Opened 5 years ago

Closed 5 years ago

#1441 closed defect (fixed)

Segfault using libfaac/libaacplus, -absf aac_adtstoasc, and mpegts muxer

Reported by: burek Owned by:
Priority: normal Component: ffmpeg
Version: git-master Keywords: libfaac libaacplus mpegts absf aac_adtstoasc
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

Summary of the bug: When using the following line, ffmpeg crashes after 4-5 seconds.

How to reproduce:

% ffmpeg -f v4l2 -s cif -r 30 -i /dev/video0 -f alsa -ar 44100 -ac 2 -i hw:0 -vcodec libx264 -acodec libaacplus -ab 32k -absf aac_adtstoasc -f mpegts udp://192.168.2.2:10001

ffmpeg version git-2012-06-07-6668ef7 Copyright (c) 2000-2012 the FFmpeg developers

built on debian/testing

gdb:

# gdb ffmpeg_g
                                                                                         
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /root/tmp/ffmpeg/ffmpeg_g...done.
(gdb) r -f v4l2 -s cif -r 30 -i /dev/video0 -f alsa -ar 44100 -ac 2 -i hw:0 -vcodec libx264 -acodec libaacplus -ab 32k -absf aac_adtstoasc -f mpegts udp://192.168.2.2:10001
Starting program: /root/tmp/ffmpeg/ffmpeg_g -f v4l2 -s cif -r 30 -i /dev/video0 -f alsa -ar 44100 -ac 2 -i hw:0 -vcodec libx264 -acodec libaacplus -ab 32k -absf aac_adtstoasc -f mpegts udp://192.168.2.2:10001
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version git-2012-06-07-6668ef7 Copyright (c) 2000-2012 the FFmpeg developers
  built on Jun  8 2012 00:47:25 with gcc 4.6.2
  configuration: --enable-static --enable-shared --enable-gpl --enable-nonfree --enable-postproc --enable-libx264 --enable-libaacplus --enable-libmp3lame --enable-libv4l2
  libavutil      51. 56.100 / 51. 56.100
  libavcodec     54. 25.100 / 54. 25.100
  libavformat    54.  6.101 / 54.  6.101
  libavdevice    54.  0.100 / 54.  0.100
  libavfilter     2. 78.101 /  2. 78.101
  libswscale      2.  1.100 /  2.  1.100
  libswresample   0. 15.100 /  0. 15.100
  libpostproc    52.  0.100 / 52.  0.100
[video4linux2,v4l2 @ 0x62c320] Estimating duration from bitrate, this may be inaccurate
Input #0, video4linux2,v4l2, from '/dev/video0':
  Duration: N/A, start: 33314.526290, bitrate: 36495 kb/s
    Stream #0:0: Video: rawvideo (I420 / 0x30323449), yuv420p, 352x288, 36495 kb/s, 30 tbr, 1000k tbn, 30 tbc
[alsa @ 0x639f80] Estimating duration from bitrate, this may be inaccurate
Guessed Channel Layout for  Input Stream #1.0 : stereo
Input #1, alsa, from 'hw:0':
  Duration: N/A, start: 1339438588.185004, bitrate: 1411 kb/s
    Stream #1:0: Audio: pcm_s16le, 44100 Hz, stereo, s16, 1411 kb/s
[buffer @ 0x63f420] w:352 h:288 pixfmt:yuv420p tb:1/30 sar:0/1 sws_param:flags=2
[ffmpeg_buffersink @ 0x6409a0] No opaque field provided
[buffer @ 0x63f420] TB:0.033333
[libx264 @ 0x63c120] using cpu capabilities: MMX2 SSE2Fast SSSE3 Cache64
[New Thread 0x7fffd30a5700 (LWP 12843)]
[New Thread 0x7fffd28a4700 (LWP 12844)]
[New Thread 0x7fffd20a3700 (LWP 12845)]
[New Thread 0x7fffd12e1700 (LWP 12846)]
[libx264 @ 0x63c120] profile High, level 1.3
[mpegts @ 0x63bc00] muxrate VBR, pcr every 3 pkts, sdt every 200, pat/pmt every 40 pkts
Output #0, mpegts, to 'udp://192.168.2.2:10001':
  Metadata:
    encoder         : Lavf54.6.101
    Stream #0:0: Video: h264, yuv420p, 352x288, q=-1--1, 90k tbn, 30 tbc
    Stream #0:1: Audio: aac, 44100 Hz, stereo, s16, 32 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (rawvideo -> libx264)
  Stream #1:0 -> #0:1 (pcm_s16le -> libaacplus)
Press [q] to stop, [?] for help
[alsa @ 0x639f80] ALSA buffer xrun.
AAC bitstream not in ADTS format and extradata missing05.03 bitrate= 221.4kbits/s
*** glibc detected *** /root/tmp/ffmpeg/ffmpeg_g: free(): invalid pointer: 0x0000000000c46547 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x75ab6)[0x7ffff5740ab6]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x6c)[0x7ffff57457ec]
/usr/local/lib/libavcodec.so.54(av_destruct_packet+0xd)[0x7ffff684186d]
/usr/local/lib/libavcodec.so.54(av_free_packet+0x14)[0x7ffff6841c74]
/usr/local/lib/libavformat.so.54(av_interleaved_write_frame+0xe9)[0x7ffff76e8259]
/root/tmp/ffmpeg/ffmpeg_g[0x40ecb8]
/root/tmp/ffmpeg/ffmpeg_g[0x410f44]
/root/tmp/ffmpeg/ffmpeg_g[0x408134]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd)[0x7ffff56e9ead]
/root/tmp/ffmpeg/ffmpeg_g[0x408dc1]
======= Memory map: ========
00400000-00420000 r-xp 00000000 08:01 5472265                            /root/tmp/ffmpeg/ffmpeg_g
0061f000-00622000 rw-p 0001f000 08:01 5472265                            /root/tmp/ffmpeg/ffmpeg_g
00622000-0137d000 rw-p 00000000 00:00 0                                  [heap]
7fffc8000000-7fffc8021000 rw-p 00000000 00:00 0
7fffc8021000-7fffcc000000 ---p 00000000 00:00 0
7fffcf4f2000-7fffcf507000 r-xp 00000000 08:01 12338103                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7fffcf507000-7fffcf707000 ---p 00015000 08:01 12338103                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7fffcf707000-7fffcf708000 rw-p 00015000 08:01 12338103                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7fffcf70e000-7fffd0ae1000 rw-p 00000000 00:00 0
7fffd0ae1000-7fffd0ae2000 ---p 00000000 00:00 0
7fffd0ae2000-7fffd18a3000 rw-p 00000000 00:00 0
7fffd18a3000-7fffd18a4000 ---p 00000000 00:00 0
7fffd18a4000-7fffd20a4000 rw-p 00000000 00:00 0
7fffd20a4000-7fffd20a5000 ---p 00000000 00:00 0
7fffd20a5000-7fffd28a5000 rw-p 00000000 00:00 0
7fffd28a5000-7fffd28a6000 ---p 00000000 00:00 0
7fffd28a6000-7fffd3215000 rw-p 00000000 00:00 0
7fffd3215000-7fffd3228000 r-xp 00000000 08:01 12338109                   /lib/x86_64-linux-gnu/libresolv-2.13.so
7fffd3228000-7fffd3427000 ---p 00013000 08:01 12338109                   /lib/x86_64-linux-gnu/libresolv-2.13.so
7fffd3427000-7fffd3428000 r--p 00012000 08:01 12338109                   /lib/x86_64-linux-gnu/libresolv-2.13.so
7fffd3428000-7fffd3429000 rw-p 00013000 08:01 12338109                   /lib/x86_64-linux-gnu/libresolv-2.13.so
7fffd3429000-7fffd342b000 rw-p 00000000 00:00 0
7fffd342b000-7fffd3430000 r-xp 00000000 08:01 12338170                   /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fffd3430000-7fffd362f000 ---p 00005000 08:01 12338170                   /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fffd362f000-7fffd3630000 r--p 00004000 08:01 12338170                   /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fffd3630000-7fffd3631000 rw-p 00005000 08:01 12338170                   /lib/x86_64-linux-gnu/libnss_dns-2.13.so
7fffd3631000-7fffd363c000 r-xp 00000000 08:01 12338186                   /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fffd363c000-7fffd383b000 ---p 0000b000 08:01 12338186                   /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fffd383b000-7fffd383c000 r--p 0000a000 08:01 12338186                   /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fffd383c000-7fffd383d000 rw-p 0000b000 08:01 12338186                   /lib/x86_64-linux-gnu/libnss_files-2.13.so
7fffd383d000-7fffd386f000 rw-s 0060e000 00:05 3651                       /dev/video0
7fffd386f000-7fffd38a1000 rw-s 005dc000 00:05 3651                       /dev/video0
7fffd38a1000-7fffd38d3000 rw-s 005aa000 00:05 3651                       /dev/video0
7fffd38d3000-7fffd3905000 rw-s 00578000 00:05 3651                       /dev/video0
7fffd3905000-7fffd3937000 rw-s 00546000 00:05 3651                       /dev/video0
7fffd3937000-7fffd3969000 rw-s 00514000 00:05 3651                       /dev/video0
7fffd3969000-7fffd399b000 rw-s 004e2000 00:05 3651                       /dev/video0
7fffd399b000-7fffd39cd000 rw-s 004b0000 00:05 3651                       /dev/video0
7fffd39cd000-7fffd39ff000 rw-s 0047e000 00:05 3651                       /dev/video0
7fffd39ff000-7fffd3a31000 rw-s 0044c000 00:05 3651                       /dev/video0
7fffd3a31000-7fffd3a63000 rw-s 0041a000 00:05 3651                       /dev/video0
7fffd3a63000-7fffd3a95000 rw-s 003e8000 00:05 3651                       /dev/video0
7fffd3a95000-7fffd3ac7000 rw-s 003b6000 00:05 3651                       /dev/video0
7fffd3ac7000-7fffd3af9000 rw-s 00384000 00:05 3651                       /dev/video0
7fffd3af9000-7fffd3b2b000 rw-s 00352000 00:05 3651                       /dev/video0
7fffd3b2b000-7fffd3b5d000 rw-s 00320000 00:05 3651                       /dev/video0
7fffd3b5d000-7fffd3b8f000 rw-s 002ee000 00:05 3651                       /dev/video0
7fffd3b8f000-7fffd3bc1000 rw-s 002bc000 00:05 3651                       /dev/video0
7fffd3bc1000-7fffd3bf3000 rw-s 0028a000 00:05 3651                       /dev/video0
7fffd3bf3000-7fffd3c25000 rw-s 00258000 00:05 3651                       /dev/video0
7fffd3c25000-7fffd3c57000 rw-s 00226000 00:05 3651                       /dev/video0
7fffd3c57000-7fffd3c89000 rw-s 001f4000 00:05 3651                       /dev/video0
7fffd3c89000-7fffd3cbb000 rw-s 001c2000 00:05 3651                       /dev/video0
7fffd3cbb000-7ffff3cbb000 rw-p 00000000 00:00 0
7ffff3cbb000-7ffff3cf5000 r-xp 00000000 08:01 9855453                    /usr/lib/x86_64-linux-gnu/libjpeg.so.8.4.0
7ffff3cf5000-7ffff3ef4000 ---p 0003a000 08:01 9855453                    /usr/lib/x86_64-linux-gnu/libjpeg.so.8.4.0
7ffff3ef4000-7ffff3ef5000 rw-p 00039000 08:01 9855453                    /usr/lib/x86_64-linux-gnu/libjpeg.so.8.4.0
7ffff3ef5000-7ffff3f16000 r-xp 00000000 08:01 9854982                    /usr/lib/x86_64-linux-gnu/libv4lconvert.so.0
7ffff3f16000-7ffff4115000 ---p 00021000 08:01 9854982                    /usr/lib/x86_64-linux-gnu/libv4lconvert.so.0
7ffff4115000-7ffff4117000 r--p 00020000 08:01 9854982                    /usr/lib/x86_64-linux-gnu/libv4lconvert.so.0
7ffff4117000-7ffff4118000 rw-p 00022000 08:01 9854982                    /usr/lib/x86_64-linux-gnu/libv4lconvert.so.0
7ffff4118000-7ffff416a000 rw-p 00000000 00:00 0
7ffff416a000-7ffff416c000 r-xp 00000000 08:01 12338184                   /lib/x86_64-linux-gnu/libdl-2.13.so
7ffff416c000-7ffff436c000 ---p 00002000 08:01 12338184                   /lib/x86_64-linux-gnu/libdl-2.13.so
7ffff436c000-7ffff436d000 r--p 00002000 08:01 12338184                   /lib/x86_64-linux-gnu/libdl-2.13.so
7ffff436d000-7ffff436e000 rw-p 00003000 08:01 12338184                   /lib/x86_64-linux-gnu/libdl-2.13.so
7ffff436e000-7ffff439d000 r-xp 00000000 08:01 9836135                    /usr/lib/libaacplus.so.2.0.2
7ffff439d000-7ffff459c000 ---p 0002f000 08:01 9836135                    /usr/lib/libaacplus.so.2.0.2
7ffff459c000-7ffff459d000 rw-p 0002e000 08:01 9836135                    /usr/lib/libaacplus.so.2.0.2
7ffff459d000-7ffff45e4000 r-xp 00000000 08:01 9855350                    /usr/lib/x86_64-linux-gnu/libmp3lame.so.0.0.0
7ffff45e4000-7ffff47e4000 ---p 00047000 08:01 9855350                    /usr/lib/x86_64-linux-gnu/libmp3lame.so.0.0.0
7ffff47e4000-7ffff47e5000 r--p 00047000 08:01 9855350                    /usr/lib/x86_64-linux-gnu/libmp3lame.so.0.0.0
7ffff47e5000-7ffff47e6000 rw-p 00048000 08:01 9855350                    /usr/lib/x86_64-linux-gnu/libmp3lame.so.0.0.0
7ffff47e6000-7ffff4817000 rw-p 00000000 00:00 0
7ffff4817000-7ffff4920000 r-xp 00000000 08:01 9847860                    /usr/local/lib/libx264.so.120
7ffff4920000-7ffff4b1f000 ---p 00109000 08:01 9847860                    /usr/local/lib/libx264.so.120
7ffff4b1f000-7ffff4b22000 rw-p 00108000 08:01 9847860                    /usr/local/lib/libx264.so.120
7ffff4b22000-7ffff4b9d000 rw-p 00000000 00:00 0
7ffff4b9d000-7ffff4bb4000 r-xp 00000000 08:01 9832702                    /usr/lib/libz.so.1.2.3.4
7ffff4bb4000-7ffff4db3000 ---p 00017000 08:01 9832702                    /usr/lib/libz.so.1.2.3.4
7ffff4db3000-7ffff4db4000 rw-p 00016000 08:01 9832702                    /usr/lib/libz.so.1.2.3.4
7ffff4db4000-7ffff4dc3000 r-xp 00000000 08:01 12337183                   /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7ffff4dc3000-7ffff4fc2000 ---p 0000f000 08:01 12337183                   /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7ffff4fc2000-7ffff4fc4000 rw-p 0000e000 08:01 12337183                   /lib/x86_64-linux-gnu/libbz2.so.1.0.4
7ffff4fc4000-7ffff4fcb000 r-xp 00000000 08:01 12338190                   /lib/x86_64-linux-gnu/librt-2.13.so
7ffff4fcb000-7ffff51ca000 ---p 00007000 08:01 12338190                   /lib/x86_64-linux-gnu/librt-2.13.so
7ffff51ca000-7ffff51cb000 r--p 00006000 08:01 12338190                   /lib/x86_64-linux-gnu/librt-2.13.so
7ffff51cb000-7ffff51cc000 rw-p 00007000 08:01 12338190                   /lib/x86_64-linux-gnu/librt-2.13.so
7ffff51cc000-7ffff51d4000 r-xp 00000000 08:01 9854988                    /usr/lib/x86_64-linux-gnu/libv4l2.so.0
7ffff51d4000-7ffff53d3000 ---p 00008000 08:01 9854988                    /usr/lib/x86_64-linux-gnu/libv4l2.so.0
7ffff53d3000-7ffff53d4000 r--p 00007000 08:01 9854988                    /usr/lib/x86_64-linux-gnu/libv4l2.so.0
7ffff53d4000-7ffff53d8000 rw-p 00008000 08:01 9854988                    /usr/lib/x86_64-linux-gnu/libv4l2.so.0
7ffff53d8000-7ffff54c3000 r-xp 00000000 08:01 9855270                    /usr/lib/x86_64-linux-gnu/libasound.so.2.0.0
7ffff54c3000-7ffff56c3000 ---p 000eb000 08:01 9855270                    /usr/lib/x86_64-linux-gnu/libasound.so.2.0.0
7ffff56c3000-7ffff56cb000 rw-p 000eb000 08:01 9855270                    /usr/lib/x86_64-linux-gnu/libasound.so.2.0.0
7ffff56cb000-7ffff5848000 r-xp 00000000 08:01 12338108                   /lib/x86_64-linux-gnu/libc-2.13.so
7ffff5848000-7ffff5a48000 ---p 0017d000 08:01 12338108                   /lib/x86_64-linux-gnu/libc-2.13.so
7ffff5a48000-7ffff5a4c000 r--p 0017d000 08:01 12338108                   /lib/x86_64-linux-gnu/libc-2.13.so
7ffff5a4c000-7ffff5a4d000 rw-p 00181000 08:01 12338108                   /lib/x86_64-linux-gnu/libc-2.13.so
7ffff5a4d000-7ffff5a52000 rw-p 00000000 00:00 0
7ffff5a52000-7ffff5a69000 r-xp 00000000 08:01 12338188                   /lib/x86_64-linux-gnu/libpthread-2.13.so
7ffff5a69000-7ffff5c68000 ---p 00017000 08:01 12338188                   /lib/x86_64-linux-gnu/libpthread-2.13.so
7ffff5c68000-7ffff5c69000 r--p 00016000 08:01 12338188                   /lib/x86_64-linux-gnu/libpthread-2.13.so
7ffff5c69000-7ffff5c6a000 rw-p 00017000 08:01 12338188                   /lib/x86_64-linux-gnu/libpthread-2.13.so
7ffff5c6a000-7ffff5c6e000 rw-p 00000000 00:00 0
7ffff5c6e000-7ffff5cef000 r-xp 00000000 08:01 12338172                   /lib/x86_64-linux-gnu/libm-2.13.so
7ffff5cef000-7ffff5eee000 ---p 00081000 08:01 12338172                   /lib/x86_64-linux-gnu/libm-2.13.so
7ffff5eee000-7ffff5eef000 r--p 00080000 08:01 12338172                   /lib/x86_64-linux-gnu/libm-2.13.so
7ffff5eef000-7ffff5ef0000 rw-p 00081000 08:01 12338172                   /lib/x86_64-linux-gnu/libm-2.13.so
7ffff5ef0000-7ffff5f0f000 r-xp 00000000 08:01 9847464                    /usr/local/lib/libavutil.so.51.56.100
7ffff5f0f000-7ffff610e000 ---p 0001f000 08:01 9847464                    /usr/local/lib/libavutil.so.51.56.100
7ffff610e000-7ffff6112000 rw-p 0001e000 08:01 9847464                    /usr/local/lib/libavutil.so.51.56.100
7ffff6112000-7ffff6116000 rw-p 00000000 00:00 0
7ffff6116000-7ffff615f000 r-xp 00000000 08:01 9847338                    /usr/local/lib/libswscale.so.2.1.100
7ffff615f000-7ffff635e000 ---p 00049000 08:01 9847338                    /usr/local/lib/libswscale.so.2.1.100
7ffff635e000-7ffff6360000 rw-p 00048000 08:01 9847338                    /usr/local/lib/libswscale.so.2.1.100
7ffff6360000-7ffff636f000 r-xp 00000000 08:01 9847330                    /usr/local/lib/libswresample.so.0.15.100
7ffff636f000-7ffff656f000 ---p 0000f000 08:01 9847330                    /usr/local/lib/libswresample.so.0.15.100
7ffff656f000-7ffff6571000 rw-p 0000f000 08:01 9847330                    /usr/local/lib/libswresample.so.0.15.100
7ffff6571000-7ffff6587000 r-xp 00000000 08:01 9847325                    /usr/local/lib/libpostproc.so.52.0.100
7ffff6587000-7ffff6786000 ---p 00016000 08:01 9847325                    /usr/local/lib/libpostproc.so.52.0.100
7ffff6786000-7ffff6787000 rw-p 00015000 08:01 9847325                    /usr/local/lib/libpostproc.so.52.0.100
7ffff6787000-7ffff6e75000 r-xp 00000000 08:01 9847321                    /usr/local/lib/libavcodec.so.54.25.100
7ffff6e75000-7ffff7074000 ---p 006ee000 08:01 9847321                    /usr/local/lib/libavcodec.so.54.25.100
7ffff7074000-7ffff70a0000 rw-p 006ed000 08:01 9847321                    /usr/local/lib/libavcodec.so.54.25.100
7ffff70a0000-7ffff761a000 rw-p 00000000 00:00 0
7ffff761a000-7ffff7727000 r-xp 00000000 08:01 9847317                    /usr/local/lib/libavformat.so.54.6.101
7ffff7727000-7ffff7927000 ---p 0010d000 08:01 9847317                    /usr/local/lib/libavformat.so.54.6.101
7ffff7927000-7ffff793c000 rw-p 0010d000 08:01 9847317                    /usr/local/lib/libavformat.so.54.6.101
7ffff793c000-7ffff79be000 r-xp 00000000 08:01 9846868                    /usr/local/lib/libavfilter.so.2.78.101
7ffff79be000-7ffff7bbe000 ---p 00082000 08:01 9846868                    /usr/local/lib/libavfilter.so.2.78.101
7ffff7bbe000-7ffff7bcc000 rw-p 00082000 08:01 9846868                    /usr/local/lib/libavfilter.so.2.78.101
7ffff7bcc000-7ffff7bd2000 rw-p 00000000 00:00 0
7ffff7bd2000-7ffff7bdc000 r-xp 00000000 08:01 9846864                    /usr/local/lib/libavdevice.so.54.0.100
7ffff7bdc000-7ffff7ddb000 ---p 0000a000 08:01 9846864                    /usr/local/lib/libavdevice.so.54.0.100
7ffff7ddb000-7ffff7ddd000 rw-p 00009000 08:01 9846864                    /usr/local/lib/libavdevice.so.54.0.100
7ffff7ddd000-7ffff7dfc000 r-xp 00000000 08:01 12338192                   /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7dfe000-7ffff7e25000 rw-p 00000000 00:00 0
7ffff7e25000-7ffff7e57000 rw-s 00190000 00:05 3651                       /dev/video0
7ffff7e57000-7ffff7e89000 rw-s 0015e000 00:05 3651                       /dev/video0
7ffff7e89000-7ffff7ebb000 rw-s 0012c000 00:05 3651                       /dev/video0
7ffff7ebb000-7ffff7eed000 rw-s 000fa000 00:05 3651                       /dev/video0
7ffff7eed000-7ffff7f1f000 rw-s 000c8000 00:05 3651                       /dev/video0
7ffff7f1f000-7ffff7f51000 rw-s 00096000 00:05 3651                       /dev/video0
7ffff7f51000-7ffff7f83000 rw-s 00064000 00:05 3651                       /dev/video0
7ffff7f83000-7ffff7fb5000 rw-s 00032000 00:05 3651                       /dev/video0
7ffff7fb5000-7ffff7fe7000 rw-s 00000000 00:05 3651                       /dev/video0
7ffff7fe7000-7ffff7ff3000 rw-p 00000000 00:00 0
7ffff7ff7000-7ffff7ff8000 rw-s 81000000 00:05 3670                       /dev/snd/pcmC0D0c
7ffff7ff8000-7ffff7ff9000 r--s 80000000 00:05 3670                       /dev/snd/pcmC0D0c
7ffff7ff9000-7ffff7ffb000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0                          [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 0001f000 08:01 12338192                   /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7ffd000-7ffff7ffe000 rw-p 00020000 08:01 12338192                   /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Program received signal SIGABRT, Aborted.
0x00007ffff56fd475 in raise () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) bt
#0  0x00007ffff56fd475 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1  0x00007ffff57006f0 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2  0x00007ffff573726b in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#3  0x00007ffff5740ab6 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#4  0x00007ffff57457ec in free () from /lib/x86_64-linux-gnu/libc.so.6
#5  0x00007ffff684186d in av_destruct_packet () from /usr/local/lib/libavcodec.so.54
#6  0x00007ffff6841c74 in av_free_packet () from /usr/local/lib/libavcodec.so.54
#7  0x00007ffff76e8259 in av_interleaved_write_frame () from /usr/local/lib/libavformat.so.54
#8  0x000000000040ecb8 in write_frame (s=0x63bc00, pkt=0x7fffffffd210, ost=0x63c580) at ffmpeg.c:1494
#9  0x0000000000410f44 in do_video_out (quality=0, in_picture=0xbd7bc0, ost=0x63c580, s=0x63bc00) at ffmpeg.c:1798
#10 poll_filters () at ffmpeg.c:1937
#11 0x0000000000408134 in transcode () at ffmpeg.c:3458
#12 main (argc=<optimized out>, argv=<optimized out>) at ffmpeg.c:5758
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7ffff56fd455 to 0x7ffff56fd495:
   0x00007ffff56fd455 <raise+21>:       mov    $0xf000000,%edx
   0x00007ffff56fd45a <raise+26>:       add    $0x8964c689,%eax
   0x00007ffff56fd45f <raise+31>:       add    $0x25,%al
   0x00007ffff56fd461 <raise+33>:       rolb   (%rdx)
   0x00007ffff56fd463 <raise+35>:       add    %al,(%rax)
   0x00007ffff56fd465 <raise+37>:       movslq %edi,%rdx
   0x00007ffff56fd468 <raise+40>:       movslq %esi,%rsi
   0x00007ffff56fd46b <raise+43>:       movslq %eax,%rdi
   0x00007ffff56fd46e <raise+46>:       mov    $0xea,%eax
   0x00007ffff56fd473 <raise+51>:       syscall
=> 0x00007ffff56fd475 <raise+53>:       cmp    $0xfffffffffffff000,%rax
   0x00007ffff56fd47b <raise+59>:       ja     0x7ffff56fd492 <raise+82>
   0x00007ffff56fd47d <raise+61>:       repz retq
   0x00007ffff56fd47f <raise+63>:       nop
   0x00007ffff56fd480 <raise+64>:       test   %eax,%eax
   0x00007ffff56fd482 <raise+66>:       jg     0x7ffff56fd465 <raise+37>
   0x00007ffff56fd484 <raise+68>:       test   $0x7fffffff,%eax
   0x00007ffff56fd489 <raise+73>:       jne    0x7ffff56fd4a2 <raise+98>
   0x00007ffff56fd48b <raise+75>:       mov    %esi,%eax
   0x00007ffff56fd48d <raise+77>:       nopl   (%rax)
   0x00007ffff56fd490 <raise+80>:       jmp    0x7ffff56fd465 <raise+37>
   0x00007ffff56fd492 <raise+82>:       mov    0x34e97f(%rip),%rdx        # 0x7ffff5a4be18
End of assembler dump.
(gdb) info all-registers
rax            0x0      0
rbx            0x0      0
rcx            0xffffffffffffffff       -1
rdx            0x6      6
rsi            0x3228   12840
rdi            0x3228   12840
rbp            0x7fffffffcdf0   0x7fffffffcdf0
rsp            0x7fffffffc3a8   0x7fffffffc3a8
r8             0x0      0
r9             0x400b38 4197176
r10            0x8      8
r11            0x206    518
r12            0xb      11
r13            0x7fffffffc6d0   140737488340688
r14            0x62     98
r15            0x7      7
rip            0x7ffff56fd475   0x7ffff56fd475 <raise+53>
eflags         0x206    [ PF IF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
st0            -nan(0x6262626262626262) (raw 0xffff6262626262626262)
st1            -nan(0x6464646464646464) (raw 0xffff6464646464646464)
st2            -nan(0x6565656565656565) (raw 0xffff6565656565656565)
st3            -nan(0x6262636364646565) (raw 0xffff6262636364646565)
st4            -nan(0x5f5f606061616262) (raw 0xffff5f5f606061616262)
st5            -nan(0x5f5f5f5f5f5f5f5f) (raw 0xffff5f5f5f5f5f5f5f5f)
---Type <return> to continue, or q <return> to quit---
st6            -nan(0x6060605f5f5e5e5e) (raw 0xffff6060605f5f5e5e5e)
st7            -nan(0x6060605f5f5e5e5e) (raw 0xffff6060605f5f5e5e5e)
fctrl          0x37f    895
fstat          0x0      0
ftag           0xffff   65535
fiseg          0x0      0
fioff          0x0      0
foseg          0x0      0
fooff          0x0      0
fop            0x0      0
xmm0           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x8000000000000000}, v16_int8 = {0x0 <repeats 12 times>, 0xff, 0x0, 0x0,
    0xff}, v8_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff00}, v4_int32 = {0x0, 0x0, 0x0, 0xff0000ff}, v2_int64 = {0x0,
    0xff0000ff00000000}, uint128 = 0xff0000ff000000000000000000000000}
xmm1           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000}
xmm2           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000}
xmm3           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000}
xmm4           {v4_float = {0x0, 0x0, 0x0, 0xf82469f0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0x6d, 0x37, 0xc6,
    0x6c, 0xf8, 0x3c, 0x35, 0x5c, 0xfa, 0xa1, 0x39, 0xae, 0xc2, 0x72, 0xfb, 0xcc}, v8_int16 = {0x376d, 0x6cc6, 0x3cf8, 0x5c35, 0xa1fa, 0xae39,
    0x72c2, 0xccfb}, v4_int32 = {0x6cc6376d, 0x5c353cf8, 0xae39a1fa, 0xccfb72c2}, v2_int64 = {0x5c353cf86cc6376d, 0xccfb72c2ae39a1fa},
  uint128 = 0xccfb72c2ae39a1fa5c353cf86cc6376d}
xmm5           {v4_float = {0x0, 0x0, 0x0, 0xffff04a9}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xcb, 0xd4, 0x31,
    0x61, 0x43, 0x8d, 0x96, 0xf9, 0xa5, 0x2e, 0x61, 0xfe, 0xc5, 0x57, 0x7b, 0xc7}, v8_int16 = {0xd4cb, 0x6131, 0x8d43, 0xf996, 0x2ea5, 0xfe61,
    0x57c5, 0xc77b}, v4_int32 = {0x6131d4cb, 0xf9968d43, 0xfe612ea5, 0xc77b57c5}, v2_int64 = {0xf9968d436131d4cb, 0xc77b57c5fe612ea5},
  uint128 = 0xc77b57c5fe612ea5f9968d436131d4cb}
xmm6           {v4_float = {0x0, 0x0, 0xff83484e, 0xffff6d26}, v2_double = {0x0, 0x8000000000000000}, v16_int8 = {0xa8, 0x6d, 0xac, 0xfd, 0x71,
    0x58, 0x17, 0x87, 0x64, 0x6f, 0xf9, 0xca, 0x84, 0xda, 0x12, 0xc7}, v8_int16 = {0x6da8, 0xfdac, 0x5871, 0x8717, 0x6f64, 0xcaf9, 0xda84,
    0xc712}, v4_int32 = {0xfdac6da8, 0x87175871, 0xcaf96f64, 0xc712da84}, v2_int64 = {0x87175871fdac6da8, 0xc712da84caf96f64},
---Type <return> to continue, or q <return> to quit---
  uint128 = 0xc712da84caf96f6487175871fdac6da8}
xmm7           {v4_float = {0xee300000, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x1d, 0x81, 0x71, 0xd5, 0xe, 0x51, 0x55, 0x97, 0x7,
    0xf3, 0x4b, 0x9f, 0xd7, 0x3a, 0x2d, 0x97}, v8_int16 = {0x811d, 0xd571, 0x510e, 0x9755, 0xf307, 0x9f4b, 0x3ad7, 0x972d}, v4_int32 = {
    0xd571811d, 0x9755510e, 0x9f4bf307, 0x972d3ad7}, v2_int64 = {0x9755510ed571811d, 0x972d3ad79f4bf307},
  uint128 = 0x972d3ad79f4bf3079755510ed571811d}
xmm8           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x20, 0x1f, 0xb7, 0x0 <repeats 12 times>}, v8_int16 = {
    0x2000, 0xb71f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0xb71f2000, 0x0, 0x0, 0x0}, v2_int64 = {0xb71f2000, 0x0},
  uint128 = 0x000000000000000000000000b71f2000}
xmm9           {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0 <repeats 16 times>}, v8_int16 = {0x0, 0x0, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x0, 0x0, 0x0, 0x0}, v2_int64 = {0x0, 0x0}, uint128 = 0x00000000000000000000000000000000}
xmm10          {v4_float = {0x3, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x0, 0x0, 0x40, 0x40, 0x0 <repeats 12 times>}, v8_int16 = {
    0x0, 0x4040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x40400000, 0x0, 0x0, 0x0}, v2_int64 = {0x40400000, 0x0},
  uint128 = 0x00000000000000000000000040400000}
xmm11          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xec, 0x0, 0xec, 0x0, 0xec, 0x0, 0xec, 0x0, 0xec, 0x0,
    0xeb, 0x0, 0xea, 0x0, 0xe9, 0x0}, v8_int16 = {0xec, 0xec, 0xec, 0xec, 0xec, 0xeb, 0xea, 0xe9}, v4_int32 = {0xec00ec, 0xec00ec, 0xeb00ec,
    0xe900ea}, v2_int64 = {0xec00ec00ec00ec, 0xe900ea00eb00ec}, uint128 = 0x00e900ea00eb00ec00ec00ec00ec00ec}
xmm12          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x38, 0x10, 0xe5, 0xeb, 0x63, 0xbb, 0xde, 0xbe, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0x1038, 0xebe5, 0xbb63, 0xbede, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0xebe51038, 0xbedebb63, 0x0,
    0x0}, v2_int64 = {0xbedebb63ebe51038, 0x0}, uint128 = 0x0000000000000000bedebb63ebe51038}
xmm13          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0x6a, 0xe3, 0x46, 0xbf, 0x78, 0xd5, 0xd4, 0xbb, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xe36a, 0xbf46, 0xd578, 0xbbd4, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0xbf46e36a, 0xbbd4d578, 0x0,
    0x0}, v2_int64 = {0xbbd4d578bf46e36a, 0x0}, uint128 = 0x0000000000000000bbd4d578bf46e36a}
xmm14          {v4_float = {0x0, 0x2, 0x0, 0x0}, v2_double = {0x7, 0x0}, v16_int8 = {0x0, 0xd, 0x98, 0x1e, 0x9c, 0x7f, 0x1e, 0x40, 0x0, 0x0,
    0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int16 = {0xd00, 0x1e98, 0x7f9c, 0x401e, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x1e980d00, 0x401e7f9c, 0x0,
    0x0}, v2_int64 = {0x401e7f9c1e980d00, 0x0}, uint128 = 0x0000000000000000401e7f9c1e980d00}
xmm15          {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x0, 0x0}, v16_int8 = {0xab, 0x99, 0xea, 0x3e, 0x0 <repeats 12 times>},
  v8_int16 = {0x99ab, 0x3eea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int32 = {0x3eea99ab, 0x0, 0x0, 0x0}, v2_int64 = {0x3eea99ab, 0x0},
  uint128 = 0x0000000000000000000000003eea99ab}
mxcsr          0x1fa0   [ PE IM DM ZM OM UM PM ]

Change History (5)

comment:1 follow-up: Changed 5 years ago by Cigaes

Can not reproduce with current git head and -acodec aac (do not have libaacplus nor is it readily installable). Are all the elements of your command line required to exhibit the crash (both video and video, external libx264, external libaacplus, bitstream filter, muxer, protocol)?

comment:2 in reply to: ↑ 1 Changed 5 years ago by saste

Replying to Cigaes:

Can not reproduce with current git head and -acodec aac (do not have libaacplus nor is it readily installable). Are all the elements of your command line required to exhibit the crash (both video and video, external libx264, external libaacplus, bitstream filter, muxer, protocol)?

The following command reproduce it here:

ffmpeg -f lavfi -i aevalsrc="2*PI*400*t" -acodec libfaac -absf aac_adtstoasc -f mpegts -y out.ts

Note that using -strict -2 -acodec aac it doesn't crash, without the bitstream filter it doesn't crash.

comment:3 Changed 5 years ago by saste

  • Keywords libfaac libaacplus mpegts absf aac_adtstoasc added
  • Reproduced by developer set
  • Status changed from new to open
  • Summary changed from Segfault using v4l2 and alsa to Segfault using libfaac/libaacplus, -absf aac_adtstoasc, and mpegts muxer

comment:4 Changed 5 years ago by cehoyos

  • Version changed from unspecified to git-master
$ valgrind ./ffmpeg_g -f lavfi -i aevalsrc="2*PI*400*t" -acodec libfaac -absf aac_adtstoasc -f mpegts -y /dev/null
==4919== Memcheck, a memory error detector.
==4919== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4919== Using LibVEX rev 1732, a library for dynamic binary translation.
==4919== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4919== Using valgrind-3.2.3, a dynamic binary instrumentation framework.
==4919== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4919== For more details, rerun with: -v
==4919==
ffmpeg version N-42698-g99c4e91 Copyright (c) 2000-2012 the FFmpeg developers
  built on Jul 20 2012 16:47:38 with gcc 4.3.2 (GCC)
  configuration: --cc=/usr/local/gcc-4.3.2/bin/gcc --enable-libfaac --enable-nonfree --disable-optimizations
  libavutil      51. 65.100 / 51. 65.100
  libavcodec     54. 42.100 / 54. 42.100
  libavformat    54. 18.100 / 54. 18.100
  libavdevice    54.  1.100 / 54.  1.100
  libavfilter     3.  2.100 /  3.  2.100
  libswscale      2.  1.100 /  2.  1.100
  libswresample   0. 15.100 /  0. 15.100
[lavfi @ 0x45d76e0] Estimating duration from bitrate, this may be inaccurate
Input #0, lavfi, from 'aevalsrc=2*PI*400*t':
  Duration: N/A, start: 0.000000, bitrate: 2822 kb/s
    Stream #0:0: Audio: pcm_f64le, 44100 Hz, mono, dbl, 2822 kb/s
[mpegts @ 0x45f61e0] muxrate VBR, pcr every 4 pkts, sdt every 200, pat/pmt every 40 pkts
Output #0, mpegts, to '/dev/null':
  Metadata:
    encoder         : Lavf54.18.100
    Stream #0:0: Audio: aac, 44100 Hz, mono, s16, 128 kb/s
Stream mapping:
  Stream #0:0 -> #0:0 (pcm_f64le -> libfaac)
Press [q] to stop, [?] for help
[mpegts @ 0x45f61e0] AAC bitstream not in ADTS format and extradata missing
==4919== Invalid free() / delete / delete[]
==4919==    at 0x402243F: free (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==4919==    by 0x88544F6: av_free (mem.c:186)
==4919==    by 0x81BCC8B: av_destruct_packet (avpacket.c:46)
==4919==    by 0x81BD1E7: av_free_packet (avpacket.c:169)
==4919==    by 0x8185EC9: av_interleaved_write_frame (utils.c:3650)
==4919==    by 0x804EDC6: write_frame (ffmpeg.c:1544)
==4919==    by 0x804F4B5: do_audio_out (ffmpeg.c:1605)
==4919==    by 0x8050E50: poll_filters (ffmpeg.c:1994)
==4919==    by 0x805863C: transcode (ffmpeg.c:3737)
==4919==    by 0x8060B3F: main (ffmpeg.c:6049)
==4919==  Address 0x46AAA27 is 7 bytes inside a block of size 164 alloc'd
==4919==    at 0x4021A50: memalign (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==4919==    by 0x4021AAA: posix_memalign (in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==4919==    by 0x88543AB: av_malloc (mem.c:95)
==4919==    by 0x81BCFA4: av_dup_packet (avpacket.c:143)
==4919==    by 0x85AC32B: avcodec_encode_audio2 (utils.c:1192)
==4919==    by 0x804F007: do_audio_out (ffmpeg.c:1584)
==4919==    by 0x8050E50: poll_filters (ffmpeg.c:1994)
==4919==    by 0x805863C: transcode (ffmpeg.c:3737)
==4919==    by 0x8060B3F: main (ffmpeg.c:6049)
av_interleaved_write_frame(): Invalid data found when processing input
==4919==
==4919== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 1)
==4919== malloc/free: in use at exit: 11,760,623 bytes in 88 blocks.
==4919== malloc/free: 733 allocs, 646 frees, 12,212,796 bytes allocated.
==4919== For counts of detected errors, rerun with: -v
==4919== searching for pointers to 88 not-freed blocks.
==4919== checked 18,037,620 bytes.
==4919==
==4919== LEAK SUMMARY:
==4919==    definitely lost: 13,614 bytes in 14 blocks.
==4919==      possibly lost: 11,370,148 bytes in 1 blocks.
==4919==    still reachable: 376,861 bytes in 73 blocks.
==4919==         suppressed: 0 bytes in 0 blocks.
==4919== Rerun with --leak-check=full to see details of leaked memory.

comment:5 Changed 5 years ago by michael

  • Component changed from undetermined to FFmpeg
  • Resolution set to fixed
  • Status changed from open to closed
Note: See TracTickets for help on using tickets.