[FFmpeg-user] How to correctly free a double-linked list

Paul B Mahol onemda at gmail.com
Sun Jul 7 22:16:51 EEST 2019 

On 7/7/19, Ulf Zibis <Ulf.Zibis at gmx.de> wrote:
>
> Am 07.07.19 um 14:20 schrieb Ulf Zibis:
>>> If you can, install and use valgrind to help you debug such problems.
>> Good idea, I will do that ... guess it needs some time to understand how
>> it works.
>
> I now also have tried valgrind. To me this seems, that the cause is
> outside of my code:

Nope, bug is in your code.

Build ffmpeg with address sanitizer and you will see it.


>
> valgrind: m_mallocfree.c:307 (get_bszB_as_is): Assertion 'bszB_lo ==
> bszB_hi' failed.
> valgrind: Heap block lo/hi size mismatch: lo = 113, hi = 114.
> This is probably caused by your program erroneously writing past the
> end of a heap block and corrupting heap metadata.  If you fix any
> invalid writes reported by Memcheck, this assertion failure will
> probably go away.  Please try that before reporting this as a bug.
>
>
> host stacktrace:
> ==19306==    at 0x580441BA: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x580442D4: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x58044459: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x5805184C: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x58053B56: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x5800B8CC: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x5800BAD7: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x5800BDA4: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x5809F5DC: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
> ==19306==    by 0x580AED50: ??? (in /usr/lib/valgrind/memcheck-amd64-linux)
>
> sched status:
>   running_tid=1
>
> Thread 1: status = VgTs_Runnable (lwpid 19306)
> ==19306==    at 0x4C31E76: memalign (in
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==19306==    by 0x4C31F91: posix_memalign (in
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==19306==    by 0xF3F0B2: av_malloc (mem.c:87)
> ==19306==    by 0xF3F2B8: av_mallocz (mem.c:238)
> ==19306==    by 0xF2D83D: av_buffer_ref (buffer.c:95)
> ==19306==    by 0xF37D41: av_frame_ref (frame.c:478)
> ==19306==    by 0x2851D1: do_video_out (ffmpeg.c:1344)
> ==19306==    by 0x28A1EA: reap_filters (ffmpeg.c:1504)
> ==19306==    by 0x28E7DD: transcode_step (ffmpeg.c:4648)
> ==19306==    by 0x28E7DD: transcode (ffmpeg.c:4692)
> ==19306==    by 0x26B51D: main (ffmpeg.c:4894)
>
> Thread 2: status = VgTs_WaitSys (lwpid 19309)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0x865205: frame_worker_thread (pthread_frame.c:177)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 3: status = VgTs_WaitSys (lwpid 19310)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0x865205: frame_worker_thread (pthread_frame.c:177)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 4: status = VgTs_WaitSys (lwpid 19311)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0x865205: frame_worker_thread (pthread_frame.c:177)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 5: status = VgTs_WaitSys (lwpid 19312)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0xF5799D: thread_worker (slicethread.c:78)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 6: status = VgTs_WaitSys (lwpid 19313)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0xF5799D: thread_worker (slicethread.c:78)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 7: status = VgTs_WaitSys (lwpid 19314)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0xF5799D: thread_worker (slicethread.c:78)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 8: status = VgTs_WaitSys (lwpid 19316)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0xF5799D: thread_worker (slicethread.c:78)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 9: status = VgTs_WaitSys (lwpid 19318)
> ==19306==    at 0x58371AA: __lll_unlock_wake (lowlevellock.S:371)
> ==19306==    by 0x58317DE: __pthread_mutex_unlock_usercnt
> (pthread_mutex_unlock.c:54)
> ==19306==    by 0x58317DE: pthread_mutex_unlock (pthread_mutex_unlock.c:345)
> ==19306==    by 0xF57A18: thread_worker (slicethread.c:89)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
> Thread 10: status = VgTs_WaitSys (lwpid 19319)
> ==19306==    at 0x58339F3: futex_wait_cancelable (futex-internal.h:88)
> ==19306==    by 0x58339F3: __pthread_cond_wait_common
> (pthread_cond_wait.c:502)
> ==19306==    by 0x58339F3: pthread_cond_wait@@GLIBC_2.3.2
> (pthread_cond_wait.c:655)
> ==19306==    by 0xF5799D: thread_worker (slicethread.c:78)
> ==19306==    by 0x582D6DA: start_thread (pthread_create.c:463)
> ==19306==    by 0x5B6688E: clone (clone.S:95)
>
>
> Note: see also the FAQ in the source distribution.
> It contains workarounds to several common problems.
> In particular, if Valgrind aborted or crashed after
> identifying problems in your program, there's a good chance
> that fixing those problems will prevent Valgrind aborting or
> crashing, especially if it happened in m_mallocfree.c.
>
> If that doesn't help, please report this bug to: www.valgrind.org
>
> In the bug report, send all the above text, the valgrind
> version, and what OS and version you are using.  Thanks.
>
> -Ulf
>
> _______________________________________________
> ffmpeg-user mailing list
> ffmpeg-user at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-user
>
> To unsubscribe, visit link above, or email
> ffmpeg-user-request at ffmpeg.org with subject "unsubscribe".

More information about the ffmpeg-user mailing list