Opened 4 years ago

Closed 4 years ago

#4961 closed defect (invalid)

Invalid free(); ffio_ensure_seekback (aviobuf.c:829)

Reported by: minde Owned by:
Priority: important Component: avformat
Version: git-master Keywords: crash abort
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Summary of the bug:

MPD (latest revision from git - 81ce684b35ca498ef5d8c738799284476f4573a0) crashes when using ffmpeg plugin.

ffmpeg version N-76019-g15db457 Copyright (c) 2000-2015 the FFmpeg developers
built with gcc 4.9.2 (Gentoo 4.9.2 p1.0, pie-0.6.1)
configuration: --prefix=/home/minde/.bin/root --enable-rpath --enable-gpl
--enable-version3 --enable-nonfree --enable-ffmpeg --enable-ffplay
--enable-ffprobe --enable-ffserver --disable-doc --disable-htmlpages
--disable-manpages --disable-podpages --disable-txtpages --enable-avresample
--disable-vdpau --enable-avisynth --enable-fontconfig --enable-ladspa
--enable-libaacplus --enable-libass --enable-libbluray --enable-libfaac
--enable-libaacplus --enable-libfaac --enable-libfdk-aac --enable-libfreetype
--enable-libfribidi --enable-libmodplug --enable-libmp3lame --enable-librtmp
--enable-libssh --enable-libvorbis --enable-libx264 --enable-x11grab
--enable-openssl --enable-opengl --disable-static --enable-sdl --enable-shared
libavutil 55. 4.100 / 55. 4.100
libavcodec 57. 6.100 / 57. 6.100
libavformat 57. 3.101 / 57. 3.101
libavdevice 57. 0.100 / 57. 0.100
libavfilter 6. 11.100 / 6. 11.100
libavresample 3. 0. 0 / 3. 0. 0
libswscale 4. 0.100 / 4. 0.100
libswresample 2. 0.100 / 2. 0.100
libpostproc 54. 0.100 / 54. 0.100 

How to reproduce:

Run MPD with only ffmpeg decoder plugin enabled

$ mpd --no-daemon --stderr --verbose
config_file: loading file /home/minde/.mpdconf
path: SetFSCharset: fs charset is:
libsamplerate: libsamplerate converter 'Fastest Sinc Interpolator'
db: reading DB
curl: version 7.38.0
curl: with OpenSSL/1.0.1j
state_file: Loading state file /dev/shm/mpd.state
client: [0] opened from 127.0.0.1:55329
client: [0] process command list
client: process command "add "http://radio.audiomastering.lt:8000/hq""
client: command returned 0
client: [0] process command list returned 0
client: [0] closed
client: [1] opened from 127.0.0.1:55331
client: [1] process command "play"
playlist: play 0:"http://radio.audiomastering.lt:8000/hq"
client: [1] command returned 0
client: [1] process command list
client: process command "status"
client: command returned 0
client: process command "currentsong"
client: command returned 0
client: [1] process command list returned 0
client: [1] closed
curl: icy-metaint=16000
decoder_thread: probing plugin ffmpeg
player: played "http://radio.audiomastering.lt:8000/hq"
playlist: stop
client: [2] opened from 127.0.0.1:55334
client: [2] process command "play"
playlist: play 0:"http://radio.audiomastering.lt:8000/hq"
client: [2] command returned 0
client: [2] process command list
client: process command "status"
client: command returned 0
client: process command "currentsong"
client: command returned 0
client: [2] process command list returned 0
client: [2] closed
curl: icy-metaint=16000
decoder_thread: probing plugin ffmpeg
ffmpeg: detected input format 'mp3' (MP2/3 (MPEG audio layer 2/3))
*** Error in `mpd': free(): invalid pointer: 0xb210b0bc ***
======= Backtrace: =========
/lib/tls/i686/sse2/libc.so.6[0x44dd73ea]
/lib/tls/i686/sse2/libc.so.6[0x44ddd9d0]
/lib/tls/i686/sse2/libc.so.6[0x44dde1a4]
/home/minde/.bin/root/lib/libavformat.so.57(+0x658f0)[0xb72698f0]
/home/minde/.bin/root/lib/libavformat.so.57(+0xea393)[0xb72ee393]
/home/minde/.bin/root/lib/libavformat.so.57(avformat_open_input+0x21d)[0xb737d9ed]
mpd[0x8091cf7]
mpd[0x80772f4]
mpd[0x8077a79]
mpd[0x8077c46]
mpd[0x80b144d]
/lib/tls/i686/sse2/libpthread.so.0[0x44f861b5]
/lib/tls/i686/sse2/libc.so.6(clone+0x5e)[0x44e5982e]
======= Memory map: ========
08048000-080fa000 r-xp 00000000 08:01 7078372    /home/minde/.bin/root/bin/mpd
080fa000-080fb000 rw-p 000b1000 08:01 7078372    /home/minde/.bin/root/bin/mpd
080fb000-08102000 rw-p 00000000 00:00 0 
09e83000-09eff000 rw-p 00000000 00:00 0          [heap]
44d44000-44d65000 r-xp 00000000 08:01 2100021    /lib/ld-2.19.so
44d65000-44d66000 r--p 00020000 08:01 2100021    /lib/ld-2.19.so
44d66000-44d67000 rw-p 00021000 08:01 2100021    /lib/ld-2.19.so
44d69000-44f0b000 r-xp 00000000 08:01 2100795    /lib/libc-2.19.so
44f0b000-44f0e000 r--p 001a1000 08:01 2100795    /lib/libc-2.19.so
44f0e000-44f10000 rw-p 001a4000 08:01 2100795    /lib/libc-2.19.so
44f10000-44f12000 rw-p 00000000 00:00 0 
44f31000-44f75000 r-xp 00000000 08:01 2101546    /lib/libm-2.19.so
44f75000-44f76000 r--p 00043000 08:01 2101546    /lib/libm-2.19.so
44f76000-44f77000 rw-p 00044000 08:01 2101546    /lib/libm-2.19.so
44f79000-44f7c000 r-xp 00000000 08:01 2101187    /lib/libdl-2.19.so
44f7c000-44f7d000 r--p 00002000 08:01 2101187    /lib/libdl-2.19.so
44f7d000-44f7e000 rw-p 00003000 08:01 2101187    /lib/libdl-2.19.so
44f80000-44f98000 r-xp 00000000 08:01 2101358    /lib/libpthread-2.19.so
44f98000-44f99000 r--p 00017000 08:01 2101358    /lib/libpthread-2.19.so
44f99000-44f9a000 rw-p 00018000 08:01 2101358    /lib/libpthread-2.19.so
44f9a000-44f9c000 rw-p 00000000 00:00 0 
44f9e000-44ffa000 r-xp 00000000 08:01 7872329    /usr/lib/libfluidsynth.so.1.5.2
44ffa000-44ffb000 r--p 0005b000 08:01 7872329    /usr/lib/libfluidsynth.so.1.5.2
44ffb000-44ffd000 rw-p 0005c000 08:01 7872329    /usr/lib/libfluidsynth.so.1.5.2
44ffd000-4506b000 rw-p 00000000 00:00 0 
4506c000-45075000 r-xp 00000000 08:01 7870643    /usr/lib/libyajl.so.2.0.4
45075000-45076000 r--p 00008000 08:01 7870643    /usr/lib/libyajl.so.2.0.4
45076000-45077000 rw-p 00009000 08:01 7870643    /usr/lib/libyajl.so.2.0.4
45096000-450fe000 r-xp 00000000 08:01 7870696    /usr/lib/libadplug-2.2.1.so.0.0.0
450fe000-45103000 rw-p 00067000 08:01 7870696    /usr/lib/libadplug-2.2.1.so.0.0.0
45103000-45114000 rw-p 00000000 00:00 0 
45116000-45124000 r-xp 00000000 08:01 7870695    /usr/lib/libbinio.so.1.0.0
45124000-45126000 rw-p 0000e000 08:01 7870695    /usr/lib/libbinio.so.1.0.0
45128000-4513b000 r-xp 00000000 08:01 7873464    /usr/lib/libshout.so.3.2.0
4513b000-4513c000 r--p 00012000 08:01 7873464    /usr/lib/libshout.so.3.2.0
4513c000-4513d000 rw-p 00013000 08:01 7873464    /usr/lib/libshout.so.3.2.0
4513f000-45150000 r-xp 00000000 08:01 7872138    /usr/lib/libid3tag.so.0.3.0
45150000-45151000 ---p 00011000 08:01 7872138    /usr/lib/libid3tag.so.0.3.0
45151000-45152000 r--p 00011000 08:01 7872138    /usr/lib/libid3tag.so.0.3.0
45152000-45153000 rw-p 00012000 08:01 7872138    /usr/lib/libid3tag.so.0.3.0
4515b000-4516d000 r-xp 00000000 08:01 2101547    /lib/libbz2.so.1.0.6
4516d000-4516e000 r--p 00011000 08:01 2101547    /lib/libbz2.so.1.0.6
4516e000-4516f000 rw-p 00012000 08:01 2101547    /lib/libbz2.so.1.0.6
4547f000-45486000 r-xp 00000000 08:01 2101548    /lib/librt-2.19.so
45486000-45487000 r--p 00006000 08:01 2101548    /lib/librt-2.19.so
45487000-45488000 rw-p 00007000 08:01 2101548    /lib/librt-2.19.so
4548a000-45545000 r-xp 00000000 08:01 7867682    /usr/lib/libfreetype.so.6.11.2
45545000-45549000 r--p 000ba000 08:01 7867682    /usr/lib/libfreetype.so.6.11.2
45549000-4554a000 rw-p 000be000 08:01 7867682    /usr/lib/libfreetype.so.6.11.2
4554c000-45579000 r-xp 00000000 08:01 7867685    /usr/lib/libexpat.so.1.6.0
45579000-4557b000 r--p 0002c000 08:01 7867685    /usr/lib/libexpat.so.1.6.0
4557b000-4557c000 rw-p 0002e000 08:01 7867685    /usr/lib/libexpat.so.1.6.0
45586000-4559e000 r-xp 00000000 08:01 7870365    /usr/lib/libfaac.so.0.0.0
4559e000-4559f000 r--p 00017000 08:01 7870365    /usr/lib/libfaac.so.0.0.0
4559f000-455a2000 rw-p 00018000 08:01 7870365    /usr/lib/libfaac.so.0.0.0
455f1000-4575c000 r-xp 00000000 08:01 7870549    /usr/lib/libsamplerate.so.0.1.8
4575c000-4575d000 r--p 0016a000 08:01 7870549    /usr/lib/libsamplerate.so.0.1.8
4575d000-4575e000 rw-p 0016b000 08:01 7870549    /usr/lib/libsamplerate.so.0.1.8
45760000-457ab000 r-xp 00000000 08:01 7872420    /usr/lib/libfaad.so.2.0.0
457ab000-457ac000 r--p 0004a000 08:01 7872420    /usr/lib/libfaad.so.2.0.0
457ac000-457af000 rw-p 0004b000 08:01 7872420    /usr/lib/libfaad.so.2.0.0
4764b000-4765e000 r-xp 00000000 08:01 2101543    /lib/libresolv-2.19.so
4765e000-4765f000 r--p 00012000 08:01 2101543    /lib/libresolv-2.19.so
4765f000-47660000 rw-p 00013000 08:01 2101543    /lib/libresolv-2.19.so
47660000-47662000 rw-p 00000000 00:00 0 
4770f000-4778a000 r-xp 00000000 08:01 7870218    /usr/lib/libvorbisenc.so.2.0.10
4778a000-4778b000 ---p 0007b000 08:01 7870218    /usr/lib/libvorbisenc.so.2.0.10
4778b000-4779c000 r--p 0007b000 08:01 7870218    /usr/lib/libvorbisenc.so.2.0.10
4779c000-4779d000 rw-p 0008c000 08:01 7870218    /usr/lib/libvorbisenc.so.2.0.10
4779f000-47808000 r-xp 00000000 08:01 7870364    /usr/lib/libmp3lame.so.0.0.0
47808000-47809000 r--p 00068000 08:01 7870364    /usr/lib/libmp3lame.so.0.0.0
47809000-4780b000 rw-p 00069000 08:01 7870364    /usr/lib/libmp3lame.so.0.0.0
4780b000-47839000 rw-p 00000000 00:00 0 
4783b000-47869000 r-xp 00000000 08:01 7869237    /usr/lib/libwavpack.so.1.1.5
47869000-4786a000 r--p 0002d000 08:01 7869237    /usr/lib/libwavpack.so.1.1.5
4786a000-4786b000 rw-p 0002e000 08:01 7869237    /usr/lib/libwavpack.so.1.1.5
4797c000-47984000 r-xp 00000000 08:01 7867939    /usr/lib/libogg.so.0.8.2
47984000-47985000 r--p 00007000 08:01 7867939    /usr/lib/libogg.so.0.8.2
47985000-47986000 rw-p 00008000 08:01 7867939    /usr/lib/libogg.so.0.8.2
47be3000-47c25000 r-xp 00000000 08:01 7868379    /usr/lib/libssh.so.4.4.1
47c25000-47c26000 rw-p 00041000 08:01 7868379    /usr/lib/libssh.so.4.4.1
47e0c000-47e2d000 r-xp 00000000 08:01 7870247    /usr/lib/libtwolame.so.0.0.0
47e2d000-47e2e000 r--p 00020000 08:01 7870247    /usr/lib/libtwolame.so.0.0.0
47e2e000-47e2f000 rw-p 00021000 08:01 7870247    /usr/lib/libtwolame.so.0.0.0
47e2f000-47e33000 rw-p 00000000 00:00 0 
47e48000-47e80000 r-xp 00000000 08:01 7869917    /usr/lib/libvorbis.so.0.4.7
47e80000-47e81000 r--p 00037000 08:01 7869917    /usr/lib/libvorbis.so.0.4.7
47e81000-47e82000 rw-p 00038000 08:01 7869917    /usr/lib/libvorbis.so.0.4.7
48314000-48424000 r-xp 00000000 08:01 7870207    /usr/lib/libx264.so.142
48424000-48425000 r--p 0010f000 08:01 7870207    /usr/lib/libx264.so.142
48425000-48426000 rw-p 00110000 08:01 7870207    /usr/lib/libx264.so.142
48426000-484a1000 rw-p 00000000 00:00 0 
484ea000-484f4000 r-xp 00000000 08:01 7871881    /usr/lib/libvorbisfile.so.3.3.6
484f4000-484f5000 r--p 00009000 08:01 7871881    /usr/lib/libvorbisfile.so.3.3.6
484f5000-484f6000 rw-p 0000a000 08:01 7871881    /usr/lib/libvorbisfile.so.3.3.6
48501000-48557000 r-xp 00000000 08:01 2101737    /lib/libncurses.so.5.9
48557000-4855a000 rw-p 00056000 08:01 2101737    /lib/libncurses.so.5.9
48924000-48941000 r-xp 00000000 08:01 7868395    /usr/lib/librtmp.so.1
48941000-48942000 rw-p 0001d000 08:01 7868395    /usr/lib/librtmp.so.1
495c6000-495f0000 r-xp 00000000 08:01 7868398    /usr/lib/libssh2.so.1.0.1
495f0000-495f1000 rw-p 0002a000 08:01 7868398    /usr/lib/libssh2.so.1.0.1
b01ff000-b0200000 ---p 00000000 00:00 0 
b0200000-b0a00000 rw-p 00000000 00:00 0 
b0a00000-b0a23000 rw-p 00000000 00:00 0 
b0a23000-b0b00000 ---p 00000000 00:00 0 
b0b74000-b0bf4000 rw-p 00000000 00:00 0 
b0bf4000-b0bf5000 ---p 00000000 00:00 0 
b0bf5000-b13f5000 rw-p 00000000 00:00 0          [stack:13625]
b13f5000-b1800000 rw-p 00000000 00:00 0 
b1800000-b1821000 rw-p 00000000 00:00 0 
b1821000-b1900000 ---p 00000000 00:00 0 
b190d000-b190e000 ---p 00000000 00:00 0 
b190e000-b210e000 rw-p 00000000 00:00 0          [stack:13624]
b210e000-b210f000 ---p 00000000 00:00 0 
b210f000-b290f000 rw-p 00000000 00:00 0          [stack:13623]
b290f000-b2910000 ---p 00000000 00:00 0 
b2910000-b3192000 rw-p 00000000 00:00 0          [stack:13622]
b3192000-b319d000 r-xp 00000000 08:01 2102138    /lib/libnss_files-2.19.so
b319d000-b319e000 r--p 0000a000 08:01 2102138    /lib/libnss_files-2.19.so
b319e000-b319f000 rw-p 0000b000 08:01 2102138    /lib/libnss_files-2.19.so
b319f000-b31a9000 r-xp 00000000 08:01 2102350    /lib/libnss_nis-2.19.so
b31a9000-b31aa000 r--p 00009000 08:01 2102350    /lib/libnss_nis-2.19.so
b31aa000-b31ab000 rw-p 0000a000 08:01 2102350    /lib/libnss_nis-2.19.so
b31ab000-b334f000 r--p 00000000 08:01 7890383    /usr/lib/locale/locale-archive
b334f000-b3355000 rw-p 00000000 00:00 0 
b3355000-b33a0000 r-xp 00000000 08:01 7872645    /usr/lib/libpng16.so.16.13.0
b33a0000-b33a1000 r--p 0004a000 08:01 7872645    /usr/lib/libpng16.so.16.13.0
b33a1000-b33a2000 rw-p 0004b000 08:01 7872645    /usr/lib/libpng16.so.16.13.0
b33a2000-b33b8000 r-xp 00000000 08:01 7891893    /usr/lib/libgpg-error.so.0.15.0
b33b8000-b33b9000 rw-p 00015000 08:01 7891893    /usr/lib/libgpg-error.so.0.15.0
b33b9000-b3436000 r-xp 00000000 08:01 2099429    /lib/libpcre.so.1.2.4
b3436000-b3437000 rw-p 0007c000 08:01 2099429    /lib/libpcre.so.1.2.4
b3437000-b3438000 rw-p 00000000 00:00 0 
b3438000-b343d000 r-xp 00000000 08:01 2101606    /lib/libattr.so.1.1.0
b343d000-b343e000 r--p 00004000 08:01 2101606    /lib/libattr.so.1.1.0
b343e000-b343f000 rw-p 00005000 08:01 2101606    /lib/libattr.so.1.1.0
b343f000-b35f0000 r-xp 00000000 08:01 7906323    /usr/lib/libxml2.so.2.9.2
b35f0000-b35f6000 rw-p 001b0000 08:01 7906323    /usr/lib/libxml2.so.2.9.2
b35f6000-b35f8000 rw-p 00000000 00:00 0 
b35f8000-b36cd000 r-xp 00000000 08:01 7869131    /usr/lib/libgcrypt.so.20.0.2
b36cd000-b36d0000 rw-p 000d5000 08:01 7869131    /usr/lib/libgcrypt.so.20.0.2
b36d0000-b36e0000 r-xp 00000000 08:01 7890312    /usr/lib/liblz4.so.1.3.0
b36e0000-b36e1000 rw-p 0000f000 08:01 7890312    /usr/lib/liblz4.so.1.3.0
b36e1000-b3705000 r-xp 00000000 08:01 2101707    /lib/libselinux.so.1
b3705000-b3706000 r--p 00023000 08:01 2101707    /lib/libselinux.so.1
b3706000-b3707000 rw-p 00024000 08:01 2101707    /lib/libselinux.so.1
b3707000-b3708000 rw-p 00000000 00:00 0 
b3708000-b370d000 r-xp 00000000 08:01 2101951    /lib/libcap.so.2.22
b370d000-b370e000 r--p 00004000 08:01 2101951    /lib/libcap.so.2.22
b370e000-b370f000 rw-p 00005000 08:01 2101951    /lib/libcap.so.2.22
b370f000-b3710000 rw-p 00000000 00:00 0 
b3710000-b389c000 r-xp 00000000 08:01 7870389    /usr/lib/libdb-4.8.so
b389c000-b389e000 r--p 0018b000 08:01 7870389    /usr/lib/libdb-4.8.so
b389e000-b38a0000 rw-p 0018d000 08:01 7870389    /usr/lib/libdb-4.8.so
b38a0000-b38d0000 r-xp 00000000 08:01 2101121    /lib/liblzma.so.5.0.7
b38d0000-b38d1000 r--p 0002f000 08:01 2101121    /lib/liblzma.so.5.0.7
b38d1000-b38d2000 rw-p 00030000 08:01 2101121    /lib/liblzma.so.5.0.7
b38d2000-b38d3000 rw-p 00000000 00:00 0 
b38d3000-b3918000 r-xp 00000000 08:01 7872172    /usr/lib/libaacplus.so.2.0.2
b3918000-b3919000 rw-p 00044000 08:01 7872172    /usr/lib/libaacplus.so.2.0.2
b3919000-b39e6000 r-xp 00000000 08:01 7890453    /usr/lib/libfdk-aac.so.0.0.4
b39e6000-b39e7000 rw-p 000cc000 08:01 7890453    /usr/lib/libfdk-aac.so.0.0.4
b39e7000-b3a04000 r-xp 00000000 08:01 7078517    /home/minde/.bin/root/lib/libswresample.so.2.0.100
b3a04000-b3a05000 rw-p 0001c000 08:01 7078517    /home/minde/.bin/root/lib/libswresample.so.2.0.100
b3a05000-b3a06000 rw-p 00000000 00:00 0 
b3a06000-b3a3d000 r-xp 00000000 08:01 7870936    /usr/lib/libbluray.so.1.6.2
b3a3d000-b3a3e000 rw-p 00037000 08:01 7870936    /usr/lib/libbluray.so.1.6.2
b3a3e000-b3bf9000 r-xp 00000000 08:01 7871915    /usr/lib/libcrypto.so.1.0.0
b3bf9000-b3c10000 rw-p 001ba000 08:01 7871915    /usr/lib/libcrypto.so.1.0.0
b3c10000-b3c13000 rw-p 00000000 00:00 0 
b3c13000-b3c75000 r-xp 00000000 08:01 7899873    /usr/lib/libssl.so.1.0.0
b3c75000-b3c7a000 rw-p 00062000 08:01 7899873    /usr/lib/libssl.so.1.0.0
b3c7a000-b3c7b000 rw-p 00000000 00:00 0 
b3c7b000-b3c87000 r-xp 00000000 08:01 7900103    /usr/lib/libltdl.so.7.3.1
b3c87000-b3c88000 rw-p 0000b000 08:01 7900103    /usr/lib/libltdl.so.7.3.1
b3c88000-b3cc6000 r-xp 00000000 08:01 2102143    /lib/libreadline.so.6.3
b3cc6000-b3ccb000 rw-p 0003e000 08:01 2102143    /lib/libreadline.so.6.3
b3ccb000-b3ccc000 rw-p 00000000 00:00 0 
b3ccc000-b3d14000 r-xp 00000000 08:01 7864634    /usr/lib/libdbus-1.so.3.8.7
b3d14000-b3d15000 rw-p 00047000 08:01 7864634    /usr/lib/libdbus-1.so.3.8.7
b3d15000-b3d16000 r-xp 00000000 08:01 7871694    /usr/lib/libgthread-2.0.so.0.4400.1
b3d16000-b3d17000 rw-p 00000000 08:01 7871694    /usr/lib/libgthread-2.0.so.0.4400.1
b3d17000-b3d18000 rw-p 00000000 00:00 0 
b3d18000-b3d31000 r-xp 00000000 08:01 2536744    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libgcc_s.so.1
b3d31000-b3d32000 r--p 00019000 08:01 2536744    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libgcc_s.so.1
b3d32000-b3d33000 rw-p 0001a000 08:01 2536744    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libgcc_s.so.1
b3d33000-b3e1b000 r-xp 00000000 08:01 2536613    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libstdc++.so.6.0.20
b3e1b000-b3e1f000 r--p 000e8000 08:01 2536613    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libstdc++.so.6.0.20
b3e1f000-b3e20000 rw-p 000ec000 08:01 2536613    /usr/lib/gcc/i686-pc-linux-gnu/4.9.2/libstdc++.so.6.0.20
b3e20000-b3e27000 rw-p 00000000 00:00 0 
b3e29000-b3e2a000 rw-p 00000000 00:00 0 
b3e2a000-b3e2f000 r-xp 00000000 08:01 2102133    /lib/libnss_dns-2.19.so
b3e2f000-b3e30000 r--p 00004000 08:01 2102133    /lib/libnss_dns-2.19.so
b3e30000-b3e31000 rw-p 00005000 08:01 2102133    /lib/libnss_dns-2.19.so
b3e31000-b3e46000 r-xp 00000000 08:01 2101718    /lib/libnsl-2.19.so
b3e46000-b3e47000 r--p 00014000 08:01 2101718    /lib/libnsl-2.19.so
b3e47000-b3e48000 rw-p 00015000 08:01 2101718    /lib/libnsl-2.19.so
b3e48000-b3e4a000 rw-p 00000000 00:00 0 
b3e4a000-b3e51000 r-xp 00000000 08:01 2102165    /lib/libnss_compat-2.19.so
b3e51000-b3e52000 r--p 00006000 08:01 2102165    /lib/libnss_compat-2.19.so
b3e52000-b3e53000 rw-p 00007000 08:01 2102165    /lib/libnss_compat-2.19.so
b3e53000-b3e54000 rw-p 00000000 00:00 0 
b3e54000-b3e9a000 r-xp 00000000 08:01 7881530    /usr/lib/libsystemd.so.0.6.0
b3e9a000-b3e9b000 r--p 00045000 08:01 7881530    /usr/lib/libsystemd.so.0.6.0
b3e9b000-b3e9c000 rw-p 00046000 08:01 7881530    /usr/lib/libsystemd.so.0.6.0
b3e9c000-b56c6000 r-xp 00000000 08:01 7882020    /usr/lib/libicudata.so.54.1
b56c6000-b56c7000 rw-p 01829000 08:01 7882020    /usr/lib/libicudata.so.54.1
b56c7000-b56c8000 rw-p 00000000 00:00 0 
b56c8000-b5867000 r-xp 00000000 08:01 7882013    /usr/lib/libicuuc.so.54.1
b5867000-b5872000 rw-p 0019e000 08:01 7882013    /usr/lib/libicuuc.so.54.1
b5872000-b5876000 rw-p 00000000 00:00 0 
b5876000-b5af4000 r-xp 00000000 08:01 7882014    /usr/lib/libicui18n.so.54.1
b5af4000-b5afe000 rw-p 0027e000 08:01 7882014    /usr/lib/libicui18n.so.54.1
b5afe000-b5aff000 rw-p 00000000 00:00 0 
b5aff000-b5b18000 r-xp 00000000 08:01 2101475    /lib/libz.so.1.2.8
b5b18000-b5b19000 r--p 00018000 08:01 2101475    /lib/libz.so.1.2.8
b5b19000-b5b1a000 rw-p 00019000 08:01 2101475    /lib/libz.so.1.2.8
b5b1a000-b5b1b000 rw-p 00000000 00:00 0 
b5b1b000-b5b32000 r-xp 00000000 08:01 7882472    /usr/lib/libjack.so.0.0.28
b5b32000-b5b33000 rw-p 00016000 08:01 7882472    /usr/lib/libjack.so.0.0.28
b5b33000-b5b3c000 rw-p 00000000 00:00 0 
b5b3c000-b5b44000 r-xp 00000000 08:01 7899013    /usr/lib/libao.so.4.1.0
b5b44000-b5b45000 rw-p 00007000 08:01 7899013    /usr/lib/libao.so.4.1.0
b5b45000-b5c1b000 r-xp 00000000 08:01 7867335    /usr/lib/libasound.so.2.0.0
b5c1b000-b5c1f000 rw-p 000d6000 08:01 7867335    /usr/lib/libasound.so.2.0.0
b5c1f000-b5d5c000 r-xp 00000000 08:01 7871691    /usr/lib/libglib-2.0.so.0.4400.1
b5d5c000-b5d5d000 rw-p 0013c000 08:01 7871691    /usr/lib/libglib-2.0.so.0.4400.1
b5d5d000-b5d5f000 rw-p 00000000 00:00 0 
b5d5f000-b5d6f000 r-xp 00000000 08:01 7870422    /usr/lib/libmms.so.0.0.2
b5d6f000-b5d70000 r--p 0000f000 08:01 7870422    /usr/lib/libmms.so.0.0.2
b5d70000-b5d71000 rw-p 00010000 08:01 7870422    /usr/lib/libmms.so.0.0.2
b5d71000-b5df0000 r-xp 00000000 08:01 7872241    /usr/lib/libcurl.so.4.3.0
b5df0000-b5df2000 rw-p 0007f000 08:01 7872241    /usr/lib/libcurl.so.4.3.0
b5df2000-b5e4c000 r-xp 00000000 08:01 7882604    /usr/lib/libmodplug.so.1.0.0
b5e4c000-b5e4d000 rw-p 0005a000 08:01 7882604    /usr/lib/libmodplug.so.1.0.0
b5e4d000-b5f8d000 rw-p 00000000 00:00 0 
b5f8d000-b6002000 r-xp 00000000 08:01 7078526    /home/minde/.bin/root/lib/libavutil.so.55.4.100
b6002000-b6003000 rw-p 00074000 08:01 7078526    /home/minde/.bin/root/lib/libavutil.so.55.4.100
b6003000-b6017000 rw-p 00000000 00:00 0 
b6017000-b6b6e000 r-xp 00000000 08:01 7078490    /home/minde/.bin/root/lib/libavcodec.so.57.7.100
b6b6e000-b6b82000 rw-p 00b57000 08:01 7078490    /home/minde/.bin/root/lib/libavcodec.so.57.7.100
b6b82000-b7204000 rw-p 00000000 00:00 0 
b7204000-b744b000 r-xp 00000000 08:01 7078485    /home/minde/.bin/root/lib/libavformat.so.57.10.100
b744b000-b745a000 rw-p 00246000 08:01 7078485    /home/minde/.bin/root/lib/libavformat.so.57.10.100
b745a000-b745b000 rw-p 00000000 00:00 0 
b745b000-b74a6000 r-xp 00000000 08:01 7882515    /usr/lib/libmpg123.so.0.40.3
b74a6000-b74a7000 rw-p 0004b000 08:01 7882515    /usr/lib/libmpg123.so.0.40.3
b74a7000-b74b7000 rw-p 00000000 00:00 0 
b74b7000-b74d1000 r-xp 00000000 08:01 7869966    /usr/lib/libmad.so.0.2.1
b74d1000-b74d2000 r--p 00019000 08:01 7869966    /usr/lib/libmad.so.0.2.1
b74d2000-b74d3000 rw-p 0001a000 08:01 7869966    /usr/lib/libmad.so.0.2.1
b74d3000-b751f000 r-xp 00000000 08:01 7895672    /usr/lib/libaudiofile.so.1.0.0
b751f000-b7520000 ---p 0004c000 08:01 7895672    /usr/lib/libaudiofile.so.1.0.0
b7520000-b7522000 r--p 0004c000 08:01 7895672    /usr/lib/libaudiofile.so.1.0.0
b7522000-b7523000 rw-p 0004e000 08:01 7895672    /usr/lib/libaudiofile.so.1.0.0
b7523000-b7524000 rw-p 00000000 00:00 0 
b7524000-b75aa000 r-xp 00000000 08:01 7870383    /usr/lib/libsndfile.so.1.0.25
b75aa000-b75ab000 r--p 00086000 08:01 7870383    /usr/lib/libsndfile.so.1.0.25
b75ab000-b75ac000 rw-p 00087000 08:01 7870383    /usr/lib/libsndfile.so.1.0.25
b75ac000-b75b0000 rw-p 00000000 00:00 0 
b75b0000-b76b8000 r-xp 00000000 08:01 7869467    /usr/lib/libsqlite3.so.0.8.6
b76b8000-b76bb000 rw-p 00107000 08:01 7869467    /usr/lib/libsqlite3.so.0.8.6
b76bb000-b76bc000 rw-p 00000000 00:00 0 
b76bc000-b770d000 r-xp 00000000 08:01 7869868    /usr/lib/libFLAC.so.8.3.0
b770d000-b770e000 rw-p 00050000 08:01 7869868    /usr/lib/libFLAC.so.8.3.0
b770e000-b7728000 r-xp 00000000 08:01 7077910    /home/minde/.bin/root/lib/libmpdclient.so.2.0.11
b7728000-b7729000 rw-p 0001a000 08:01 7077910    /home/minde/.bin/root/lib/libmpdclient.so.2.0.11
b7729000-b772a000 rw-p 00000000 00:00 0 
b772a000-b772c000 r--p 00000000 00:00 0          [vvar]
b772c000-b772d000 r-xp 00000000 00:00 0          [vdso]
bfcce000-bfcf1000 rw-p 00000000 00:00 0          [stack]
[1]    13621 abort      mpd --no-daemon --stderr --verbose

Attachments (2)

valgrind.log (70.0 KB) - added by minde 4 years ago.
Valgrind output
gdb.bt (16.0 KB) - added by minde 4 years ago.
GDB output

Download all attachments as: .zip

Change History (5)

Changed 4 years ago by minde

Valgrind output

Changed 4 years ago by minde

GDB output

comment:1 Changed 4 years ago by minde

it seems that the problem comes from ffmpeg at aviobuf.c:829, but I hope you know better than I do.
https://github.com/FFmpeg/FFmpeg/blob/master/libavformat/aviobuf.c#L829

==22106== Thread 4 decoder:
==22106== Invalid free() / delete / delete[] / realloc()
==22106==    at 0x40074BC: free (vg_replace_malloc.c:473)
==22106==    by 0x43468EF: ffio_ensure_seekback (aviobuf.c:829)
==22106==    by 0x43CB392: mp3_read_header (mp3dec.c:383)
==22106==    by 0x445A9EC: avformat_open_input (utils.c:473)
==22106==    by 0x8091CF6: FfmpegOpenInput (FfmpegDecoderPlugin.cxx:72)
==22106==    by 0x8091CF6: ffmpeg_decode(Decoder&, InputStream&) (FfmpegDecoderPlugin.cxx:605)
==22106==    by 0x80772F3: StreamDecode (DecoderPlugin.hxx:132)
==22106==    by 0x80772F3: decoder_stream_decode(DecoderPlugin const&, Decoder&, InputStream&) (DecoderThread.cxx:150)
==22106==    by 0x8077A78: __call<bool, const DecoderPlugin&, 0u, 1u, 2u, 3u, 4u> (functional:1264)
==22106==    by 0x8077A78: operator()<const DecoderPlugin&, bool> (functional:1323)
==22106==    by 0x8077A78: decoder_plugins_try<std::_Bind<bool (*(std::reference_wrapper<Decoder>, std::reference_wrapper<InputStream>, char const*, std::_Placeholder<1>, std::reference_wrapper<bool>))(Decoder&, InputStream&, char const*, const DecoderPlugin&, bool&)> > (DecoderList.hxx:60)
==22106==    by 0x8077A78: decoder_run_stream_locked (DecoderThread.cxx:247)
==22106==    by 0x8077A78: decoder_run_stream (DecoderThread.cxx:284)
==22106==    by 0x8077A78: decoder_run_song (DecoderThread.cxx:393)
==22106==    by 0x8077A78: decoder_run(DecoderControl&) (DecoderThread.cxx:449)
==22106==    by 0x8077C45: decoder_task(void*) (DecoderThread.cxx:472)
==22106==    by 0x80B144C: Thread::ThreadProc(void*) (Thread.cxx:108)
==22106==    by 0x44F861B4: start_thread (pthread_create.c:309)
==22106==    by 0x44E5982D: clone (clone.S:129)
==22106==  Address 0xaa630bc is on thread 4's stack
==22106==  in frame #4, created by ffmpeg_decode(Decoder&, InputStream&) (FfmpegDecoderPlugin.cxx:590)

comment:2 Changed 4 years ago by cehoyos

  • Keywords crash abort added
  • Priority changed from normal to important

From FfmpegIo.hxx:

struct AvioStream {
    uint8_t buffer[8192];
}

From FfmpegDecoderPlugin.cxx:

AvioStream stream;
stream.io = avio_alloc_context(stream.buffer, ...);
AVIOContext *pb = stream.io;
AVFormatContext *context = avformat_alloc_context();
context->pb = pb;

I suspect it is either not ok to use a static buffer as AVIOContext->buffer or you need additional code to use the API like this.

Last edited 4 years ago by cehoyos (previous) (diff)

comment:3 Changed 4 years ago by cehoyos

  • Resolution set to invalid
  • Status changed from new to closed

The API usage is invalid, see the documentation of avio_alloc_context() in avio.h:

 * Allocate and initialize an AVIOContext for buffered I/O. It must be later
 * freed with av_free().
 *
 * @param buffer Memory block for input/output operations via AVIOContext.
 *        The buffer must be allocated with av_malloc() and friends.
Note: See TracTickets for help on using tickets.