[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 277590] A threading issue that was introduced into the base of FreeBSD 15 will cause a segmentation fault when mpv plays a file with --hwdec=vaapi passed to it"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 09 Mar 2024 06:41:10 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277590

            Bug ID: 277590
           Summary: A threading issue that was introduced into the base of
                    FreeBSD 15 will cause a segmentation fault when mpv
                    plays a file with --hwdec=vaapi passed to it
           Product: Base System
           Version: 15.0-CURRENT
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: threads
          Assignee: threads@FreeBSD.org
          Reporter: oleglelchuk@gmail.com

On FreeBSD 15, if I pass the --hwdec=vaapi option to mpv and attempt to play a
file, a segmentation fault will happen. It will only happen under wayland, but
not under X11 or on the bare console. On FreeBSD 14, this type of crash won't
happen under wayland either. This is the backtrace from the crash:

(gdb) bt full
#0  0x0000000833ff1db1 in VA_DRM_GetDriverNames (ctx=0x10aff9829000,
drivers=0x87397da80, num_drivers=0x87397da7c) at ../va/drm/va_drm_utils.c:74
        map = {{drm_driver = 0x833fef7b6 "i915", va_driver = {0x833fef6c0
"iHD", 0x833fef580 "i965"}}, {drm_driver = 0x833fef78c "pvrsrvkm", va_driver =
{
              0x833fef5f7 "pvr", 0x0}}, {drm_driver = 0x833fef5fb "radeon",
va_driver = {0x833fef6d1 "r600", 0x833fef65f "radeonsi"}}, {
            drm_driver = 0x833fef610 "amdgpu", va_driver = {0x833fef65f
"radeonsi", 0x0}}, {drm_driver = 0x833fef6a5 "WSL", va_driver = {0x833fef668
"d3d12", 
              0x0}}, {drm_driver = 0x833fef617 "nvidia-drm", va_driver =
{0x833fef724 "nvidia", 0x0}}}
        drm_state = 0x0
        drm_driver = 0x10aff5411408 "z\270", <incomplete sequence \325>
        count = 0
        sysinfo = {
          sysname =
"\001\000\000\000\000\000\000\000\224n\201\365\257\020\000\000\002\000\000\000\000\000\000\000\000\325\227s\b\000\000\000\274F\3644\b\000\000\000\001\000\000\000\000\000\000\000\000m\201\365\257\020\000\000\020\000\000\0000\000\000\000\262\f\3644\b\000\000\000`\325\227s\b\000\000\000q\374\3634\b\000\000\000P\n\3644\b\000\000\000\b\024A\365\257\020\000\000\300o\201\365\257\020\000\000\000m\201\365\257\020\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\bm\201\365\257\020\000\000\000m\201\365\257\020\000\000\300\325\227s\b\000\000\000s\2771\000\000\000\000\000\310\004\000\000\000\000\000\000\001\000\000\000\004\000\000\000\030X\312h?8\000\000\000m\201\365\257\020\000\000\006\000\000"..., 
          nodename = "\340\2771", '\000' <repeats 13 times>, "\006", '\000'
<repeats 15 times>, "P\300\206\365\257\020\000\000\320
\202\371\257\020\000\000\001\000\000\000\004\000\000\000
s\b\000\000\000\336\3111\000\000\000\000\000\006\000\000\000\006\000\000\000\320
\202\371\257\020\000\000\300֗s\b\000\000\000\346\3051\000\000\000\000\000\017\204\035\346\000\000\000\000h\301B\365\257\020\000\000\001\000\000\000\000\000\000\000\b\030A\365\257\020\000\000\000m\201\365\257\020\000\000\001\000\000\000\000\000\000\000N\227r5\306\f<O\000\002\000\000\000\000\000\000
s\b\000\000\0008d\0375\b\000\000\000\000ٗs\b\000\000\000٨@3\b\000\000\000\020ؗs\b\000"..., 
          release = "%\3441", '\000' <repeats 29 times>, "
s\b\000\000\000\250֗s\b\000\000\000\377\377\377\377", '\000' <repeats 132
times>, "\b\fA\365\257\020\000\000Qj@3\b\000\000\000\304I"..., 
          version = "\260ӗs\b\000\000\000z\000\000\000\037", '\000' <repeats 11
times>,
"h\301B\365\257\020\000\000\001\000\000\000\000\000\000\000\b\fA\365\257\020\000\000\025\000\000\000\000\000\000\000\260ؗs\b\000\000\000\177#\311h?8\000\000Qj@3\b\000\000\000\304I<\a\000\000\000\0000\270\202\r\000\000\000\000h\301B\365\257\020\000\000\001\000\000\000\000\000\000\000\b\030A\365\257\020\000\000\000m\201\365\257\020\000\000\001\000\000\000\000\000\000\000\224n\201\365\257\020\000\000\002\000\000\000\000\000\000\000\200ؗs\b\000\000\000\274F\3644\b\000\000\000\001\000\000\000\000\000\000\000\000m\201\365\257\020\000\000\260ؗs\b\000\000\000R8\3644\b\000\000\000\300/\0275"..., 
          machine =
"\001\000\000\000\257\020\000\000\356\037\311h?8\000\000\b\fA\365\257\020\000\000\270ؗs\b\000\000\000\220ٗs\b\000\000\000\340\001\000\000\000\000\000\000\001\000\000\000\000\000\000\000\030X\312h?8\000\000\000m\201\365\257\020\000\000\177\003\227s\b\000\000\000\001\000\000\000\000\000\000\000VA-API
v\000\000\000\000on
1\b\030A\365\257\020\000\000\340\001\000\000\000\000\000\000\000P@3\b\000\000\000@\\\003\000\000\000\000\000\300/\0275\b\000\000\000p\254\0035\b\000\000\000\226\001\000\000\000\000\000\000\000m\201\365\257\020\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\bm\201\365\257\020\000\000\000m\201\365\257\020\000\0000ۗ"...}
#1  0x0000000833ff16c1 in va_DisplayContextGetDriverNames
(pDisplayContext=0x10aff98b5a80, drivers=0x87397da80, num_drivers=0x87397da7c)
    at ../va/wayland/va_wayland_drm.c:136
        ctx = 0x10aff9829000
#2  0x000000083341872d in va_new_opendriver (dpy=0x10aff98b5a80) at
../va/va.c:681
        pDisplayContext = 0x10aff98b5a80
        drivers = {0x0 <repeats 20 times>}
        num_drivers = 20
        vaStatus = 0
        driver_name_env = 0x87397db00 ""
        ctx = 0x87397da28
--Type <RET> for more, q to quit, c to continue without paging--
#3  0x0000000833418642 in vaInitialize (dpy=0x10aff98b5a80,
major_version=0x87397dbec, minor_version=0x87397dbe8) at ../va/va.c:743
        vaStatus = 8
#4  0x000000000049cbb6 in va_initialize (display=0x10aff98b5a80,
plog=0x10aff9820e10, probing=true) at ../video/vaapi.c:116
        avref = 0x10aff99a12c0
        hwctx = 0x10aff99a13c0
        vactx = 0x10aff99a1340
        res = 0x10affa1e3dd0
        major = 0
        minor = 4842884
        status = 8
#5  0x000000000049d2ee in init (hw=0x10aff98053d0) at
../video/out/hwdec/hwdec_vaapi.c:160
        p = 0x10aff9805470
        vas = 4271
        config_id = 8
        hwconfig = 0x57397dca0
#6  0x000000000041e52c in ra_hwdec_load_driver (ra_ctx=0x10aff981d110,
log=0x10aff5870e50, global=0x10aff582c0d0, devs=0x10affa1e6350, 
    drv=0x4d7d38 <ra_hwdec_vaapi>, is_auto=false) at
../video/out/gpu/hwdec.c:108
        hwdec = 0x10aff98053d0
#7  0x000000000041eee4 in load_add_hwdec (ctx=0x10affa245068,
devs=0x10affa1e6350, drv=0x4d7d38 <ra_hwdec_vaapi>, is_auto=false)
    at ../video/out/gpu/hwdec.c:240
        hwdec = 0x10aff5870e50
#8  0x000000000041f1bc in ra_hwdec_ctx_load_fmt (ctx=0x10affa245068,
devs=0x10affa1e6350, params=0x82097ff60) at ../video/out/gpu/hwdec.c:336
        matched_fmt = true
        drv = 0x4d7d38 <ra_hwdec_vaapi>
        i = 0
        imgfmt = 1052
#9  0x0000000000432632 in gl_video_load_hwdecs_for_img_fmt (p=0x10affa202ad0,
devs=0x10affa1e6350, params=0x82097ff60) at ../video/out/gpu/video.c:4363
No locals.
#10 0x0000000000447a75 in request_hwdec_api (vo=0x10aff58710d0,
data=0x82097ff60) at ../video/out/vo_gpu.c:129
        p = 0x10aff59fabd0
#11 0x00000000004471b0 in control (vo=0x10aff58710d0, request=8,
data=0x82097ff60) at ../video/out/vo_gpu.c:200
        p = 0x10aff59fabd0
        events = 4271
        r = 4271
#12 0x0000000000443507 in run_control (p=0x82097fe90) at ../video/out/vo.c:667
        pp = 0x82097fe90
        vo = 0x10aff58710d0
        request = 8
        data = 0x82097ff60
        ret = 4271
#13 0x00000000003839cc in mp_dispatch_queue_process (queue=0x10aff5867970,
timeout=0) at ../misc/dispatch.c:300
--Type <RET> for more, q to quit, c to continue without paging--
        item = 0x82097fe28
#14 0x00000000004450c5 in vo_thread (ptr=0x10aff58710d0) at
../video/out/vo.c:1069
        working = false
        wait_until = 1000486921997
        send_reset = false
        now = 486921997
        redraw = false
        send_pause = false
        vo = 0x10aff58710d0
        in = 0x10aff586c350
        vo_paused = false
        r = 0
#15 0x0000000834f3bb55 in thread_start (curthread=0x10aff5816d00) at
/usr/src/lib/libthr/thread/thr_create.c:290
        set = {__bits = {0, 0, 0, 0}}
#16 0x0000000000000000 in ?? ()
No symbol table info available.
Backtrace stopped: Cannot access memory at address 0x87397e000

-- 
You are receiving this mail because:
You are the assignee for the bug.