0x2CEBD8: parse_filter (graphparser.c:192)
==42690==    by 0x2CF797: avfilter_graph_parse2 (graphparser.c:427)
==42690==    by 0x2835A0: configure_filtergraph (ffmpeg_filter.c:1056)
==42690==    by 0x295167: ifilter_send_frame (ffmpeg.c:2180)
==42690==    by 0x295167: send_frame_to_filters (ffmpeg.c:2261)
==42690==    by 0x295EAF: decode_audio (ffmpeg.c:2328)
==42690==    by 0x295EAF: process_input_packet (ffmpeg.c:2610)
==42690==    by 0x298AA7: process_input (ffmpeg.c:4509)
==42690==    by 0x298AA7: transcode_step (ffmpeg.c:4629)
==42690==    by 0x298AA7: transcode (ffmpeg.c:4683)
==42690== 
==42690== 2,432 bytes in 8 blocks are possibly lost in loss record 399 of 445
==42690==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==42690==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==42690==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==42690==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==42690==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==42690==    by 0xF67F71: avpriv_slicethread_create (slicethread.c:147)
==42690==    by 0x2D0659: thread_init_internal (pthread.c:78)
==42690==    by 0x2D0659: ff_graph_thread_init (pthread.c:97)
==42690==    by 0x2BE6B9: avfilter_graph_alloc_filter (avfiltergraph.c:180)
==42690==    by 0x2CEBD8: create_filter (graphparser.c:130)
==42690==    by 0x2CEBD8: parse_filter (graphparser.c:192)
==42690==    by 0x2CF797: avfilter_graph_parse2 (graphparser.c:427)
==42690==    by 0x2835A0: configure_filtergraph (ffmpeg_filter.c:1056)
==42690==    by 0x295167: ifilter_send_frame (ffmpeg.c:2180)
==42690==    by 0x295167: send_frame_to_filters (ffmpeg.c:2261)
==42690==    by 0x295920: decode_video (ffmpeg.c:2460)
==42690==    by 0x295920: process_input_packet (ffmpeg.c:2614)
==42690==    by 0x298AA7: process_input (ffmpeg.c:4509)
==42690==    by 0x298AA7: transcode_step (ffmpeg.c:4629)
==42690==    by 0x298AA7: transcode (ffmpeg.c:4683)
==42690== 
==42690== LEAK SUMMARY:
==42690==    definitely lost: 0 bytes in 0 blocks
==42690==    indirectly lost: 0 bytes in 0 blocks
==42690==      possibly lost: 6,992 bytes in 23 blocks
==42690==    still reachable: 3,889,488 bytes in 778 blocks
==42690==         suppressed: 0 bytes in 0 blocks
==42690== Reachable blocks (those to which a pointer was found) are not shown.
==42690== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==42690== 
==42690== For lists of detected and suppressed errors, rerun with: -s
==42690== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0)

valgrind --leak-check=full ./ffmpeg_g -i ot171_vp40.avi -y out.avi
==42750== Memcheck, a memory error detector
==42750== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==42750== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==42750== Command: ./ffmpeg_g -i ot171_vp40.avi -y out.avi
==42750== 
ffmpeg version N-95590-gfd17218558 Copyright (c) 2000-2019 the FFmpeg developers
  built with gcc 9 (Ubuntu 9.4.0-1ubuntu1~20.04.1)
  configuration: 
  libavutil      56. 35.101 / 56. 35.101
  libavcodec     58. 60.100 / 58. 60.100
  libavformat    58. 33.100 / 58. 33.100
  libavdevice    58.  9.100 / 58.  9.100
  libavfilter     7. 66.100 /  7. 66.100
  libswscale      5.  6.100 /  5.  6.100
  libswresample   3.  6.100 /  3.  6.100
Guessed Channel Layout for Input Stream #0.1 : mono
Input #0, avi, from 'ot171_vp40.avi':
  Duration: 00:00:24.27, start: 0.000000, bitrate: 245 kb/s
    Stream #0:0: Video: vp4 (VP40 / 0x30345056), yuv420p, 160x112, 147 kb/s, 15 fps, 15 tbr, 15 tbn, 15 tbc
    Stream #0:1: Audio: pcm_u8 ([1][0][0][0] / 0x0001), 11025 Hz, mono, u8, 88 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (vp4 (native) -> mpeg4 (native))
  Stream #0:1 -> #0:1 (pcm_u8 (native) -> ac3 (native))
Press [q] to stop, [?] for help
==42750== Thread 3:
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B0DB: frame_worker_thread (pthread_frame.c:201)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B0E5: frame_worker_thread (pthread_frame.c:203)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B121: frame_worker_thread (pthread_frame.c:213)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B12B: frame_worker_thread (pthread_frame.c:218)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FBEFC4: pthread_mutex_lock (pthread_mutex_lock.c:67)
==42750==    by 0x88B143: frame_worker_thread (pthread_frame.c:224)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FBEFEF: pthread_mutex_lock (pthread_mutex_lock.c:80)
==42750==    by 0x88B143: frame_worker_thread (pthread_frame.c:224)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FBEFF9: pthread_mutex_lock (pthread_mutex_lock.c:81)
==42750==    by 0x88B143: frame_worker_thread (pthread_frame.c:224)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FBF00C: pthread_mutex_lock (pthread_mutex_lock.c:159)
==42750==    by 0x88B143: frame_worker_thread (pthread_frame.c:224)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC42A3: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:43)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC42C8: __condvar_acquire_lock (pthread_cond_common.c:256)
==42750==    by 0x4FC42C8: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:48)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC42DD: __condvar_acquire_lock (pthread_cond_common.c:259)
==42750==    by 0x4FC42DD: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:48)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC42E4: __condvar_load_wseq_relaxed (pthread_cond_common.c:31)
==42750==    by 0x4FC42E4: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:50)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC4338: __condvar_get_orig_size (pthread_cond_common.c:301)
==42750==    by 0x4FC4338: __condvar_quiesce_and_switch_g1 (pthread_cond_common.c:352)
==42750==    by 0x4FC4338: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:73)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC435A: __condvar_quiesce_and_switch_g1 (pthread_cond_common.c:354)
==42750==    by 0x4FC435A: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:73)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC44D4: __condvar_release_lock (pthread_cond_common.c:291)
==42750==    by 0x4FC44D4: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:83)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC44DF: __condvar_release_lock (pthread_cond_common.c:291)
==42750==    by 0x4FC44DF: pthread_cond_broadcast@@GLIBC_2.3.2 (pthread_cond_broadcast.c:83)
==42750==    by 0x88B157: frame_worker_thread (pthread_frame.c:228)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC3F53: pthread_cond_signal@@GLIBC_2.3.2 (pthread_cond_signal.c:42)
==42750==    by 0x88B160: frame_worker_thread (pthread_frame.c:229)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC07B4: __pthread_mutex_unlock_usercnt (pthread_mutex_unlock.c:41)
==42750==    by 0x4FC07B4: pthread_mutex_unlock (pthread_mutex_unlock.c:357)
==42750==    by 0x88B168: frame_worker_thread (pthread_frame.c:230)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC07CB: __pthread_mutex_unlock_usercnt (pthread_mutex_unlock.c:55)
==42750==    by 0x4FC07CB: pthread_mutex_unlock (pthread_mutex_unlock.c:357)
==42750==    by 0x88B168: frame_worker_thread (pthread_frame.c:230)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B030: frame_worker_thread (pthread_frame.c:176)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC3194: __condvar_fetch_add_wseq_acquire (pthread_cond_common.c:37)
==42750==    by 0x4FC3194: __pthread_cond_wait_common (pthread_cond_wait.c:403)
==42750==    by 0x4FC3194: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC31FA: __pthread_cond_wait_common (pthread_cond_wait.c:434)
==42750==    by 0x4FC31FA: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC32FF: __pthread_cond_wait_common (pthread_cond_wait.c:486)
==42750==    by 0x4FC32FF: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC3303: __pthread_cond_wait_common (pthread_cond_wait.c:487)
==42750==    by 0x4FC3303: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x4FC330E: __condvar_load_g1_start_relaxed (pthread_cond_common.c:49)
==42750==    by 0x4FC330E: __pthread_cond_wait_common (pthread_cond_wait.c:488)
==42750==    by 0x4FC330E: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Syscall param futex(futex) contains uninitialised byte(s)
==42750==    at 0x4FC3376: futex_wait_cancelable (futex-internal.h:183)
==42750==    by 0x4FC3376: __pthread_cond_wait_common (pthread_cond_wait.c:508)
==42750==    by 0x4FC3376: pthread_cond_wait@@GLIBC_2.3.2 (pthread_cond_wait.c:647)
==42750==    by 0x88B225: frame_worker_thread (pthread_frame.c:177)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
frame=    0 fps=0.0 q=0.0 size=       0kB time=-577014:32:22.77 bitrate=  -0.0kb==42750== Thread 10:
==42750== Invalid write of size 4
==42750==    at 0x88B0DB: frame_worker_thread (pthread_frame.c:201)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750==  Address 0x5edcfe3 is 29 bytes before a block of size 1,120 in arena "client"
==42750== 
==42750== Invalid read of size 4
==42750==    at 0x88B0E5: frame_worker_thread (pthread_frame.c:203)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750==  Address 0x5edcfdf is 31 bytes after a block of size 16 in arena "client"
==42750== 
==42750== Use of uninitialised value of size 8
==42750==    at 0x88B170: frame_worker_thread (pthread_frame.c:214)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750== 
==42750== Invalid read of size 4
==42750==    at 0x4FC07B4: __pthread_mutex_unlock_usercnt (pthread_mutex_unlock.c:41)
==42750==    by 0x4FC07B4: pthread_mutex_unlock (pthread_mutex_unlock.c:357)
==42750==    by 0x88B185: frame_worker_thread (pthread_frame.c:215)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750==  Address 0x629354048 is not stack'd, malloc'd or (recently) free'd
==42750== 
==42750== 
==42750== Process terminating with default action of signal 11 (SIGSEGV)
==42750==  Access not within mapped region at address 0x629354048
==42750==    at 0x4FC07B4: __pthread_mutex_unlock_usercnt (pthread_mutex_unlock.c:41)
==42750==    by 0x4FC07B4: pthread_mutex_unlock (pthread_mutex_unlock.c:357)
==42750==    by 0x88B185: frame_worker_thread (pthread_frame.c:215)
==42750==    by 0x4FBC608: start_thread (pthread_create.c:477)
==42750==    by 0x50F6132: clone (clone.S:95)
==42750==  If you believe this happened as a result of a stack
==42750==  overflow in your program's main thread (unlikely but
==42750==  possible), you can try to increase the size of the
==42750==  main thread stack using the --main-stacksize= flag.
==42750==  The main thread stack size used in this run was 8388608.
==42750== 
==42750== HEAP SUMMARY:
==42750==     in use at exit: 3,477,272 bytes in 911 blocks
==42750==   total heap usage: 2,232 allocs, 1,321 frees, 6,435,466 bytes allocated
==42750== 
==42750== Thread 1:
==42750== 2,432 bytes in 8 blocks are possibly lost in loss record 259 of 302
==42750==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==42750==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==42750==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==42750==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==42750==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==42750==    by 0xF67F71: avpriv_slicethread_create (slicethread.c:147)
==42750==    by 0x2D0659: thread_init_internal (pthread.c:78)
==42750==    by 0x2D0659: ff_graph_thread_init (pthread.c:97)
==42750==    by 0x2BE6B9: avfilter_graph_alloc_filter (avfiltergraph.c:180)
==42750==    by 0x2CEBD8: create_filter (graphparser.c:130)
==42750==    by 0x2CEBD8: parse_filter (graphparser.c:192)
==42750==    by 0x2CF797: avfilter_graph_parse2 (graphparser.c:427)
==42750==    by 0x2835A0: configure_filtergraph (ffmpeg_filter.c:1056)
==42750==    by 0x295167: ifilter_send_frame (ffmpeg.c:2180)
==42750==    by 0x295167: send_frame_to_filters (ffmpeg.c:2261)
==42750==    by 0x295EAF: decode_audio (ffmpeg.c:2328)
==42750==    by 0x295EAF: process_input_packet (ffmpeg.c:2610)
==42750==    by 0x298AA7: process_input (ffmpeg.c:4509)
==42750==    by 0x298AA7: transcode_step (ffmpeg.c:4629)
==42750==    by 0x298AA7: transcode (ffmpeg.c:4683)
==42750== 
==42750== 2,736 bytes in 9 blocks are possibly lost in loss record 260 of 302
==42750==    at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==42750==    by 0x40149DA: allocate_dtv (dl-tls.c:286)
==42750==    by 0x40149DA: _dl_allocate_tls (dl-tls.c:532)
==42750==    by 0x4FBD322: allocate_stack (allocatestack.c:622)
==42750==    by 0x4FBD322: pthread_create@@GLIBC_2.2.5 (pthread_create.c:660)
==42750==    by 0x88B767: ff_frame_thread_init (pthread_frame.c:828)
==42750==    by 0x98182E: avcodec_open2 (utils.c:754)
==42750==    by 0x297674: init_input_stream (ffmpeg.c:2930)
==42750==    by 0x297674: transcode_init (ffmpeg.c:3687)
==42750==    by 0x297674: transcode (ffmpeg.c:4654)
==42750==    by 0x2774AD: main (ffmpeg.c:4885)
==42750== 
==42750== LEAK SUMMARY:
==42750==    definitely lost: 0 bytes in 0 blocks
==42750==    indirectly lost: 0 bytes in 0 blocks
==42750==      possibly lost: 5,168 bytes in 17 blocks
==42750==    still reachable: 3,472,104 bytes in 894 blocks
==42750==         suppressed: 0 bytes in 0 blocks
==42750== Reachable blocks (those to which a pointer was found) are not shown.
==42750== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==42750== 
==42750== Use --track-origins=yes to see where uninitialised values come from
==42750== For lists of detected and suppressed errors, rerun with: -s
==42750== ERROR SUMMARY: 61 errors from 32 contexts (suppressed: 0 from 0)

[Mika Fischer]

The patch above fixes the issue for me, it's a simple typo. I can't believe this has gone unnoticed for 5 years - especially considering there's a VP4 file in the fate suite that triggers this issue.