[Bug 267200] multimedia/ffmpeg: Segmentation fault in ff_seek_frame_binary()

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 267200] multimedia/ffmpeg: Segmentation fault in ff_seek_frame_binary()"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 17 Apr 2023 20:41:00 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267200

Stefan Ehmann <shoesoft@gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |shoesoft@gmx.net

--- Comment #3 from Stefan Ehmann <shoesoft@gmx.net> ---
Not sure if it's the same issue. After updating my build jails from 13.1 to
13.2 I now get a similar segfault when seeking some files.

13.2 is using llvm 14. I tried llvm15 from ports which has the same error.
llvm13 from ports works fine (I think 13.1 was also using llvm13):

Maybe compiler bug or buggy code and compiler is now stricter:

Thread 9 "mpv/demux" received signal SIGSEGV, Segmentation fault.
Address not mapped to object.
[Switching to LWP 199306 of process 73876]
0x0000000801fb11b8 in ff_seek_frame_binary (s=s@entry=0x80a460000,
stream_index=stream_index@entry=0, target_ts=target_ts@entry=1330479561,
flags=flags@entry=0) at libavformat/utils.c:2175
2175            if (e->timestamp <= target_ts || e->pos == e->min_distance) {
(gdb) bt
#0  0x0000000801fb11b8 in ff_seek_frame_binary (s=s@entry=0x80a460000,
stream_index=stream_index@entry=0, target_ts=target_ts@entry=1330479561,
flags=flags@entry=0) at libavformat/utils.c:2175
#1  0x0000000801fb224b in seek_frame_internal (s=0x80a460000, stream_index=0,
timestamp=1330479561, flags=0) at libavformat/utils.c:2481
#2  av_seek_frame (s=0x80a460000, stream_index=<optimized out>,
timestamp=<optimized out>, flags=0) at libavformat/utils.c:2504
#3  0x000000000037b7df in ?? ()
#4  0x000000000037454c in ?? ()
#5  0x000000000036e21d in ?? ()
#6  0x000000000036d49e in ?? ()
#7  0x0000000802acfa78 in thread_start (curthread=0x808415800) at
/usr/src/lib/libthr/thread/thr_create.c:292
#8  0x0000000000000000 in ?? ()
Backtrace stopped: Cannot access memory at address 0x7fffdf1f6000
(gdb) list 2170
2164        st = s->streams[stream_index];
2165        if (st->index_entries) {
2166            AVIndexEntry *e;
2167
2168            /* FIXME: Whole function must be checked for non-keyframe
entries in
2169             * index case, especially read_timestamp(). */
2170            index = av_index_search_timestamp(st, target_ts,
2171                                              flags |
AVSEEK_FLAG_BACKWARD);
2172            index = FFMAX(index, 0);
2173            e     = &st->index_entries[index];
2174
2175            if (e->timestamp <= target_ts || e->pos == e->min_distance) {
(gdb) p st->index_entries
$6 = (AVIndexEntry *) 0x0

-- 
You are receiving this mail because:
You are the assignee for the bug.