Opened 16 months ago

Last modified 10 months ago

#11479 new defect

Segfault with LTO - MacOS M4

Reported by: Levon Gevorgyan Owned by:
Priority: normal Component: avcodec
Version: git-master Keywords: SEGFAULT macos arm
Cc: Levon Gevorgyan Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description (last modified by Levon Gevorgyan)

Summary of the bug:
Any build of ffmpeg/ffprobe from e504247db6edb1cb47a9c562277f6e671f4bde1d or onwards results in segfault 11 when LTO is enabled on MacOS arm64 (M4 base model). Specific commit found using git bisect. Big buck bunny is used as an example, but I can confirm the segfault occurs on a wide range of media types and codecs (including mp3 audio).

How to reproduce:

$ ./configure --enable-lto --disable-doc --disable-htmlpages --disable-podpages --disable-txtpages
$ make
$ ./ffprobe big-buck-bunny.mp4
Segmentation fault: 11

# environment
$ clang --version
Apple clang version 16.0.0 (clang-1600.0.26.6)
Target: arm64-apple-darwin24.3.0
Thread model: posix

$ uname -mrs
Darwin 24.3.0 arm64
24.3.0 Darwin Kernel Version 24.3.0

Change History (2)

comment:1 by Levon Gevorgyan, 16 months ago

Description: modified (diff)

comment:2 by Levon Gevorgyan, 10 months ago

I just want to confirm that this is still an issue on the latest 8.0 release.

sudo lldb ffprobe test.mkv
(lldb) target create "ffprobe"
Current executable set to '/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot/bin/ffprobe' (arm64).
(lldb) settings set -- target.run-args  "test.mkv"
(lldb) r
Process 88020 launched: '/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot/bin/ffprobe' (arm64)
ffprobe version ab14508 Copyright (c) 2007-2025 the FFmpeg developers
  built with Apple clang version 17.0.0 (clang-1700.0.13.5)
  configuration: --prefix=/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot --libdir=/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot/lib --enable-lto --enable-static --extra-cflags='-I/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot/include -flto -O3 -mcpu=native -fPIC' --extra-cxxflags='-I/Volumes/External/ffmpeg-builder/gitignore/darwin_sysroot/include -flto -O3 -mcpu=native -fPIC' --pkg-config=pkg-config --pkg-config-flags=--static --cpu=native --arch=native --enable-gpl --enable-version3 --enable-nonfree --disable-htmlpages --disable-podpages --disable-txtpages --disable-autodetect
  libavutil      60.  8.100 / 60.  8.100
  libavcodec     62. 11.100 / 62. 11.100
  libavformat    62.  3.100 / 62.  3.100
  libavdevice    62.  1.100 / 62.  1.100
  libavfilter    11.  4.100 / 11.  4.100
  libswscale      9.  1.100 /  9.  1.100
  libswresample   6.  1.100 /  6.  1.100
Input #0, matroska,webm, from 'test.mkv':
  Metadata:
    TMDB            : movie/37136
    IMDB            : tt0095705
    ENCODER         : Lavf61.3.100
  Duration: 00:00:07.01, start: 0.000000, bitrate: 90915 kb/s
  Chapters:
    Chapter #0:0: start 0.000000, end 6.000000
      Metadata:
        title           : Beirut of all Evil
  Stream #0:0: Video: hevc (Main 10), yuv420p10le(tv, bt2020nc/bt2020/smpte2084), 3840x2160 [SAR 1:1 DAR 16:9], 23.98 fps, 23.98 tbr, 1k tbn (default)
    Metadata:
      BPS             : 90911145
      DURATION        : 00:00:07.006708333
      NUMBER_OF_FRAMES: 165
      NUMBER_OF_BYTES : 79615436
      _STATISTICS_WRITING_APP: mkvpropedit v74.0.0 ('You Oughta Know') 64-bit
      _STATISTICS_WRITING_DATE_UTC: 2024-04-20 15:37:22
      _STATISTICS_TAGS: BPS DURATION NUMBER_OF_FRAMES NUMBER_OF_BYTES
    Side data:
      DOVI configuration record: version: 1.0, profile: 7, level: 6, rpu flag: 1, el flag: 1, bl flag: 1, compatibility id: 6, compression: 0
Process 88020 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x3)
    frame #0: 0x0000000100ee15a0 ffprobe`___lldb_unnamed_symbol15322 + 8
ffprobe`___lldb_unnamed_symbol15322:
->  0x100ee15a0 <+8>:  ldr    x19, [x0]
    0x100ee15a4 <+12>: add    x0, x19, #0x8
    0x100ee15a8 <+16>: bl     0x100ed43f8    ; ___lldb_unnamed_symbol15188
    0x100ee15ac <+20>: mov    x0, x19
Target 0: (ffprobe) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x3)
  * frame #0: 0x0000000100ee15a0 ffprobe`___lldb_unnamed_symbol15322 + 8
    frame #1: 0x000000010037b798 ffprobe`___lldb_unnamed_symbol4416 + 16
    frame #2: 0x000000010033b6b4 ffprobe`___lldb_unnamed_symbol4066 + 52
    frame #3: 0x000000010033b624 ffprobe`___lldb_unnamed_symbol4064 + 176
    frame #4: 0x0000000100012134 ffprobe`main + 24328
    frame #5: 0x000000019cea2b98 dyld`start + 6076
(lldb)
Note: See TracTickets for help on using tickets.